From db2ef01a2bff458045e15d3faea8d6863488e6f1 Mon Sep 17 00:00:00 2001 From: Philip Ellis Date: Wed, 7 Aug 2024 16:08:33 -0400 Subject: [PATCH] added new APIs for postman --- .github/workflows/build-dereferenced-spec.yml | 21 + dereferenced/deref-sailpoint-api.v2024.json | 375306 +++++++++++++++ dereferenced/deref-sailpoint-api.v2024.yaml | 284280 +++++++++++ postman-script/update-by-folder-ts/index.ts | 4 +- .../update-by-folder-ts/package.json | 1 + postman/collections/sailpoint-api-v2024.json | 300822 ++++++++++++ 6 files changed, 960433 insertions(+), 1 deletion(-) create mode 100644 dereferenced/deref-sailpoint-api.v2024.json create mode 100644 dereferenced/deref-sailpoint-api.v2024.yaml create mode 100644 postman/collections/sailpoint-api-v2024.json diff --git a/.github/workflows/build-dereferenced-spec.yml b/.github/workflows/build-dereferenced-spec.yml index 4f7d57d5..0ee8c935 100644 --- a/.github/workflows/build-dereferenced-spec.yml +++ b/.github/workflows/build-dereferenced-spec.yml @@ -38,6 +38,10 @@ jobs: openapi2postmanv2 -s dereferenced/deref-sailpoint-api.nerm.yaml -o postman/collections/sailpoint-api-nerm.json -p -c postman-script/openapi2postman-config.json swagger-cli bundle --dereference idn/sailpoint-api.v3.yaml -t json -o dereferenced/deref-sailpoint-api.v3.json swagger-cli bundle --dereference idn/sailpoint-api.beta.yaml -t json -o dereferenced/deref-sailpoint-api.beta.json + swagger-cli bundle --dereference idn/sailpoint-api.v2024.yaml -t yaml -o dereferenced/deref-sailpoint-api.v2024.yaml + openapi2postmanv2 -s dereferenced/deref-sailpoint-api.v2024.yaml -o postman/collections/sailpoint-api-v2024.json -p -c postman-script/openapi2postman-config.json + node postman-script/modify-collection.js postman/collections/sailpoint-api-v2024.json + swagger-cli bundle --dereference idn/sailpoint-api.v2024.yaml -t json -o dereferenced/deref-sailpoint-api.v2024.json - uses: stefanzweifel/git-auto-commit-action@v4 push_v3_specs_to_postman: @@ -57,6 +61,23 @@ jobs: npm ci npm run v3 + push_v2024_specs_to_postman: + runs-on: ubuntu-latest + needs: [dereference_spec] + steps: + - name: Checkout PR branch + uses: actions/checkout@v3 + - name: Set up Node + uses: actions/setup-node@v3 + with: + node-version: "18" + - name: Dereference API Specification and build Postman collection + run: | + cd postman-script/update-by-folder-ts + echo "POSTMAN_API_KEY=${{ secrets.POSTMAN_API_KEY }}" > .env + npm ci + npm run v2024 + push_beta_specs_to_postman: runs-on: ubuntu-latest needs: [dereference_spec] diff --git a/dereferenced/deref-sailpoint-api.v2024.json b/dereferenced/deref-sailpoint-api.v2024.json new file mode 100644 index 00000000..b0289e09 --- /dev/null +++ b/dereferenced/deref-sailpoint-api.v2024.json @@ -0,0 +1,375306 @@ +{ + "openapi": "3.0.1", + "info": { + "title": "Identity Security Cloud V2024 API", + "description": "Use these APIs to interact with the Identity Security Cloud platform to achieve repeatable, automated processes with greater scalability. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.", + "termsOfService": "https://developer.sailpoint.com/discuss/tos", + "contact": { + "name": "Developer Relations", + "url": "https://developer.sailpoint.com/discuss/api-help" + }, + "license": { + "name": "MIT", + "url": "https://opensource.org/licenses/MIT" + }, + "version": "v2024" + }, + "servers": [ + { + "url": "https://{tenant}.api.identitynow.com/v2024", + "description": "This is the production API server.", + "variables": { + "tenant": { + "default": "sailpoint", + "description": "This is the name of your tenant, typically your company's name." + } + } + }, + { + "url": "https://{apiUrl}/v2024", + "description": "This is the V2024 API server.", + "variables": { + "apiUrl": { + "default": "sailpoint.api.identitynow.com", + "description": "This is the api url of your tenant" + } + } + } + ], + "tags": [ + { + "name": "Access Model Metadata", + "description": "Use this API to create and manage metadata attributes for your Access Model.\nAccess Model Metadata allows you to add contextual information to your ISC Access Model items using pre-defined metadata for risk, regulations, privacy levels, etc., or by creating your own metadata attributes to reflect the unique needs of your organization. This release of the API includes support for entitlement metadata. Support for role and access profile metadata will be introduced in a subsequent release.\n\nCommon usages for Access Model metadata include:\n\n- Organizing and categorizing access items to make it easier for your users to search for and find the access rights they want to request, certify, or manage.\n\n- Providing richer information about access that is being acted on to allow stakeholders to make better decisions when approving, certifying, or managing access rights.\n\n- Identifying access that may requires additional approval requirements or be subject to more frequent review.\n" + }, + { + "name": "Access Profiles", + "description": "Use this API to implement and customize access profile functionality. \nWith this functionality in place, administrators can create access profiles and configure them for use throughout Identity Security Cloud, enabling users to get the access they need quickly and securely.\n\nAccess profiles group entitlements, which represent access rights on sources. \n\nFor example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization.\n\nAn administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement.\n\nWhen users only need Active Directory employee access, they can request access to the 'Employees' entitlement.\n\nWhen users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile.\n\nAccess profiles are the most important units of access in Identity Security Cloud. Identity Security Cloud uses access profiles in many features, including the following:\n\n- Provisioning: When you use the Provisioning Service, lifecycle states and roles both grant access to users in the form of access profiles.\n\n- Certifications: You can approve or revoke access profiles in certification campaigns, just like entitlements. \n\n- Access Requests: You can assign access profiles to applications, and when a user requests access to the app associated with an access profile and someone approves the request, access is granted to both the application and its associated access profile.\n\n- Roles: You can group one or more access profiles into a role to quickly assign access items based on an identity's role. \n\nIn Identity Security Cloud, administrators can use the Access drop-down menu and select Access Profiles to view, configure, and delete existing access profiles, as well as create new ones. \nAdministrators can enable and disable an access profile, and they can also make the following configurations: \n\n- Manage Entitlements: Manage the profile's access by adding and removing entitlements. \n\n- Access Requests: Configure access profiles to be requestable and establish an approval process for any requests that the access profile be granted or revoked. \nDo not configure an access profile to be requestable without first establishing a secure access request approval process for the access profile.\n\n- Multiple Account Options: Define the logic Identity Security Cloud uses to provision access to an identity with multiple accounts on the source. \n\nRefer to [Managing Access Profiles](https://documentation.sailpoint.com/saas/help/access/access-profiles.html) for more information about access profiles.\n" + }, + { + "name": "Access Request Approvals", + "description": "Use this API to implement and customize access request approval functionality. \nWith this functionality in place, administrators can delegate qualified users to review users' requests for access or managers' requests to revoke team members' access to applications, entitlements, or roles. \nThis enables more qualified users to review access requests and the others to spend their time on other tasks. \n\nIn Identity Security Cloud, users can request access to applications, entitlements, and roles, and managers can request that team members' access be revoked. \nFor applications and entitlements, administrators can set access profiles to require approval from the access profile owner, the application owner, the source owner, the requesting user's manager, or a governance group for access to be granted or revoked. \nFor roles, administrators can also set roles to allow access requests and require approval from the role owner, the requesting user's manager, or a governance group for access to be granted or revoked. \nIf the administrator designates a governance group as the required approver, any governance group member can approve the requests.\n \nWhen a user submits an access request, Identity Security Cloud sends the first required approver in the queue an email notification, based on the access request configuration's approval and reminder escalation configuration.\n\nIn Approvals in Identity Security Cloud, required approvers can view pending access requests under the Requested tab and approve or deny them, or the approvers can reassign the requests to different reviewers for approval. \nIf the required approver approves the request and is the only reviewer required, Identity Security Cloud grants or revokes access, based on the request. \nIf multiple reviewers are required, Identity Security Cloud sends the request to the next reviewer in the queue, based on the access request configuration's approval reminder and escalation configuration. \nThe required approver can then view any completed access requests under the Reviewed tab. \n\nRefer to [Access Requests](https://documentation.sailpoint.com/saas/help/requests/index.html) for more information about access request approvals.\n" + }, + { + "name": "Access Request Identity Metrics", + "description": "Use this API to implement access request identity metrics functionality.\nWith this functionality in place, access request reviewers can see relevant details about the requested access item and associated source activity. \nThis allows reviewers to see how many of the identities who share a manager with the access requester have this same type of access and how many of them have had activity in the related source. \nThis additional context about whether the access has been granted before and how often it has been used can help those approving access requests make more informed decisions.\n" + }, + { + "name": "Access Requests", + "description": "Use this API to implement and customize access request functionality. \nWith this functionality in place, users can request access to applications, entitlements, or roles, and managers can request that team members' access be revoked.\nThis allows users to get access to the tools they need quickly and securely, and it allows managers to take away access to those tools. \n\nIdentity Security Cloud's Access Request service allows end users to request access that requires approval before it can be granted to users and enables qualified users to review those requests and approve or deny them.\n\nIn the Request Center in Identity Security Cloud, users can view available applications, roles, and entitlements and request access to them. \nIf the requested tools requires approval, the requests appear as 'Pending' under the My Requests tab until the required approver approves, rejects, or cancels them. \n\nUsers can use My Requests to track and/or cancel the requests.\n\nIn My Team on the Identity Security Cloud Home, managers can submit requests to revoke their team members' access. \nThey can use the My Requests tab under Request Center to track and/or cancel the requests.\n\nRefer to [Requesting Access](https://documentation.sailpoint.com/saas/user-help/requests/requesting_access.html) for more information about access requests.\n" + }, + { + "name": "Account Activities", + "description": "Use this API to implement account activity tracking functionality.\nWith this functionality in place, users can track source account activity in Identity Security Cloud, which greatly improves traceability in the system. \n\nAn account activity refers to a log of each action performed on a source account. This is useful for auditing the changes performed on an account throughout its life. \nIn Identity Security Cloud's Search, users can search for account activities and select the activity's row to get an overview of the activity's account action and view its progress, its involved sources, and its most basic metadata, such as the identity requesting the option and the recipient. \n\nAccount activity includes most actions Identity Security Cloud completes on source accounts. Users can search in Identity Security Cloud for the following account action types: \n\n- Access Request: These include any access requests the source account is involved in. \n\n- Account Attribute Updates: These include updates to a single attribute on an account on a source. \n\n- Account State Update: These include locking or unlocking actions on an account on a source. \n\n- Certification: These include actions removing an entitlement from an account on a source as a result of the entitlement's revocation during a certification.\n\n- Cloud Automated `Lifecyclestate`: These include automated lifecycle state changes that result in a source account's correlated identity being assigned to a different lifecycle state. \nIdentity Security Cloud replaces the `Lifecyclestate` variable with the name of the lifecycle state it has moved the account's identity to. \n\n- Identity Attribute Update: These include updates to a source account's correlated identity attributes as the result of a provisioning action. \nWhen you update an identity attribute that also updates an identity's lifecycle state, the cloud automated `Lifecyclestate` event also displays.\nAccount Activity does not include attribute updates that occur as a result of aggregation.\n\n- Identity Refresh: These include correlated identity refreshes that occur for an account on a source whenever the account's correlated identity profile gets a new role or updates. \nThese also include refreshes that occur whenever Identity Security Cloud assigns an application to the account's correlated identity based on the application's being assigned to All Users From Source or Specific Users From Source. \n\n- Lifecycle State Refresh: These include the actions that took place when a lifecycle state changed. This event only occurs after a cloud automated `Lifecyclestate` change or a lifecycle state change. \n\n- Lifecycle State Change: These include the account activities that result from an identity's manual assignment to a null lifecycle state.\n\n- Password Change: These include password changes on sources.\n\nRefer to [Account Activity](https://documentation.sailpoint.com/saas/help/search/index.html#account-activity) for more information about account activities.\n" + }, + { + "name": "Account Aggregations", + "description": "Use this API to implement account aggregation progress tracking functionality.\nWith this functionality in place, administrators can view in-progress account aggregations, their statuses, and their relevant details.\n\nAn account aggregation refers to the process Identity Security Cloud uses to gather and load account data from a source into Identity Security Cloud.\n\nWhenever Identity Security Cloud is in the process of aggregating a source, it adds an entry to the Aggregation Activity Log, along with its relevant details.\nTo view aggregation activity, administrators can select the Connections drop-down menu, select Sources, and select the relevant source, select its Import Data tab, and select Account Aggregation.\nIn Account Aggregation, administrators can view the account aggregations' statuses and details in the Account Activity Log.\n\nRefer to [Loading Account Data](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html) for more information about account aggregations.\n" + }, + { + "name": "Account Usages", + "description": "Use this API to implement account usage insight functionality.\nWith this functionality in place, administrators can gather information and insights about how their tenants' source accounts are being used.\nThis allows organizations to get the information they need to start optimizing and securing source account usage.\n" + }, + { + "name": "Accounts", + "description": "Use this API to implement and customize account functionality.\nWith this functionality in place, administrators can manage users' access across sources in Identity Security Cloud. \n\nIn Identity Security Cloud, an account refers to a user's account on a supported source.\nThis typically includes a unique identifier for the user, a unique password, a set of permissions associated with the source and a set of attributes. Identity Security Cloud loads accounts through the creation of sources in Identity Security Cloud.\n\nAdministrators can correlate users' identities with the users' accounts on the different sources they use. \nThis allows Identity Security Cloud to govern the access of identities and all their correlated accounts securely and cohesively. \n\nTo view the accounts on a source and their correlated identities, administrators can use the Connections drop-down menu, select Sources, select the relevant source, and select its Account tab. \n\nTo view and edit source account statuses for an identity in Identity Security Cloud, administrators can use the Identities drop-down menu, select Identity List, select the relevant identity, and select its Accounts tab. \nAdministrators can toggle an account's Actions to aggregate the account, enable/disable it, unlock it, or remove it from the identity. \n\nAccounts can have the following statuses: \n\n- Enabled: The account is enabled. The user can access it.\n\n- Disabled: The account is disabled, and the user cannot access it, but the identity is not disabled in Identity Security Cloud. This can occur when an administrator disables the account or when the user's lifecycle state changes. \n\n- Locked: The account is locked. This may occur when someone has entered an incorrect password for the account too many times.\n\n- Pending: The account is currently updating. This status typically lasts seconds. \n\nAdministrators can select the source account to view its attributes, entitlements, and the last time the account's password was changed.\n\nRefer to [Managing User Accounts](https://documentation.sailpoint.com/saas/help/common/users/user_access.html#managing-user-accounts) for more information about accounts.\n" + }, + { + "name": "Approvals" + }, + { + "name": "Auth Profile", + "description": "Auth Profile - Represents authentication configuration for an Identity Profile. This object gets created when an Identity Profile is created.\n\nAPIs can be used to retrieve and update Auth Profiles.\n" + }, + { + "name": "Auth Users", + "description": "Use this API to implement user authentication system functionality. \nWith this functionality in place, users can get a user's authentication system details, including their capabilities, and modify those capabilities. \nThe user's capabilities refer to their access to different systems, or authorization, within the tenant, like access to certifications (CERT_ADMIN) or reports (REPORT_ADMIN). \nThese capabilities also determine a user's access to the different APIs. \nThis API provides users with a way to determine a user's access and make quick and easy changes to that access. \n" + }, + { + "name": "Branding", + "description": "Use this API to implement and customize branding functionality. \nWith this functionality in place, administrators can get and manage existing branding items, and they can also create new branding items and configure them for use throughout Identity Security Cloud. \nThe Branding APIs provide administrators with a way to customize branding items. \nThis customization includes details like their colors, logos, and other information. \nRefer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) for more information about certifications.\n" + }, + { + "name": "Certification Campaign Filters", + "description": "Use this API to implement the certification campaign filter functionality. These filters can be used to create a certification campaign that includes a subset of your entitlements or users to certify.\n\nFor example, if for a certification campaign an organization wants to certify only specific users or entitlements, then those can be included/excluded on the basis of campaign filters.\n\nFor more information about creating a campaign filter, refer to [Creating a Campaign Filter](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#creating-a-campaign-filter)\n\nYou can create campaign filters using any of the following criteria types:\n\n- Access Profile : This criteria type includes or excludes access profiles from a campaign.\n\n- Account Attribute : This criteria type includes or excludes certification items that match a specified value in an account attribute.\n\n- Entitlement : This criteria type includes or excludes entitlements from a campaign.\n\n- Identity : This criteria type includes or excludes specific identities from your campaign.\n\n- Identity Attribute : This criteria type includes or excludes identities based on whether they have an identity attribute that matches criteria you've chosen.\n\n- Role : This criteria type includes or excludes roles, as opposed to identities.\n\n- Source : This criteria type includes or excludes entitlements from a source you select.\n\nFor more information about these criteria types, refer to [Types of Campaign Filters](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#types-of-campaign-filters)\n\nOnce the campaign filter is created, it can be linked while creating the campaign. The generated campaign will have the items to review as per the campaign filter.\n\nFor example, An inclusion campaign filter is created with a source of Source 1, an operation of Equals, and an entitlement of Entitlement 1. When this filter is selected, only users who have Entitlement 1 are included in the campaign, and only Entitlement 1 is shown in the certification.\n" + }, + { + "name": "Certification Campaigns", + "description": "Use this API to implement certification campaign functionality.\nWith this functionality in place, administrators can create, customize, and manage certification campaigns for their organizations' use. \nCertification campaigns provide Identity Security Cloud users with an interactive review process they can use to identify and verify access to systems. \nCampaigns help organizations reduce risk of inappropriate access and satisfy audit requirements. \n\nA certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. \nThese certifications serve as a way of showing that a user's access has been reviewed and approved. \nMultiple certifications by different reviewers are often required to approve a user's access. \nA set of multiple certifications is called a certification campaign. \n\nFor example, an organization may use a Manager Certification campaign as a way of showing that a user's access has been reviewed and approved by multiple managers. \nOnce this campaign has been completed, Identity Security Cloud would provision all the access the user needs, nothing more. \n\nIdentity Security Cloud provides two simple campaign types users can create without using search queries, Manager and Source Owner campaigns:\n\nYou can create these types of campaigns without using any search queries in Identity Security Cloud: \n\n- ManagerCampaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access is certified by their managers. \nYou only need to provide a name and description to create one. \n\n- Source Owner Campaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access to a source is certified by its source owners. \nYou only need to provide a name and description to create one. \nYou can specify the sources whose owners you want involved or just run it across all sources. \n\nFor more information about these campaign types, refer to [Starting a Manager or Source Owner Campaign](https://documentation.sailpoint.com/saas/help/certs/starting_campaign.html).\n\nOne useful way to create certification campaigns in Identity Security Cloud is to use a specific search and then run a campaign on the results returned by that search. \nThis allows you to be much more specific about whom you are certifying in your campaigns and what access you are certifying in your campaigns. \nFor example, you can search for all identities who are managed by \"Amanda.Ross\" and also have the access to the \"Accounting\" role and then run a certification campaign based on that search to ensure that the returned identities are appropriately certified. \n\nYou can use Identity Security Cloud search queries to create these types of campaigns: \n\n- Identities: Use this campaign type to review and revoke access items for specific identities. \nYou can either build a search query and create a campaign certifying all identities returned by that query, or you can search for individual identities and add those identities to the certification campaign. \n\n- Access Items: Use this campaign type to review and revoke a set of roles, access profiles, or entitlements from the identities that have them. \nYou can either build a search query and create a campaign certifying all access items returned by that query, or you can search for individual access items and add those items to the certification campaign. \n\n- Role Composition: Use this campaign type to review a role's composition, including its title, description, and membership criteria. \nYou can either build a search query and create a campaign certifying all roles returned by that query, or you can search for individual roles and add those roles to the certification campaign. \n\n- Uncorrelated Accounts: Use this campaign type to certify source accounts that aren't linked to an authoritative identity in Identity Security Cloud. \nYou can use this campaign type to view all the uncorrelated accounts for a source and certify them. \n\nFor more information about search-based campaigns, refer to [Starting a Campaign from Search](https://documentation.sailpoint.com/saas/help/certs/starting_search_campaign.html).\n\nOnce you have generated your campaign, it becomes available for preview. \nAn administrator can review the campaign and make changes, or if it's ready and accurate, activate it. \n\nOnce the campaign is active, organization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers. \nThose reviewers can view any of the certifications they either need to review (active) or have already reviewed (completed).\n\nWhen a certification campaign is in progress, certification reviewers see the listed active certifications whose involved identities they can review. \nReviewers can then make decisions to grant or revoke access, as well as reassign the certification to another reviewer. If the reviewer chooses this option, they must provide a reason for reassignment in the form of a comment.\n\nOnce a reviewer has made decisions on all the certification's involved access items, he or she must \"Sign Off\" to complete the review process.\nDoing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items. \n\nOnce all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase. \nIn the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation.\nIn this situation, the certification campaign completes once all the remediation requests are completed. \n\nThe end of a certification campaign is determined by its deadline, its completion status, or by an administrator's decision. \n\nFor more information about certifications and certification campaigns, refer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html).\n" + }, + { + "name": "Certification Summaries", + "description": "Use this API to implement certification summary functionality. \nWith this functionality in place, administrators and designated certification reviewers can review summaries of identity certification campaigns and draw conclusions about the campaigns' scope, security, and effectiveness. \nImplementing certification summary functionality improves organizations' ability to review their [certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) and helps them satisfy audit and regulatory requirements by enabling them to trace access changes and the decisions made in their review processes. \n\nA certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. \nThese certifications serve as a way of showing that a user's access has been reviewed and approved. \nMultiple certifications by different reviewers are often required to approve a user's access. \nA set of multiple certifications is called a certification campaign. \n\nFor example, an organization may use a Manager Certification as a way of showing that a user's access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user's access has been reviewed and approved by multiple managers. \nOnce this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more. \n\nCertification summaries provide information about identity certification campaigns such as the identities involved, the number of decisions made, and the access changed. \nFor example, an administrator or designated certification reviewer can examine the Manager Certification campaign to get an overview of how many entitlement decisions are made in that campaign as opposed to role decisions, which identities would be affected by changes to the campaign, and how those identities' access would be affected.\n" + }, + { + "name": "Certifications", + "description": "Use this API to implement certification functionality. \nWith this functionality in place, administrators and designated certification reviewers can review users' access certifications and decide whether to approve access, revoke it, or reassign the review to another reviewer. \nImplementing certifications improves organizations' data security by reducing inappropriate access through a distributed review process and helping them satisfy audit and regulatory requirements. \n\nA certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. \nThese serve as a way of showing that a user's access has been reviewed and approved. \nMultiple certifications by different reviewers are often required to approve a user's access. \nA set of multiple certifications is called a certification campaign.\n\nFor example, an organization may use a Manager Certification as a way of showing that a user's access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user's access has been reviewed and approved by multiple managers. \nOnce this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more. \n\nOrganization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers. \nThose reviewers can select the 'Certifications' tab to view any of the certifications they either need to review or have already reviewed under the 'Active' and 'Completed' tabs, respectively. \n\nWhen a certification campaign is in progress, certification reviewers will see certifications listed under 'Active,' where they can review the involved identities. \nUnder the 'Decision' column on the right, next to each access item, reviewers can select the checkmark to approve access, select the 'X' to revoke access, or they can toggle the 'More Options' menu to reassign the certification to another reviewer and provide a reason for reassignment in the form of a comment. \n\nOnce a reviewer has made decisions on all the certification's involved access items, he or she must select 'Sign Off' to complete the review process.\nDoing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items. \n\nOnce all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase. In the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation.\nIn this situation, the certification campaign completes once all the remediation requests are completed.\n" + }, + { + "name": "Configuration Hub", + "description": "Upload configurations and manage object mappings between tenants.\n\nConfiguration files can be managed and deployed using Configuration Hub by uploading a JSON file which contains configuration data.\n\nThe function of object mapping allows objects with varying names and IDs to be compared. While objects are compared, a user can replace a value in the source tenant with a new value. Object mapping also helps in locating referenced objects to the source object during the drafting process.\n\nRefer to [Uploading a Configuration File](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html#uploading-a-configuration-file) for more information about uploading Configuration Files\n\nRefer to [Mapping Objects](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html#mapping-objects) for more information about object mappings.\n" + }, + { + "name": "Connector Rule Management" + }, + { + "name": "Connectors", + "description": "Use this API to implement connector functionality.\nWith this functionality in place, administrators can view available connectors.\n\nConnectors are the bridges Identity Security Cloud uses to communicate with and aggregate data from sources.\nFor example, if it is necessary to set up a connection between Identity Security Cloud and the Active Directory source, a connector can bridge the two and enable Identity Security Cloud to synchronize data between the systems.\nThis ensures account entitlements and states are correct throughout the organization.\n\nIn Identity Security Cloud, administrators can use the Connections drop-down menu and select Sources to view the available source connectors.\n\nRefer to [Identity Security Cloud Connectors](https://documentation.sailpoint.com/connectors/identitynow/landingpages/help/landingpages/identitynow_connectivity_landing.html) for more information about the connectors available in Identity Security Cloud.\n\nRefer to [SaaS Connectivity](https://developer.sailpoint.com/docs/connectivity/saas-connectivity/) for more information about the SaaS custom connectors that do not need VAs (virtual appliances) to communicate with their sources.\n\nRefer to [Managing Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) for more information about using connectors in Identity Security Cloud.\n" + }, + { + "name": "Custom Forms", + "description": "Use this API to build and manage custom forms.\nWith this functionality in place, administrators can create and view form definitions and form instances.\n\nForms are composed of sections and fields. Sections split the form into logical groups of fields and fields are the data collection points within the form. Configure conditions to modify elements of the form as the responder provides input. Create form inputs to pass information from a calling feature, like a workflow, to your form.\n\nForms can be used within workflows as an action or as a trigger. The Form Action allows you to assign a form as a step in a running workflow, suspending the workflow until the form is submitted or times out, and the workflow resumes. The Form Submitted Trigger initiates a workflow when a form is submitted. The trigger can be configured to initiate on submission of a full form, a form element with any value, or a form element with a particular value.\n\nRefer to [Forms](https://documentation.sailpoint.com/saas/help/forms/index.html) for more information about using forms in Identity Security Cloud.\n" + }, + { + "name": "Custom Password Instructions", + "description": "Use this API to implement custom password instruction functionality.\nWith this functionality in place, administrators can create custom password instructions to help users reset their passwords, change them, unlock their accounts, or recover their usernames.\nThis allows administrators to emphasize password policies or provide organization-specific instructions.\n\nAdministrators must first use [Update Password Org Config](https://developer.sailpoint.com/docs/api/beta/put-password-org-config/) to set `customInstructionsEnabled` to `true`.\n\nOnce they have enabled custom instructions, they can use [Create Custom Password Instructions](https://developer.sailpoint.com/docs/api/beta/create-custom-password-instructions/) to create custom page content for the specific pageId they select.\n\nFor example, an administrator can use the pageId forget-username:user-email to set the custom text for the case when users forget their usernames and must enter their emails.\n\nRefer to [Creating Custom Instruction Text](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html#creating-custom-instruction-text) for more information about creating custom password instructions.\n" + }, + { + "name": "Discovered Applications", + "description": "Use this API to retrieve all the available discovered apps for a given tenant id.\n" + }, + { + "name": "Entitlements", + "description": "Use this API to implement and customize entitlement functionality.\nWith this functionality in place, administrators can view entitlements and configure them for use throughout Identity Security Cloud in certifications, access profiles, and roles.\nAdministrators in Identity Security Cloud can then grant users access to the entitlements or configure them so users themselves can request access to the entitlements whenever they need them.\nWith a good approval process, this entitlement functionality allows users to gain the specific access they need on sources quickly and securely.\n\nEntitlements represent access rights on sources.\nEntitlements are the most granular form of access in Identity Security Cloud.\nEntitlements are often grouped into access profiles, and access profiles themselves are often grouped into roles, the broadest form of access in Identity Security Cloud.\n\nFor example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization.\n\nAn administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement.\n\nAn administrator can then create an even broader set of access in the form of a role grouping the 'AD Developers' access profile with another profile, 'GitHub Developers,' grouping entitlements for the GitHub source.\n\nWhen users only need Active Directory employee access, they can request access to the 'Employees' entitlement.\n\nWhen users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile.\n\nWhen users need both the 'AD Developers' access profile and the 'GitHub Developers' access profile, they can request access to the role grouping both.\n\nAdministrators often use roles and access profiles within those roles to manage access so that users can gain access more quickly, but the hierarchy of access all starts with entitlements.\n\nAnywhere entitlements appear, you can select them to find more information about the following:\n\n- Cloud Access Details: These provide details about the cloud access entitlements on cloud-enabled sources.\n\n- Permissions: Permissions represent individual units of read/write/admin access to a system.\n\n- Relationships: These list each entitlement's parent and child relationships.\n\n- Type: This is the entitlement's type. Some sources support multiple types, each with a different attribute schema.\n\nIdentity Security Cloud uses entitlements in many features, including the following:\n\n- Certifications: Entitlements can be revoked from an identity that no longer needs them.\n\n- Roles: Roles can group access profiles which themselves group entitlements. You can grant and revoke access on a broad level with roles. Role membership criteria can grant roles to identities based on whether they have certain entitlements or attributes.\n\n- Access Profiles: Access profiles group entitlements.\nThey are the most important units of access in Identity Security Cloud.\nIdentity Security Cloud uses them in provisioning, certifications, and access requests, and administrators can configure them to grant very broad or very granular access.\n\nYou cannot delete entitlements directly from Identity Security Cloud.\nEntitlements are deleted based on their inclusion in aggregations.\n\nRefer to [Deleting Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html#deleting-entitlements) more information about deleting entitlements.\n\nRefer to [Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html) for more information about entitlements.\n" + }, + { + "name": "Global Tenant Security Settings", + "description": "Use this API to implement and customize global tenant security settings.\nWith this functionality in place, administrators can manage the global security settings that a tenant/org has.\nThis API can be used to configure the networks and Geographies allowed to access Identity Security Cloud URLs.\n" + }, + { + "name": "Governance Groups", + "description": "Use this API to implement and customize Governance Group functionality. With this functionality in place, administrators can create Governance Groups and configure them for use throughout Identity Security Cloud.\n\nA governance group is a group of users that can make governance decisions about access. If your organization has the Access Request or Certifications service, you can configure governance groups to review access requests or certifications. A governance group can determine whether specific access is appropriate for a user.\n\nRefer to [Creating and Managing Governance Groups](https://documentation.sailpoint.com/saas/help/common/users/governance_groups.html) for more information about how to build Governance Groups in the visual builder in the Identity Security Cloud UI.\n" + }, + { + "name": "IAI Access Request Recommendations" + }, + { + "name": "IAI Common Access" + }, + { + "name": "IAI Message Catalogs" + }, + { + "name": "IAI Outliers" + }, + { + "name": "IAI Peer Group Strategies" + }, + { + "name": "IAI Recommendations" + }, + { + "name": "IAI Role Mining" + }, + { + "name": "Icons", + "description": "Use this API to implement functionality related to object icons (application icons for example). \nWith this functionality in place, administrators can set or remove an icon for specific object type for use throughout Identity Security Cloud.\n" + }, + { + "name": "Identities", + "description": "Use this API to implement identity functionality.\nWith this functionality in place, administrators can synchronize an identity's attributes with its various source attributes.\n\nIdentity Security Cloud uses identities as users' authoritative accounts. Identities can own other accounts, entitlements, and attributes.\n\nAn identity has a variety of attributes, such as an account name, an email address, a job title, and more.\nThese identity attributes can be correlated with different attributes on different sources.\nFor example, the identity John.Smith can own an account in the GitHub source with the account name John-Smith-Org, and Identity Security Cloud knows they are the same person with the same access and attributes.\n\nIn Identity Security Cloud, administrators often set up these synchronizations to get triggered automatically with a change or to run on a schedule.\nTo manually synchronize attributes for an identity, administrators can use the Identities drop-down menu and select Identity List to view the list of identities.\nThey can then select the identity they want to manually synchronize and use the hamburger menu to select 'Synchronize Attributes.'\nDoing so immediately begins the attribute synchronization and analyzes all accounts for the selected identity.\n\nRefer to [Synchronizing Attributes](https://documentation.sailpoint.com/saas/help/provisioning/attr_sync.html) for more information about synchronizing attributes.\n" + }, + { + "name": "Identity Attributes" + }, + { + "name": "Identity History" + }, + { + "name": "Identity Profiles", + "description": "Use this API to implement identity profile functionality. \nWith this functionality in place, administrators can view identity profiles and their configurations. \n\nIdentity profiles represent the configurations that can be applied to identities as a way of granting them a set of security and access, as well as defining the mappings between their identity attributes and their source attributes. \n\nIn Identity Security Cloud, administrators can use the Identities drop-down menu and select Identity Profiles to view the list of identity profiles. \nThis list shows some details about each identity profile, along with its status. \nThey can select an identity profile to view its settings, its mappings between identity attributes and correlating source account attributes, and its provisioning settings. \n\nRefer to [Creating Identity Profiles](https://documentation.sailpoint.com/saas/help/setup/identity_profiles.html) for more information about identity profiles.\n" + }, + { + "name": "Lifecycle States", + "description": "Use this API to implement and customize lifecycle state functionality.\nWith this functionality in place, administrators can create and configure custom lifecycle states for use across their organizations, which is key to controlling which users have access, when they have access, and the access they have.\n\nA lifecycle state describes a user's status in a company. For example, two lifecycle states come by default with Identity Security Cloud: 'Active' and 'Inactive.' \nWhen an active employee takes an extended leave of absence from a company, his or her lifecycle state may change to 'Inactive,' for security purposes. \nThe inactive employee would lose access to all the applications, sources, and sensitive data during the leave of absence, but when the employee returns and becomes active again, all that access would be restored. \nThis saves administrators the time that would otherwise be spent provisioning the employee's access to each individual tool, reviewing the employee's certification history, etc. \n\nAdministrators can create a variety of custom lifecycle states. Refer to [Planning New Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#planning-new-lifecycle-states) for some custom lifecycle state ideas.\n\nAdministrators must define the criteria for being in each lifecycle state, and they must define how Identity Security Cloud manages users' access to apps and sources for each lifecycle state.\n\nIn Identity Security Cloud, administrators can manage lifecycle states by going to Admin > Identities > Identity Profile, selecting the identity profile whose lifecycle states they want to manage, selecting the 'Provisioning' tab, and using the left panel to either select the lifecycle state they want to modify or create a new lifecycle state. \n\nIn the 'Provisioning' tab, administrators can make the following access changes to an identity profile's lifecycle state: \n\n- Enable/disable the lifecycle state for the identity profile.\n\n- Enable/disable source accounts for the identity profile's lifecycle state.\n\n- Add existing access profiles to grant to the identity profiles in that lifecycle state.\n\n- Create a new access profile to grant to the identity profile in that lifecycle state.\n\nAccess profiles granted in a previous lifecycle state are automatically revoked when the identity moves to a new lifecycle state. \nTo maintain access across multiple lifecycle states, administrators must grant the access profiles in each lifecycle state. \nFor example, if an administrator wants users with the 'HR Employee' identity profile to maintain their building access in both the 'Active' and 'Leave of Absence' lifecycle states, the administrator must grant the access profile for that building access to both lifecycle states.\n\nDuring scheduled refreshes, Identity Security Cloud evaluates lifecycle states to determine whether their assigned identities have the access defined in the lifecycle states' access profiles. \nIf the identities are missing access, Identity Security Cloud provisions that access. \n\nAdministrators can also use the 'Provisioning' tab to configure email notifications for Identity Security Cloud to send whenever an identity with that identity profile has a lifecycle state change. \nRefer to [Configuring Lifecycle State Notifications](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#configuring-lifecycle-state-notifications) for more information on how to do so.\n\nAn identity's lifecycle state can have four different statuses: the lifecycle state's status can be 'Active,' it can be 'Not Set,' it can be 'Not Valid,' or it 'Does Not Match Technical Name Case.' \nRefer to [Moving Identities into Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#moving-identities-into-lifecycle-states) for more information about these different lifecycle state statuses. \n\nRefer to [Setting Up Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html) for more information about lifecycle states.\n" + }, + { + "name": "Managed Clients", + "description": "Read and create operations for client data and statuses" + }, + { + "name": "Managed Clusters", + "description": "Read and create pperations for client Clusters, including Log Configuration" + }, + { + "name": "Manual Discover Applications", + "description": "Use this API to manually upload application names to be correlated to an ISC connector.\n" + }, + { + "name": "Manual Discover Applications Template", + "description": "Use this API to download the CSV template to send to the application discovery service.\n" + }, + { + "name": "MFA Configuration", + "description": "Configure and test multifactor authentication (MFA) methods" + }, + { + "name": "MFA Controller", + "description": "This API used for multifactor authentication functionality belong to gov-multi-auth service. This controller allow you to verify authentication by specified method" + }, + { + "name": "Non-Employee Lifecycle Management", + "description": "Use this API to implement non-employee lifecycle management functionality. \nWith this functionality in place, administrators can create non-employee records and configure them for use in their organizations. \nThis allows organizations to provide secure access to non-employees and control that access. \n\nThe 'non-employee' term refers to any consultant, contractor, intern, or other user in an organization who is not a full-time permanent employee. \nOrganizations can track non-employees' access and activity in Identity Security Cloud by creating and maintaining non-employee sources. \nOrganizations can have a maximum of 50 non-employee sources. \n\nBy using SailPoint's Non-Employee Lifecycle Management functionality, you agree to the following:\n\n- SailPoint is not responsible for storing sensitive data. \nYou may only add account attributes to non-employee identities that are necessary for business operations and are consistent with your contractual limitations on data that may be sent or stored in Identity Security Cloud.\n\n- You are responsible for regularly downloading your list of non-employee accounts for all the sources you create and storing this list of accounts in a managed location to maintain an authoritative system of record and backup data for these accounts.\n\nTo manage non-employees in Identity Security Cloud, administrators must create a non-employee source and add accounts to the source. \n\nTo create a non-employee source in Identity Security Cloud, administrators must use the Admin panel to go to Connections > Sources.\nThey must then specify 'Non-Employee' in the 'Source Type' field. \nRefer to [Creating a Non-Employee Source](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html#creating-a-non-employee-source) for more details about how to create non-employee sources.\n\nTo add accounts to a non-employee source in Identity Security Cloud, administrators can select the non-employee source and add the accounts. \nThey can also use the 'Manage Non-Employees' widget on their user dashboards to reach the list of sources and then select the non-employee source they want to add the accounts to. \n\nAdministrators can either add accounts individually or in bulk. Each non-employee source can have a maximum of 20,000 accounts. \nTo add accounts in bulk, they must select the 'Bulk Upload' option and upload a CSV file. \nRefer to [Adding Accounts](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html#adding-accounts) for more details about how to add accounts to non-employee sources.\n\nOnce administrators have created the non-employee source and added accounts to it, they can create identity profiles to generate identities for the non-employee accounts and manage the non-employee identities the same way they would any other identities. \n\nRefer to [Managing Non-Employee Sources and Accounts](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html) for more information about non-employee lifecycle management.\n" + }, + { + "name": "Notifications" + }, + { + "name": "OAuth Clients", + "description": "Use this API to implement OAuth client functionality. \nWith this functionality in place, users with the appropriate security scopes can create and configure OAuth clients to use as a way to obtain authorization to use the Identity Security Cloud REST API.\nRefer to [Authentication](https://developer.sailpoint.com/docs/api/authentication/) for more information about OAuth and how it works with the Identity Security Cloud REST API.\n" + }, + { + "name": "Org Config", + "description": "Operations for managing org configuration settings (eg. time zone)" + }, + { + "name": "Password Configuration", + "description": "Use this API to implement organization password configuration functionality. \nWith this functionality in place, organization administrators can create organization-specific password configurations. \n\nThese configurations include details like custom password instructions, as well as digit token length and duration. \n\nRefer to [Configuring User Authentication for Password Resets](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html) for more information about organization password configuration functionality.\n" + }, + { + "name": "Password Dictionary", + "description": "Use this API to implement password dictionary functionality. \nWith this functionality in place, administrators can create password dictionaries to prevent users from using certain words or characters in their passwords. \n\nA password dictionary is a list of words or characters that users are prevented from including in their passwords. \nThis can help protect users from themselves and force them to create passwords that are not easy to break. \n\nA password dictionary must meet the following requirements to for the API to handle them correctly: \n\n- It must be in .txt format.\n\n- All characters must be UTF-8 characters. \n\n- Each line must contain a single word or character with no spaces or whitespace characters.\n\n- It must contain at least one line other than the locale string.\n\n- Each line must not exceed 128 characters.\n\n- The file must not exceed 2500 lines. \n\nAdministrators should also consider the following when they create their dictionaries: \n\n- Lines starting with a # represent comments.\n\n- All words in the password dictionary are case-insensitive. \nFor example, adding the word \"password\" to the dictionary also disallows the following: PASSWORD, Password, and PassWord.\n\n- The dictionary uses substring matching. \nFor example, adding the word \"spring\" to the dictionary also disallows the following: Spring124, 345SprinG, and 8spring.\nUsers can then select 'Change Password' to update their passwords. \n\nAdministrators must do the following to create a password dictionary: \n\n- Create the text file that will contain the prohibited password values.\n\n- If the dictionary is not in English, they must add a locale string to the top line: locale:`languageCode`_`countryCode`\n\nThe languageCode value refers to the language's 2-letter ISO 639-1 code.\nThe countryCode value refers to the country's 2-letter ISO 3166-1 code.\n\nRefer to this list https://docs.oracle.com/cd/E13214_01/wli/docs92/xref/xqisocodes.html to see all the available ISO 639-1 language codes and ISO 3166-1 country codes.\n\n- Upload the .txt file to Identity Security Cloud with [Update Password Dictionary](https://developer.sailpoint.com/docs/api/v3/put-password-dictionary). Uploading a new file always overwrites the previous dictionary file.\n\nAdministrators can then specify which password policies check new passwords against the password dictionary by doing the following: In the Admin panel, they can use the Password Mgmt dropdown menu to select Policies, select the policy, and select the 'Prevent use of words in this site's password dictionary' checkbox beside it.\n\nRefer to [Configuring Advanced Password Management Options](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html) for more information about password dictionaries.\n" + }, + { + "name": "Password Management", + "description": "Use this API to implement password management functionality. \nWith this functionality in place, users can manage their identity passwords for all their applications.\n\nIn Identity Security Cloud, users can select their names in the upper right corner of the page and use the drop-down menu to select Password Manager. \nPassword Manager lists the user's identity's applications, possibly grouped to share passwords. \nUsers can then select 'Change Password' to update their passwords. \n\nGrouping passwords allows users to update their passwords more broadly, rather than requiring them to update each password individually. \nPassword Manager may list the applications and sources in the following groups:\n\n- Password Group: This refers to a group of applications that share a password. \nFor example, a user can use the same password for Google Drive, Google Mail, and YouTube. \nUpdating the password for the password group updates the password for all its included applications.\n\n- Multi-Application Source: This refers to a source with multiple applications that share a password. \nFor example, a user can have a source, G Suite, that includes the Google Calendar, Google Drive, and Google Mail applications. \nUpdating the password for the multi-application source updates the password for all its included applications. \n\n- Applications: These are applications that do not share passwords with other applications.\n\nAn organization may require some authentication for users to update their passwords. \nUsers may be required to answer security questions or use a third-party authenticator before they can confirm their updates. \n\nRefer to [Managing Passwords](https://documentation.sailpoint.com/saas/user-help/accounts/passwords.html) for more information about password management.\n" + }, + { + "name": "Password Policies", + "description": "Use these APIs to implement password policies functionality.\nThese APIs allow you to define the policy parameters for choosing passwords.\n\nIdentityNow comes with a default policy that you can modify to define the password requirements your users must meet to log in to IdentityNow, such as requiring a minimum password length, including special characters, and disallowing certain patterns.\nIf you have licensed Password Management, you can create additional password policies beyond the default one to manage passwords for supported sources in your org.\n\nIn the Identity Security Cloud Admin panel, administrators can use the Password Mgmt dropdown menu to select Sync Groups.\nRefer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/pwd_policies/pwd_policies.html) for more information about password policies.\n" + }, + { + "name": "Password Sync Groups", + "description": "Use this API to implement password sync group functionality. \nWith this functionality in place, administrators can group sources into password sync groups so that all their applications share the same password. \nThis allows users to update the password for all the applications in a sync group if they want, rather than updating each password individually. \n\nA password sync group is a group of applications that shares a password. \nAdministrators create these groups by grouping the applications' sources. \nFor example, an administrator can group the ActiveDirectory, GitHub, and G Suite sources together so that all those sources' applications can also be grouped to share a password. \nA user can then update his or her password for ActiveDirectory, GitHub, Gmail, Google Drive, and Google Calendar all at once, rather then updating each one individually.\n\nThe following are required for administrators to create a password sync group in Identity Security Cloud: \n\n- At least two direct connect sources connected to Identity Security Cloud and configured for Password Management.\n\n- Each authentication source in a sync group must have at least one application. Refer to [Adding and Resetting Application Passwords](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html#adding-and-resetting-application-passwords) for more information about adding applications to sources.\n\n- At least one password policy. Refer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/policies.html) for more information about password policies. \n\nIn the Admin panel in Identity Security Cloud, administrators can use the Password Mgmt dropdown menu to select Sync Groups. \nTo create a sync group, administrators must provide a name, choose a password policy to be enforced across the sources in the sync group, and select the sources to include in the sync group. \n\nAdministrators can also delete sync groups in Identity Security Cloud, but they should know the following before they do: \n\n- Passwords related to the associated sources will become independent, so changing one will not change the others anymore. \n\n- Passwords for the sources' connected applications will also become independent. \n\n- Password policies assigned to the sync group are then assigned directly to the associated sources. \nTo change the password policy for a source, administrators must edit it directly. \n\nOnce the password sync group has been created, users can update the password for the group in Password Manager.\n\nRefer to [Managing Password Sync Groups](https://documentation.sailpoint.com/saas/help/pwd/sync_grps.html) for more information about password sync groups.\n" + }, + { + "name": "Personal Access Tokens", + "description": "Use this API to implement personal access token (PAT) functionality. \nWith this functionality in place, users can use PATs as an alternative to passwords for authentication in Identity Security Cloud. \n\nPATs embed user information into the client ID and secret. \nThis replaces the API clients' need to store and provide a username and password to establish a connection, improving Identity Security Cloud organizations' integration security. \n\nIn Identity Security Cloud, users can do the following to create and manage their PATs: Select the dropdown menu under their names, select Preferences, and then select Personal Access Tokens. \nThey must then provide a description about the token's purpose. \nThey can then select 'Create Token' at the bottom of the page to generate and view the Secret and Client ID. \n\nRefer to [Managing Personal Access Tokens](https://documentation.sailpoint.com/saas/help/common/generate_tokens.html) for more information about PATs.\n" + }, + { + "name": "Public Identities", + "description": "Use this API in conjunction with [Public Identites Config](https://developer.sailpoint.com/docs/api/v3/public-identities-config/) to enable non-administrators to view identities' publicly visible attributes. \nWith this functionality in place, non-administrators can view identity attributes other than the default attributes (email, lifecycle state, and manager), depending on which identity attributes their organization administrators have made public. \nThis can be helpful for access approvers, certification reviewers, managers viewing their direct reports' access, and source owners viewing their tasks.\n" + }, + { + "name": "Public Identities Config", + "description": "Use this API to implement public identity configuration functionality. \nWith this functionality in place, administrators can make up to 5 identity attributes publicly visible so other non-administrator users can see the relevant information they need to make decisions. \nThis can be helpful for approvers making approvals, certification reviewers, managers viewing their direct reports' access, and source owners viewing their tasks.\n\nBy default, non-administrators can select an identity and view the following attributes: email, lifecycle state, and manager. \nHowever, it may be helpful for a non-administrator reviewer to see other identity attributes like department, region, title, etc.\nAdministrators can use this API to make those necessary identity attributes public to non-administrators. \n\nFor example, a non-administrator deciding whether to approve another identity's request for access to the Workday application, whose access may be restricted to members of the HR department, would want to know whether the identity is a member of the HR department. \nIf an administrator has used [Update Public Identity Config](https://developer.sailpoint.com/docs/api/v3/update-public-identity-config/) to make the \"department\" attribute public, the approver can see the department and make a decision without requesting any more information.\n" + }, + { + "name": "Reports Data Extraction", + "description": "Use this API to implement reports lifecycle managing and monitoring.\nWith this functionality in place, users can run reports, view their results, and cancel reports in progress. \nThis can be potentially helpful for auditing purposes. \n" + }, + { + "name": "Requestable Objects", + "description": "Use this API to implement requestable object functionality. \nWith this functionality in place, administrators can determine which access items can be requested with the [Access Request APIs](https://developer.sailpoint.com/docs/api/v3/access-requests/), along with their statuses. \nThis can be helpful for administrators who are implementing and customizing access request functionality as a way of checking which items are requestable as they are created, assigned, and made available.\n" + }, + { + "name": "Role Insights" + }, + { + "name": "Roles", + "description": "Use this API to implement and customize role functionality.\nWith this functionality in place, administrators can create roles and configure them for use throughout Identity Security Cloud. \nIdentity Security Cloud can use established criteria to automatically assign the roles to qualified users. This enables users to get all the access they need quickly and securely and administrators to spend their time on other tasks.\n\nEntitlements represent the most granular level of access in Identity Security Cloud. \nAccess profiles represent the next level and often group entitlements. \nRoles represent the broadest level of access and often group access profiles. \n\nFor example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization.\n\nAn administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement.\n\nAn administrator can then create an even broader set of access in the form of a role grouping the 'AD Developers' access profile with another profile, 'GitHub Developers,' grouping entitlements for the GitHub source.\n\nWhen users only need Active Directory employee access, they can request access to the 'Employees' entitlement.\n\nWhen users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile.\n\nWhen users need both the 'AD Developers' access profile and the 'GitHub Developers' access profile, they can request access to the role grouping both. \n\nRoles often represent positions within organizations. \nFor example, an organization's accountant can access all the tools the organization's accountants need with the 'Accountant' role. \nIf the accountant switches to engineering, a qualified member of the organization can quickly revoke the accountant's 'Accountant' access and grant access to the 'Engineer' role instead, granting access to all the tools the organization's engineers need.\n\nIn Identity Security Cloud, adminstrators can use the Access drop-down menu and select Roles to view, configure, and delete existing roles, as well as create new ones. \nAdministrators can enable and disable the role, and they can also make the following configurations: \n\n- Manage Access: Manage the role's access by adding or removing access profiles.\n\n- Define Assignment: Define the criteria Identity Security Cloud uses to assign the role to identities. \nUse the first option, 'Standard Criteria,' to provide specific criteria for assignment like specific account attributes, entitlements, or identity attributes. \nUse the second, 'Identity List,' to specify the identities for assignment.\n\n- Access Requests: Configure roles to be requestable and establish an approval process for any requests that the role be granted or revoked. \nDo not configure a role to be requestable without establishing a secure access request approval process for that role first. \n\nRefer to [Working with Roles](https://documentation.sailpoint.com/saas/help/access/roles.html) for more information about roles.\n" + }, + { + "name": "Saved Search", + "description": "Use this API to implement saved search functionality. \nWith saved search functionality in place, users can save search queries and then view those saved searches, as well as rerun them. \n\nSearch queries in Identity Security Cloud can grow very long and specific, which can make reconstructing them difficult or tedious, so it can be especially helpful to save search queries. \nIt also opens the possibility to configure Identity Security Cloud to run the saved queries on a schedule, which is essential to detecting user information and access changes throughout an organization's tenant and across all its sources. \nRefer to [Scheduled Search](https://developer.sailpoint.com/docs/api/v3/scheduled-search/) for more information about running saved searches on a schedule. \n\nIn Identity Security Cloud, users can save searches under a name, and then they can access that saved search and run it again when they want. \n\nRefer to [Managing Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html) for more information about saving searches and using them.\n" + }, + { + "name": "Scheduled Search", + "description": "Use this API to implement scheduled search functionality. \nWith scheduled search functionality in place, users can run saved search queries on their tenants on a schedule, and Identity Security Cloud emails them the search results. \nUsers can also share these search results with other users by email by adding those users as subscribers, or those users can subscribe themselves. \n\nOne of the greatest benefits of saving searches is the ability to run those searches on a schedule. \nThis is essential for organizations to constantly detect any changes to user information or access throughout their tenants and across all their sources. \nFor example, the manager Amanda Ross can schedule a saved search \"manager.name:amanda.ross AND attributes.location:austin\" on a schedule to regularly stay aware of changes with the Austin employees reporting to her.\nIdentity Security Cloud emails her the search results when the search runs, so she can work on other tasks instead of actively running this search.\n\nIn Identity Security Cloud, scheduling a search involves a subscription. \nUsers can create a subscription for a saved search and schedule it to run daily, weekly, or monthly (you can only use one schedule option at a time). \nThe user can add other identities as subscribers so when the scheduled search runs, the subscribers and the user all receive emails. \n\nBy default, subscriptions exclude detailed results from the emails, for security purposes. \nIncluding detailed results about user access in an email may expose sensitive information.\nHowever, the subscription creator can choose to include the information in the emails. \n\nBy default, Identity Security Cloud sends emails to the subscribers even when the searches do not return new results. \nHowever, the subscription creator can choose to suppress these empty emails. \n\nUsers can also subscribe to saved searches that already have existing subscriptions so they receive emails when the searches run. \nA saved search can have up to 10 subscriptions configured at a time. \n\nThe subscription creator can enable, disable, or delete the subscription. \n\nRefer to [Subscribing to Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html#subscribing-to-saved-searches) for more information about scheduling searches and subscribing to them.\n" + }, + { + "name": "Search", + "description": "Use this API to implement search functionality. \nWith search functionality in place, users can search their tenants for nearly any information from throughout their organizations. \n\nIdentity Security Cloud enables organizations to store user data from across all their connected sources and manage the users' access, so the ability to query and filter that data is essential. \nIts search goes through all those sources and finds the results quickly and specifically. \n\nThe search query is flexible - it can be very broad or very narrow. \nThe search only returns results for searchable objects it is filtering for. \nThe following objects are searchable: identities, roles, access profiles, entitlements, events, and account activities. \nBy default, no filter is applied, so a search for \"Ad\" returns both the identity \"Adam.Archer\" as well as the role \"Administrator.\"\n\nUsers can further narrow their results by using Identity Security Cloud's specific syntax and punctuation to structure their queries. \nFor example, the query \"attributes.location:austin AND NOT manager.name:amanda.ross\" returns all results associated with the Austin location, but it excludes those associated with the manager Amanda Ross.\nRefer to [Building a Search Query](https://documentation.sailpoint.com/saas/help/search/building-query.html) for more information about how to construct specific search queries. \n\nRefer to [Using Search](https://documentation.sailpoint.com/saas/help/search/index.html) for more information about Identity Security Cloud's search and its different possibilities. \n\nThe search feature uses Elasticsearch as a datastore and query engine. \nThe power of Elasticsearch makes this feature suitable for ad-hoc reporting.\nHowever, data from the operational databases (ex. identities, roles, events, etc) has to be ingested into Elasticsearch. \nThis ingestion process introduces a latency from when the operational data is created to when it is available in search. \nDepending on the system load, this can take a few seconds to a few minutes. \nPlease keep this latency in mind when you use search.\n" + }, + { + "name": "Search Attribute Configuration" + }, + { + "name": "Segments", + "description": "Use this API to implement and customize access request segment functionality. \nWith this functionality in place, administrators can create and manage access request segments. \nSegments provide organizations with a way to make the access their users have even more granular - this can simply the access request process for the organization's users and improves security by reducing the risk of overprovisoning access. \n\nSegments represent sets of identities, all grouped by specified identity attributes, who are only able to see and access the access items associated with their segments.\nFor example, administrators could group all their organization's London office employees into one segment, \"London Office Employees,\" by their shared location. \nThe administrators could then define the access items the London employees would need, and the identities in the \"London Office Employees\" would then only be able to see and access those items.\n\nIn Identity Security Cloud, administrators can use the 'Access' drop-down menu and select 'Segments' to reach the 'Access Requests Segments' page. \nThis page lists all the existing access request segments, along with their statuses, enabled or disabled. \nAdministrators can use this page to create, edit, enable, disable, and delete segments. \nTo create a segment, an administrator must provide a name, define the identities grouped in the segment, and define the items the identities in the segment can access.\nThese items can be access profiles, roles, or entitlements. \n\nWhen administrators use the API to create and manage segments, they use a JSON expression in the `visibilityCriteria` object to define the segment's identities and access items. \n\nRefer to [Managing Access Request Segments](https://documentation.sailpoint.com/saas/help/requests/segments.html) for more information about segments in Identity Security Cloud.\n" + }, + { + "name": "Service Desk Integration", + "description": "Use this API to build an integration between Identity Security Cloud and a service desk ITSM (IT service management) solution. \nOnce an administrator builds this integration between Identity Security Cloud and a service desk, users can use Identity Security Cloud to raise and track tickets that are synchronized between Identity Security Cloud and the service desk. \n\nIn Identity Security Cloud, administrators can create a service desk integration (sometimes also called an SDIM, or Service Desk Integration Module) by going to Admin > Connections > Service Desk and selecting 'Create.'\n\nTo create a Generic Service Desk integration, for example, administrators must provide the required information on the General Settings page, the Connectivity and Authentication information, Ticket Creation information, Status Mapping information, and Requester Source information on the Configure page. \nRefer to [Integrating SailPoint with Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html) for more information about the process of setting up a Generic Service Desk in Identity Security Cloud.\n\nAdministrators can create various service desk integrations, all with their own nuances. \nThe following service desk integrations are available: \n\n- [Atlassian Cloud Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_cloud/help/integrating_jira_cloud_sd/introduction.html)\n\n- [Atlassian Server Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_server/help/integrating_jira_server_sd/introduction.html)\n\n- [BMC Helix ITSM Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_ITSM_sd/help/integrating_bmc_helix_itsm_sd/intro.html)\n\n- [BMC Helix Remedyforce Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_remedyforce_sd/help/integrating_bmc_helix_remedyforce_sd/intro.html)\n\n- [Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html)\n\n- [ServiceNow Service Desk](https://documentation.sailpoint.com/connectors/servicenow/sdim/help/integrating_servicenow_sdim/intro.html)\n\n- [Zendesk Service Desk](https://documentation.sailpoint.com/connectors/zendesk/help/integrating_zendesk_sd/introduction.html)\n" + }, + { + "name": "SIM Integrations", + "description": "Use this API to administer IdentityNow's Service Integration Module, or SIM integration with ServiceNow, so that it converts IdentityNow provisioning actions into tickets in ServiceNow.\n\nServiceNow is a software platform that supports IT service management and automates common business processes for requesting and fulfilling service requests across a business enterprise.\n\nYou must have an IdentityNow ServiceNow ServiceDesk license to use this integration. Contact your Customer Success Manager for more information.\n\nService Desk integration for IdentityNow and in deprecation - not available for new implementation, as of July 21st, 2021. As per SailPoint’s [support policy](https://community.sailpoint.com/t5/Connector-Directory/SailPoint-Support-Policy-for-Connectivity/ta-p/79422), all existing SailPoint IdentityNow customers using this legacy integration will be supported until July 2022.\n" + }, + { + "name": "SOD Policies", + "description": "Use this API to implement and manage \"separation of duties\" (SOD) policies. \nWith SOD policy functionality in place, administrators can organize the access in their tenants to prevent individuals from gaining conflicting or excessive access. \n\n\"Separation of duties\" refers to the concept that people shouldn't have conflicting sets of access - all their access should be configured in a way that protects your organization's assets and data. \nFor example, people who record monetary transactions shouldn't be able to issue payment for those transactions.\nAny changes to major system configurations should be approved by someone other than the person requesting the change. \n\nOrganizations can use \"separation of duties\" (SOD) policies to enforce and track their internal security rules throughout their tenants.\nThese SOD policies limit each user's involvement in important processes and protects the organization from individuals gaining excessive access. \n\nTo create SOD policies in Identity Security Cloud, administrators use 'Search' and then access 'Policies'.\nTo create a policy, they must configure two lists of access items. Each access item can only be added to one of the two lists.\nThey can search for the entitlements they want to add to these access lists.\n\n>Note: You can have a maximum of 500 policies of any type (including general policies) in your organization. In each access-based SOD policy, you can have a maximum of 50 entitlements in each access list. \n\nOnce a SOD policy is in place, if an identity has access items on both lists, a SOD violation will trigger. \nThese violations are included in SOD violation reports that other users will see in emails at regular intervals if they're subscribed to the SOD policy.\nThe other users can then better help to enforce these SOD policies. \n\nTo create a subscription to a SOD policy in Identity Security Cloud, administrators use 'Search' and then access 'Layers'.\nThey can create a subscription to the policy and schedule it to run at a regular interval. \n\nRefer to [Managing Policies](https://documentation.sailpoint.com/saas/help/sod/manage-policies.html) for more information about SOD policies. \n\nRefer to [Subscribe to a SOD Policy](https://documentation.sailpoint.com/saas/help/sod/policy-violations.html#subscribe-to-an-sod-policy) for more information about SOD policy subscriptions.\n" + }, + { + "name": "SOD Violations", + "description": "Use this API to check for current \"separation of duties\" (SOD) policy violations as well as potential future SOD policy violations. \nWith SOD violation functionality in place, administrators can get information about current SOD policy violations and predict whether an access change will trigger new violations, which helps to prevent them from occurring at all. \n\n\"Separation of duties\" refers to the concept that people shouldn't have conflicting sets of access - all their access should be configured in a way that protects your organization's assets and data. \nFor example, people who record monetary transactions shouldn't be able to issue payment for those transactions.\nAny changes to major system configurations should be approved by someone other than the person requesting the change. \n\nOrganizations can use \"separation of duties\" (SOD) policies to enforce and track their internal security rules throughout their tenants.\nThese SOD policies limit each user's involvement in important processes and protects the organization from individuals gaining excessive access. \n\nOnce a SOD policy is in place, if an identity has conflicting access items, a SOD violation will trigger. \nThese violations are included in SOD violation reports that other users will see in emails at regular intervals if they're subscribed to the SOD policy.\nThe other users can then better help to enforce these SOD policies.\n\nAdministrators can use the SOD violations APIs to check a set of identities for any current SOD violations, and they can use them to check whether adding an access item would potentially trigger a SOD violation. \nThis second option is a good way to prevent SOD violations from triggering at all. \n\nRefer to [Handling Policy Violations](https://documentation.sailpoint.com/saas/help/sod/policy-violations.html) for more information about SOD policy violations. \n" + }, + { + "name": "Source Usages", + "description": "Use this API to implement source usage insight functionality.\nWith this functionality in place, administrators can gather information and insights about how their tenants' sources are being used.\nThis allows organizations to get the information they need to start optimizing and securing source usage.\n" + }, + { + "name": "Sources", + "description": "Use this API to implement and customize source functionality. \nWith source functionality in place, organizations can use Identity Security Cloud to connect their various sources and user data sets and manage access across all those different sources in a secure, scalable way. \n\n[Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) refer to the Identity Security Cloud representations for external applications, databases, and directory management systems that maintain their own sets of users, like Dropbox, GitHub, and Workday, for example.\nOrganizations may use hundreds, if not thousands, of different source systems, and any one employee within an organization likely has a different user record on each source, often with different permissions on many of those records. \nConnecting these sources to Identity Security Cloud makes it possible to manage user access across them all.\nThen, if a new hire starts at an organization, Identity Security Cloud can grant the new hire access to all the sources they need.\nIf an employee moves to a new department and needs access to new sources but no longer needs access to others, Identity Security Cloud can grant the necessary access and revoke the unnecessary access for all the employee's various sources. \nIf an employee leaves the company, Identity Security Cloud can revoke access to all the employee's various source accounts immediately. \nThese are just a few examples of the many ways that source functionality makes identity governance easier, more efficient, and more secure. \n\nIn Identity Security Cloud, administrators can create configure, manage, and edit sources, and they can designate other users as source admins to be able to do so.\nThey can also designate users as source sub-admins, who can perform the same source actions but only on sources associated with their governance groups.\nAdmins go to Connections > Sources to see a list of the existing source representations in their organizations. \nThey can create new sources or select existing ones. \n\nTo create a new source, the following must be specified: Source Name, Description, Source Owner, and Connection Type.\nRefer to [Configuring a Source](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html#configuring-a-source) for more information about the source configuration process. \n\nIdentity Security Cloud connects with its sources either by a direct communication with the source server (connection information specific to the source must be provided) or a flat file feed, a CSV file containing all the relevant information about the accounts to be loaded in.\nDifferent sources use different connectors to share data with Identity Security Cloud, and each connector's setup process is specific to that connector. \nSailPoint has built a number of connectors to come out of the box and connect to the most common sources, and SailPoint actively maintains these connectors.\nRefer to [Identity Security Cloud Connectors](https://documentation.sailpoint.com/connectors/identitynow/landingpages/help/landingpages/identitynow_connectivity_landing.html) for more information about these SailPoint supported connectors. \nRefer to the following links for more information about two useful connectors: \n\n- [JDBC Connector](https://documentation.sailpoint.com/connectors/jdbc/help/integrating_jdbc/introduction.html): This customizable connector an directly connect to databases that support JDBC (Java Database Connectivity).\n\n- [Web Services Connector](https://documentation.sailpoint.com/connectors/webservices/help/integrating_webservices/introduction.html): This connector can directly connect to databases that support Web Services. \n\nRefer to [SaaS Connectivity](https://developer.sailpoint.com/docs/connectivity/saas-connectivity/) for more information about SailPoint's new connectivity framework that makes it easy to build and manage custom connectors to SaaS sources. \n\nWhen admins select existing sources, they can view the following information about the source:\n\n- Associated connections (any associated identity profiles, apps, or references to the source in a transform).\n\n- Associated user accounts. These accounts are linked to their identities - this provides a more complete picture of each user's access across sources.\n\n- Associated entitlements (sets of access rights on sources).\n\n- Associated access profiles (groupings of entitlements). \n\nThe user account data and the entitlements update with each data aggregation from the source. \nOrganizations generally run scheduled, automated data aggregations to ensure that their data is always in sync between their sources and their Identity Security Cloud tenants so an access change on a source is detected quickly in Identity Security Cloud.\nAdmins can view a history of these aggregations, and they can also run manual imports. \nRefer to [Loading Account Data](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html) for more information about manual and scheduled aggregations. \n\nAdmins can also make changes to determine which user account data Identity Security Cloud collects from the source and how it correlates that account data with identity data. \nTo define which account attributes the source shares with Identity Security Cloud, admins can edit the account schema on the source.\nRefer to [Managing Source Account Schemas](https://documentation.sailpoint.com/saas/help/accounts/schema.html) for more information about source account schemas and how to edit them. \nTo define the mapping between the source account attributes and their correlating identity attributes, admins can edit the correlation configuration on the source. \nRefer to [Assigning Source Accounts to Identities](https://documentation.sailpoint.com/saas/help/accounts/correlation.html) for more information about this correlation process between source accounts and identities.\n\nAdmins can also delete sources, but they must first ensure that the sources no longer have any active connections: the source must not be associated with any identity profile or any app, and it must not be referenced by any transform.\nRefer to [Deleting Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html#deleting-sources) for more information about deleting sources. \n\nWell organized, mapped out connections between sources and Identity Security Cloud are essential to achieving comprehensive identity access governance across all the source systems organizations need. \nRefer to [Managing Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) for more information about all the different things admins can do with sources once they are connected.\n" + }, + { + "name": "SP-Config", + "description": "Import and export configuration for some objects between tenants." + }, + { + "name": "Suggested Entitlement Description", + "description": "Use this API to leverage power of LLM to generate suggested entitlement description.\n" + }, + { + "name": "Tagged Objects", + "description": "Use this API to implement object tagging functionality. \nWith object tagging functionality in place, any user in an organization can use tags as a way to group objects together and find them more quickly when the user searches Identity Security Cloud. \n\nIn Identity Security Cloud, users can search their tenants for information and add tags objects they find.\nTagging an object provides users with a way of grouping objects together and makes it easier to find these objects in the future. \n\nFor example, if a user is searching for an entitlement that grants a risky level of access to Active Directory, it's possible that the user may have to search through hundreds of entitlements to find the correct one. \nOnce the user finds that entitlement, the user can add a tag to the entitlement, \"AD_RISKY\" to make it easier to find the entitlement again.\nThe user can add the same tag to multiple objects the user wants to group together for an easy future search, and the user can also do so in bulk.\nWhen the user wants to find that tagged entitlement again, the user can search for \"tags:AD_RISKY\" to find all objects with that tag. \n\nWith the API, you can tag even more different object types than you can in Identity Security Cloud (access profiles, entitlements, identities, and roles). \nYou can use the API to tag all these objects:\n\n- Access profiles \n\n- Applications \n\n- Certification campaigns\n\n- Entitlements\n\n- Identities \n\n- Roles \n\n- SOD (separation of duties) policies\n\n- Sources \n\nYou can also use the API to directly find, create, and manage tagged objects without using search queries. \n\nThere are limits to tags: \n\n- You can have up to 500 different tags in your tenant.\n\n- You can apply up to 30 tags to one object. \n\n- You can have up to 10,000 tag associations, pairings of 1 tag to 1 object, in your tenant. \n\nBecause of these limits, it is recommended that you work with your governance experts and security teams to establish a list of tags that are most expressive of governance objects and access managed by Identity Security Cloud. \n\nThese are the types of information often expressed in tags: \n\n- Affected departments\n\n- Compliance and regulatory categories \n\n- Remediation urgency levels \n\n- Risk levels \n\nRefer to [Tagging Items in Search](https://documentation.sailpoint.com/saas/help/search/index.html?h=tags#tagging-items-in-search) for more information about tagging objects in Identity Security Cloud. \n" + }, + { + "name": "Task Management" + }, + { + "name": "Tenant", + "description": "API for reading tenant details." + }, + { + "name": "Transforms", + "description": "The purpose of this API is to expose functionality for the manipulation of Transform objects.\nTransforms are a form of configurable objects which define an easy way to manipulate attribute data without having\nto write code. These endpoints don't require API calls to other resources, audit service is used for keeping track\nof which users have made changes to the Transforms.\n\nRefer to [Transforms](https://developer.sailpoint.com/docs/extensibility/transforms/) for more information about transforms.\n" + }, + { + "name": "Triggers", + "description": "Event Triggers provide real-time updates to changes in Identity Security Cloud so you can take action as soon as an event occurs, rather than poll an API endpoint for updates. Identity Security Cloud provides a user interface within the admin console to create and manage trigger subscriptions. These endpoints allow for programatically creating and managing trigger subscriptions.\n\nThere are two types of event triggers:\n * `FIRE_AND_FORGET`: This trigger type will send a payload to each subscriber without needing a response. Each trigger of this type has a limit of **50 subscriptions**.\n * `REQUEST_RESPONSE`: This trigger type will send a payload to a subscriber and expect a response back. Each trigger of this type may only have **one subscription**.\n\n## Available Event Triggers\nProduction ready event triggers that are available in all tenants.\n\n| Name | ID | Type | Trigger condition |\n|-|-|-|-|\n| [Access Request Dynamic Approval](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-dynamic-approval/) | idn:access-request-dynamic-approver | REQUEST_RESPONSE |After an access request is submitted. Expects the subscriber to respond with the ID of an identity or workgroup to add to the approval workflow. |\n| [Access Request Decision](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-decision/) | idn:access-request-post-approval | FIRE_AND_FORGET | After an access request is approved. |\n| [Access Request Submitted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-submitted/) | idn:access-request-pre-approval | REQUEST_RESPONSE | After an access request is submitted. Expects the subscriber to respond with an approval decision. |\n| [Account Aggregation Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:account-aggregation-completed | FIRE_AND_FORGET | After an account aggregation completed, terminated, failed. |\n| Account Attributes Changed | idn:account-attributes-changed | FIRE_AND_FORGET | After an account aggregation, and one or more account attributes have changed. |\n| Account Correlated | idn:account-correlated | FIRE_AND_FORGET | After an account is added to an identity. |\n| Accounts Collected for Aggregation | idn:aggregation-accounts-collected | FIRE_AND_FORGET | New, changed, and deleted accounts have been gathered during an aggregation and are being processed. |\n| Account Uncorrelated | idn:account-uncorrelated | FIRE_AND_FORGET | After an account is removed from an identity. |\n| Campaign Activated | idn:campaign-activated | FIRE_AND_FORGET | After a campaign is activated. |\n| Campaign Ended | idn:campaign-ended | FIRE_AND_FORGET | After a campaign ends. |\n| Campaign Generated | idn:campaign-generated | FIRE_AND_FORGET | After a campaign finishes generating. |\n| Certification Signed Off | idn:certification-signed-off | FIRE_AND_FORGET | After a certification is signed off by its reviewer. |\n| [Identity Attributes Changed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:identity-attributes-changed | FIRE_AND_FORGET | After One or more identity attributes changed. |\n| [Identity Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-created/) | idn:identity-created | FIRE_AND_FORGET | After an identity is created. |\n| [Provisioning Action Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/provisioning-completed/) | idn:post-provisioning | FIRE_AND_FORGET | After a provisioning action completed on a source. |\n| [Scheduled Search](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/scheduled-search/) | idn:saved-search-complete | FIRE_AND_FORGET | After a scheduled search completed. |\n| [Source Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-created/) | idn:source-created | FIRE_AND_FORGET | After a source is created. |\n| [Source Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-deleted/) | idn:source-deleted | FIRE_AND_FORGET | After a source is deleted. |\n| [Source Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-updated/) | idn:source-updated | FIRE_AND_FORGET | After configuration changes have been made to a source. |\n| [VA Cluster Status Change](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/va-cluster-status-change/) | idn:va-cluster-status-change | FIRE_AND_FORGET | After the status of a VA cluster has changed. |\n\n## Early Access Event Triggers\nTriggers that are in-development and not ready for production use. Please contact support to enable these triggers in your tenant.\n\n| Name | ID | Type | Trigger condition |\n|-|-|-|-|\n| [Identity Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-deleted/) | idn:identity-deleted | FIRE_AND_FORGET | After an identity is deleted. |\n| [Source Account Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-created/) | idn:source-account-created | FIRE_AND_FORGET | After a source account is created. |\n| [Source Account Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-deleted/) | idn:source-account-deleted | FIRE_AND_FORGET | After a source account is deleted. |\n| [Source Account Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-updated/) | idn:source-account-updated | FIRE_AND_FORGET | After a source account is changed. |\n" + }, + { + "name": "UI Metadata", + "description": "API for managing UI Metadata. Use this API to manage metadata about your User Interface.\nFor example you can set the iFrameWhitelist parameter to permit another domain to encapsulate IDN within an iframe or set the usernameEmptyText to change the placeholder text for Username on your tenant's login screen." + }, + { + "name": "Vendor Connector Mappings", + "description": "Use this API to manage mappings between various SaaS vendors and Identity Security Cloud (ISC) connectors.\n" + }, + { + "name": "Work Items", + "description": "Use this API to implement work item functionality. \nWith this functionality in place, users can manage their work items (tasks). \n\nWork items refer to the tasks users see in Identity Security Cloud's Task Manager. \nThey can see the pending work items they need to complete, as well as the work items they have already completed. \nTask Manager lists the work items along with the involved sources, identities, accounts, and the timestamp when the work item was created. \nFor example, a user may see a pending 'Create an Account' work item for the identity Fred.Astaire in GitHub for Fred's GitHub account, fred-astaire-sp. \nOnce the user completes the work item, the work item will be listed with his or her other completed work items. \n\nTo complete work items, users can use their dashboards and select the 'My Tasks' widget. \nThe widget will list any work items they need to complete, and they can select the work item from the list to review its details. \nWhen they complete the work item, they can select 'Mark Complete' to add it to their list of completed work items. \n\nRefer to [Task Manager](https://documentation.sailpoint.com/saas/user-help/task_manager.html) for more information about work items, including the different types of work items users may need to complete.\n" + }, + { + "name": "Work Reassignment", + "description": "Use this API to implement work reassignment functionality.\n\nWork Reassignment allows access request reviews, certifications, and manual provisioning tasks assigned to a user to be reassigned to a different user. This is primarily used for:\n\n- Temporarily redirecting work for users who are out of office, such as on vacation or sick leave\n- Permanently redirecting work for users who should not be assigned these tasks at all, such as senior executives or service identities\n\nUsers can define reassignments for themselves, managers can add them for their team members, and administrators can configure them on any user’s behalf. Work assigned during the specified reassignment timeframes will be automatically reassigned to the designated user as it is created.\n\nRefer to [Work Reassignment](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html) for more information about this topic.\n" + }, + { + "name": "Workflows", + "description": "Workflows allow administrators to create custom automation scripts directly within Identity Security Cloud. These automation scripts respond to [event triggers](https://developer.sailpoint.com/docs/extensibility/event-triggers/#how-to-get-started-with-event-triggers) and perform a series of actions to perform tasks that are either too cumbersome or not available in the Identity Security Cloud UI. Workflows can be configured via a graphical user interface within Identity Security Cloud, or by creating and uploading a JSON formatted script to the Workflow service. The Workflows API collection provides the necessary functionality to create, manage, and test your workflows via REST.\n" + } + ], + "paths": { + "/access-profiles": { + "get": { + "operationId": "listAccessProfiles", + "tags": [ + "Access Profiles" + ], + "summary": "List Access Profiles", + "description": "Use this API to get a list of access profiles.\nA token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n>**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank. ", + "parameters": [ + { + "in": "query", + "name": "for-subadmin", + "schema": { + "type": "string" + }, + "description": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID.\n\nA 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin.", + "example": "8c190e6787aa4ed9a90bd9d5344523fb", + "required": false + }, + { + "in": "query", + "name": "limit", + "description": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 50, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 50, + "default": 50 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*\n\n**source.id**: *eq, in*\n\nComposite operators supported: *and, or*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "example": "name eq \"SailPoint Support\"", + "required": false + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "example": "name,-modified", + "required": false + }, + { + "in": "query", + "name": "for-segment-ids", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "example": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d", + "required": false + }, + { + "in": "query", + "name": "include-unsegmented", + "schema": { + "type": "boolean", + "default": true + }, + "description": "Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "example": false, + "required": false + } + ], + "responses": { + "200": { + "description": "List of access profiles.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Access Profile", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Access Profile", + "example": "2c91808a7190d06e01719938fcd20792", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name of the Access Profile", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Information about the Access Profile", + "example": "Collection of entitlements to read/write the employee database" + }, + "created": { + "type": "string", + "description": "Date the Access Profile was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Access Profile was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "enabled": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement.", + "example": true + }, + "owner": { + "description": "Owner of the Access Profile", + "type": "object", + "nullable": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Source with with which the Access Profile is associated", + "example": "2c91809773dee3610173fdb0b6061ef4" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "The type of the Source, will always be SOURCE", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The display name of the associated Source", + "example": "ODS-AD-SOURCE" + } + } + }, + "entitlements": { + "type": "array", + "nullable": true, + "description": "A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement.", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "requestable": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.", + "example": true + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "description": "List of IDs of segments, if any, to which this Access Profile is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "provisioningCriteria": { + "description": "When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.", + "nullable": true, + "example": { + "operation": "OR", + "children": [ + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "CONTAINS", + "value": "useast" + }, + { + "attribute": "manager", + "operation": "CONTAINS", + "value": "Scott.Clark" + } + ] + }, + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "EQUALS", + "value": "Gibson" + }, + { + "attribute": "telephoneNumber", + "operation": "CONTAINS", + "value": "512" + } + ] + } + ] + }, + "type": "object", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "string", + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null, + "nullable": true + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + } + }, + "required": [ + "owner", + "name", + "source" + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:access-profile:read" + ] + } + ] + }, + "post": { + "operationId": "createAccessProfile", + "tags": [ + "Access Profiles" + ], + "summary": "Create Access Profile", + "description": "Use this API to create an access profile.\nA token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a token with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile's Source.\nThe maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles. However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Access Profile", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Access Profile", + "example": "2c91808a7190d06e01719938fcd20792", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name of the Access Profile", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Information about the Access Profile", + "example": "Collection of entitlements to read/write the employee database" + }, + "created": { + "type": "string", + "description": "Date the Access Profile was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Access Profile was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "enabled": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement.", + "example": true + }, + "owner": { + "description": "Owner of the Access Profile", + "type": "object", + "nullable": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Source with with which the Access Profile is associated", + "example": "2c91809773dee3610173fdb0b6061ef4" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "The type of the Source, will always be SOURCE", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The display name of the associated Source", + "example": "ODS-AD-SOURCE" + } + } + }, + "entitlements": { + "type": "array", + "nullable": true, + "description": "A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement.", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "requestable": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.", + "example": true + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "description": "List of IDs of segments, if any, to which this Access Profile is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "provisioningCriteria": { + "description": "When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.", + "nullable": true, + "example": { + "operation": "OR", + "children": [ + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "CONTAINS", + "value": "useast" + }, + { + "attribute": "manager", + "operation": "CONTAINS", + "value": "Scott.Clark" + } + ] + }, + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "EQUALS", + "value": "Gibson" + }, + { + "attribute": "telephoneNumber", + "operation": "CONTAINS", + "value": "512" + } + ] + } + ] + }, + "type": "object", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "string", + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null, + "nullable": true + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + } + }, + "required": [ + "owner", + "name", + "source" + ] + } + } + } + }, + "responses": { + "201": { + "description": "Access profile created.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Access Profile", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Access Profile", + "example": "2c91808a7190d06e01719938fcd20792", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name of the Access Profile", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Information about the Access Profile", + "example": "Collection of entitlements to read/write the employee database" + }, + "created": { + "type": "string", + "description": "Date the Access Profile was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Access Profile was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "enabled": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement.", + "example": true + }, + "owner": { + "description": "Owner of the Access Profile", + "type": "object", + "nullable": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Source with with which the Access Profile is associated", + "example": "2c91809773dee3610173fdb0b6061ef4" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "The type of the Source, will always be SOURCE", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The display name of the associated Source", + "example": "ODS-AD-SOURCE" + } + } + }, + "entitlements": { + "type": "array", + "nullable": true, + "description": "A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement.", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "requestable": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.", + "example": true + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "description": "List of IDs of segments, if any, to which this Access Profile is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "provisioningCriteria": { + "description": "When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.", + "nullable": true, + "example": { + "operation": "OR", + "children": [ + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "CONTAINS", + "value": "useast" + }, + { + "attribute": "manager", + "operation": "CONTAINS", + "value": "Scott.Clark" + } + ] + }, + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "EQUALS", + "value": "Gibson" + }, + { + "attribute": "telephoneNumber", + "operation": "CONTAINS", + "value": "512" + } + ] + } + ] + }, + "type": "object", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "string", + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null, + "nullable": true + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + } + }, + "required": [ + "owner", + "name", + "source" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:access-profile:manage" + ] + } + ] + } + }, + "/access-profiles/{id}": { + "get": { + "operationId": "getAccessProfile", + "tags": [ + "Access Profiles" + ], + "summary": "Get an Access Profile", + "description": "This API returns an Access Profile by its ID.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "ID of the Access Profile", + "example": "2c9180837ca6693d017ca8d097500149" + } + ], + "responses": { + "200": { + "description": "An AccessProfile", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Access Profile", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Access Profile", + "example": "2c91808a7190d06e01719938fcd20792", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name of the Access Profile", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Information about the Access Profile", + "example": "Collection of entitlements to read/write the employee database" + }, + "created": { + "type": "string", + "description": "Date the Access Profile was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Access Profile was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "enabled": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement.", + "example": true + }, + "owner": { + "description": "Owner of the Access Profile", + "type": "object", + "nullable": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Source with with which the Access Profile is associated", + "example": "2c91809773dee3610173fdb0b6061ef4" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "The type of the Source, will always be SOURCE", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The display name of the associated Source", + "example": "ODS-AD-SOURCE" + } + } + }, + "entitlements": { + "type": "array", + "nullable": true, + "description": "A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement.", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "requestable": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.", + "example": true + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "description": "List of IDs of segments, if any, to which this Access Profile is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "provisioningCriteria": { + "description": "When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.", + "nullable": true, + "example": { + "operation": "OR", + "children": [ + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "CONTAINS", + "value": "useast" + }, + { + "attribute": "manager", + "operation": "CONTAINS", + "value": "Scott.Clark" + } + ] + }, + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "EQUALS", + "value": "Gibson" + }, + { + "attribute": "telephoneNumber", + "operation": "CONTAINS", + "value": "512" + } + ] + } + ] + }, + "type": "object", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "string", + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null, + "nullable": true + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + } + }, + "required": [ + "owner", + "name", + "source" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:access-profile:read" + ] + } + ] + }, + "patch": { + "operationId": "patchAccessProfile", + "tags": [ + "Access Profiles" + ], + "summary": "Patch a specified Access Profile", + "description": "This API updates an existing Access Profile. The following fields are patchable:\n\n**name**\n\n**description**\n\n**enabled**\n\n**owner**\n\n**requestable**\n\n**accessRequestConfig**\n\n**revokeRequestConfig**\n\n**segments**\n\n**entitlements**\n\n**provisioningCriteria**\n\n**source** (must be updated with entitlements belonging to new source in the same API call)\n\nIf you need to change the `source` of the access profile, you can do so only if you update the `entitlements` in the same API call. The new entitlements can only come from the target source that you want to change to. Look for the example \"Replace Source\" in the examples dropdown.\n\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a SOURCE_SUBADMIN may only use this API to patch Access Profiles which are associated with Sources they are able to administer.\n> The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles, however, any new access profiles as well as any updates to existing descriptions will be limited to 2000 characters.\n\n> You can only add or replace **entitlements** that exist on the source that the access profile is attached to. You can use the **list entitlements** endpoint with the **filters** query parameter to get a list of available entitlements on the access profile's source.", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the Access Profile to patch", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + } + ], + "requestBody": { + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "examples": { + "Add Entitlements": { + "description": "Add one or more entitlements to the end of the list", + "value": [ + { + "op": "add", + "path": "/entitlements", + "value": [ + { + "id": "2c9180857725c14301772a93bb77242d", + "type": "ENTITLEMENT", + "name": "AD User Group" + } + ] + } + ] + }, + "Insert Entitlement": { + "description": "Add an entitlement at the beginning of the entitlement list", + "value": [ + { + "op": "add", + "path": "/entitlements/0", + "value": { + "id": "2c9180857725c14301772a93bb77242d", + "type": "ENTITLEMENT", + "name": "AD User Group" + } + } + ] + }, + "Replace Entitlements": { + "description": "Replace all entitlements with a new list of entitlements", + "value": [ + { + "op": "replace", + "path": "/entitlements", + "value": [ + { + "id": "2c9180857725c14301772a93bb77242d", + "type": "ENTITLEMENT", + "name": "AD User Group" + } + ] + } + ] + }, + "Remove Entitlement": { + "description": "Remove the first entitlement in the list", + "value": [ + { + "op": "remove", + "path": "/entitlements/0" + } + ] + }, + "Replace Source": { + "description": "Change the source and the entitlements of the access profile", + "value": [ + { + "op": "replace", + "path": "/source", + "value": { + "id": "2c9180887671ff8c01767b4671fb7d5e", + "type": "SOURCE", + "name": "Employees" + } + }, + { + "op": "replace", + "path": "/entitlements", + "value": [ + { + "id": "2c9180877677453d01767b4b08f63386", + "type": "ENTITLEMENT", + "name": "DevRel" + } + ] + } + ] + } + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Responds with the Access Profile as updated.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Access Profile", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Access Profile", + "example": "2c91808a7190d06e01719938fcd20792", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name of the Access Profile", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Information about the Access Profile", + "example": "Collection of entitlements to read/write the employee database" + }, + "created": { + "type": "string", + "description": "Date the Access Profile was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Access Profile was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "enabled": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement.", + "example": true + }, + "owner": { + "description": "Owner of the Access Profile", + "type": "object", + "nullable": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Source with with which the Access Profile is associated", + "example": "2c91809773dee3610173fdb0b6061ef4" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "The type of the Source, will always be SOURCE", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The display name of the associated Source", + "example": "ODS-AD-SOURCE" + } + } + }, + "entitlements": { + "type": "array", + "nullable": true, + "description": "A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement.", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "requestable": { + "type": "boolean", + "default": true, + "description": "Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.", + "example": true + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "nullable": true, + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "APP_OWNER", + "OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n**APP_OWNER**: The owner of the Application\n\n**OWNER**: Owner of the associated Access Profile or Role\n\n**SOURCE_OWNER**: Owner of the Source associated with an Access Profile\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "description": "List of IDs of segments, if any, to which this Access Profile is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "provisioningCriteria": { + "description": "When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.", + "nullable": true, + "example": { + "operation": "OR", + "children": [ + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "CONTAINS", + "value": "useast" + }, + { + "attribute": "manager", + "operation": "CONTAINS", + "value": "Scott.Clark" + } + ] + }, + { + "operation": "AND", + "children": [ + { + "attribute": "dn", + "operation": "EQUALS", + "value": "Gibson" + }, + { + "attribute": "telephoneNumber", + "operation": "CONTAINS", + "value": "512" + } + ] + } + ] + }, + "type": "object", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "nullable": true, + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines matching criteria for an Account to be provisioned with a specific Access Profile", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "HAS", + "AND", + "OR" + ], + "description": "Supported operations on ProvisioningCriteria", + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.", + "example": "email", + "nullable": true + }, + "value": { + "type": "string", + "description": "String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "string", + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null, + "nullable": true + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.", + "example": null + } + } + } + }, + "required": [ + "owner", + "name", + "source" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:access-profile:manage" + ] + } + ] + }, + "delete": { + "operationId": "deleteAccessProfile", + "tags": [ + "Access Profiles" + ], + "summary": "Delete the specified Access Profile", + "description": "This API deletes an existing Access Profile.\n\nThe Access Profile must not be in use, for example, Access Profile can not be deleted if they belong to an Application, Life Cycle State or a Role. If it is, a 400 error is returned.\n\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to invoke this API. In addition, a SOURCE_SUBADMIN token must be able to administer the Source associated with the Access Profile.", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the Access Profile to delete", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Returned when an access profile cannot be deleted as it's being used.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "400.2.1.0 Object in use by another": { + "description": "Returned when an access profile cannot be deleted as it's being used", + "value": { + "detailCode": "400.2.1.0 Object in use by another", + "trackingId": "c9c1033c55b84ebc9e93e926dcf8b8b3", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The \"testAccessProfile\" access profile can't be deleted because it's in use." + } + ] + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:access-profile:manage" + ] + } + ] + } + }, + "/access-profiles/bulk-delete": { + "post": { + "operationId": "deleteAccessProfilesInBulk", + "summary": "Delete Access Profile(s)", + "tags": [ + "Access Profiles" + ], + "description": "This endpoint initiates a bulk deletion of one or more access profiles.\nWhen the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information. \nThis endpoint can only bulk delete up to a limit of 50 access profiles per request. \nBy default, if any of the indicated access profiles are in use, no deletions will be performed and the **inUse** field of the response indicates the usages that must be removed first. If the request field **bestEffortOnly** is **true**, however, usages are reported in the **inUse** response field but all other indicated access profiles will be deleted.\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this endpoint. In addition, a SOURCE_SUBADMIN can only use this endpoint to delete access profiles associated with sources they're able to administer.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "accessProfileIds": { + "description": "List of IDs of Access Profiles to be deleted.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c9180847812e0b1017817051919ecca", + "2c9180887812e0b201781e129f151816" + ] + }, + "bestEffortOnly": { + "description": "If **true**, silently skip over any of the specified Access Profiles if they cannot be deleted because they are in use. If **false**, no deletions will be attempted if any of the Access Profiles are in use.", + "type": "boolean", + "example": true + } + } + }, + "example": { + "bestEffortOnly": true, + "accessProfileIds": [ + "2c91808876438bb2017668b91919ecca", + "2c91808876438ba801766e129f151816" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Returned only if **bestEffortOnly** is **false**, and one or more Access Profiles are in use.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "taskId": { + "type": "string", + "description": "ID of the task which is executing the bulk deletion. This can be passed to the **/task-status** API to track status.", + "example": "2c9180867817ac4d017817c491119a20" + }, + "pending": { + "type": "array", + "description": "List of IDs of Access Profiles which are pending deletion.", + "items": { + "type": "string" + }, + "example": [ + "2c91808876438bbb017668c21919ecca", + "2c91808876438bb201766e129f151816" + ] + }, + "inUse": { + "type": "array", + "description": "List of usages of Access Profiles targeted for deletion.", + "items": { + "type": "object", + "properties": { + "accessProfileId": { + "type": "string", + "description": "ID of the Access Profile that is in use", + "example": "2c91808876438bbb017668c21919ecca" + }, + "usedBy": { + "type": "array", + "description": "List of references to objects which are using the indicated Access Profile", + "items": { + "type": "object", + "description": "Role using the access profile.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of role using the access profile.", + "enum": [ + "ROLE" + ], + "example": "ROLE" + }, + "id": { + "type": "string", + "description": "ID of role using the access profile.", + "example": "2c8180857a9b3da0017aa03418480f9d" + }, + "name": { + "type": "string", + "description": "Display name of role using the access profile.", + "example": "Manager Role" + } + } + } + } + } + } + } + } + }, + "example": { + "pending": [], + "inUse": [ + { + "accessProfileId": "2c91808876438ba801766e129f151816", + "usages": [ + { + "type": "Role", + "id": "2c9180887643764201766e9f6e121518" + } + ] + } + ] + } + } + } + }, + "202": { + "description": "Returned if at least one deletion will be performed.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "taskId": { + "type": "string", + "description": "ID of the task which is executing the bulk deletion. This can be passed to the **/task-status** API to track status.", + "example": "2c9180867817ac4d017817c491119a20" + }, + "pending": { + "type": "array", + "description": "List of IDs of Access Profiles which are pending deletion.", + "items": { + "type": "string" + }, + "example": [ + "2c91808876438bbb017668c21919ecca", + "2c91808876438bb201766e129f151816" + ] + }, + "inUse": { + "type": "array", + "description": "List of usages of Access Profiles targeted for deletion.", + "items": { + "type": "object", + "properties": { + "accessProfileId": { + "type": "string", + "description": "ID of the Access Profile that is in use", + "example": "2c91808876438bbb017668c21919ecca" + }, + "usedBy": { + "type": "array", + "description": "List of references to objects which are using the indicated Access Profile", + "items": { + "type": "object", + "description": "Role using the access profile.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of role using the access profile.", + "enum": [ + "ROLE" + ], + "example": "ROLE" + }, + "id": { + "type": "string", + "description": "ID of role using the access profile.", + "example": "2c8180857a9b3da0017aa03418480f9d" + }, + "name": { + "type": "string", + "description": "Display name of role using the access profile.", + "example": "Manager Role" + } + } + } + } + } + } + } + } + }, + "example": { + "taskId": "2c91808a7813090a01781412a1119a20", + "pending": [ + "2c91808a7813090a017813fe1919ecca" + ], + "inUse": [ + { + "accessProfileId": "2c91808876438ba801766e129f151816", + "usages": [ + { + "type": "Role", + "id": "2c9180887643764201766e9f6e121518" + } + ] + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:access-profile:manage" + ] + } + ] + } + }, + "/access-profiles/{id}/entitlements": { + "get": { + "operationId": "getAccessProfileEntitlements", + "tags": [ + "Access Profiles" + ], + "summary": "List Access Profile's Entitlements", + "description": "Use this API to get a list of an access profile's entitlements. \nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a token with SOURCE_SUBADMIN authority must have access to the source associated with the specified access profile.\n>**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank. ", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the access profile containing the entitlements.", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "example": "attribute eq \"memberOf\"", + "required": false + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "example": "name,-modified", + "required": false + } + ], + "responses": { + "200": { + "description": "List of entitlements.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The entitlement id", + "example": "2c91808874ff91550175097daaec161c" + }, + "name": { + "type": "string", + "description": "The entitlement name", + "example": "LauncherTest2" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute name", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "The value of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The object type of the entitlement from the source schema", + "example": "group" + }, + "description": { + "type": "string", + "description": "The description of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "privileged": { + "type": "boolean", + "description": "True if the entitlement is privileged", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "description": "True if the entitlement is cloud governed", + "example": true + }, + "created": { + "type": "string", + "description": "Time when the entitlement was created", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "modified": { + "type": "string", + "description": "Time when the entitlement was last modified", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The source ID", + "example": "2c9180827ca885d7017ca8ce28a000eb" + }, + "type": { + "type": "string", + "description": "The source type, will always be \"SOURCE\"", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The source name", + "example": "ODS-AD-Source" + } + } + }, + "attributes": { + "type": "object", + "description": "A map of free-form key-value pairs from the source system", + "example": { + "fieldName": "fieldValue" + }, + "additionalProperties": true + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Entitlement is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "directPermissions": { + "type": "array", + "items": { + "type": "object", + "description": "Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.", + "properties": { + "rights": { + "type": "array", + "description": "All the rights (e.g. actions) that this permission allows on the target", + "readOnly": true, + "items": { + "type": "string", + "example": "SELECT" + } + }, + "target": { + "type": "string", + "description": "The target the permission would grants rights on.", + "readOnly": true, + "example": "SYS.GV_$TRANSACTION" + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:access-profile:read" + ] + } + ] + } + }, + "/access-requests": { + "post": { + "operationId": "createAccessRequest", + "security": [ + { + "UserContextAuth": [ + "idn:access-request:manage" + ] + } + ], + "summary": "Submit Access Request", + "tags": [ + "Access Requests" + ], + "description": "Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.\n\nAccess requests are processed asynchronously by ISC. A successful response from this endpoint means that the request\nhas been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn't return an error\nif you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.\n\nIt's best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can\nbe accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also\nuse the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting\nan access request to ensure that you aren't requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request. \nThese ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.\n\nThere are two types of access request:\n\n__GRANT_ACCESS__\n* Can be requested for multiple identities in a single request.\n* Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. \n* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.\n* Roles, access profiles and entitlements can be requested.\n* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.\n \n__REVOKE_ACCESS__\n* Can only be requested for a single identity at a time.\n* You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. \n* Does not support self request. Only manager can request to revoke access for their directly managed employees.\n* If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements.\n* Roles, access profiles, and entitlements can be requested for revocation.\n* Revoke requests for entitlements are limited to 1 entitlement per access request currently.\n* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone. \n* Allows a manager to request to revoke access for direct employees. A token with ORG_ADMIN authority can also request to revoke access from anyone.\n\nA token with API authority cannot be used to call this endpoint. \n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "requestedFor": { + "description": "A list of Identity IDs for whom the Access is requested. If it's a Revoke request, there can only be one Identity ID.", + "type": "array", + "items": { + "type": "string", + "example": "2c918084660f45d6016617daa9210584" + } + }, + "requestType": { + "type": "string", + "enum": [ + "GRANT_ACCESS", + "REVOKE_ACCESS", + null + ], + "description": "Access request type. Defaults to GRANT_ACCESS. REVOKE_ACCESS type can only have a single Identity ID in the requestedFor field.", + "example": "GRANT_ACCESS", + "nullable": true + }, + "requestedItems": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The type of the item being requested.", + "example": "ACCESS_PROFILE" + }, + "id": { + "type": "string", + "description": "ID of Role, Access Profile or Entitlement being requested.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "comment": { + "type": "string", + "description": "Comment provided by requester.\n* Comment is required when the request is of type Revoke Access.\n", + "example": "Requesting access profile for John Doe" + }, + "clientMetadata": { + "type": "object", + "additionalProperties": { + "type": "string", + "example": { + "requestedAppId": "2c91808f7892918f0178b78da4a305a1", + "requestedAppName": "test-app" + } + }, + "example": { + "requestedAppName": "test-app", + "requestedAppId": "2c91808f7892918f0178b78da4a305a1" + }, + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status." + }, + "removeDate": { + "type": "string", + "description": "The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date.\n* Specify a date in the future.\n* The current SLA for the deprovisioning is 24 hours.\n* This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration.\n", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + } + }, + "required": [ + "id", + "type" + ] + }, + "minItems": 1, + "maxItems": 25 + }, + "clientMetadata": { + "type": "object", + "additionalProperties": { + "type": "string", + "example": { + "requestedAppId": "2c91808f7892918f0178b78da4a305a1", + "requestedAppName": "test-app" + } + }, + "example": { + "requestedAppId": "2c91808f7892918f0178b78da4a305a1", + "requestedAppName": "test-app" + }, + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities." + } + }, + "required": [ + "requestedFor", + "requestedItems" + ] + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-requests/cancel": { + "post": { + "operationId": "cancelAccessRequest", + "security": [ + { + "UserContextAuth": [ + "idn:access-request:cancel" + ] + } + ], + "tags": [ + "Access Requests" + ], + "summary": "Cancel Access Request", + "description": "This API endpoint cancels a pending access request. An access request can be cancelled only if it has not passed the approval step.\nAny token with ORG_ADMIN authority or token of the user who originally requested the access request is required to cancel it.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Request body payload for cancel access request endpoint.", + "required": [ + "accountActivityId", + "comment" + ], + "properties": { + "accountActivityId": { + "type": "string", + "description": "This refers to the identityRequestId. To successfully cancel an access request, you must provide the identityRequestId.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "comment": { + "type": "string", + "description": "Reason for cancelling the pending access request.", + "example": "I requested this role by mistake." + } + } + }, + "example": { + "accountActivityId": "2c91808568c529c60168cca6f90c1313", + "comment": "I requested this role by mistake." + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-request-config": { + "get": { + "operationId": "getAccessRequestConfig", + "security": [ + { + "UserContextAuth": [ + "idn:access-request-config:read" + ] + } + ], + "summary": "Get Access Request Configuration", + "tags": [ + "Access Requests" + ], + "description": "This endpoint returns the current access-request configuration.", + "responses": { + "200": { + "description": "Access Request Configuration Details.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "approvalsMustBeExternal": { + "type": "boolean", + "description": "If this is true, approvals must be processed by an external system. Also, if this is true, it blocks Request Center access requests and returns an error for any user who isn't an org admin.", + "default": false, + "example": true + }, + "autoApprovalEnabled": { + "type": "boolean", + "description": "If this is true and the requester and reviewer are the same, the request is automatically approved.", + "default": false, + "example": true + }, + "requestOnBehalfOfConfig": { + "description": "Request On Behalf Of configuration.", + "type": "object", + "properties": { + "allowRequestOnBehalfOfAnyoneByAnyone": { + "type": "boolean", + "description": "If this is true, anyone can request access for anyone.", + "default": false, + "example": true + }, + "allowRequestOnBehalfOfEmployeeByManager": { + "type": "boolean", + "description": "If this is true, a manager can request access for his or her direct reports.", + "default": false, + "example": true + } + } + }, + "approvalReminderAndEscalationConfig": { + "description": "Approval reminder and escalation configuration.", + "type": "object", + "properties": { + "daysUntilEscalation": { + "type": "integer", + "description": "Number of days to wait before the first reminder. If no reminders are configured, then this is the number of days to wait before escalation.", + "format": "int32", + "example": 0, + "nullable": true + }, + "daysBetweenReminders": { + "type": "integer", + "description": "Number of days to wait between reminder notifications.", + "format": "int32", + "example": 0, + "nullable": true + }, + "maxReminders": { + "type": "integer", + "description": "Maximum number of reminder notification to send to the reviewer before approval escalation.", + "format": "int32", + "minimum": 1, + "example": 1, + "nullable": true + }, + "fallbackApproverRef": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + } + } + }, + "entitlementRequestConfig": { + "description": "Entitlement request configuration.", + "type": "object", + "properties": { + "allowEntitlementRequest": { + "type": "boolean", + "description": "If this is true, entitlement requests are allowed.", + "default": false, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "If this is true, comments are required to submit entitlement requests.", + "default": false, + "example": false + }, + "deniedCommentsRequired": { + "type": "boolean", + "description": "If this is true, comments are required to reject entitlement requests.", + "default": false, + "example": false + }, + "grantRequestApprovalSchemes": { + "type": "string", + "description": "Approval schemes for granting entitlement request. This can be empty if no approval is needed.\nMultiple schemes must be comma-separated. The valid schemes are \"entitlementOwner\", \"sourceOwner\", \"manager\" and \"workgroup:{id}\".\nYou can use multiple governance groups (workgroups).\n", + "default": "sourceOwner", + "nullable": true, + "example": "entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "setAccessRequestConfig", + "security": [ + { + "UserContextAuth": [ + "idn:access-request-config:update" + ] + } + ], + "summary": "Update Access Request Configuration", + "tags": [ + "Access Requests" + ], + "description": "This endpoint replaces the current access-request configuration.\nA token with ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "approvalsMustBeExternal": { + "type": "boolean", + "description": "If this is true, approvals must be processed by an external system. Also, if this is true, it blocks Request Center access requests and returns an error for any user who isn't an org admin.", + "default": false, + "example": true + }, + "autoApprovalEnabled": { + "type": "boolean", + "description": "If this is true and the requester and reviewer are the same, the request is automatically approved.", + "default": false, + "example": true + }, + "requestOnBehalfOfConfig": { + "description": "Request On Behalf Of configuration.", + "type": "object", + "properties": { + "allowRequestOnBehalfOfAnyoneByAnyone": { + "type": "boolean", + "description": "If this is true, anyone can request access for anyone.", + "default": false, + "example": true + }, + "allowRequestOnBehalfOfEmployeeByManager": { + "type": "boolean", + "description": "If this is true, a manager can request access for his or her direct reports.", + "default": false, + "example": true + } + } + }, + "approvalReminderAndEscalationConfig": { + "description": "Approval reminder and escalation configuration.", + "type": "object", + "properties": { + "daysUntilEscalation": { + "type": "integer", + "description": "Number of days to wait before the first reminder. If no reminders are configured, then this is the number of days to wait before escalation.", + "format": "int32", + "example": 0, + "nullable": true + }, + "daysBetweenReminders": { + "type": "integer", + "description": "Number of days to wait between reminder notifications.", + "format": "int32", + "example": 0, + "nullable": true + }, + "maxReminders": { + "type": "integer", + "description": "Maximum number of reminder notification to send to the reviewer before approval escalation.", + "format": "int32", + "minimum": 1, + "example": 1, + "nullable": true + }, + "fallbackApproverRef": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + } + } + }, + "entitlementRequestConfig": { + "description": "Entitlement request configuration.", + "type": "object", + "properties": { + "allowEntitlementRequest": { + "type": "boolean", + "description": "If this is true, entitlement requests are allowed.", + "default": false, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "If this is true, comments are required to submit entitlement requests.", + "default": false, + "example": false + }, + "deniedCommentsRequired": { + "type": "boolean", + "description": "If this is true, comments are required to reject entitlement requests.", + "default": false, + "example": false + }, + "grantRequestApprovalSchemes": { + "type": "string", + "description": "Approval schemes for granting entitlement request. This can be empty if no approval is needed.\nMultiple schemes must be comma-separated. The valid schemes are \"entitlementOwner\", \"sourceOwner\", \"manager\" and \"workgroup:{id}\".\nYou can use multiple governance groups (workgroups).\n", + "default": "sourceOwner", + "nullable": true, + "example": "entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584" + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Access Request Configuration Details.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "approvalsMustBeExternal": { + "type": "boolean", + "description": "If this is true, approvals must be processed by an external system. Also, if this is true, it blocks Request Center access requests and returns an error for any user who isn't an org admin.", + "default": false, + "example": true + }, + "autoApprovalEnabled": { + "type": "boolean", + "description": "If this is true and the requester and reviewer are the same, the request is automatically approved.", + "default": false, + "example": true + }, + "requestOnBehalfOfConfig": { + "description": "Request On Behalf Of configuration.", + "type": "object", + "properties": { + "allowRequestOnBehalfOfAnyoneByAnyone": { + "type": "boolean", + "description": "If this is true, anyone can request access for anyone.", + "default": false, + "example": true + }, + "allowRequestOnBehalfOfEmployeeByManager": { + "type": "boolean", + "description": "If this is true, a manager can request access for his or her direct reports.", + "default": false, + "example": true + } + } + }, + "approvalReminderAndEscalationConfig": { + "description": "Approval reminder and escalation configuration.", + "type": "object", + "properties": { + "daysUntilEscalation": { + "type": "integer", + "description": "Number of days to wait before the first reminder. If no reminders are configured, then this is the number of days to wait before escalation.", + "format": "int32", + "example": 0, + "nullable": true + }, + "daysBetweenReminders": { + "type": "integer", + "description": "Number of days to wait between reminder notifications.", + "format": "int32", + "example": 0, + "nullable": true + }, + "maxReminders": { + "type": "integer", + "description": "Maximum number of reminder notification to send to the reviewer before approval escalation.", + "format": "int32", + "minimum": 1, + "example": 1, + "nullable": true + }, + "fallbackApproverRef": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + } + } + }, + "entitlementRequestConfig": { + "description": "Entitlement request configuration.", + "type": "object", + "properties": { + "allowEntitlementRequest": { + "type": "boolean", + "description": "If this is true, entitlement requests are allowed.", + "default": false, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "If this is true, comments are required to submit entitlement requests.", + "default": false, + "example": false + }, + "deniedCommentsRequired": { + "type": "boolean", + "description": "If this is true, comments are required to reject entitlement requests.", + "default": false, + "example": false + }, + "grantRequestApprovalSchemes": { + "type": "string", + "description": "Approval schemes for granting entitlement request. This can be empty if no approval is needed.\nMultiple schemes must be comma-separated. The valid schemes are \"entitlementOwner\", \"sourceOwner\", \"manager\" and \"workgroup:{id}\".\nYou can use multiple governance groups (workgroups).\n", + "default": "sourceOwner", + "nullable": true, + "example": "entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-request-status": { + "get": { + "operationId": "listAccessRequestStatus", + "security": [ + { + "UserContextAuth": [ + "idn:access-request-status:read" + ] + } + ], + "tags": [ + "Access Requests" + ], + "summary": "Access Request Status", + "description": "Use this API to return a list of access request statuses based on the specified query parameters.\nIf an access request was made for access that an identity already has, the API ignores the access request. These ignored requests do not display in the list of access request statuses.\nAny token with any authority can request their own status. A token with ORG_ADMIN authority is required to call this API to get a list of statuses for other users.", + "parameters": [ + { + "in": "query", + "name": "requested-for", + "schema": { + "type": "string" + }, + "example": "2c9180877b2b6ea4017b2c545f971429", + "description": "Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "required": false + }, + { + "in": "query", + "name": "requested-by", + "schema": { + "type": "string" + }, + "example": "2c9180877b2b6ea4017b2c545f971429", + "description": "Filter the results by the identity twho made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "required": false + }, + { + "in": "query", + "name": "regarding-identity", + "schema": { + "type": "string" + }, + "example": "2c9180877b2b6ea4017b2c545f971429", + "description": "Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "required": false + }, + { + "in": "query", + "name": "assigned-to", + "schema": { + "type": "string" + }, + "example": "2c9180877b2b6ea4017b2c545f971429", + "description": "Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.", + "required": false + }, + { + "in": "query", + "name": "count", + "description": "If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.", + "required": false, + "schema": { + "type": "boolean", + "default": false + }, + "example": false + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.", + "required": false, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + }, + "example": 100 + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.", + "required": false, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0 + }, + "example": 10 + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "example": "accountActivityItemId eq \"2c918086771c86df0177401efcdf54c0\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*", + "required": false + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified, accountActivityItemId, name**", + "example": "created", + "required": false + } + ], + "responses": { + "200": { + "description": "List of requested item statuses.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Human-readable display name of the item being requested.", + "example": "AccessProfile1", + "nullable": true + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT", + null + ], + "description": "Type of requested object.", + "example": "ACCESS_PROFILE", + "nullable": true + }, + "cancelledRequestDetails": { + "allOf": [ + { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "Comment made by the owner when cancelling the associated request.", + "example": "This request must be cancelled." + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "Date comment was added by the owner when cancelling the associated request.", + "example": "2019-12-20T09:17:12.192Z" + } + }, + "description": "Provides additional details for a request that has been cancelled." + }, + { + "nullable": true + } + ] + }, + "errorMessages": { + "type": "array", + "nullable": true, + "items": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "description": "List of list of localized error messages, if any, encountered during the approval/provisioning process." + }, + "state": { + "type": "string", + "enum": [ + "EXECUTING", + "REQUEST_COMPLETED", + "CANCELLED", + "TERMINATED", + "PROVISIONING_VERIFICATION_PENDING", + "REJECTED", + "PROVISIONING_FAILED", + "NOT_ALL_ITEMS_PROVISIONED", + "ERROR" + ], + "description": "Indicates the state of an access request:\n* EXECUTING: The request is executing, which indicates the system is doing some processing.\n* REQUEST_COMPLETED: Indicates the request has been completed.\n* CANCELLED: The request was cancelled with no user input.\n* TERMINATED: The request has been terminated before it was able to complete.\n* PROVISIONING_VERIFICATION_PENDING: The request has finished any approval steps and provisioning is waiting to be verified.\n* REJECTED: The request was rejected.\n* PROVISIONING_FAILED: The request has failed to complete.\n* NOT_ALL_ITEMS_PROVISIONED: One or more of the requested items failed to complete, but there were one or more successes.\n* ERROR: An error occurred during request processing.", + "example": "EXECUTING" + }, + "approvalDetails": { + "type": "array", + "items": { + "type": "object", + "properties": { + "forwarded": { + "type": "boolean", + "default": false, + "description": "True if the request for this item was forwarded from one owner to another.", + "example": false + }, + "originalOwner": { + "type": "object", + "description": "Identity of orginal approval owner.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of original approval owner's identity.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of original approval owner's identity.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Display name of original approval owner.", + "example": "Michael Michaels" + } + } + }, + "currentOwner": { + "allOf": [ + { + "type": "object", + "description": "Identity who reviewed the access item request.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity who reviewed the access item request.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity who reviewed the access item request.", + "example": "2c3780a46faadee4016fb4e018c20652" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity who reviewed the access item request.", + "example": "Allen Albertson" + } + } + }, + { + "nullable": true + } + ] + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "Time at which item was modified.", + "example": "2019-08-23T18:52:57.398Z", + "nullable": true + }, + "status": { + "type": "string", + "enum": [ + "PENDING", + "APPROVED", + "REJECTED", + "EXPIRED", + "CANCELLED", + "ARCHIVED" + ], + "description": "Indicates the state of the request processing for this item:\n* PENDING: The request for this item is awaiting processing.\n* APPROVED: The request for this item has been approved.\n* REJECTED: The request for this item was rejected.\n* EXPIRED: The request for this item expired with no action taken.\n* CANCELLED: The request for this item was cancelled with no user action.\n* ARCHIVED: The request for this item has been archived after completion.", + "example": "PENDING" + }, + "scheme": { + "type": "string", + "enum": [ + "APP_OWNER", + "SOURCE_OWNER", + "MANAGER", + "ROLE_OWNER", + "ACCESS_PROFILE_OWNER", + "ENTITLEMENT_OWNER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step.", + "example": "MANAGER" + }, + "errorMessages": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + }, + "description": "If the request failed, includes any error messages that were generated.", + "nullable": true + }, + "comment": { + "type": "string", + "description": "Comment, if any, provided by the approver.", + "example": "I approve this request", + "nullable": true + }, + "removeDate": { + "type": "string", + "description": "The date the role or access profile or entitlement is no longer assigned to the specified identity.", + "format": "date-time", + "example": "2020-07-11T00:00:00Z", + "nullable": true + } + } + }, + "description": "Approval details for each item." + }, + "manualWorkItemDetails": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "forwarded": { + "type": "boolean", + "default": false, + "description": "True if the request for this item was forwarded from one owner to another.", + "example": true + }, + "originalOwner": { + "type": "object", + "nullable": true, + "description": "Identity of original work item owner, if the work item has been forwarded.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of original work item owner's identity.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of original work item owner's identity.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Display name of original work item owner.", + "example": "Michael Michaels" + } + } + }, + "currentOwner": { + "type": "object", + "description": "Identity of current work item owner.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "DTO type of current work item owner's identity.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of current work item owner's identity.", + "example": "2c3780a46faadee4016fb4e018c20652" + }, + "name": { + "type": "string", + "description": "Display name of current work item owner.", + "example": "Allen Albertson" + } + } + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "Time at which item was modified.", + "example": "2019-08-23T18:52:57.398Z" + }, + "status": { + "type": "string", + "enum": [ + "PENDING", + "APPROVED", + "REJECTED", + "EXPIRED", + "CANCELLED", + "ARCHIVED" + ], + "description": "Indicates the state of the request processing for this item:\n* PENDING: The request for this item is awaiting processing.\n* APPROVED: The request for this item has been approved.\n* REJECTED: The request for this item was rejected.\n* EXPIRED: The request for this item expired with no action taken.\n* CANCELLED: The request for this item was cancelled with no user action.\n* ARCHIVED: The request for this item has been archived after completion.", + "example": "PENDING" + }, + "forwardHistory": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "oldApproverName": { + "type": "string", + "description": "Display name of approver from whom the approval was forwarded.", + "example": "Frank Mir" + }, + "newApproverName": { + "type": "string", + "description": "Display name of approver to whom the approval was forwarded.", + "example": "Al Volta" + }, + "comment": { + "type": "string", + "nullable": true, + "description": "Comment made while forwarding.", + "example": "Forwarding from Frank to Al" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "Time at which approval was forwarded.", + "example": "2019-08-23T18:52:57.398Z" + }, + "forwarderName": { + "type": "string", + "nullable": true, + "description": "Display name of forwarder who forwarded the approval.", + "example": "William Wilson" + }, + "reassignmentType": { + "description": "The approval reassignment type. \n* MANUAL_REASSIGNMENT: An approval with this reassignment type has been specifically reassigned by the approval task's owner, from their queue to someone else's. \n* AUTOMATIC_REASSIGNMENT: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to that approver's reassignment configuration. The approver's reassignment configuration may be set up to automatically reassign approval tasks for a defined (or possibly open-ended) period of time.\n* AUTO_ESCALATION: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to the request's escalation configuration. For more information about escalation configuration, refer to [Setting Global Reminders and Escalation Policies](https://documentation.sailpoint.com/saas/help/requests/config_emails.html).\n* SELF_REVIEW_DELEGATION: An approval with this reassignment type has been automatically reassigned by the system to prevent self-review. This helps prevent situations like a requester being tasked with approving their own request. For more information about preventing self-review, refer to [Self-review Prevention](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html#self-review-prevention) and [Preventing Self-approval](https://documentation.sailpoint.com/saas/help/requests/config_ap_roles.html#preventing-self-approval).", + "example": "AUTOMATIC_REASSIGNMENT", + "type": "string", + "enum": [ + "MANUAL_REASSIGNMENT", + "AUTOMATIC_REASSIGNMENT", + "AUTO_ESCALATION", + "SELF_REVIEW_DELEGATION" + ] + } + } + }, + "description": "The history of approval forward action." + } + } + }, + "description": "Manual work items created for provisioning the item." + }, + "accountActivityItemId": { + "type": "string", + "description": "Id of associated account activity item.", + "example": "2c9180926cbfbddd016cbfc7c3b10010" + }, + "requestType": { + "type": "string", + "enum": [ + "GRANT_ACCESS", + "REVOKE_ACCESS", + null + ], + "description": "Access request type. Defaults to GRANT_ACCESS. REVOKE_ACCESS type can only have a single Identity ID in the requestedFor field.", + "example": "GRANT_ACCESS", + "nullable": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z", + "nullable": true + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + }, + "requester": { + "type": "object", + "description": "Access item requester's identity.", + "properties": { + "type": { + "type": "string", + "description": "Access item requester's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Access item requester's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Access item owner's human-readable display name.", + "example": "William Wilson" + } + } + }, + "requestedFor": { + "type": "object", + "description": "Identity access was requested for.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "requesterComment": { + "allOf": [ + { + "type": "object", + "properties": { + "comment": { + "type": "string", + "nullable": true, + "description": "Comment content.", + "example": "This is a comment." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "author": { + "type": "object", + "readOnly": true, + "description": "Author of the comment", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c9180847e25f377017e2ae8cae4650b" + }, + "name": { + "type": "string", + "description": "The display name of the object", + "example": "john.doe" + } + } + } + } + }, + { + "nullable": true, + "description": "The requester's comment." + } + ] + }, + "sodViolationContext": { + "allOf": [ + { + "description": "An object referencing a completed SOD violation check", + "type": "object", + "nullable": true, + "properties": { + "state": { + "type": "string", + "enum": [ + "SUCCESS", + "ERROR", + null + ], + "description": "The status of SOD violation check", + "example": "SUCCESS", + "nullable": true + }, + "uuid": { + "description": "The id of the Violation check event", + "type": "string", + "example": "f73d16e9-a038-46c5-b217-1246e15fdbdd", + "nullable": true + }, + "violationCheckResult": { + "description": "The inner object representing the completed SOD Violation check", + "type": "object", + "properties": { + "message": { + "description": "If the request failed, this includes any error message that was generated.", + "example": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An error has occurred during the SOD violation check" + } + ], + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + }, + "clientMetadata": { + "type": "object", + "nullable": true, + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check.", + "example": { + "requestedAppName": "test-app", + "requestedAppId": "2c91808f7892918f0178b78da4a305a1" + } + }, + "violationContexts": { + "type": "array", + "nullable": true, + "items": { + "description": "The contextual information of the violated criteria", + "type": "object", + "properties": { + "policy": { + "type": "object", + "description": "SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy DTO type.", + "enum": [ + "SOD_POLICY" + ], + "example": "SOD_POLICY" + }, + "id": { + "type": "string", + "description": "SOD policy ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "SOD policy display name.", + "example": "Business SOD Policy" + } + } + }, + "conflictingAccessCriteria": { + "type": "object", + "description": "The object which contains the left and right hand side of the entitlements that got violated according to the policy.", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "items": { + "description": "Details of the Entitlement criteria", + "type": "object", + "properties": { + "existing": { + "type": "boolean", + "default": false, + "example": true, + "description": "If the entitlement already belonged to the user or not." + }, + "type": { + "example": "ENTITLEMENT", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Entitlement ID", + "example": "2c918085771e9d3301773b3cb66f6398" + }, + "name": { + "type": "string", + "description": "Entitlement name", + "example": "My HR Entitlement" + } + } + } + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "items": { + "description": "Details of the Entitlement criteria", + "type": "object", + "properties": { + "existing": { + "type": "boolean", + "default": false, + "example": true, + "description": "If the entitlement already belonged to the user or not." + }, + "type": { + "example": "ENTITLEMENT", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Entitlement ID", + "example": "2c918085771e9d3301773b3cb66f6398" + }, + "name": { + "type": "string", + "description": "Entitlement name", + "example": "My HR Entitlement" + } + } + } + } + } + } + } + } + } + } + }, + "violatedPolicies": { + "type": "array", + "nullable": true, + "description": "A list of the SOD policies that were violated.", + "items": { + "type": "object", + "description": "SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy DTO type.", + "enum": [ + "SOD_POLICY" + ], + "example": "SOD_POLICY" + }, + "id": { + "type": "string", + "description": "SOD policy ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "SOD policy display name.", + "example": "Business SOD Policy" + } + } + } + } + } + } + } + }, + { + "nullable": true, + "description": "The details of the SOD violations for the associated approval." + } + ] + }, + "provisioningDetails": { + "allOf": [ + { + "type": "object", + "properties": { + "orderedSubPhaseReferences": { + "type": "string", + "description": "Ordered CSV of sub phase references to objects that contain more information about provisioning. For example, this can contain \"manualWorkItemDetails\" which indicate that there is further information in that object for this phase.", + "example": "manualWorkItemDetails" + } + }, + "description": "Provides additional details about provisioning for this request." + }, + { + "nullable": true + } + ] + }, + "preApprovalTriggerDetails": { + "allOf": [ + { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "Comment left for the pre-approval decision", + "example": "Access is Approved" + }, + "reviewer": { + "type": "string", + "description": "The reviewer of the pre-approval decision", + "example": "John Doe" + }, + "decision": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED" + ], + "description": "The decision of the pre-approval trigger", + "example": "APPROVED" + } + }, + "description": "Provides additional details about the pre-approval trigger for this request." + }, + { + "nullable": true + } + ] + }, + "accessRequestPhases": { + "type": "array", + "items": { + "type": "object", + "properties": { + "started": { + "type": "string", + "description": "The time that this phase started.", + "format": "date-time", + "example": "2020-07-11T00:00:00Z" + }, + "finished": { + "type": "string", + "description": "The time that this phase finished.", + "format": "date-time", + "example": "2020-07-12T00:00:00Z", + "nullable": true + }, + "name": { + "type": "string", + "description": "The name of this phase.", + "example": "APPROVAL_PHASE" + }, + "state": { + "type": "string", + "enum": [ + "PENDING", + "EXECUTING", + "COMPLETED", + "CANCELLED", + "NOT_EXECUTED" + ], + "description": "The state of this phase.", + "example": "COMPLETED" + }, + "result": { + "type": "string", + "enum": [ + "SUCCESSFUL", + "FAILED", + null + ], + "description": "The state of this phase.", + "example": "SUCCESSFUL", + "nullable": true + }, + "phaseReference": { + "type": "string", + "description": "A reference to another object on the RequestedItemStatus that contains more details about the phase. Note that for the Provisioning phase, this will be empty if there are no manual work items.", + "example": "approvalDetails", + "nullable": true + } + }, + "description": "Provides additional details about this access request phase." + }, + "description": "A list of Phases that the Access Request has gone through in order, to help determine the status of the request.", + "nullable": true + }, + "description": { + "type": "string", + "description": "Description associated to the requested object.", + "example": "This is the Engineering role that engineers are granted.", + "nullable": true + }, + "removeDate": { + "type": "string", + "format": "date-time", + "nullable": true, + "description": "When the role access is scheduled for removal.", + "example": "2019-10-23T00:00:00.000Z" + }, + "cancelable": { + "type": "boolean", + "default": false, + "description": "True if the request can be canceled.", + "example": true + }, + "accessRequestId": { + "type": "string", + "description": "This is the account activity id.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + "clientMetadata": { + "nullable": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs, if any were included in the corresponding access request", + "example": { + "key1": "value1", + "key2": "value2" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-request-approvals/pending": { + "get": { + "operationId": "listPendingApprovals", + "summary": "Pending Access Request Approvals List", + "tags": [ + "Access Request Approvals" + ], + "description": "This endpoint returns a list of pending approvals. See \"owner-id\" query parameter below for authorization info.", + "parameters": [ + { + "in": "query", + "name": "owner-id", + "schema": { + "type": "string" + }, + "description": "If present, the value returns only pending approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.", + "example": "2c91808568c529c60168cca6f90c1313", + "required": false + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**requestedFor.id**: *eq, in*\n\n**modified**: *gt, lt, ge, le, eq, in*", + "example": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "example": "modified" + } + ], + "responses": { + "200": { + "description": "List of Pending Approvals.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval id.", + "example": "id12345" + }, + "name": { + "type": "string", + "description": "The name of the approval.", + "example": "aName" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the approval was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the approval was modified last time.", + "example": "2018-07-25T20:22:28.104Z" + }, + "requestCreated": { + "type": "string", + "format": "date-time", + "description": "When the access-request was created.", + "example": "2017-07-11T18:45:35.098Z" + }, + "requestType": { + "description": "If the access-request was for granting or revoking access.", + "type": "string", + "enum": [ + "GRANT_ACCESS", + "REVOKE_ACCESS", + null + ], + "example": "GRANT_ACCESS", + "nullable": true + }, + "requester": { + "type": "object", + "description": "Access item requester's identity.", + "properties": { + "type": { + "type": "string", + "description": "Access item requester's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Access item requester's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Access item owner's human-readable display name.", + "example": "William Wilson" + } + } + }, + "requestedFor": { + "type": "array", + "description": "Identities access was requested for.", + "items": { + "type": "object", + "description": "Identity the access item is requested for.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity the access item is requested for.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity the access item is requested for.", + "example": "2c4180a46faadee4016fb4e018c20626" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity the access item is requested for.", + "example": "Robert Robinson" + } + } + }, + "minItems": 1, + "maxItems": 10 + }, + "owner": { + "type": "object", + "description": "Access item owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Access item owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Access item owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Access item owner's human-readable display name.", + "example": "Support" + } + } + }, + "requestedObject": { + "description": "The requested access item.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the object.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "name": { + "type": "string", + "description": "Name of the object.", + "example": "Applied Research Access" + }, + "description": { + "type": "string", + "description": "Description of the object.", + "example": "Access to research information, lab results, and schematics" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "Type of the object.", + "example": "ROLE" + } + } + }, + "requesterComment": { + "description": "The requester's comment.", + "type": "object", + "properties": { + "comment": { + "type": "string", + "nullable": true, + "description": "Comment content.", + "example": "This is a comment." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "author": { + "type": "object", + "readOnly": true, + "description": "Author of the comment", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c9180847e25f377017e2ae8cae4650b" + }, + "name": { + "type": "string", + "description": "The display name of the object", + "example": "john.doe" + } + } + } + } + }, + "previousReviewersComments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "nullable": true, + "description": "Comment content.", + "example": "This is a comment." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "author": { + "type": "object", + "readOnly": true, + "description": "Author of the comment", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c9180847e25f377017e2ae8cae4650b" + }, + "name": { + "type": "string", + "description": "The display name of the object", + "example": "john.doe" + } + } + } + } + }, + "description": "The history of the previous reviewers comments." + }, + "forwardHistory": { + "type": "array", + "items": { + "type": "object", + "properties": { + "oldApproverName": { + "type": "string", + "description": "Display name of approver from whom the approval was forwarded.", + "example": "Frank Mir" + }, + "newApproverName": { + "type": "string", + "description": "Display name of approver to whom the approval was forwarded.", + "example": "Al Volta" + }, + "comment": { + "type": "string", + "nullable": true, + "description": "Comment made while forwarding.", + "example": "Forwarding from Frank to Al" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "Time at which approval was forwarded.", + "example": "2019-08-23T18:52:57.398Z" + }, + "forwarderName": { + "type": "string", + "nullable": true, + "description": "Display name of forwarder who forwarded the approval.", + "example": "William Wilson" + }, + "reassignmentType": { + "description": "The approval reassignment type. \n* MANUAL_REASSIGNMENT: An approval with this reassignment type has been specifically reassigned by the approval task's owner, from their queue to someone else's. \n* AUTOMATIC_REASSIGNMENT: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to that approver's reassignment configuration. The approver's reassignment configuration may be set up to automatically reassign approval tasks for a defined (or possibly open-ended) period of time.\n* AUTO_ESCALATION: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to the request's escalation configuration. For more information about escalation configuration, refer to [Setting Global Reminders and Escalation Policies](https://documentation.sailpoint.com/saas/help/requests/config_emails.html).\n* SELF_REVIEW_DELEGATION: An approval with this reassignment type has been automatically reassigned by the system to prevent self-review. This helps prevent situations like a requester being tasked with approving their own request. For more information about preventing self-review, refer to [Self-review Prevention](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html#self-review-prevention) and [Preventing Self-approval](https://documentation.sailpoint.com/saas/help/requests/config_ap_roles.html#preventing-self-approval).", + "example": "AUTOMATIC_REASSIGNMENT", + "type": "string", + "enum": [ + "MANUAL_REASSIGNMENT", + "AUTOMATIC_REASSIGNMENT", + "AUTO_ESCALATION", + "SELF_REVIEW_DELEGATION" + ] + } + } + }, + "description": "The history of approval forward action." + }, + "commentRequiredWhenRejected": { + "type": "boolean", + "default": false, + "description": "When true the rejector has to provide comments when rejecting", + "example": true + }, + "actionInProcess": { + "description": "Action that is performed on this approval, and system has not finished performing that action yet.", + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "FORWARDED" + ], + "example": "APPROVED" + }, + "removeDate": { + "type": "string", + "description": "The date the role or access profile or entitlement is no longer assigned to the specified identity.", + "format": "date-time", + "example": "2020-07-11T00:00:00Z" + }, + "removeDateUpdateRequested": { + "type": "boolean", + "default": false, + "description": "If true, then the request is to change the remove date or sunset date.", + "example": true + }, + "currentRemoveDate": { + "type": "string", + "description": "The remove date or sunset date that was assigned at the time of the request.", + "format": "date-time", + "example": "2020-07-11T00:00:00Z" + }, + "sodViolationContext": { + "description": "The details of the SOD violations for the associated approval.", + "type": "object", + "nullable": true, + "properties": { + "state": { + "type": "string", + "enum": [ + "SUCCESS", + "ERROR", + null + ], + "description": "The status of SOD violation check", + "example": "SUCCESS", + "nullable": true + }, + "uuid": { + "description": "The id of the Violation check event", + "type": "string", + "example": "f73d16e9-a038-46c5-b217-1246e15fdbdd", + "nullable": true + }, + "violationCheckResult": { + "description": "The inner object representing the completed SOD Violation check", + "type": "object", + "properties": { + "message": { + "description": "If the request failed, this includes any error message that was generated.", + "example": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An error has occurred during the SOD violation check" + } + ], + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + }, + "clientMetadata": { + "type": "object", + "nullable": true, + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check.", + "example": { + "requestedAppName": "test-app", + "requestedAppId": "2c91808f7892918f0178b78da4a305a1" + } + }, + "violationContexts": { + "type": "array", + "nullable": true, + "items": { + "description": "The contextual information of the violated criteria", + "type": "object", + "properties": { + "policy": { + "type": "object", + "description": "SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy DTO type.", + "enum": [ + "SOD_POLICY" + ], + "example": "SOD_POLICY" + }, + "id": { + "type": "string", + "description": "SOD policy ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "SOD policy display name.", + "example": "Business SOD Policy" + } + } + }, + "conflictingAccessCriteria": { + "type": "object", + "description": "The object which contains the left and right hand side of the entitlements that got violated according to the policy.", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "items": { + "description": "Details of the Entitlement criteria", + "type": "object", + "properties": { + "existing": { + "type": "boolean", + "default": false, + "example": true, + "description": "If the entitlement already belonged to the user or not." + }, + "type": { + "example": "ENTITLEMENT", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Entitlement ID", + "example": "2c918085771e9d3301773b3cb66f6398" + }, + "name": { + "type": "string", + "description": "Entitlement name", + "example": "My HR Entitlement" + } + } + } + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "items": { + "description": "Details of the Entitlement criteria", + "type": "object", + "properties": { + "existing": { + "type": "boolean", + "default": false, + "example": true, + "description": "If the entitlement already belonged to the user or not." + }, + "type": { + "example": "ENTITLEMENT", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Entitlement ID", + "example": "2c918085771e9d3301773b3cb66f6398" + }, + "name": { + "type": "string", + "description": "Entitlement name", + "example": "My HR Entitlement" + } + } + } + } + } + } + } + } + } + } + }, + "violatedPolicies": { + "type": "array", + "nullable": true, + "description": "A list of the SOD policies that were violated.", + "items": { + "type": "object", + "description": "SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy DTO type.", + "enum": [ + "SOD_POLICY" + ], + "example": "SOD_POLICY" + }, + "id": { + "type": "string", + "description": "SOD policy ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "SOD policy display name.", + "example": "Business SOD Policy" + } + } + } + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-request-approvals/completed": { + "get": { + "operationId": "listCompletedApprovals", + "summary": "Completed Access Request Approvals List", + "tags": [ + "Access Request Approvals" + ], + "description": "This endpoint returns list of completed approvals. See *owner-id* query parameter below for authorization info.", + "parameters": [ + { + "in": "query", + "name": "owner-id", + "required": false, + "schema": { + "type": "string" + }, + "description": "If present, the value returns only completed approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, sw*", + "example": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "example": "modified" + } + ], + "responses": { + "200": { + "description": "List of Completed Approvals.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval id.", + "example": "id12345" + }, + "name": { + "type": "string", + "description": "The name of the approval.", + "example": "aName" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the approval was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the approval was modified last time.", + "example": "2018-07-25T20:22:28.104Z" + }, + "requestCreated": { + "type": "string", + "format": "date-time", + "description": "When the access-request was created.", + "example": "2017-07-11T18:45:35.098Z" + }, + "requestType": { + "description": "If the access-request was for granting or revoking access.", + "type": "string", + "enum": [ + "GRANT_ACCESS", + "REVOKE_ACCESS", + null + ], + "example": "GRANT_ACCESS", + "nullable": true + }, + "requester": { + "type": "object", + "description": "Access item requester's identity.", + "properties": { + "type": { + "type": "string", + "description": "Access item requester's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Access item requester's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Access item owner's human-readable display name.", + "example": "William Wilson" + } + } + }, + "requestedFor": { + "type": "object", + "description": "Identity access was requested for.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "reviewedBy": { + "type": "object", + "description": "Identity who reviewed the access item request.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity who reviewed the access item request.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity who reviewed the access item request.", + "example": "2c3780a46faadee4016fb4e018c20652" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity who reviewed the access item request.", + "example": "Allen Albertson" + } + } + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + "requestedObject": { + "description": "The requested access item.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the object.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "name": { + "type": "string", + "description": "Name of the object.", + "example": "Applied Research Access" + }, + "description": { + "type": "string", + "description": "Description of the object.", + "example": "Access to research information, lab results, and schematics" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "Type of the object.", + "example": "ROLE" + } + } + }, + "requesterComment": { + "allOf": [ + { + "type": "object", + "properties": { + "comment": { + "type": "string", + "nullable": true, + "description": "Comment content.", + "example": "This is a comment." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "author": { + "type": "object", + "readOnly": true, + "description": "Author of the comment", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c9180847e25f377017e2ae8cae4650b" + }, + "name": { + "type": "string", + "description": "The display name of the object", + "example": "john.doe" + } + } + } + } + }, + { + "description": "The requester's comment." + } + ] + }, + "reviewerComment": { + "allOf": [ + { + "type": "object", + "properties": { + "comment": { + "type": "string", + "nullable": true, + "description": "Comment content.", + "example": "This is a comment." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "author": { + "type": "object", + "readOnly": true, + "description": "Author of the comment", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c9180847e25f377017e2ae8cae4650b" + }, + "name": { + "type": "string", + "description": "The display name of the object", + "example": "john.doe" + } + } + } + } + }, + { + "description": "The approval's reviewer's comment.", + "nullable": true + } + ] + }, + "previousReviewersComments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "nullable": true, + "description": "Comment content.", + "example": "This is a comment." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "author": { + "type": "object", + "readOnly": true, + "description": "Author of the comment", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c9180847e25f377017e2ae8cae4650b" + }, + "name": { + "type": "string", + "description": "The display name of the object", + "example": "john.doe" + } + } + } + } + }, + "description": "The history of the previous reviewers comments." + }, + "forwardHistory": { + "type": "array", + "items": { + "type": "object", + "properties": { + "oldApproverName": { + "type": "string", + "description": "Display name of approver from whom the approval was forwarded.", + "example": "Frank Mir" + }, + "newApproverName": { + "type": "string", + "description": "Display name of approver to whom the approval was forwarded.", + "example": "Al Volta" + }, + "comment": { + "type": "string", + "nullable": true, + "description": "Comment made while forwarding.", + "example": "Forwarding from Frank to Al" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "Time at which approval was forwarded.", + "example": "2019-08-23T18:52:57.398Z" + }, + "forwarderName": { + "type": "string", + "nullable": true, + "description": "Display name of forwarder who forwarded the approval.", + "example": "William Wilson" + }, + "reassignmentType": { + "description": "The approval reassignment type. \n* MANUAL_REASSIGNMENT: An approval with this reassignment type has been specifically reassigned by the approval task's owner, from their queue to someone else's. \n* AUTOMATIC_REASSIGNMENT: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to that approver's reassignment configuration. The approver's reassignment configuration may be set up to automatically reassign approval tasks for a defined (or possibly open-ended) period of time.\n* AUTO_ESCALATION: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to the request's escalation configuration. For more information about escalation configuration, refer to [Setting Global Reminders and Escalation Policies](https://documentation.sailpoint.com/saas/help/requests/config_emails.html).\n* SELF_REVIEW_DELEGATION: An approval with this reassignment type has been automatically reassigned by the system to prevent self-review. This helps prevent situations like a requester being tasked with approving their own request. For more information about preventing self-review, refer to [Self-review Prevention](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html#self-review-prevention) and [Preventing Self-approval](https://documentation.sailpoint.com/saas/help/requests/config_ap_roles.html#preventing-self-approval).", + "example": "AUTOMATIC_REASSIGNMENT", + "type": "string", + "enum": [ + "MANUAL_REASSIGNMENT", + "AUTOMATIC_REASSIGNMENT", + "AUTO_ESCALATION", + "SELF_REVIEW_DELEGATION" + ] + } + } + }, + "description": "The history of approval forward action." + }, + "commentRequiredWhenRejected": { + "type": "boolean", + "default": false, + "description": "When true the rejector has to provide comments when rejecting", + "example": true + }, + "state": { + "description": "The final state of the approval", + "type": "string", + "enum": [ + "APPROVED", + "REJECTED" + ], + "example": "APPROVED" + }, + "removeDate": { + "type": "string", + "description": "The date the role or access profile or entitlement is no longer assigned to the specified identity.", + "format": "date-time", + "example": "2020-07-11T00:00:00Z", + "nullable": true + }, + "removeDateUpdateRequested": { + "type": "boolean", + "default": false, + "description": "If true, then the request was to change the remove date or sunset date.", + "example": true + }, + "currentRemoveDate": { + "type": "string", + "description": "The remove date or sunset date that was assigned at the time of the request.", + "format": "date-time", + "example": "2020-07-11T00:00:00Z", + "nullable": true + }, + "sodViolationContext": { + "description": "The details of the SOD violations for the associated approval.", + "type": "object", + "nullable": true, + "properties": { + "state": { + "type": "string", + "enum": [ + "SUCCESS", + "ERROR", + null + ], + "description": "The status of SOD violation check", + "example": "SUCCESS", + "nullable": true + }, + "uuid": { + "description": "The id of the Violation check event", + "type": "string", + "example": "f73d16e9-a038-46c5-b217-1246e15fdbdd", + "nullable": true + }, + "violationCheckResult": { + "description": "The inner object representing the completed SOD Violation check", + "type": "object", + "properties": { + "message": { + "description": "If the request failed, this includes any error message that was generated.", + "example": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An error has occurred during the SOD violation check" + } + ], + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + }, + "clientMetadata": { + "type": "object", + "nullable": true, + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check.", + "example": { + "requestedAppName": "test-app", + "requestedAppId": "2c91808f7892918f0178b78da4a305a1" + } + }, + "violationContexts": { + "type": "array", + "nullable": true, + "items": { + "description": "The contextual information of the violated criteria", + "type": "object", + "properties": { + "policy": { + "type": "object", + "description": "SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy DTO type.", + "enum": [ + "SOD_POLICY" + ], + "example": "SOD_POLICY" + }, + "id": { + "type": "string", + "description": "SOD policy ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "SOD policy display name.", + "example": "Business SOD Policy" + } + } + }, + "conflictingAccessCriteria": { + "type": "object", + "description": "The object which contains the left and right hand side of the entitlements that got violated according to the policy.", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "items": { + "description": "Details of the Entitlement criteria", + "type": "object", + "properties": { + "existing": { + "type": "boolean", + "default": false, + "example": true, + "description": "If the entitlement already belonged to the user or not." + }, + "type": { + "example": "ENTITLEMENT", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Entitlement ID", + "example": "2c918085771e9d3301773b3cb66f6398" + }, + "name": { + "type": "string", + "description": "Entitlement name", + "example": "My HR Entitlement" + } + } + } + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "items": { + "description": "Details of the Entitlement criteria", + "type": "object", + "properties": { + "existing": { + "type": "boolean", + "default": false, + "example": true, + "description": "If the entitlement already belonged to the user or not." + }, + "type": { + "example": "ENTITLEMENT", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Entitlement ID", + "example": "2c918085771e9d3301773b3cb66f6398" + }, + "name": { + "type": "string", + "description": "Entitlement name", + "example": "My HR Entitlement" + } + } + } + } + } + } + } + } + } + } + }, + "violatedPolicies": { + "type": "array", + "nullable": true, + "description": "A list of the SOD policies that were violated.", + "items": { + "type": "object", + "description": "SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy DTO type.", + "enum": [ + "SOD_POLICY" + ], + "example": "SOD_POLICY" + }, + "id": { + "type": "string", + "description": "SOD policy ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "SOD policy display name.", + "example": "Business SOD Policy" + } + } + } + } + } + } + } + }, + "preApprovalTriggerResult": { + "nullable": true, + "type": "object", + "description": "If the access request submitted event trigger is configured and this access request was intercepted by it, then this is the result of the trigger's decision to either approve or deny the request.", + "properties": { + "comment": { + "type": "string", + "description": "The comment from the trigger", + "example": "This request was autoapproved by our automated ETS subscriber" + }, + "decision": { + "description": "The approval decision of the trigger", + "type": "string", + "enum": [ + "APPROVED", + "REJECTED" + ], + "example": "APPROVED" + }, + "reviewer": { + "type": "string", + "description": "The name of the approver", + "example": "Automated AR Approval" + }, + "date": { + "type": "string", + "format": "date-time", + "example": "2022-06-07T19:18:40.748Z", + "description": "The date and time the trigger decided on the request" + } + } + }, + "clientMetadata": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs provided during the request.", + "example": { + "requestedAppName": "test-app", + "requestedAppId": "2c91808f7892918f0178b78da4a305a1" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-request-approvals/{approvalId}/approve": { + "post": { + "operationId": "approveAccessRequest", + "summary": "Approve Access Request Approval", + "tags": [ + "Access Request Approvals" + ], + "description": "Use this endpoint to approve an access request approval. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action.", + "parameters": [ + { + "in": "path", + "name": "approvalId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Approval ID.", + "example": "2c91808b7294bea301729568c68c002e" + } + ], + "requestBody": { + "description": "Reviewer's comment.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "nullable": true, + "description": "Comment content.", + "example": "This is a comment." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "author": { + "type": "object", + "readOnly": true, + "description": "Author of the comment", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c9180847e25f377017e2ae8cae4650b" + }, + "name": { + "type": "string", + "description": "The display name of the object", + "example": "john.doe" + } + } + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-request-approvals/{approvalId}/reject": { + "post": { + "operationId": "rejectAccessRequest", + "summary": "Reject Access Request Approval", + "tags": [ + "Access Request Approvals" + ], + "description": "Use this API to reject an access request approval. Only the owner of the approval and admin users are allowed to perform this action.", + "parameters": [ + { + "in": "path", + "name": "approvalId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Approval ID.", + "example": "2c91808b7294bea301729568c68c002e" + } + ], + "requestBody": { + "description": "Reviewer's comment.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "nullable": true, + "description": "Comment content.", + "example": "This is a comment." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "author": { + "type": "object", + "readOnly": true, + "description": "Author of the comment", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c9180847e25f377017e2ae8cae4650b" + }, + "name": { + "type": "string", + "description": "The display name of the object", + "example": "john.doe" + } + } + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-request-approvals/{approvalId}/forward": { + "post": { + "operationId": "forwardAccessRequest", + "summary": "Forward Access Request Approval", + "tags": [ + "Access Request Approvals" + ], + "description": "Use this API to forward an access request approval to a new owner. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action.", + "parameters": [ + { + "in": "path", + "name": "approvalId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Approval ID.", + "example": "2c91808b7294bea301729568c68c002e" + } + ], + "requestBody": { + "description": "Information about the forwarded approval.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "newOwnerId", + "comment" + ], + "properties": { + "newOwnerId": { + "type": "string", + "description": "The Id of the new owner", + "example": "2c91808568c529c60168cca6f90c1314", + "minLength": 1, + "maxLength": 255 + }, + "comment": { + "type": "string", + "description": "The comment provided by the forwarder", + "example": "2c91808568c529c60168cca6f90c1313", + "minLength": 1, + "maxLength": 255 + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-request-approvals/approval-summary": { + "get": { + "operationId": "getAccessRequestApprovalSummary", + "security": [ + { + "UserContextAuth": [ + "idn:access-request-approvals-summary:read" + ] + } + ], + "summary": "Get Access Requests Approvals Number", + "tags": [ + "Access Request Approvals" + ], + "description": "Use this API to return the number of pending, approved and rejected access requests approvals. See the \"owner-id\" query parameter for authorization information. info.", + "parameters": [ + { + "in": "query", + "name": "owner-id", + "schema": { + "type": "string" + }, + "description": "The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN user can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "example": "2c91808568c529c60168cca6f90c1313", + "required": false + }, + { + "in": "query", + "name": "from-date", + "schema": { + "type": "string" + }, + "description": "This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.", + "example": "from-date=2020-03-19T19:59:11Z", + "required": false + } + ], + "responses": { + "200": { + "description": "Number of pending, approved, rejected access request approvals.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "pending": { + "type": "integer", + "description": "The number of pending access requests approvals.", + "format": "int32", + "example": 0 + }, + "approved": { + "type": "integer", + "description": "The number of approved access requests approvals.", + "format": "int32", + "example": 0 + }, + "rejected": { + "type": "integer", + "description": "The number of rejected access requests approvals.", + "format": "int32", + "example": 0 + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the query parameter is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/accounts": { + "get": { + "operationId": "listAccounts", + "tags": [ + "Accounts" + ], + "summary": "Accounts List", + "description": "This returns a list of accounts. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:accounts:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "example": "identityId eq \"2c9180858082150f0180893dbaf44201\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**identityId**: *eq, in, sw*\n\n**name**: *eq, in, sw*\n\n**nativeIdentity**: *eq, in, sw*\n\n**sourceId**: *eq, in, sw*\n\n**uncorrelated**: *eq*\n\n**entitlements**: *eq*\n\n**origin**: *eq, in*\n\n**manuallyCorrelated**: *eq*\n\n**identity.name**: *eq, in, sw*\n\n**identity.correlated**: *eq*\n\n**identity.identityState**: *eq, in*\n\n**source.displayableName**: *eq, in*\n\n**source.authoritative**: *eq*\n\n**source.connectionType**: *eq, in*", + "required": false + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "id,name", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**" + } + ], + "responses": { + "200": { + "description": "List of account objects", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "sourceId", + "sourceName", + "attributes", + "authoritative", + "disabled", + "locked", + "nativeIdentity", + "systemAccount", + "uncorrelated", + "manuallyCorrelated", + "hasEntitlements" + ], + "properties": { + "sourceId": { + "type": "string", + "example": "2c9180835d2e5168015d32f890ca1581", + "description": "The unique ID of the source this account belongs to" + }, + "sourceName": { + "type": "string", + "example": "Employees", + "description": "The display name of the source this account belongs to" + }, + "identityId": { + "type": "string", + "example": "2c9180835d2e5168015d32f890ca1581", + "description": "The unique ID of the identity this account is correlated to" + }, + "cloudLifecycleState": { + "type": "string", + "nullable": true, + "example": "active", + "description": "The lifecycle state of the identity this account is correlated to" + }, + "identityState": { + "type": "string", + "nullable": true, + "example": "ACTIVE", + "description": "The identity state of the identity this account is correlated to" + }, + "connectionType": { + "type": "string", + "nullable": true, + "example": "direct", + "description": "The connection type of the source this account is from" + }, + "type": { + "type": "string", + "nullable": true, + "example": "NON_HUMAN", + "description": "The type of the account" + }, + "attributes": { + "type": "object", + "nullable": true, + "additionalProperties": true, + "description": "The account attributes that are aggregated", + "example": { + "firstName": "SailPoint", + "lastName": "Support", + "displayName": "SailPoint Support" + } + }, + "authoritative": { + "type": "boolean", + "description": "Indicates if this account is from an authoritative source", + "example": false + }, + "description": { + "type": "string", + "description": "A description of the account", + "nullable": true, + "example": null + }, + "disabled": { + "type": "boolean", + "description": "Indicates if the account is currently disabled", + "example": false + }, + "locked": { + "type": "boolean", + "description": "Indicates if the account is currently locked", + "example": false + }, + "nativeIdentity": { + "type": "string", + "description": "The unique ID of the account generated by the source system", + "example": "552775" + }, + "systemAccount": { + "type": "boolean", + "example": false, + "description": "If true, this is a user account within IdentityNow. If false, this is an account from a source system." + }, + "uncorrelated": { + "type": "boolean", + "description": "Indicates if this account is not correlated to an identity", + "example": false + }, + "uuid": { + "type": "string", + "description": "The unique ID of the account as determined by the account schema", + "example": "slpt.support", + "nullable": true + }, + "manuallyCorrelated": { + "type": "boolean", + "description": "Indicates if the account has been manually correlated to an identity", + "example": false + }, + "hasEntitlements": { + "type": "boolean", + "description": "Indicates if the account has entitlements", + "example": true + }, + "identity": { + "description": "The identity this account is correlated to", + "example": { + "id": "2c918084660f45d6016617daa9210584", + "type": "IDENTITY", + "name": "Adam Kennedy" + }, + "type": "object", + "properties": { + "type": { + "description": "DTO type", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "sourceOwner": { + "type": "object", + "nullable": true, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Type of owner object." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "4c5c8534e99445de98eef6c75e25eb01" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner.", + "example": "John Cavender" + } + } + }, + "features": { + "type": "string", + "description": "A string list containing the owning source's features", + "example": "ENABLE", + "nullable": true + }, + "origin": { + "type": "string", + "nullable": true, + "enum": [ + "AGGREGATED", + "PROVISIONED", + null + ], + "description": "The origin of the account either aggregated or provisioned", + "example": "AGGREGATED" + }, + "ownerIdentity": { + "description": "The identity who owns this account, typically used for non-human accounts", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the identity", + "example": "2c918084660f45d6016617daa9210584" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the identity", + "example": "Adam Kennedy" + } + } + }, + "ownerGroup": { + "description": "The governance group who owns this account, typically used for non-human accounts", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "ID of the governance group", + "example": "8d3e0094e99445de98eef6c75e25jc04" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the governance group", + "example": "GovGroup AX17Z" + } + } + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createAccount", + "tags": [ + "Accounts" + ], + "summary": "Create Account", + "description": "This API submits an account creation task and returns the task ID. \nYou must include the `sourceId` where the account will be created in the `attributes` object.\nThis endpoint creates an account on the source record in your ISC tenant. This is useful for Flat File (`DelimitedFile`) type sources because it allows you to aggregate new accounts without needing to import a new CSV file every time. \nHowever, if you use this endpoint to create an account for a Direct Connection type source, you must ensure that the account also exists on the target source. The endpoint doesn't actually provision the account on the target source, which means that if the account doesn't also exist on the target source, an aggregation between the source and your tenant will remove it from your tenant. \nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:accounts:manage" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "attributes" + ], + "properties": { + "attributes": { + "description": "The schema attribute values for the account", + "type": "object", + "required": [ + "sourceId" + ], + "properties": { + "sourceId": { + "type": "string", + "description": "Target source to create an account", + "example": "34bfcbe116c9407464af37acbaf7a4dc" + } + }, + "additionalProperties": { + "type": "string" + }, + "example": { + "sourceId": "34bfcbe116c9407464af37acbaf7a4dc", + "city": "Austin", + "displayName": "John Doe", + "userName": "jdoe", + "sAMAccountName": "jDoe", + "mail": "john.doe@sailpoint.com" + } + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Async task details", + "content": { + "application/json": { + "schema": { + "description": "Accounts async response containing details on started async process", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "id of the task", + "type": "string", + "example": "2c91808474683da6017468693c260195" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/accounts/{id}": { + "get": { + "operationId": "getAccount", + "tags": [ + "Accounts" + ], + "summary": "Account Details", + "description": "Use this API to return the details for a single account by its ID. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:accounts:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Account ID.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "Account object.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "sourceId", + "sourceName", + "attributes", + "authoritative", + "disabled", + "locked", + "nativeIdentity", + "systemAccount", + "uncorrelated", + "manuallyCorrelated", + "hasEntitlements" + ], + "properties": { + "sourceId": { + "type": "string", + "example": "2c9180835d2e5168015d32f890ca1581", + "description": "The unique ID of the source this account belongs to" + }, + "sourceName": { + "type": "string", + "example": "Employees", + "description": "The display name of the source this account belongs to" + }, + "identityId": { + "type": "string", + "example": "2c9180835d2e5168015d32f890ca1581", + "description": "The unique ID of the identity this account is correlated to" + }, + "cloudLifecycleState": { + "type": "string", + "nullable": true, + "example": "active", + "description": "The lifecycle state of the identity this account is correlated to" + }, + "identityState": { + "type": "string", + "nullable": true, + "example": "ACTIVE", + "description": "The identity state of the identity this account is correlated to" + }, + "connectionType": { + "type": "string", + "nullable": true, + "example": "direct", + "description": "The connection type of the source this account is from" + }, + "type": { + "type": "string", + "nullable": true, + "example": "NON_HUMAN", + "description": "The type of the account" + }, + "attributes": { + "type": "object", + "nullable": true, + "additionalProperties": true, + "description": "The account attributes that are aggregated", + "example": { + "firstName": "SailPoint", + "lastName": "Support", + "displayName": "SailPoint Support" + } + }, + "authoritative": { + "type": "boolean", + "description": "Indicates if this account is from an authoritative source", + "example": false + }, + "description": { + "type": "string", + "description": "A description of the account", + "nullable": true, + "example": null + }, + "disabled": { + "type": "boolean", + "description": "Indicates if the account is currently disabled", + "example": false + }, + "locked": { + "type": "boolean", + "description": "Indicates if the account is currently locked", + "example": false + }, + "nativeIdentity": { + "type": "string", + "description": "The unique ID of the account generated by the source system", + "example": "552775" + }, + "systemAccount": { + "type": "boolean", + "example": false, + "description": "If true, this is a user account within IdentityNow. If false, this is an account from a source system." + }, + "uncorrelated": { + "type": "boolean", + "description": "Indicates if this account is not correlated to an identity", + "example": false + }, + "uuid": { + "type": "string", + "description": "The unique ID of the account as determined by the account schema", + "example": "slpt.support", + "nullable": true + }, + "manuallyCorrelated": { + "type": "boolean", + "description": "Indicates if the account has been manually correlated to an identity", + "example": false + }, + "hasEntitlements": { + "type": "boolean", + "description": "Indicates if the account has entitlements", + "example": true + }, + "identity": { + "description": "The identity this account is correlated to", + "example": { + "id": "2c918084660f45d6016617daa9210584", + "type": "IDENTITY", + "name": "Adam Kennedy" + }, + "type": "object", + "properties": { + "type": { + "description": "DTO type", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "sourceOwner": { + "type": "object", + "nullable": true, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Type of owner object." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "4c5c8534e99445de98eef6c75e25eb01" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner.", + "example": "John Cavender" + } + } + }, + "features": { + "type": "string", + "description": "A string list containing the owning source's features", + "example": "ENABLE", + "nullable": true + }, + "origin": { + "type": "string", + "nullable": true, + "enum": [ + "AGGREGATED", + "PROVISIONED", + null + ], + "description": "The origin of the account either aggregated or provisioned", + "example": "AGGREGATED" + }, + "ownerIdentity": { + "description": "The identity who owns this account, typically used for non-human accounts", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the identity", + "example": "2c918084660f45d6016617daa9210584" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the identity", + "example": "Adam Kennedy" + } + } + }, + "ownerGroup": { + "description": "The governance group who owns this account, typically used for non-human accounts", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "ID of the governance group", + "example": "8d3e0094e99445de98eef6c75e25jc04" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the governance group", + "example": "GovGroup AX17Z" + } + } + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "updateAccount", + "tags": [ + "Accounts" + ], + "summary": "Update Account", + "description": "Use this API to update account details. \nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n\nThis API supports updating an account's correlation by modifying the `identityId` and `manuallyCorrelated` fields. \nTo reassign an account from one identity to another, replace the current `identityId` with a new value. \nIf the account you're assigning was provisioned by Identity Security Cloud (ISC), it's possible for ISC to create a new account \nfor the previous identity as soon as the account is moved. If the account you're assigning is authoritative, \nthis causes the previous identity to become uncorrelated and can even result in its deletion.\nAll accounts that are reassigned will be set to `manuallyCorrelated: true` unless you specify otherwise.\n\n>**Note:** The `attributes` field can only be modified for flat file accounts. \n", + "security": [ + { + "UserContextAuth": [ + "idn:accounts:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Account ID.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "description": "A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object" + } + }, + "examples": { + "Uncorrelate account": { + "description": "Remove account from Identity", + "value": [ + { + "op": "remove", + "path": "/identityId" + } + ] + }, + "Reassign account": { + "description": "Move account from one Identity to another Identity", + "value": [ + { + "op": "replace", + "path": "/identityId", + "value": "2c9180857725c14301772a93bb77242d" + } + ] + }, + "Add account attribute": { + "description": "Add flat file account's attribute", + "value": [ + { + "op": "add", + "path": "/attributes/familyName", + "value": "Smith" + } + ] + }, + "Replace account attribute": { + "description": "Replace flat file account's attribute", + "value": [ + { + "op": "replace", + "path": "/attributes/familyName", + "value": "Smith" + } + ] + }, + "Remove account attribute": { + "description": "Remove flat file account's attribute", + "value": [ + { + "op": "remove", + "path": "/attributes/familyName" + } + ] + } + } + } + } + }, + "responses": { + "202": { + "description": "Accepted. Update request accepted and is in progress.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putAccount", + "tags": [ + "Accounts" + ], + "summary": "Update Account", + "description": "Use this API to update an account with a PUT request. \n\nThis endpoint submits an account update task and returns the task ID. \n\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n\n>**Note: You can only use this PUT endpoint to update accounts from flat file sources.**\n", + "security": [ + { + "UserContextAuth": [ + "idn:accounts:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Account ID.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "attributes" + ], + "properties": { + "attributes": { + "description": "The schema attribute values for the account", + "type": "object", + "additionalProperties": true, + "example": { + "city": "Austin", + "displayName": "John Doe", + "userName": "jdoe", + "sAMAccountName": "jDoe", + "mail": "john.doe@sailpoint.com" + } + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Async task details.", + "content": { + "application/json": { + "schema": { + "description": "Accounts async response containing details on started async process", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "id of the task", + "type": "string", + "example": "2c91808474683da6017468693c260195" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteAccount", + "tags": [ + "Accounts" + ], + "summary": "Delete Account", + "description": "Use this API to delete an account. \nThis endpoint submits an account delete task and returns the task ID. \nThis endpoint only deletes the account from IdentityNow, not the source itself, which can result in the account's returning with the next aggregation between the source and IdentityNow. To avoid this scenario, it is recommended that you [disable accounts](https://developer.sailpoint.com/idn/api/v3/disable-account) rather than delete them. This will also allow you to reenable the accounts in the future. \nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n>**NOTE: You can only delete accounts from sources of the \"DelimitedFile\" type.**", + "security": [ + { + "UserContextAuth": [ + "idn:accounts:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Account ID.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "202": { + "description": "Async task details.", + "content": { + "application/json": { + "schema": { + "description": "Accounts async response containing details on started async process", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "id of the task", + "type": "string", + "example": "2c91808474683da6017468693c260195" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/accounts/{id}/entitlements": { + "get": { + "operationId": "getAccountEntitlements", + "tags": [ + "Accounts" + ], + "summary": "Account Entitlements", + "description": "This API returns entitlements of the account. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:accounts:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The account id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "An array of account entitlements", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "description": "Entitlement object that represents entitlement", + "properties": { + "attribute": { + "description": "Name of the entitlement attribute", + "type": "string", + "example": "authorizationType" + }, + "value": { + "description": "Raw value of the entitlement", + "type": "string", + "example": "CN=Users,dc=sailpoint,dc=com" + }, + "description": { + "description": "Entitlment description", + "type": "string", + "example": "Active Directory DC" + }, + "attributes": { + "description": "Entitlement attributes", + "type": "object", + "additionalProperties": true, + "example": { + "GroupType": "Security", + "sAMAccountName": "Buyer" + } + }, + "sourceSchemaObjectType": { + "description": "Schema objectType on the given application that maps to an Account Group", + "type": "string", + "example": "group" + }, + "privileged": { + "description": "Determines if this Entitlement is privileged.", + "type": "boolean", + "example": false + }, + "cloudGoverned": { + "description": "Determines if this Entitlement is goverened in the cloud.", + "type": "boolean", + "example": false + }, + "source": { + "type": "object", + "description": "Source the entitlement belongs to.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source the entitlement belongs to.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source the entitlement belongs to.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source the entitlement belongs to.", + "example": "HR Active Directory" + } + } + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/accounts/{id}/reload": { + "post": { + "operationId": "submitReloadAccount", + "tags": [ + "Accounts" + ], + "summary": "Reload Account", + "description": "This API asynchronously reloads the account directly from the connector and performs a one-time aggregation process. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:accounts-state:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The account id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "202": { + "description": "Async task details", + "content": { + "application/json": { + "schema": { + "description": "Accounts async response containing details on started async process", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "id of the task", + "type": "string", + "example": "2c91808474683da6017468693c260195" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/accounts/{id}/enable": { + "post": { + "operationId": "enableAccount", + "tags": [ + "Accounts" + ], + "summary": "Enable Account", + "description": "This API submits a task to enable account and returns the task ID. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:accounts-state:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The account id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "description": "Request used for account enable/disable", + "type": "object", + "properties": { + "externalVerificationId": { + "description": "If set, an external process validates that the user wants to proceed with this request.", + "type": "string", + "example": "3f9180835d2e5168015d32f890ca1581" + }, + "forceProvisioning": { + "description": "If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated. Providing 'true' for an unlocked account will add and process 'Unlock' operation by the workflow.", + "type": "boolean", + "example": false + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Async task details", + "content": { + "application/json": { + "schema": { + "description": "Accounts async response containing details on started async process", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "id of the task", + "type": "string", + "example": "2c91808474683da6017468693c260195" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/accounts/{id}/disable": { + "post": { + "operationId": "disableAccount", + "tags": [ + "Accounts" + ], + "summary": "Disable Account", + "description": "This API submits a task to disable the account and returns the task ID. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:accounts-state:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The account id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "description": "Request used for account enable/disable", + "type": "object", + "properties": { + "externalVerificationId": { + "description": "If set, an external process validates that the user wants to proceed with this request.", + "type": "string", + "example": "3f9180835d2e5168015d32f890ca1581" + }, + "forceProvisioning": { + "description": "If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated. Providing 'true' for an unlocked account will add and process 'Unlock' operation by the workflow.", + "type": "boolean", + "example": false + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Async task details", + "content": { + "application/json": { + "schema": { + "description": "Accounts async response containing details on started async process", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "id of the task", + "type": "string", + "example": "2c91808474683da6017468693c260195" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/accounts/{id}/unlock": { + "post": { + "operationId": "unlockAccount", + "tags": [ + "Accounts" + ], + "summary": "Unlock Account", + "description": "This API submits a task to unlock an account and returns the task ID. \nTo use this endpoint to unlock an account that has the `forceProvisioning` option set to true, the `idn:accounts-provisioning:manage` scope is required. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:accounts-state:manage", + "idn:accounts-provisioning:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The account ID.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "description": "Request used for account unlock", + "type": "object", + "properties": { + "externalVerificationId": { + "description": "If set, an external process validates that the user wants to proceed with this request.", + "type": "string", + "example": "3f9180835d2e5168015d32f890ca1581" + }, + "unlockIDNAccount": { + "description": "If set, the IDN account is unlocked after the workflow completes.", + "type": "boolean", + "example": false + }, + "forceProvisioning": { + "description": "If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated.", + "type": "boolean", + "example": false + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Async task details", + "content": { + "application/json": { + "schema": { + "description": "Accounts async response containing details on started async process", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "id of the task", + "type": "string", + "example": "2c91808474683da6017468693c260195" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/account-activities": { + "get": { + "operationId": "listAccountActivities", + "tags": [ + "Account Activities" + ], + "summary": "List Account Activities", + "description": "This gets a collection of account activities that satisfy the given query parameters.", + "parameters": [ + { + "in": "query", + "name": "requested-for", + "schema": { + "type": "string" + }, + "description": "The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "required": false, + "example": "2c91808568c529c60168cca6f90c1313" + }, + { + "in": "query", + "name": "requested-by", + "schema": { + "type": "string" + }, + "description": "The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "required": false, + "example": "2c91808568c529c60168cca6f90c1313" + }, + { + "in": "query", + "name": "regarding-identity", + "schema": { + "type": "string" + }, + "description": "The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "required": false, + "example": "2c91808568c529c60168cca6f90c1313" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**type**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**created**: *gt, lt, ge, le, eq, in, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*", + "example": "type eq \"Identity Refresh\"", + "required": false + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified**", + "example": "created", + "required": false + } + ], + "responses": { + "200": { + "description": "List of account activities", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the account activity", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "name": { + "type": "string", + "description": "The name of the activity", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "created": { + "description": "When the activity was first created", + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + }, + "modified": { + "description": "When the activity was last modified", + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "nullable": true + }, + "completed": { + "description": "When the activity was completed", + "type": "string", + "format": "date-time", + "nullable": true, + "example": "2018-10-19T13:49:37.385Z" + }, + "completionStatus": { + "allOf": [ + { + "nullable": true, + "type": "string", + "description": "The status after completion.", + "enum": [ + "SUCCESS", + "FAILURE", + "INCOMPLETE", + "PENDING", + null + ], + "example": "SUCCESS" + }, + { + "nullable": true + } + ] + }, + "type": { + "nullable": true, + "type": "string", + "example": "appRequest", + "description": "The type of action the activity performed. Please see the following list of types. This list may grow over time.\n\n- CloudAutomated\n- IdentityAttributeUpdate\n- appRequest\n- LifecycleStateChange\n- AccountStateUpdate\n- AccountAttributeUpdate\n- CloudPasswordRequest\n- Attribute Synchronization Refresh\n- Certification\n- Identity Refresh\n- Lifecycle Change Refresh\n\n\n[Learn more here](https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data).\n" + }, + "requesterIdentitySummary": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of this identity summary", + "example": "ff80818155fe8c080155fe8d925b0316" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity", + "example": "SailPoint Services" + }, + "identityId": { + "type": "string", + "description": "ID of the identity that this summary represents", + "example": "c15b9f5cca5a4e9599eaa0e64fa921bd" + }, + "completed": { + "type": "boolean", + "description": "Indicates if all access items for this summary have been decided on", + "example": true, + "default": false + } + } + }, + "targetIdentitySummary": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of this identity summary", + "example": "ff80818155fe8c080155fe8d925b0316" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity", + "example": "SailPoint Services" + }, + "identityId": { + "type": "string", + "description": "ID of the identity that this summary represents", + "example": "c15b9f5cca5a4e9599eaa0e64fa921bd" + }, + "completed": { + "type": "boolean", + "description": "Indicates if all access items for this summary have been decided on", + "example": true, + "default": false + } + } + }, + "errors": { + "nullable": true, + "description": "A list of error messages, if any, that were encountered.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds." + ] + }, + "warnings": { + "nullable": true, + "description": "A list of warning messages, if any, that were encountered.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Some warning, another warning" + ] + }, + "items": { + "nullable": true, + "type": "array", + "description": "Individual actions performed as part of this account activity", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Item id", + "example": "48c545831b264409a81befcabb0e3c5a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of item", + "example": "48c545831b264409a81befcabb0e3c5a" + }, + "requested": { + "type": "string", + "format": "date-time", + "description": "Date and time item was requested", + "example": "2017-07-11T18:45:37.098Z" + }, + "approvalStatus": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "FINISHED", + "REJECTED", + "RETURNED", + "EXPIRED", + "PENDING", + "CANCELED", + null + ], + "example": "PENDING", + "description": "The state of an approval status" + }, + { + "nullable": true + } + ] + }, + "provisioningStatus": { + "type": "string", + "enum": [ + "PENDING", + "FINISHED", + "UNVERIFIABLE", + "COMMITED", + "FAILED", + "RETRY" + ], + "description": "Provisioning state of an account activity item", + "example": "PENDING" + }, + "requesterComment": { + "type": "object", + "nullable": true, + "properties": { + "commenterId": { + "type": "string", + "description": "Id of the identity making the comment", + "example": "2c918084660f45d6016617daa9210584" + }, + "commenterName": { + "type": "string", + "description": "Human-readable display name of the identity making the comment", + "example": "Adam Kennedy" + }, + "body": { + "type": "string", + "description": "Content of the comment", + "example": "Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat." + }, + "date": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was made", + "example": "2017-07-11T18:45:37.098Z" + } + } + }, + "reviewerIdentitySummary": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of this identity summary", + "example": "ff80818155fe8c080155fe8d925b0316" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity", + "example": "SailPoint Services" + }, + "identityId": { + "type": "string", + "description": "ID of the identity that this summary represents", + "example": "c15b9f5cca5a4e9599eaa0e64fa921bd" + }, + "completed": { + "type": "boolean", + "description": "Indicates if all access items for this summary have been decided on", + "example": true, + "default": false + } + } + }, + "reviewerComment": { + "type": "object", + "nullable": true, + "properties": { + "commenterId": { + "type": "string", + "description": "Id of the identity making the comment", + "example": "2c918084660f45d6016617daa9210584" + }, + "commenterName": { + "type": "string", + "description": "Human-readable display name of the identity making the comment", + "example": "Adam Kennedy" + }, + "body": { + "type": "string", + "description": "Content of the comment", + "example": "Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat." + }, + "date": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was made", + "example": "2017-07-11T18:45:37.098Z" + } + } + }, + "operation": { + "allOf": [ + { + "type": "string", + "enum": [ + "ADD", + "CREATE", + "MODIFY", + "DELETE", + "DISABLE", + "ENABLE", + "UNLOCK", + "LOCK", + "REMOVE", + "SET", + null + ], + "description": "Represents an operation in an account activity item", + "example": "ADD" + }, + { + "nullable": true + } + ] + }, + "attribute": { + "type": "string", + "description": "Attribute to which account activity applies", + "nullable": true, + "example": "detectedRoles" + }, + "value": { + "type": "string", + "description": "Value of attribute", + "nullable": true, + "example": "Treasury Analyst [AccessProfile-1529010191212]" + }, + "nativeIdentity": { + "nullable": true, + "type": "string", + "description": "Native identity in the target system to which the account activity applies", + "example": "Sandie.Camero" + }, + "sourceId": { + "type": "string", + "description": "Id of Source to which account activity applies", + "example": "2c91808363ef85290164000587130c0c" + }, + "accountRequestInfo": { + "type": "object", + "nullable": true, + "properties": { + "requestedObjectId": { + "type": "string", + "description": "Id of requested object", + "example": "2c91808563ef85690164001c31140c0c" + }, + "requestedObjectName": { + "type": "string", + "description": "Human-readable name of requested object", + "example": "Treasury Analyst" + }, + "requestedObjectType": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The currently supported requestable object types. ", + "example": "ACCESS_PROFILE" + } + }, + "description": "If an account activity item is associated with an access request, captures details of that request." + }, + "clientMetadata": { + "nullable": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs, if any were included in the corresponding access request item", + "example": { + "customKey1": "custom value 1", + "customKey2": "custom value 2" + } + }, + "removeDate": { + "nullable": true, + "type": "string", + "description": "The date the role or access profile or entitlement is no longer assigned to the specified identity.", + "format": "date-time", + "example": "2020-07-11T00:00:00Z" + } + } + } + }, + "executionStatus": { + "type": "string", + "description": "The current state of execution.", + "enum": [ + "EXECUTING", + "VERIFYING", + "TERMINATED", + "COMPLETED" + ], + "example": "COMPLETED" + }, + "clientMetadata": { + "nullable": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs, if any were included in the corresponding access request", + "example": { + "customKey1": "custom value 1", + "customKey2": "custom value 2" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/account-activities/{id}": { + "get": { + "operationId": "getAccountActivity", + "tags": [ + "Account Activities" + ], + "summary": "Get an Account Activity", + "description": "This gets a single account activity by its id.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The account activity id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "An account activity object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the account activity", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "name": { + "type": "string", + "description": "The name of the activity", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "created": { + "description": "When the activity was first created", + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + }, + "modified": { + "description": "When the activity was last modified", + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "nullable": true + }, + "completed": { + "description": "When the activity was completed", + "type": "string", + "format": "date-time", + "nullable": true, + "example": "2018-10-19T13:49:37.385Z" + }, + "completionStatus": { + "allOf": [ + { + "nullable": true, + "type": "string", + "description": "The status after completion.", + "enum": [ + "SUCCESS", + "FAILURE", + "INCOMPLETE", + "PENDING", + null + ], + "example": "SUCCESS" + }, + { + "nullable": true + } + ] + }, + "type": { + "nullable": true, + "type": "string", + "example": "appRequest", + "description": "The type of action the activity performed. Please see the following list of types. This list may grow over time.\n\n- CloudAutomated\n- IdentityAttributeUpdate\n- appRequest\n- LifecycleStateChange\n- AccountStateUpdate\n- AccountAttributeUpdate\n- CloudPasswordRequest\n- Attribute Synchronization Refresh\n- Certification\n- Identity Refresh\n- Lifecycle Change Refresh\n\n\n[Learn more here](https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data).\n" + }, + "requesterIdentitySummary": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of this identity summary", + "example": "ff80818155fe8c080155fe8d925b0316" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity", + "example": "SailPoint Services" + }, + "identityId": { + "type": "string", + "description": "ID of the identity that this summary represents", + "example": "c15b9f5cca5a4e9599eaa0e64fa921bd" + }, + "completed": { + "type": "boolean", + "description": "Indicates if all access items for this summary have been decided on", + "example": true, + "default": false + } + } + }, + "targetIdentitySummary": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of this identity summary", + "example": "ff80818155fe8c080155fe8d925b0316" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity", + "example": "SailPoint Services" + }, + "identityId": { + "type": "string", + "description": "ID of the identity that this summary represents", + "example": "c15b9f5cca5a4e9599eaa0e64fa921bd" + }, + "completed": { + "type": "boolean", + "description": "Indicates if all access items for this summary have been decided on", + "example": true, + "default": false + } + } + }, + "errors": { + "nullable": true, + "description": "A list of error messages, if any, that were encountered.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds." + ] + }, + "warnings": { + "nullable": true, + "description": "A list of warning messages, if any, that were encountered.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Some warning, another warning" + ] + }, + "items": { + "nullable": true, + "type": "array", + "description": "Individual actions performed as part of this account activity", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Item id", + "example": "48c545831b264409a81befcabb0e3c5a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of item", + "example": "48c545831b264409a81befcabb0e3c5a" + }, + "requested": { + "type": "string", + "format": "date-time", + "description": "Date and time item was requested", + "example": "2017-07-11T18:45:37.098Z" + }, + "approvalStatus": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "FINISHED", + "REJECTED", + "RETURNED", + "EXPIRED", + "PENDING", + "CANCELED", + null + ], + "example": "PENDING", + "description": "The state of an approval status" + }, + { + "nullable": true + } + ] + }, + "provisioningStatus": { + "type": "string", + "enum": [ + "PENDING", + "FINISHED", + "UNVERIFIABLE", + "COMMITED", + "FAILED", + "RETRY" + ], + "description": "Provisioning state of an account activity item", + "example": "PENDING" + }, + "requesterComment": { + "type": "object", + "nullable": true, + "properties": { + "commenterId": { + "type": "string", + "description": "Id of the identity making the comment", + "example": "2c918084660f45d6016617daa9210584" + }, + "commenterName": { + "type": "string", + "description": "Human-readable display name of the identity making the comment", + "example": "Adam Kennedy" + }, + "body": { + "type": "string", + "description": "Content of the comment", + "example": "Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat." + }, + "date": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was made", + "example": "2017-07-11T18:45:37.098Z" + } + } + }, + "reviewerIdentitySummary": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of this identity summary", + "example": "ff80818155fe8c080155fe8d925b0316" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity", + "example": "SailPoint Services" + }, + "identityId": { + "type": "string", + "description": "ID of the identity that this summary represents", + "example": "c15b9f5cca5a4e9599eaa0e64fa921bd" + }, + "completed": { + "type": "boolean", + "description": "Indicates if all access items for this summary have been decided on", + "example": true, + "default": false + } + } + }, + "reviewerComment": { + "type": "object", + "nullable": true, + "properties": { + "commenterId": { + "type": "string", + "description": "Id of the identity making the comment", + "example": "2c918084660f45d6016617daa9210584" + }, + "commenterName": { + "type": "string", + "description": "Human-readable display name of the identity making the comment", + "example": "Adam Kennedy" + }, + "body": { + "type": "string", + "description": "Content of the comment", + "example": "Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat." + }, + "date": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was made", + "example": "2017-07-11T18:45:37.098Z" + } + } + }, + "operation": { + "allOf": [ + { + "type": "string", + "enum": [ + "ADD", + "CREATE", + "MODIFY", + "DELETE", + "DISABLE", + "ENABLE", + "UNLOCK", + "LOCK", + "REMOVE", + "SET", + null + ], + "description": "Represents an operation in an account activity item", + "example": "ADD" + }, + { + "nullable": true + } + ] + }, + "attribute": { + "type": "string", + "description": "Attribute to which account activity applies", + "nullable": true, + "example": "detectedRoles" + }, + "value": { + "type": "string", + "description": "Value of attribute", + "nullable": true, + "example": "Treasury Analyst [AccessProfile-1529010191212]" + }, + "nativeIdentity": { + "nullable": true, + "type": "string", + "description": "Native identity in the target system to which the account activity applies", + "example": "Sandie.Camero" + }, + "sourceId": { + "type": "string", + "description": "Id of Source to which account activity applies", + "example": "2c91808363ef85290164000587130c0c" + }, + "accountRequestInfo": { + "type": "object", + "nullable": true, + "properties": { + "requestedObjectId": { + "type": "string", + "description": "Id of requested object", + "example": "2c91808563ef85690164001c31140c0c" + }, + "requestedObjectName": { + "type": "string", + "description": "Human-readable name of requested object", + "example": "Treasury Analyst" + }, + "requestedObjectType": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The currently supported requestable object types. ", + "example": "ACCESS_PROFILE" + } + }, + "description": "If an account activity item is associated with an access request, captures details of that request." + }, + "clientMetadata": { + "nullable": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs, if any were included in the corresponding access request item", + "example": { + "customKey1": "custom value 1", + "customKey2": "custom value 2" + } + }, + "removeDate": { + "nullable": true, + "type": "string", + "description": "The date the role or access profile or entitlement is no longer assigned to the specified identity.", + "format": "date-time", + "example": "2020-07-11T00:00:00Z" + } + } + } + }, + "executionStatus": { + "type": "string", + "description": "The current state of execution.", + "enum": [ + "EXECUTING", + "VERIFYING", + "TERMINATED", + "COMPLETED" + ], + "example": "COMPLETED" + }, + "clientMetadata": { + "nullable": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs, if any were included in the corresponding access request", + "example": { + "customKey1": "custom value 1", + "customKey2": "custom value 2" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/auth-org/network-config": { + "get": { + "operationId": "getAuthOrgNetworkConfig", + "tags": [ + "Global Tenant Security Settings" + ], + "summary": "Get security network configuration.", + "description": "This API returns the details of an org's network auth configuration. Requires security scope of: 'sp:auth-org:read'", + "security": [ + { + "UserContextAuth": [ + "sp:auth-org:read" + ] + } + ], + "responses": { + "200": { + "description": "Network configuration for the tenant's auth org.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "range": { + "type": "array", + "description": "The collection of ip ranges.", + "items": { + "type": "string" + }, + "example": [ + "1.3.7.2", + "255.255.255.252/30" + ], + "nullable": true + }, + "geolocation": { + "type": "array", + "description": "The collection of country codes.", + "items": { + "type": "string" + }, + "example": [ + "CA", + "FR", + "HT" + ], + "nullable": true + }, + "whitelisted": { + "type": "boolean", + "description": "Denotes whether the provided lists are whitelisted or blacklisted for geo location.", + "default": false, + "example": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createAuthOrgNetworkConfig", + "tags": [ + "Global Tenant Security Settings" + ], + "summary": "Create security network configuration.", + "description": "This API returns the details of an org's network auth configuration. Requires security scope of: 'sp:auth-org:create'", + "security": [ + { + "UserContextAuth": [ + "sp:auth-org:create" + ] + } + ], + "requestBody": { + "required": true, + "description": "Network configuration creation request body. The following constraints ensure the request body conforms to certain logical guidelines, which are:\n 1. Each string element in the range array must be a valid ip address or\nip subnet mask.\n 2. Each string element in the geolocation array must be 2 characters,\nand they can only be uppercase letters.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "range": { + "type": "array", + "description": "The collection of ip ranges.", + "items": { + "type": "string" + }, + "example": [ + "1.3.7.2", + "255.255.255.252/30" + ], + "nullable": true + }, + "geolocation": { + "type": "array", + "description": "The collection of country codes.", + "items": { + "type": "string" + }, + "example": [ + "CA", + "FR", + "HT" + ], + "nullable": true + }, + "whitelisted": { + "type": "boolean", + "description": "Denotes whether the provided lists are whitelisted or blacklisted for geo location.", + "default": false, + "example": true + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Network configuration for the tenant.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "range": { + "type": "array", + "description": "The collection of ip ranges.", + "items": { + "type": "string" + }, + "example": [ + "1.3.7.2", + "255.255.255.252/30" + ], + "nullable": true + }, + "geolocation": { + "type": "array", + "description": "The collection of country codes.", + "items": { + "type": "string" + }, + "example": [ + "CA", + "FR", + "HT" + ], + "nullable": true + }, + "whitelisted": { + "type": "boolean", + "description": "Denotes whether the provided lists are whitelisted or blacklisted for geo location.", + "default": false, + "example": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchAuthOrgNetworkConfig", + "tags": [ + "Global Tenant Security Settings" + ], + "summary": "Update security network configuration.", + "description": "This API updates an existing network configuration for an org using PATCH\n Requires security scope of: 'sp:auth-org:update'", + "security": [ + { + "UserContextAuth": [ + "sp:auth-org:update" + ] + } + ], + "requestBody": { + "required": true, + "description": "A list of auth org network configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\nEnsures that the patched Network Config conforms to certain logical guidelines, which are:\n 1. Each string element in the range array must be a valid ip address or\nip subnet mask.\n 2. Each string element in the geolocation array must be 2 characters,\nand they can only be uppercase letters.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/whitelisted", + "value": "false," + }, + { + "op": "add", + "path": "/geolocation", + "value": [ + "AF", + "HN", + "ES" + ] + } + ] + } + } + }, + "responses": { + "200": { + "description": "Updated Auth Org network configuration.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "range": { + "type": "array", + "description": "The collection of ip ranges.", + "items": { + "type": "string" + }, + "example": [ + "1.3.7.2", + "255.255.255.252/30" + ], + "nullable": true + }, + "geolocation": { + "type": "array", + "description": "The collection of country codes.", + "items": { + "type": "string" + }, + "example": [ + "CA", + "FR", + "HT" + ], + "nullable": true + }, + "whitelisted": { + "type": "boolean", + "description": "Denotes whether the provided lists are whitelisted or blacklisted for geo location.", + "default": false, + "example": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/auth-users/{id}": { + "get": { + "operationId": "getAuthUser", + "tags": [ + "Auth Users" + ], + "summary": "Auth User Details", + "description": "Return the specified user's authentication system details.", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Identity ID", + "required": true, + "schema": { + "type": "string" + }, + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "security": [ + { + "UserContextAuth": [ + "sp:auth-user:read" + ] + } + ], + "responses": { + "200": { + "description": "The specified user's authentication system details.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "tenant": { + "type": "string", + "description": "Tenant name.", + "example": "test-tenant" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "2c91808458ae7a4f0158b1bbf8af0628" + }, + "uid": { + "type": "string", + "description": "Identity's unique identitifier.", + "example": "will.smith" + }, + "profile": { + "type": "string", + "description": "ID of the auth profile associated with the auth user.", + "example": "2c91808458ae7a4f0158b1bbf8af0756" + }, + "identificationNumber": { + "type": "string", + "description": "Auth user's employee number.", + "example": "19-5588452" + }, + "email": { + "type": "string", + "description": "Auth user's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Auth user's phone number.", + "example": "5555555555" + }, + "workPhone": { + "type": "string", + "description": "Auth user's work phone number.", + "example": "5555555555" + }, + "personalEmail": { + "type": "string", + "description": "Auth user's personal email.", + "example": "william.smith@example.com" + }, + "firstname": { + "type": "string", + "description": "Auth user's first name.", + "example": "Will" + }, + "lastname": { + "type": "string", + "description": "Auth user's last name.", + "example": "Smith" + }, + "displayName": { + "type": "string", + "description": "Auth user's name in displayed format.", + "example": "Will Smith" + }, + "alias": { + "type": "string", + "description": "Auth user's alias.", + "example": "will.smith" + }, + "lastPasswordChangeDate": { + "type": "string", + "description": "Date of last password change.", + "example": "2021-03-08T22:37:33.901Z" + }, + "lastLoginTimestamp": { + "description": "Timestamp of the last login (long type value).", + "type": "integer", + "format": "int64", + "example": 1656327185832 + }, + "currentLoginTimestamp": { + "description": "Timestamp of the current login (long type value).", + "type": "integer", + "format": "int64", + "example": 1656327185832 + }, + "capabilities": { + "description": "Array of the auth user's capabilities.", + "type": "array", + "items": { + "type": "string", + "enum": [ + "CERT_ADMIN", + "CLOUD_GOV_ADMIN", + "CLOUD_GOV_USER", + "HELPDESK", + "ORG_ADMIN", + "REPORT_ADMIN", + "ROLE_ADMIN", + "ROLE_SUBADMIN", + "SAAS_MANAGEMENT_ADMIN", + "SAAS_MANAGEMENT_READER", + "SOURCE_ADMIN", + "SOURCE_SUBADMIN", + "das:ui-administrator", + "das:ui-compliance_manager", + "das:ui-auditor", + "das:ui-data-scope", + "sp:aic-dashboard-read", + "sp:aic-dashboard-write", + "sp:ui-config-hub-admin", + "sp:ui-config-hub-backup-admin", + "sp:ui-config-hub-read" + ], + "example": "ORG_ADMIN" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchAuthUser", + "tags": [ + "Auth Users" + ], + "summary": "Auth User Update", + "description": "Use a PATCH request to update an existing user in the authentication system.\nUse this endpoint to modify these fields: \n * `capabilities`\n\nA '400.1.1 Illegal update attempt' detail code indicates that you attempted to PATCH a field that is not allowed.", + "security": [ + { + "UserContextAuth": [ + "sp:auth-user:update" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Identity ID", + "required": true, + "schema": { + "type": "string" + }, + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "description": "A list of auth user update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/capabilities", + "value": [ + "ORG_ADMIN" + ] + } + ] + } + } + }, + "responses": { + "200": { + "description": "Auth user updated.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "tenant": { + "type": "string", + "description": "Tenant name.", + "example": "test-tenant" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "2c91808458ae7a4f0158b1bbf8af0628" + }, + "uid": { + "type": "string", + "description": "Identity's unique identitifier.", + "example": "will.smith" + }, + "profile": { + "type": "string", + "description": "ID of the auth profile associated with the auth user.", + "example": "2c91808458ae7a4f0158b1bbf8af0756" + }, + "identificationNumber": { + "type": "string", + "description": "Auth user's employee number.", + "example": "19-5588452" + }, + "email": { + "type": "string", + "description": "Auth user's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Auth user's phone number.", + "example": "5555555555" + }, + "workPhone": { + "type": "string", + "description": "Auth user's work phone number.", + "example": "5555555555" + }, + "personalEmail": { + "type": "string", + "description": "Auth user's personal email.", + "example": "william.smith@example.com" + }, + "firstname": { + "type": "string", + "description": "Auth user's first name.", + "example": "Will" + }, + "lastname": { + "type": "string", + "description": "Auth user's last name.", + "example": "Smith" + }, + "displayName": { + "type": "string", + "description": "Auth user's name in displayed format.", + "example": "Will Smith" + }, + "alias": { + "type": "string", + "description": "Auth user's alias.", + "example": "will.smith" + }, + "lastPasswordChangeDate": { + "type": "string", + "description": "Date of last password change.", + "example": "2021-03-08T22:37:33.901Z" + }, + "lastLoginTimestamp": { + "description": "Timestamp of the last login (long type value).", + "type": "integer", + "format": "int64", + "example": 1656327185832 + }, + "currentLoginTimestamp": { + "description": "Timestamp of the current login (long type value).", + "type": "integer", + "format": "int64", + "example": 1656327185832 + }, + "capabilities": { + "description": "Array of the auth user's capabilities.", + "type": "array", + "items": { + "type": "string", + "enum": [ + "CERT_ADMIN", + "CLOUD_GOV_ADMIN", + "CLOUD_GOV_USER", + "HELPDESK", + "ORG_ADMIN", + "REPORT_ADMIN", + "ROLE_ADMIN", + "ROLE_SUBADMIN", + "SAAS_MANAGEMENT_ADMIN", + "SAAS_MANAGEMENT_READER", + "SOURCE_ADMIN", + "SOURCE_SUBADMIN", + "das:ui-administrator", + "das:ui-compliance_manager", + "das:ui-auditor", + "das:ui-data-scope", + "sp:aic-dashboard-read", + "sp:aic-dashboard-write", + "sp:ui-config-hub-admin", + "sp:ui-config-hub-backup-admin", + "sp:ui-config-hub-read" + ], + "example": "ORG_ADMIN" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/brandings": { + "get": { + "operationId": "getBrandingList", + "tags": [ + "Branding" + ], + "summary": "List of branding items", + "description": "This API endpoint returns a list of branding items.\n\nA token with API, ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:branding:read" + ] + } + ], + "responses": { + "200": { + "description": "A list of branding items.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "name of branding item", + "example": "default" + }, + "productName": { + "type": "string", + "description": "product name", + "example": "product name", + "nullable": true + }, + "actionButtonColor": { + "type": "string", + "description": "hex value of color for action button", + "example": "0074D9", + "nullable": true + }, + "activeLinkColor": { + "type": "string", + "description": "hex value of color for link", + "example": "011E69", + "nullable": true + }, + "navigationColor": { + "type": "string", + "description": "hex value of color for navigation bar", + "example": "011E69", + "nullable": true + }, + "emailFromAddress": { + "type": "string", + "description": "email from address", + "example": "no-reply@sailpoint.com", + "nullable": true + }, + "standardLogoURL": { + "type": "string", + "description": "url to standard logo", + "example": "", + "nullable": true + }, + "loginInformationalMessage": { + "type": "string", + "description": "login information message", + "example": "", + "nullable": true + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createBrandingItem", + "tags": [ + "Branding" + ], + "summary": "Create a branding item", + "description": "This API endpoint creates a branding item.\nA token with API, ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "required": [ + "name", + "productName" + ], + "properties": { + "name": { + "type": "string", + "description": "name of branding item", + "example": "custom-branding-item" + }, + "productName": { + "type": "string", + "description": "product name", + "example": "product name", + "nullable": true + }, + "actionButtonColor": { + "type": "string", + "description": "hex value of color for action button", + "example": "0074D9" + }, + "activeLinkColor": { + "type": "string", + "description": "hex value of color for link", + "example": "011E69" + }, + "navigationColor": { + "type": "string", + "description": "hex value of color for navigation bar", + "example": "011E69" + }, + "emailFromAddress": { + "type": "string", + "description": "email from address", + "example": "no-reply@sailpoint.com" + }, + "loginInformationalMessage": { + "type": "string", + "description": "login information message", + "example": "" + }, + "fileStandard": { + "type": "string", + "format": "binary", + "description": "png file with logo", + "example": "\\x00\\x00\\x00\\x02" + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:branding:manage" + ] + } + ], + "responses": { + "201": { + "description": "Branding item created", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "name of branding item", + "example": "default" + }, + "productName": { + "type": "string", + "description": "product name", + "example": "product name", + "nullable": true + }, + "actionButtonColor": { + "type": "string", + "description": "hex value of color for action button", + "example": "0074D9", + "nullable": true + }, + "activeLinkColor": { + "type": "string", + "description": "hex value of color for link", + "example": "011E69", + "nullable": true + }, + "navigationColor": { + "type": "string", + "description": "hex value of color for navigation bar", + "example": "011E69", + "nullable": true + }, + "emailFromAddress": { + "type": "string", + "description": "email from address", + "example": "no-reply@sailpoint.com", + "nullable": true + }, + "standardLogoURL": { + "type": "string", + "description": "url to standard logo", + "example": "", + "nullable": true + }, + "loginInformationalMessage": { + "type": "string", + "description": "login information message", + "example": "", + "nullable": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/brandings/{name}": { + "get": { + "operationId": "getBranding", + "tags": [ + "Branding" + ], + "summary": "Get a branding item", + "description": "This API endpoint retrieves information for an existing branding item by name.\nA token with API, ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:branding:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "name", + "schema": { + "type": "string" + }, + "required": true, + "description": "The name of the branding item to be retrieved", + "example": "default" + } + ], + "responses": { + "200": { + "description": "A branding item object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "name of branding item", + "example": "default" + }, + "productName": { + "type": "string", + "description": "product name", + "example": "product name", + "nullable": true + }, + "actionButtonColor": { + "type": "string", + "description": "hex value of color for action button", + "example": "0074D9", + "nullable": true + }, + "activeLinkColor": { + "type": "string", + "description": "hex value of color for link", + "example": "011E69", + "nullable": true + }, + "navigationColor": { + "type": "string", + "description": "hex value of color for navigation bar", + "example": "011E69", + "nullable": true + }, + "emailFromAddress": { + "type": "string", + "description": "email from address", + "example": "no-reply@sailpoint.com", + "nullable": true + }, + "standardLogoURL": { + "type": "string", + "description": "url to standard logo", + "example": "", + "nullable": true + }, + "loginInformationalMessage": { + "type": "string", + "description": "login information message", + "example": "", + "nullable": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "setBrandingItem", + "tags": [ + "Branding" + ], + "summary": "Update a branding item", + "description": "This API endpoint updates information for an existing branding item.\nA token with API, ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "name", + "schema": { + "type": "string" + }, + "required": true, + "description": "The name of the branding item to be retrieved", + "example": "default" + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "required": [ + "name", + "productName" + ], + "properties": { + "name": { + "type": "string", + "description": "name of branding item", + "example": "custom-branding-item" + }, + "productName": { + "type": "string", + "description": "product name", + "example": "product name", + "nullable": true + }, + "actionButtonColor": { + "type": "string", + "description": "hex value of color for action button", + "example": "0074D9" + }, + "activeLinkColor": { + "type": "string", + "description": "hex value of color for link", + "example": "011E69" + }, + "navigationColor": { + "type": "string", + "description": "hex value of color for navigation bar", + "example": "011E69" + }, + "emailFromAddress": { + "type": "string", + "description": "email from address", + "example": "no-reply@sailpoint.com" + }, + "loginInformationalMessage": { + "type": "string", + "description": "login information message", + "example": "" + }, + "fileStandard": { + "type": "string", + "format": "binary", + "description": "png file with logo", + "example": "\\x00\\x00\\x00\\x02" + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:branding:manage" + ] + } + ], + "responses": { + "200": { + "description": "Branding item updated", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "name of branding item", + "example": "default" + }, + "productName": { + "type": "string", + "description": "product name", + "example": "product name", + "nullable": true + }, + "actionButtonColor": { + "type": "string", + "description": "hex value of color for action button", + "example": "0074D9", + "nullable": true + }, + "activeLinkColor": { + "type": "string", + "description": "hex value of color for link", + "example": "011E69", + "nullable": true + }, + "navigationColor": { + "type": "string", + "description": "hex value of color for navigation bar", + "example": "011E69", + "nullable": true + }, + "emailFromAddress": { + "type": "string", + "description": "email from address", + "example": "no-reply@sailpoint.com", + "nullable": true + }, + "standardLogoURL": { + "type": "string", + "description": "url to standard logo", + "example": "", + "nullable": true + }, + "loginInformationalMessage": { + "type": "string", + "description": "login information message", + "example": "", + "nullable": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteBranding", + "tags": [ + "Branding" + ], + "summary": "Delete a branding item", + "description": "This API endpoint delete information for an existing branding item by name.\nA token with API, ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:branding:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "name", + "schema": { + "type": "string" + }, + "required": true, + "description": "The name of the branding item to be deleted", + "example": "default" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns": { + "get": { + "operationId": "getActiveCampaigns", + "tags": [ + "Certification Campaigns" + ], + "summary": "List Campaigns", + "description": "Use this API to get a list of campaigns. This API can provide increased level of detail for each campaign for the correct provided query.\n\nA token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign:read", + "idn:campaign:manage", + "idn:campaign-report:read", + "idn:campaign-report:manage" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "detail", + "schema": { + "type": "string", + "enum": [ + "SLIM", + "FULL" + ] + }, + "required": false, + "description": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "example": "FULL" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "required": false, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**status**: *eq, in*", + "example": "name eq \"Manager Campaign\"" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "required": false, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created**", + "example": "name" + } + ], + "responses": { + "200": { + "description": "A list of campaign objects. By default list of SLIM campaigns is returned.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "oneOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "title": "Campaign", + "allOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Modified time of the campaign", + "example": "2020-03-03T22:20:12.674Z" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "filter": { + "type": "object", + "description": "Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.", + "properties": { + "id": { + "type": "string", + "description": "The ID of whatever type of filter is being used.", + "example": "0fbe863c063c4c88a35fd7f17e8a3df5" + }, + "type": { + "type": "string", + "description": "Type of the filter", + "enum": [ + "CAMPAIGN_FILTER", + "RULE" + ], + "example": "CAMPAIGN_FILTER" + }, + "name": { + "type": "string", + "description": "Name of the filter", + "example": "Test Filter" + } + } + }, + "sunsetCommentsRequired": { + "type": "boolean", + "description": "Determines if comments on sunset date changes are required.", + "default": true, + "example": true + }, + "sourceOwnerCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SOURCE_OWNER.", + "properties": { + "sourceIds": { + "type": "array", + "description": "The list of sources to be included in the campaign.", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + } + } + }, + "searchCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SEARCH.", + "properties": { + "type": { + "type": "string", + "description": "The type of search campaign represented.", + "enum": [ + "IDENTITY", + "ACCESS" + ], + "example": "ACCESS" + }, + "description": { + "type": "string", + "description": "Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.", + "example": "Search Campaign description" + }, + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "query": { + "type": "string", + "description": "The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set.", + "example": "Search Campaign query description" + }, + "identityIds": { + "type": "array", + "description": "A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.", + "items": { + "type": "string" + }, + "maxItems": 1000, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + }, + "accessConstraints": { + "type": "array", + "description": "Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ], + "description": "Type of Access", + "example": "ENTITLEMENT" + }, + "ids": { + "description": "Must be set only if operator is SELECTED.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "operator": { + "type": "string", + "enum": [ + "ALL", + "SELECTED" + ], + "description": "Used to determine whether the scope of the campaign should be reduced for selected ids or all.", + "example": "SELECTED" + } + }, + "required": [ + "type", + "operator" + ] + }, + "maxItems": 1000 + } + }, + "required": [ + "type" + ] + }, + "roleCompositionCampaignInfo": { + "type": "object", + "description": "Optional configuration options for role composition campaigns.", + "properties": { + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "roleIds": { + "type": "array", + "description": "Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "remediatorRef": { + "type": "object", + "description": "This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Legal Remediator Type", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the remediator.", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "name": { + "type": "string", + "description": "The name of the remediator.", + "readOnly": true, + "example": "Role Admin" + } + }, + "required": [ + "type", + "id" + ] + }, + "query": { + "type": "string", + "description": "Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "example": "Search Query" + }, + "description": { + "type": "string", + "description": "Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.", + "example": "Role Composition Description" + } + }, + "required": [ + "remediatorRef" + ] + }, + "sourcesWithOrphanEntitlements": { + "type": "array", + "description": "A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the source", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "Source with orphan entitlements" + } + } + } + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + ] + } + ] + } + }, + "examples": { + "Slim Campaign": { + "description": "List of Slim Campaigns that would result from not specifying *detail* or specifying SLIM", + "value": [ + { + "id": "2c918086719eec070171a7e3355a360a", + "name": "Manager Review", + "description": "A review of everyone's access by their manager.", + "deadline": "2020-12-25T06:00:00.123Z", + "type": "MANAGER", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "created": "2022-08-02T19:00:27.731Z", + "totalCertifications": 10, + "completedCertifications": 3, + "alerts": [ + { + "level": "ERROR", + "localizations": [ + { + "locale": "en", + "localeOrigin": "DEFAULT", + "text": "Composite criterion must have children non-composite criterion must not." + } + ] + } + ] + }, + { + "id": "7e1a731e3fb845cfbe58112ba4673ee4", + "name": "Search Campaign", + "description": "Search Campaign Info", + "deadline": "2022-07-26T15:42:44.000Z", + "type": "SEARCH", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "created": "2022-07-25T15:42:18.276Z", + "totalCertifications": 5, + "completedCertifications": 3, + "alerts": null + }, + { + "id": "2c918086719eec070171a7e3355a412b", + "name": "AD Source Review", + "description": "A review of our AD source.", + "deadline": "2020-12-25T06:00:00.123Z", + "type": "SOURCE_OWNER", + "status": "STAGED", + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "created": "2022-07-27T17:04:19.027Z", + "totalCertifications": 7, + "completedCertifications": 3, + "alerts": [ + { + "level": "WARN", + "localizations": [ + { + "locale": "en", + "localeOrigin": "DEFAULT", + "text": "Composite criterion is in wrong format." + } + ] + } + ] + }, + { + "id": "3b2e2e5821e84127b6d693d41c40623b", + "name": "Role Composition Campaign", + "description": "A review done by a role owner.", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "ROLE_COMPOSITION", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "created": "2022-08-02T20:29:51.065Z", + "totalCertifications": 1, + "completedCertifications": 1, + "alerts": null + } + ] + }, + "Full Campaign": { + "description": "List of Campaigns that would result from specifying *detail* as FULL", + "value": [ + { + "id": "078696a575e045c68d6722ccdb9f101d", + "name": "Role Composition Campaign", + "description": "A review done by a role owner.", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "ROLE_COMPOSITION", + "status": "ERROR", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "modified": "2022-08-02T20:29:51.331Z", + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0fbe863c063c4c88a35fd7f17e8a3df5", + "name": "Test Role Composition Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": { + "remediatorRef": { + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "reviewerId": null, + "reviewer": null, + "roleIds": [ + "b15d609fc5c8434b865fe552315fda8f" + ], + "query": null, + "description": null + }, + "sourcesWithOrphanEntitlements": null, + "mandatoryCommentRequirement": "NO_DECISIONS" + }, + { + "id": "1be8fc1103914bf0a4e14e316b6a7b7c", + "name": "Manager Review", + "description": "A review of everyone's access by their manager.", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "MANAGER", + "status": "STAGED", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "modified": "2022-08-02T19:00:34.391Z", + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0fbe863c063c4c88a35fd7f17e8a3df5", + "name": "Test Manager Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "sourcesWithOrphanEntitlements": [], + "mandatoryCommentRequirement": "NO_DECISIONS" + }, + { + "id": "7e1a731e3fb845cfbe58112ba4673ee4", + "name": "Search Campaign", + "description": "Search Campaign for Identities", + "deadline": "2022-07-26T15:42:44.000Z", + "type": "SEARCH", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "modified": "2022-07-25T15:42:53.718Z", + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0fbe863c063c4c88a35fd7f17e8a3df5", + "name": "Test Search Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": { + "type": "IDENTITY", + "description": "Example of Search Campaign", + "reviewer": { + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": null + }, + "query": "user", + "identityIds": null, + "accessConstraints": [] + }, + "roleCompositionCampaignInfo": null, + "sourcesWithOrphanEntitlements": [], + "mandatoryCommentRequirement": "NO_DECISIONS" + }, + { + "id": "ad3cf3dd50394b1bad646de4bc51b999", + "name": "Source Owner Campaign", + "description": "Example for Source Owner Campaign", + "deadline": "2022-08-10T17:09:02.000Z", + "type": "SOURCE_OWNER", + "status": "ACTIVE", + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "modified": "2022-07-27T17:09:13.925Z", + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0fbe863c063c4c88a35fd7f17e8a3df5", + "name": "Test Source Owner Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": { + "sourceIds": [ + "2c91808781fd5aea01821200dc88318e" + ] + }, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "sourcesWithOrphanEntitlements": [], + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createCampaign", + "tags": [ + "Certification Campaigns" + ], + "summary": "Create a campaign", + "description": "Use this API to create a certification campaign with the information provided in the request body.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign:manage" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Campaign", + "allOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Modified time of the campaign", + "example": "2020-03-03T22:20:12.674Z" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "filter": { + "type": "object", + "description": "Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.", + "properties": { + "id": { + "type": "string", + "description": "The ID of whatever type of filter is being used.", + "example": "0fbe863c063c4c88a35fd7f17e8a3df5" + }, + "type": { + "type": "string", + "description": "Type of the filter", + "enum": [ + "CAMPAIGN_FILTER", + "RULE" + ], + "example": "CAMPAIGN_FILTER" + }, + "name": { + "type": "string", + "description": "Name of the filter", + "example": "Test Filter" + } + } + }, + "sunsetCommentsRequired": { + "type": "boolean", + "description": "Determines if comments on sunset date changes are required.", + "default": true, + "example": true + }, + "sourceOwnerCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SOURCE_OWNER.", + "properties": { + "sourceIds": { + "type": "array", + "description": "The list of sources to be included in the campaign.", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + } + } + }, + "searchCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SEARCH.", + "properties": { + "type": { + "type": "string", + "description": "The type of search campaign represented.", + "enum": [ + "IDENTITY", + "ACCESS" + ], + "example": "ACCESS" + }, + "description": { + "type": "string", + "description": "Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.", + "example": "Search Campaign description" + }, + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "query": { + "type": "string", + "description": "The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set.", + "example": "Search Campaign query description" + }, + "identityIds": { + "type": "array", + "description": "A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.", + "items": { + "type": "string" + }, + "maxItems": 1000, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + }, + "accessConstraints": { + "type": "array", + "description": "Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ], + "description": "Type of Access", + "example": "ENTITLEMENT" + }, + "ids": { + "description": "Must be set only if operator is SELECTED.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "operator": { + "type": "string", + "enum": [ + "ALL", + "SELECTED" + ], + "description": "Used to determine whether the scope of the campaign should be reduced for selected ids or all.", + "example": "SELECTED" + } + }, + "required": [ + "type", + "operator" + ] + }, + "maxItems": 1000 + } + }, + "required": [ + "type" + ] + }, + "roleCompositionCampaignInfo": { + "type": "object", + "description": "Optional configuration options for role composition campaigns.", + "properties": { + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "roleIds": { + "type": "array", + "description": "Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "remediatorRef": { + "type": "object", + "description": "This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Legal Remediator Type", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the remediator.", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "name": { + "type": "string", + "description": "The name of the remediator.", + "readOnly": true, + "example": "Role Admin" + } + }, + "required": [ + "type", + "id" + ] + }, + "query": { + "type": "string", + "description": "Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "example": "Search Query" + }, + "description": { + "type": "string", + "description": "Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.", + "example": "Role Composition Description" + } + }, + "required": [ + "remediatorRef" + ] + }, + "sourcesWithOrphanEntitlements": { + "type": "array", + "description": "A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the source", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "Source with orphan entitlements" + } + } + } + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + ] + }, + "examples": { + "Manager": { + "value": { + "name": "Manager Review", + "description": "A review of everyone's access by their manager.", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "MANAGER", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0c46fb26c6b20967a55517ee90d15b93" + }, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + }, + "Search": { + "value": { + "name": "Search Campaign", + "description": "Search Campaign", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "SEARCH", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0c46fb26c6b20967a55517ee90d15b93" + }, + "searchCampaignInfo": { + "type": "ACCESS", + "query": "user" + }, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + }, + "Source Owner": { + "value": { + "name": "Source Owner", + "description": "Source Owner Info", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "SOURCE_OWNER", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0c46fb26c6b20967a55517ee90d15b93" + }, + "sourceOwnerCampaignInfo": { + "sourceIds": [ + "612b31b1a0f04aaf83123bdb80e70db6" + ] + }, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + }, + "Role Composition": { + "value": { + "name": "Role Composition Campaign", + "description": "A review done by a role owner.", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "ROLE_COMPOSITION", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0c46fb26c6b20967a55517ee90d15b93" + }, + "roleCompositionCampaignInfo": { + "remediatorRef": { + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "roleIds": [ + "b15d609fc5c8434b865fe552315fda8f" + ] + }, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "This response indicates that the requested campaign was successfully created, and the API returns its representation.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Campaign", + "allOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Modified time of the campaign", + "example": "2020-03-03T22:20:12.674Z" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "filter": { + "type": "object", + "description": "Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.", + "properties": { + "id": { + "type": "string", + "description": "The ID of whatever type of filter is being used.", + "example": "0fbe863c063c4c88a35fd7f17e8a3df5" + }, + "type": { + "type": "string", + "description": "Type of the filter", + "enum": [ + "CAMPAIGN_FILTER", + "RULE" + ], + "example": "CAMPAIGN_FILTER" + }, + "name": { + "type": "string", + "description": "Name of the filter", + "example": "Test Filter" + } + } + }, + "sunsetCommentsRequired": { + "type": "boolean", + "description": "Determines if comments on sunset date changes are required.", + "default": true, + "example": true + }, + "sourceOwnerCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SOURCE_OWNER.", + "properties": { + "sourceIds": { + "type": "array", + "description": "The list of sources to be included in the campaign.", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + } + } + }, + "searchCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SEARCH.", + "properties": { + "type": { + "type": "string", + "description": "The type of search campaign represented.", + "enum": [ + "IDENTITY", + "ACCESS" + ], + "example": "ACCESS" + }, + "description": { + "type": "string", + "description": "Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.", + "example": "Search Campaign description" + }, + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "query": { + "type": "string", + "description": "The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set.", + "example": "Search Campaign query description" + }, + "identityIds": { + "type": "array", + "description": "A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.", + "items": { + "type": "string" + }, + "maxItems": 1000, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + }, + "accessConstraints": { + "type": "array", + "description": "Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ], + "description": "Type of Access", + "example": "ENTITLEMENT" + }, + "ids": { + "description": "Must be set only if operator is SELECTED.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "operator": { + "type": "string", + "enum": [ + "ALL", + "SELECTED" + ], + "description": "Used to determine whether the scope of the campaign should be reduced for selected ids or all.", + "example": "SELECTED" + } + }, + "required": [ + "type", + "operator" + ] + }, + "maxItems": 1000 + } + }, + "required": [ + "type" + ] + }, + "roleCompositionCampaignInfo": { + "type": "object", + "description": "Optional configuration options for role composition campaigns.", + "properties": { + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "roleIds": { + "type": "array", + "description": "Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "remediatorRef": { + "type": "object", + "description": "This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Legal Remediator Type", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the remediator.", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "name": { + "type": "string", + "description": "The name of the remediator.", + "readOnly": true, + "example": "Role Admin" + } + }, + "required": [ + "type", + "id" + ] + }, + "query": { + "type": "string", + "description": "Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "example": "Search Query" + }, + "description": { + "type": "string", + "description": "Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.", + "example": "Role Composition Description" + } + }, + "required": [ + "remediatorRef" + ] + }, + "sourcesWithOrphanEntitlements": { + "type": "array", + "description": "A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the source", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "Source with orphan entitlements" + } + } + } + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + ] + }, + "examples": { + "Manager": { + "value": { + "id": "5594f43b76804a6980ece5fdccf74be7", + "name": "Manager Review", + "description": "A review of everyone's access by their manager.", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "MANAGER", + "status": "PENDING", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "created": "2022-08-02T20:21:18.421Z", + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0fbe863c063c4c88a35fd7f17e8a3df5", + "name": "Test Manager Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": 0, + "completedCertifications": 0, + "sourcesWithOrphanEntitlements": null, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + }, + "Search": { + "value": { + "id": "ec041831cb2147778b594feb9d8db44a", + "name": "Search Campaign", + "description": "Search Campaign", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "SEARCH", + "status": "PENDING", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "created": "2022-08-03T13:54:34.344Z", + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0fbe863c063c4c88a35fd7f17e8a3df5", + "name": "Test Search Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": { + "type": "ACCESS", + "description": "user", + "reviewer": { + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": null + }, + "query": "user", + "identityIds": null, + "accessConstraints": [] + }, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": 0, + "completedCertifications": 0, + "sourcesWithOrphanEntitlements": null, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + }, + "Source Owner": { + "value": { + "id": "fd7b76ba4ea042de8a9414aa12fc977a", + "name": "Source Owner", + "description": "Source Owner Info", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "SOURCE_OWNER", + "status": "PENDING", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "created": "2022-08-03T13:34:19.541Z", + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0fbe863c063c4c88a35fd7f17e8a3df5", + "name": "Test Source Owner Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "sourceIds": [ + "612b31b1a0f04aaf83123bdb80e70db6" + ], + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": 0, + "completedCertifications": 0, + "sourcesWithOrphanEntitlements": null, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + }, + "Role Composition": { + "value": { + "id": "3b2e2e5821e84127b6d693d41c40623b", + "name": "Role Composition Campaign", + "description": "A review done by a role owner.", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "ROLE_COMPOSITION", + "status": "PENDING", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "created": "2022-08-02T20:30:46.083Z", + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "0fbe863c063c4c88a35fd7f17e8a3df5", + "name": "Test Role Composition Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": { + "remediatorRef": { + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "reviewerId": null, + "reviewer": null, + "roleIds": [ + "b15d609fc5c8434b865fe552315fda8f" + ], + "query": null, + "description": null + }, + "alerts": null, + "totalCertifications": 0, + "completedCertifications": 0, + "sourcesWithOrphanEntitlements": null, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns/{id}": { + "get": { + "operationId": "getCampaign", + "tags": [ + "Certification Campaigns" + ], + "summary": "Get Campaign", + "description": "Use this API to get information for an existing certification campaign by the campaign's ID.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign:read", + "idn:campaign:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the campaign to be retrieved.", + "example": "2c91808571bcfcf80171c23e4b4221fc" + }, + { + "in": "query", + "name": "detail", + "schema": { + "type": "string", + "enum": [ + "SLIM", + "FULL" + ] + }, + "required": false, + "description": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "example": "FULL" + } + ], + "responses": { + "200": { + "description": "Requested campaign object.", + "content": { + "application/json": { + "schema": { + "oneOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "title": "Campaign", + "allOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Modified time of the campaign", + "example": "2020-03-03T22:20:12.674Z" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "filter": { + "type": "object", + "description": "Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.", + "properties": { + "id": { + "type": "string", + "description": "The ID of whatever type of filter is being used.", + "example": "0fbe863c063c4c88a35fd7f17e8a3df5" + }, + "type": { + "type": "string", + "description": "Type of the filter", + "enum": [ + "CAMPAIGN_FILTER", + "RULE" + ], + "example": "CAMPAIGN_FILTER" + }, + "name": { + "type": "string", + "description": "Name of the filter", + "example": "Test Filter" + } + } + }, + "sunsetCommentsRequired": { + "type": "boolean", + "description": "Determines if comments on sunset date changes are required.", + "default": true, + "example": true + }, + "sourceOwnerCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SOURCE_OWNER.", + "properties": { + "sourceIds": { + "type": "array", + "description": "The list of sources to be included in the campaign.", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + } + } + }, + "searchCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SEARCH.", + "properties": { + "type": { + "type": "string", + "description": "The type of search campaign represented.", + "enum": [ + "IDENTITY", + "ACCESS" + ], + "example": "ACCESS" + }, + "description": { + "type": "string", + "description": "Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.", + "example": "Search Campaign description" + }, + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "query": { + "type": "string", + "description": "The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set.", + "example": "Search Campaign query description" + }, + "identityIds": { + "type": "array", + "description": "A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.", + "items": { + "type": "string" + }, + "maxItems": 1000, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + }, + "accessConstraints": { + "type": "array", + "description": "Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ], + "description": "Type of Access", + "example": "ENTITLEMENT" + }, + "ids": { + "description": "Must be set only if operator is SELECTED.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "operator": { + "type": "string", + "enum": [ + "ALL", + "SELECTED" + ], + "description": "Used to determine whether the scope of the campaign should be reduced for selected ids or all.", + "example": "SELECTED" + } + }, + "required": [ + "type", + "operator" + ] + }, + "maxItems": 1000 + } + }, + "required": [ + "type" + ] + }, + "roleCompositionCampaignInfo": { + "type": "object", + "description": "Optional configuration options for role composition campaigns.", + "properties": { + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "roleIds": { + "type": "array", + "description": "Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "remediatorRef": { + "type": "object", + "description": "This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Legal Remediator Type", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the remediator.", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "name": { + "type": "string", + "description": "The name of the remediator.", + "readOnly": true, + "example": "Role Admin" + } + }, + "required": [ + "type", + "id" + ] + }, + "query": { + "type": "string", + "description": "Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "example": "Search Query" + }, + "description": { + "type": "string", + "description": "Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.", + "example": "Role Composition Description" + } + }, + "required": [ + "remediatorRef" + ] + }, + "sourcesWithOrphanEntitlements": { + "type": "array", + "description": "A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the source", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "Source with orphan entitlements" + } + } + } + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + ] + } + ] + }, + "examples": { + "Manager": { + "value": { + "id": "2c918086719eec070171a7e3355a360a", + "name": "Manager Review", + "description": "A review of everyone's access by their manager.", + "deadline": "2020-12-25T06:00:00.123Z", + "type": "MANAGER", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false + } + }, + "Search": { + "value": { + "id": "7e1a731e3fb845cfbe58112ba4673ee4", + "name": "Search Campaign", + "description": "Search Campaign Info", + "deadline": "2022-07-26T15:42:44.000Z", + "type": "SEARCH", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false + } + }, + "Source Owner": { + "value": { + "id": "2c918086719eec070171a7e3355a412b", + "name": "AD Source Review", + "description": "A review of our AD source.", + "deadline": "2020-12-25T06:00:00.123Z", + "type": "SOURCE_OWNER", + "status": "STAGED", + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED" + } + }, + "RoleComposition": { + "value": { + "id": "3b2e2e5821e84127b6d693d41c40623b", + "name": "Role Composition Campaign", + "description": "A review done by a role owner.", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "ROLE_COMPOSITION", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "updateCampaign", + "tags": [ + "Certification Campaigns" + ], + "summary": "Update a Campaign", + "description": "Use this API to update individual fields on a certification campaign, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign:read", + "idn:campaign:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the campaign template being modified.", + "example": "2c91808571bcfcf80171c23e4b4221fc" + } + ], + "requestBody": { + "required": true, + "description": "A list of campaign update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\nThe fields that can be patched differ based on the status of the campaign.\n\nWhen the campaign is in the *STAGED* status, you can patch these fields:\n* name\n* description\n* recommendationsEnabled\n* deadline\n* emailNotificationEnabled\n* autoRevokeAllowed\n\nWhen the campaign is in the *ACTIVE* status, you can patch these fields:\n* deadline\n", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/name", + "value": "This field has been updated!" + }, + { + "op": "copy", + "from": "/name", + "path": "/description" + } + ] + } + } + }, + "responses": { + "200": { + "description": "This response indicates that the PATCH operation succeeded, and the API returns the campaign's new representation.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "examples": { + "Manager": { + "value": { + "id": "2c918086719eec070171a7e3355a360a", + "name": "Manager Review", + "description": "A review of everyone's access by their manager.", + "deadline": "2020-12-25T06:00:00.123Z", + "type": "MANAGER", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false + } + }, + "Search": { + "value": { + "id": "7e1a731e3fb845cfbe58112ba4673ee4", + "name": "Search Campaign", + "description": "Search Campaign Info", + "deadline": "2022-07-26T15:42:44.000Z", + "type": "SEARCH", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false + } + }, + "Source Owner": { + "value": { + "id": "2c918086719eec070171a7e3355a412b", + "name": "AD Source Review", + "description": "A review of our AD source.", + "deadline": "2020-12-25T06:00:00.123Z", + "type": "SOURCE_OWNER", + "status": "STAGED", + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED" + } + }, + "RoleComposition": { + "value": { + "id": "3b2e2e5821e84127b6d693d41c40623b", + "name": "Role Composition Campaign", + "description": "A review done by a role owner.", + "deadline": "2020-12-25T06:00:00.468Z", + "type": "ROLE_COMPOSITION", + "status": "ACTIVE", + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns/{id}/reassign": { + "post": { + "security": [ + { + "UserContextAuth": [ + "idn:campaign:manage" + ] + } + ], + "operationId": "move", + "tags": [ + "Certification Campaigns" + ], + "summary": "Reassign Certifications", + "description": "This API reassigns the specified certifications from one identity to another.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The certification campaign ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "certificationIds": { + "description": "List of certification IDs to reassign", + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1, + "maxItems": 250, + "example": [ + "af3859464779471211bb8424a563abc1", + "af3859464779471211bb8424a563abc2", + "af3859464779471211bb8424a563abc3" + ] + }, + "reassignTo": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The identity ID to which the review is being assigned.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "type": { + "type": "string", + "description": "The type of the ID provided.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + } + } + }, + "reason": { + "type": "string", + "description": "Comment to explain why the certification was reassigned", + "example": "reassigned for some reason" + } + } + } + } + } + }, + "responses": { + "202": { + "description": "The reassign task that has been submitted.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification task.", + "example": "2c918086719eec070171a7e3355a360a" + }, + "type": { + "type": "string", + "description": "The type of the certification task. More values may be added in the future.", + "enum": [ + "REASSIGN", + "ADMIN_REASSIGN", + "COMPLETE_CERTIFICATION", + "FINISH_CERTIFICATION", + "COMPLETE_CAMPAIGN", + "ACTIVATE_CAMPAIGN", + "CAMPAIGN_CREATE", + "CAMPAIGN_DELETE" + ], + "example": "ADMIN_REASSIGN" + }, + "targetType": { + "type": "string", + "description": "The type of item that is being operated on by this task whose ID is stored in the targetId field.", + "enum": [ + "CERTIFICATION", + "CAMPAIGN" + ], + "example": "CAMPAIGN" + }, + "targetId": { + "type": "string", + "description": "The ID of the item being operated on by this task.", + "example": "2c918086719eec070171a7e3355a834c" + }, + "status": { + "type": "string", + "description": "The status of the task.", + "enum": [ + "QUEUED", + "IN_PROGRESS", + "SUCCESS", + "ERROR" + ], + "example": "QUEUED" + }, + "errors": { + "description": "A list of errors that have been encountered by the task.", + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "reassignmentTrailDTOs": { + "description": "Reassignment trails that lead to self certification identity", + "type": "array", + "items": { + "type": "object", + "properties": { + "previousOwner": { + "type": "string", + "description": "The ID of previous owner identity.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "newOwner": { + "type": "string", + "description": "The ID of new owner identity.", + "example": "ef38f94347e94562b5bb8424a56397a3" + }, + "reassignmentType": { + "type": "string", + "description": "The type of reassignment.", + "example": "AUTOMATIC_REASSIGNMENT" + } + } + }, + "example": { + "previousOwner": "ef38f94347e94562b5bb8424a56397d8", + "newOwner": "ef38f94347e94562b5bb8424a56397a3", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + } + }, + "created": { + "type": "string", + "description": "The date and time on which this task was created.", + "format": "date-time", + "example": "2020-09-24T18:10:47.693Z" + } + } + }, + "example": { + "id": "2c918086719eec070171a7e3355a360a", + "type": "ADMIN_REASSIGN", + "targetType": "CAMPAIGN", + "targetId": "2c918086719eec070171a7e3355a834c", + "status": "QUEUED", + "errors": [], + "created": "2020-09-24T18:10:47.693Z" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns/{id}/activate": { + "post": { + "operationId": "startCampaign", + "tags": [ + "Certification Campaigns" + ], + "summary": "Activate a Campaign", + "description": "Use this API to submit a job to activate the certified campaign with the specified ID. The campaign must be staged.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. \n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign:manage" + ] + } + ], + "requestBody": { + "description": "Optional. If no timezone is specified, the standard UTC timezone is used (i.e. UTC+00:00). Although this can take any timezone, the intended value is the caller's timezone. The activation time calculated from the given timezone may cause the campaign deadline time to be modified, but it will remain within the original date. The timezone must be in a valid ISO 8601 format.", + "required": false, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "timeZone": { + "type": "string", + "description": "The timezone must be in a valid ISO 8601 format. Timezones in ISO 8601 are represented as UTC (represented as 'Z') or as an offset from UTC. The offset format can be +/-hh:mm, +/-hhmm, or +/-hh.", + "default": "Z", + "example": "-05:00" + } + } + } + } + } + }, + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Campaign ID.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns/{id}/complete": { + "post": { + "operationId": "completeCampaign", + "tags": [ + "Certification Campaigns" + ], + "summary": "Complete a Campaign", + "description": ":::caution\n\nThis endpoint will run successfully for any campaigns that are **past due**.\n\nThis endpoint will return a content error if the campaign is **not past due**.\n\n:::\n\nUse this API to complete a certification campaign. This functionality is provided to admins so that they\ncan complete a certification even if all items have not been completed.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign:manage" + ] + } + ], + "requestBody": { + "description": "Optional. Default behavior is for the campaign to auto-approve upon completion, unless autoCompleteAction=REVOKE", + "required": false, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "autoCompleteAction": { + "description": "Determines whether to auto-approve(APPROVE) or auto-revoke(REVOKE) upon campaign completion.", + "type": "string", + "enum": [ + "APPROVE", + "REVOKE" + ], + "default": "APPROVE", + "example": "REVOKE" + } + } + } + } + } + }, + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Campaign ID.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns/delete": { + "post": { + "operationId": "deleteCampaigns", + "tags": [ + "Certification Campaigns" + ], + "summary": "Delete Campaigns", + "description": "Use this API to delete certification campaigns whose IDs are specified in the provided list of campaign IDs.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign:manage" + ] + } + ], + "requestBody": { + "description": "IDs of the campaigns to delete.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "ids": { + "description": "The ids of the campaigns to delete", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c9180887335cee10173490db1776c26", + "2c9180836a712436016a7125a90c0021" + ] + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns/{id}/run-remediation-scan": { + "post": { + "operationId": "startCampaignRemediationScan", + "tags": [ + "Certification Campaigns" + ], + "summary": "Run Campaign Remediation Scan", + "description": "Use this API to run a remediation scan task for a certification campaign.\n\nA token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-report:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string", + "example": "2c91808571bcfcf80171c23e4b4221fc" + }, + "required": true, + "description": "ID of the campaign the remediation scan is being run for." + } + ], + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns/{id}/reports": { + "get": { + "operationId": "getCampaignReports", + "tags": [ + "Certification Campaigns" + ], + "summary": "Get Campaign Reports", + "description": "Use this API to fetch all reports for a certification campaign by campaign ID.\n\nA token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-report:read", + "idn:campaign-report:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string", + "example": "2c91808571bcfcf80171c23e4b4221fc" + }, + "required": true, + "description": "ID of the campaign whose reports are being fetched." + } + ], + "responses": { + "200": { + "description": "Array of campaign report objects.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "title": "Campaign Report", + "required": [ + "reportType" + ], + "allOf": [ + { + "allOf": [ + { + "type": "object", + "description": "SOD policy violation report result.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy violation report result DTO type.", + "enum": [ + "REPORT_RESULT" + ], + "example": "REPORT_RESULT" + }, + "id": { + "type": "string", + "description": "SOD policy violation report result ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of the SOD policy violation report result.", + "example": "SOD Policy 1 Violation" + } + } + }, + { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Status of a SOD policy violation report.", + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR", + "PENDING" + ], + "example": "PENDING" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "reportType": { + "type": "string", + "description": "type of a Report", + "enum": [ + "CAMPAIGN_COMPOSITION_REPORT", + "CAMPAIGN_REMEDIATION_STATUS_REPORT", + "CAMPAIGN_STATUS_REPORT", + "CERTIFICATION_SIGNOFF_REPORT" + ], + "example": "CAMPAIGN_COMPOSITION_REPORT" + }, + "lastRunAt": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "The most recent date and time this report was run" + } + } + } + ], + "example": { + "type": "REPORT_RESULT", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Campaign Composition Report", + "status": "SUCCESS", + "reportType": "CAMPAIGN_COMPOSITION_REPORT", + "lastRunAt": "2019-12-19T13:49:37.385Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns/{id}/run-report/{type}": { + "post": { + "operationId": "startCampaignReport", + "tags": [ + "Certification Campaigns" + ], + "summary": "Run Campaign Report", + "description": "Use this API to run a report for a certification campaign.\n\nA token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-report:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string", + "example": "2c91808571bcfcf80171c23e4b4221fc" + }, + "required": true, + "description": "ID of the campaign the report is being run for." + }, + { + "in": "path", + "name": "type", + "schema": { + "type": "string", + "description": "type of a Report", + "enum": [ + "CAMPAIGN_COMPOSITION_REPORT", + "CAMPAIGN_REMEDIATION_STATUS_REPORT", + "CAMPAIGN_STATUS_REPORT", + "CERTIFICATION_SIGNOFF_REPORT" + ], + "example": "CAMPAIGN_COMPOSITION_REPORT" + }, + "required": true, + "description": "Type of the report to run." + } + ], + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaigns/reports-configuration": { + "get": { + "operationId": "getCampaignReportsConfig", + "tags": [ + "Certification Campaigns" + ], + "summary": "Get Campaign Reports Configuration", + "description": "Use this API to fetch the configuration for certification campaign reports. The configuration includes only one element - identity attributes defined as custom report columns. \n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign:read", + "idn:campaign:manage" + ] + } + ], + "responses": { + "200": { + "description": "Campaign report configuration.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Campaign Reports Configuration", + "properties": { + "identityAttributeColumns": { + "type": "array", + "nullable": true, + "description": "list of identity attribute columns", + "items": { + "type": "string" + }, + "example": [ + "firstname", + "lastname" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "setCampaignReportsConfig", + "tags": [ + "Certification Campaigns" + ], + "summary": "Set Campaign Reports Configuration", + "description": "Use this API to overwrite the configuration for campaign reports. \n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign:manage" + ] + } + ], + "requestBody": { + "required": true, + "description": "Campaign report configuration.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Campaign Reports Configuration", + "properties": { + "identityAttributeColumns": { + "type": "array", + "nullable": true, + "description": "list of identity attribute columns", + "items": { + "type": "string" + }, + "example": [ + "firstname", + "lastname" + ] + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The persisted campaign report configuration.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Campaign Reports Configuration", + "properties": { + "identityAttributeColumns": { + "type": "array", + "nullable": true, + "description": "list of identity attribute columns", + "items": { + "type": "string" + }, + "example": [ + "firstname", + "lastname" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaign-filters": { + "post": { + "operationId": "createCampaignFilter", + "tags": [ + "Certification Campaign Filters" + ], + "summary": "Create Campaign Filter", + "description": "Use this API to create a campaign filter based on filter details and criteria.", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-filter:create" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Campaign Filter Details", + "properties": { + "name": { + "type": "string", + "description": "Campaign filter name.", + "example": "Identity Attribute Campaign Filter" + }, + "description": { + "type": "string", + "description": "Campaign filter description.", + "example": "Campaign filter to certify data based on an identity attribute's specified property." + }, + "owner": { + "type": "string", + "description": "Owner of the filter. This field automatically populates at creation time with the current user.", + "example": "SailPoint Support", + "nullable": true + }, + "mode": { + "description": "Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.", + "enum": [ + "INCLUSION", + "EXCLUSION" + ], + "example": "INCLUSION" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "COMPOSITE", + "ROLE", + "IDENTITY", + "IDENTITY_ATTRIBUTE", + "ENTITLEMENT", + "ACCESS_PROFILE", + "SOURCE", + "ACCOUNT", + "AGGREGATED_ENTITLEMENT", + "INVALID_CERTIFIABLE_ENTITY" + ], + "description": "Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship.", + "example": "IDENTITY_ATTRIBUTE" + }, + "operation": { + "allOf": [ + { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR", + null + ], + "description": "Operation on a specific criteria", + "example": "EQUALS" + }, + { + "nullable": true + } + ] + }, + "property": { + "type": "string", + "description": "Specified key from the type of criteria.", + "example": "displayName", + "nullable": true + }, + "value": { + "type": "string", + "description": "Value for the specified key from the type of criteria.", + "example": "Allie", + "nullable": true + } + }, + "required": [ + "type", + "property", + "value", + "operation" + ] + }, + "example": [ + { + "type": "IDENTITY_ATTRIBUTE", + "property": "displayName", + "value": "support", + "operation": "CONTAINS", + "negateResult": false, + "shortCircuit": false, + "recordChildMatches": false, + "id": null, + "suppressMatchedItems": false, + "children": null + } + ] + } + }, + "required": [ + "name", + "owner", + "mode" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Created successfully.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Campaign Filter Details", + "properties": { + "name": { + "type": "string", + "description": "Campaign filter name.", + "example": "Identity Attribute Campaign Filter" + }, + "description": { + "type": "string", + "description": "Campaign filter description.", + "example": "Campaign filter to certify data based on an identity attribute's specified property." + }, + "owner": { + "type": "string", + "description": "Owner of the filter. This field automatically populates at creation time with the current user.", + "example": "SailPoint Support", + "nullable": true + }, + "mode": { + "description": "Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.", + "enum": [ + "INCLUSION", + "EXCLUSION" + ], + "example": "INCLUSION" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "COMPOSITE", + "ROLE", + "IDENTITY", + "IDENTITY_ATTRIBUTE", + "ENTITLEMENT", + "ACCESS_PROFILE", + "SOURCE", + "ACCOUNT", + "AGGREGATED_ENTITLEMENT", + "INVALID_CERTIFIABLE_ENTITY" + ], + "description": "Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship.", + "example": "IDENTITY_ATTRIBUTE" + }, + "operation": { + "allOf": [ + { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR", + null + ], + "description": "Operation on a specific criteria", + "example": "EQUALS" + }, + { + "nullable": true + } + ] + }, + "property": { + "type": "string", + "description": "Specified key from the type of criteria.", + "example": "displayName", + "nullable": true + }, + "value": { + "type": "string", + "description": "Value for the specified key from the type of criteria.", + "example": "Allie", + "nullable": true + } + }, + "required": [ + "type", + "property", + "value", + "operation" + ] + }, + "example": [ + { + "type": "IDENTITY_ATTRIBUTE", + "property": "displayName", + "value": "support", + "operation": "CONTAINS", + "negateResult": false, + "shortCircuit": false, + "recordChildMatches": false, + "id": null, + "suppressMatchedItems": false, + "children": null + } + ] + } + }, + "required": [ + "name", + "owner", + "mode" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "listCampaignFilters", + "tags": [ + "Certification Campaign Filters" + ], + "summary": "List Campaign Filters", + "description": "Use this API to list all campaign filters. You can reduce scope with standard V3 query parameters.", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-filter-list:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "start", + "description": "Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "includeSystemFilters", + "description": "If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. ", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": true + } + } + ], + "responses": { + "200": { + "description": "List of campaign filter objects.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "items": { + "type": "array", + "description": "List of campaign filters.", + "items": { + "type": "object", + "description": "Campaign Filter Details", + "properties": { + "name": { + "type": "string", + "description": "Campaign filter name.", + "example": "Identity Attribute Campaign Filter" + }, + "description": { + "type": "string", + "description": "Campaign filter description.", + "example": "Campaign filter to certify data based on an identity attribute's specified property." + }, + "owner": { + "type": "string", + "description": "Owner of the filter. This field automatically populates at creation time with the current user.", + "example": "SailPoint Support", + "nullable": true + }, + "mode": { + "description": "Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.", + "enum": [ + "INCLUSION", + "EXCLUSION" + ], + "example": "INCLUSION" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "COMPOSITE", + "ROLE", + "IDENTITY", + "IDENTITY_ATTRIBUTE", + "ENTITLEMENT", + "ACCESS_PROFILE", + "SOURCE", + "ACCOUNT", + "AGGREGATED_ENTITLEMENT", + "INVALID_CERTIFIABLE_ENTITY" + ], + "description": "Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship.", + "example": "IDENTITY_ATTRIBUTE" + }, + "operation": { + "allOf": [ + { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR", + null + ], + "description": "Operation on a specific criteria", + "example": "EQUALS" + }, + { + "nullable": true + } + ] + }, + "property": { + "type": "string", + "description": "Specified key from the type of criteria.", + "example": "displayName", + "nullable": true + }, + "value": { + "type": "string", + "description": "Value for the specified key from the type of criteria.", + "example": "Allie", + "nullable": true + } + }, + "required": [ + "type", + "property", + "value", + "operation" + ] + }, + "example": [ + { + "type": "IDENTITY_ATTRIBUTE", + "property": "displayName", + "value": "support", + "operation": "CONTAINS", + "negateResult": false, + "shortCircuit": false, + "recordChildMatches": false, + "id": null, + "suppressMatchedItems": false, + "children": null + } + ] + } + }, + "required": [ + "name", + "owner", + "mode" + ] + } + }, + "count": { + "type": "integer", + "description": "Number of filters returned.", + "example": 2 + } + } + }, + "example": { + "items": [ + { + "id": "5b8a2ba86393dd174495c4436dd76b25", + "name": "IdentityAttribute Inclusion Campaign Filter", + "description": "IdentityAttribute Inclusion Campaign Filter", + "owner": "SailPoint Support", + "mode": "INCLUSION", + "criteriaList": [ + { + "type": "IDENTITY_ATTRIBUTE", + "property": "displayName", + "value": "#", + "operation": "CONTAINS", + "negateResult": false, + "shortCircuit": false, + "recordChildMatches": false, + "id": null, + "suppressMatchedItems": false, + "children": null + } + ], + "isSystemFilter": false + }, + { + "id": "e9f9a1397b842fd5a65842087040d3ac", + "name": "Exclusion Campaign Filter", + "description": "Campaign filter for Exclusion update", + "owner": "SailPoint Support", + "mode": "EXCLUSION", + "criteriaList": [ + { + "type": "IDENTITY_ATTRIBUTE", + "property": "displayName", + "value": "#@", + "operation": "CONTAINS", + "negateResult": false, + "shortCircuit": false, + "recordChildMatches": false, + "id": null, + "suppressMatchedItems": false, + "children": null + } + ], + "isSystemFilter": false + } + ], + "count": 2 + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaign-filters/{id}": { + "get": { + "operationId": "getCampaignFilterById", + "tags": [ + "Certification Campaign Filters" + ], + "summary": "Get Campaign Filter by ID", + "description": "Retrieves information for an existing campaign filter using the filter's ID.", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-filter:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "filterId", + "schema": { + "type": "string", + "example": "e9f9a1397b842fd5a65842087040d3ac" + }, + "required": true, + "description": "The ID of the campaign filter to be retrieved." + } + ], + "responses": { + "200": { + "description": "A campaign filter object.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Campaign Filter Details", + "properties": { + "name": { + "type": "string", + "description": "Campaign filter name.", + "example": "Identity Attribute Campaign Filter" + }, + "description": { + "type": "string", + "description": "Campaign filter description.", + "example": "Campaign filter to certify data based on an identity attribute's specified property." + }, + "owner": { + "type": "string", + "description": "Owner of the filter. This field automatically populates at creation time with the current user.", + "example": "SailPoint Support", + "nullable": true + }, + "mode": { + "description": "Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.", + "enum": [ + "INCLUSION", + "EXCLUSION" + ], + "example": "INCLUSION" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "COMPOSITE", + "ROLE", + "IDENTITY", + "IDENTITY_ATTRIBUTE", + "ENTITLEMENT", + "ACCESS_PROFILE", + "SOURCE", + "ACCOUNT", + "AGGREGATED_ENTITLEMENT", + "INVALID_CERTIFIABLE_ENTITY" + ], + "description": "Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship.", + "example": "IDENTITY_ATTRIBUTE" + }, + "operation": { + "allOf": [ + { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR", + null + ], + "description": "Operation on a specific criteria", + "example": "EQUALS" + }, + { + "nullable": true + } + ] + }, + "property": { + "type": "string", + "description": "Specified key from the type of criteria.", + "example": "displayName", + "nullable": true + }, + "value": { + "type": "string", + "description": "Value for the specified key from the type of criteria.", + "example": "Allie", + "nullable": true + } + }, + "required": [ + "type", + "property", + "value", + "operation" + ] + }, + "example": [ + { + "type": "IDENTITY_ATTRIBUTE", + "property": "displayName", + "value": "support", + "operation": "CONTAINS", + "negateResult": false, + "shortCircuit": false, + "recordChildMatches": false, + "id": null, + "suppressMatchedItems": false, + "children": null + } + ] + } + }, + "required": [ + "name", + "owner", + "mode" + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "updateCampaignFilter", + "tags": [ + "Certification Campaign Filters" + ], + "summary": "Updates a Campaign Filter", + "description": "Updates an existing campaign filter using the filter's ID.", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-filter:update" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "filterId", + "schema": { + "type": "string", + "example": "e9f9a1397b842fd5a65842087040d3ac" + }, + "required": true, + "description": "The ID of the campaign filter being modified." + } + ], + "requestBody": { + "required": true, + "description": "A campaign filter details with updated field values.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Campaign Filter Details", + "properties": { + "name": { + "type": "string", + "description": "Campaign filter name.", + "example": "Identity Attribute Campaign Filter" + }, + "description": { + "type": "string", + "description": "Campaign filter description.", + "example": "Campaign filter to certify data based on an identity attribute's specified property." + }, + "owner": { + "type": "string", + "description": "Owner of the filter. This field automatically populates at creation time with the current user.", + "example": "SailPoint Support", + "nullable": true + }, + "mode": { + "description": "Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.", + "enum": [ + "INCLUSION", + "EXCLUSION" + ], + "example": "INCLUSION" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "COMPOSITE", + "ROLE", + "IDENTITY", + "IDENTITY_ATTRIBUTE", + "ENTITLEMENT", + "ACCESS_PROFILE", + "SOURCE", + "ACCOUNT", + "AGGREGATED_ENTITLEMENT", + "INVALID_CERTIFIABLE_ENTITY" + ], + "description": "Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship.", + "example": "IDENTITY_ATTRIBUTE" + }, + "operation": { + "allOf": [ + { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR", + null + ], + "description": "Operation on a specific criteria", + "example": "EQUALS" + }, + { + "nullable": true + } + ] + }, + "property": { + "type": "string", + "description": "Specified key from the type of criteria.", + "example": "displayName", + "nullable": true + }, + "value": { + "type": "string", + "description": "Value for the specified key from the type of criteria.", + "example": "Allie", + "nullable": true + } + }, + "required": [ + "type", + "property", + "value", + "operation" + ] + }, + "example": [ + { + "type": "IDENTITY_ATTRIBUTE", + "property": "displayName", + "value": "support", + "operation": "CONTAINS", + "negateResult": false, + "shortCircuit": false, + "recordChildMatches": false, + "id": null, + "suppressMatchedItems": false, + "children": null + } + ] + } + }, + "required": [ + "name", + "owner", + "mode" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Created successfully.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Campaign Filter Details", + "properties": { + "name": { + "type": "string", + "description": "Campaign filter name.", + "example": "Identity Attribute Campaign Filter" + }, + "description": { + "type": "string", + "description": "Campaign filter description.", + "example": "Campaign filter to certify data based on an identity attribute's specified property." + }, + "owner": { + "type": "string", + "description": "Owner of the filter. This field automatically populates at creation time with the current user.", + "example": "SailPoint Support", + "nullable": true + }, + "mode": { + "description": "Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.", + "enum": [ + "INCLUSION", + "EXCLUSION" + ], + "example": "INCLUSION" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "COMPOSITE", + "ROLE", + "IDENTITY", + "IDENTITY_ATTRIBUTE", + "ENTITLEMENT", + "ACCESS_PROFILE", + "SOURCE", + "ACCOUNT", + "AGGREGATED_ENTITLEMENT", + "INVALID_CERTIFIABLE_ENTITY" + ], + "description": "Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship.", + "example": "IDENTITY_ATTRIBUTE" + }, + "operation": { + "allOf": [ + { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR", + null + ], + "description": "Operation on a specific criteria", + "example": "EQUALS" + }, + { + "nullable": true + } + ] + }, + "property": { + "type": "string", + "description": "Specified key from the type of criteria.", + "example": "displayName", + "nullable": true + }, + "value": { + "type": "string", + "description": "Value for the specified key from the type of criteria.", + "example": "Allie", + "nullable": true + } + }, + "required": [ + "type", + "property", + "value", + "operation" + ] + }, + "example": [ + { + "type": "IDENTITY_ATTRIBUTE", + "property": "displayName", + "value": "support", + "operation": "CONTAINS", + "negateResult": false, + "shortCircuit": false, + "recordChildMatches": false, + "id": null, + "suppressMatchedItems": false, + "children": null + } + ] + } + }, + "required": [ + "name", + "owner", + "mode" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaign-filters/delete": { + "post": { + "operationId": "deleteCampaignFilters", + "tags": [ + "Certification Campaign Filters" + ], + "summary": "Deletes Campaign Filters", + "description": "Deletes campaign filters whose Ids are specified in the provided list of campaign filter Ids. Authorized callers must be an ORG_ADMIN or a CERT_ADMIN.", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-filter:delete" + ] + } + ], + "requestBody": { + "description": "A json list of IDs of campaign filters to delete.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5", + "2efb374d392c4d88a34sv7b11e8a4eq6" + ] + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaign-templates": { + "post": { + "operationId": "createCampaignTemplate", + "tags": [ + "Certification Campaigns" + ], + "summary": "Create a Campaign Template", + "description": "Use this API to create a certification campaign template based on campaign.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-template:manage" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Campaign Template", + "properties": { + "id": { + "type": "string", + "description": "Id of the campaign template", + "example": "2c9079b270a266a60170a277bb960008" + }, + "name": { + "type": "string", + "description": "This template's name. Has no bearing on generated campaigns' names.", + "example": "Manager Campaign Template" + }, + "description": { + "type": "string", + "description": "This template's description. Has no bearing on generated campaigns' descriptions.", + "example": "Template for the annual manager campaign." + }, + "created": { + "type": "string", + "description": "Creation date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:44:00.364Z" + }, + "modified": { + "type": "string", + "description": "Modification date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:52:09.969Z" + }, + "scheduled": { + "type": "boolean", + "readOnly": true, + "description": "Indicates if this campaign template has been scheduled.", + "example": false, + "default": false + }, + "ownerRef": { + "type": "object", + "readOnly": true, + "description": "The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.", + "properties": { + "id": { + "type": "string", + "description": "Id of the owner", + "example": "2c918086676d3e0601677611dbde220f" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the owner", + "example": "IDENTITY" + }, + "name": { + "type": "string", + "description": "Name of the owner", + "example": "Mister Manager" + }, + "email": { + "type": "string", + "description": "Email of the owner", + "example": "mr.manager@example.com" + } + } + }, + "deadlineDuration": { + "type": "string", + "description": "The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign's deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was \"P2W\" (two weeks), the resulting campaign's deadline would be 2020-01-15 (the current date plus 14 days).", + "example": "P2W" + }, + "campaign": { + "type": "object", + "description": "This will hold campaign related information like name, description etc.", + "title": "Campaign", + "allOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Modified time of the campaign", + "example": "2020-03-03T22:20:12.674Z" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "filter": { + "type": "object", + "description": "Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.", + "properties": { + "id": { + "type": "string", + "description": "The ID of whatever type of filter is being used.", + "example": "0fbe863c063c4c88a35fd7f17e8a3df5" + }, + "type": { + "type": "string", + "description": "Type of the filter", + "enum": [ + "CAMPAIGN_FILTER", + "RULE" + ], + "example": "CAMPAIGN_FILTER" + }, + "name": { + "type": "string", + "description": "Name of the filter", + "example": "Test Filter" + } + } + }, + "sunsetCommentsRequired": { + "type": "boolean", + "description": "Determines if comments on sunset date changes are required.", + "default": true, + "example": true + }, + "sourceOwnerCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SOURCE_OWNER.", + "properties": { + "sourceIds": { + "type": "array", + "description": "The list of sources to be included in the campaign.", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + } + } + }, + "searchCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SEARCH.", + "properties": { + "type": { + "type": "string", + "description": "The type of search campaign represented.", + "enum": [ + "IDENTITY", + "ACCESS" + ], + "example": "ACCESS" + }, + "description": { + "type": "string", + "description": "Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.", + "example": "Search Campaign description" + }, + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "query": { + "type": "string", + "description": "The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set.", + "example": "Search Campaign query description" + }, + "identityIds": { + "type": "array", + "description": "A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.", + "items": { + "type": "string" + }, + "maxItems": 1000, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + }, + "accessConstraints": { + "type": "array", + "description": "Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ], + "description": "Type of Access", + "example": "ENTITLEMENT" + }, + "ids": { + "description": "Must be set only if operator is SELECTED.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "operator": { + "type": "string", + "enum": [ + "ALL", + "SELECTED" + ], + "description": "Used to determine whether the scope of the campaign should be reduced for selected ids or all.", + "example": "SELECTED" + } + }, + "required": [ + "type", + "operator" + ] + }, + "maxItems": 1000 + } + }, + "required": [ + "type" + ] + }, + "roleCompositionCampaignInfo": { + "type": "object", + "description": "Optional configuration options for role composition campaigns.", + "properties": { + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "roleIds": { + "type": "array", + "description": "Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "remediatorRef": { + "type": "object", + "description": "This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Legal Remediator Type", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the remediator.", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "name": { + "type": "string", + "description": "The name of the remediator.", + "readOnly": true, + "example": "Role Admin" + } + }, + "required": [ + "type", + "id" + ] + }, + "query": { + "type": "string", + "description": "Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "example": "Search Query" + }, + "description": { + "type": "string", + "description": "Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.", + "example": "Role Composition Description" + } + }, + "required": [ + "remediatorRef" + ] + }, + "sourcesWithOrphanEntitlements": { + "type": "array", + "description": "A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the source", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "Source with orphan entitlements" + } + } + } + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + ] + } + }, + "required": [ + "name", + "description", + "created", + "modified", + "campaign" + ] + }, + "examples": { + "Manager": { + "description": "This creates a template that can be used to generate manager campaigns. The campaigns will have a due date that is two weeks after their creation date, and will be named \"{current date} Manager Review\" (e.g. \"2020-03-16 Manager Review\").", + "value": { + "name": "Manager Review", + "description": "A review of everyone's access by their manager.", + "deadlineDuration": "P2W", + "campaign": { + "name": "Manager Review", + "description": "Review everyone's access.", + "type": "MANAGER", + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c" + }, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "Search": { + "description": "This creates a template that can be used to generate search access campaigns. The campaigns will cover the \"reporter\" access item for across all identities.", + "value": { + "name": "Reporting Access Review", + "description": "A review of everyone's access to the reporting system.", + "deadlineDuration": "P2W", + "campaign": { + "name": "Search Review", + "description": "Review everyone's access to the reporting system.", + "type": "SEARCH", + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c" + }, + "searchCampaignInfo": { + "type": "ACCESS", + "query": "@access(name: (\"reporter\"))", + "description": "Identities with reporting abilities" + }, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "Source Owner": { + "description": "This creates a template that can be used to generate source owner campaigns. The campaigns will have a due date that is one month after their creation date, and will review one source.", + "value": { + "name": "AD Source Review", + "description": "A review of our AD source.", + "deadlineDuration": "P1M", + "campaign": { + "name": "Source Review", + "description": "Review everyone's access.", + "type": "SOURCE_OWNER", + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c" + }, + "sourceOwnerCampaignInfo": { + "sourceIds": [ + "2c918084707deba501709d45ce4e5569" + ] + }, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "RoleComposition": { + "description": "This creates a template that can be used to generate role composition campaigns. The campaigns will have a due date that is two weeks after their creation date, and will be named \"{current date} Role Composition Review\" (e.g. \"2020-03-16 Role Composition Review\").", + "value": { + "name": "Role Composition Review", + "description": "A review of every role's access items, by the specified reviewer.", + "deadlineDuration": "P2W", + "campaign": { + "name": "Role Composition Review", + "description": "Review all our roles.", + "type": "ROLE_COMPOSITION", + "roleCompositionCampaignInfo": { + "remediatorRef": { + "type": "IDENTITY", + "id": "2c9180876ab2c053016ab6f65dfd5aaa" + } + }, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Created successfully.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Campaign Template", + "properties": { + "id": { + "type": "string", + "description": "Id of the campaign template", + "example": "2c9079b270a266a60170a277bb960008" + }, + "name": { + "type": "string", + "description": "This template's name. Has no bearing on generated campaigns' names.", + "example": "Manager Campaign Template" + }, + "description": { + "type": "string", + "description": "This template's description. Has no bearing on generated campaigns' descriptions.", + "example": "Template for the annual manager campaign." + }, + "created": { + "type": "string", + "description": "Creation date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:44:00.364Z" + }, + "modified": { + "type": "string", + "description": "Modification date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:52:09.969Z" + }, + "scheduled": { + "type": "boolean", + "readOnly": true, + "description": "Indicates if this campaign template has been scheduled.", + "example": false, + "default": false + }, + "ownerRef": { + "type": "object", + "readOnly": true, + "description": "The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.", + "properties": { + "id": { + "type": "string", + "description": "Id of the owner", + "example": "2c918086676d3e0601677611dbde220f" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the owner", + "example": "IDENTITY" + }, + "name": { + "type": "string", + "description": "Name of the owner", + "example": "Mister Manager" + }, + "email": { + "type": "string", + "description": "Email of the owner", + "example": "mr.manager@example.com" + } + } + }, + "deadlineDuration": { + "type": "string", + "description": "The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign's deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was \"P2W\" (two weeks), the resulting campaign's deadline would be 2020-01-15 (the current date plus 14 days).", + "example": "P2W" + }, + "campaign": { + "type": "object", + "description": "This will hold campaign related information like name, description etc.", + "title": "Campaign", + "allOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Modified time of the campaign", + "example": "2020-03-03T22:20:12.674Z" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "filter": { + "type": "object", + "description": "Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.", + "properties": { + "id": { + "type": "string", + "description": "The ID of whatever type of filter is being used.", + "example": "0fbe863c063c4c88a35fd7f17e8a3df5" + }, + "type": { + "type": "string", + "description": "Type of the filter", + "enum": [ + "CAMPAIGN_FILTER", + "RULE" + ], + "example": "CAMPAIGN_FILTER" + }, + "name": { + "type": "string", + "description": "Name of the filter", + "example": "Test Filter" + } + } + }, + "sunsetCommentsRequired": { + "type": "boolean", + "description": "Determines if comments on sunset date changes are required.", + "default": true, + "example": true + }, + "sourceOwnerCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SOURCE_OWNER.", + "properties": { + "sourceIds": { + "type": "array", + "description": "The list of sources to be included in the campaign.", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + } + } + }, + "searchCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SEARCH.", + "properties": { + "type": { + "type": "string", + "description": "The type of search campaign represented.", + "enum": [ + "IDENTITY", + "ACCESS" + ], + "example": "ACCESS" + }, + "description": { + "type": "string", + "description": "Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.", + "example": "Search Campaign description" + }, + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "query": { + "type": "string", + "description": "The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set.", + "example": "Search Campaign query description" + }, + "identityIds": { + "type": "array", + "description": "A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.", + "items": { + "type": "string" + }, + "maxItems": 1000, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + }, + "accessConstraints": { + "type": "array", + "description": "Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ], + "description": "Type of Access", + "example": "ENTITLEMENT" + }, + "ids": { + "description": "Must be set only if operator is SELECTED.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "operator": { + "type": "string", + "enum": [ + "ALL", + "SELECTED" + ], + "description": "Used to determine whether the scope of the campaign should be reduced for selected ids or all.", + "example": "SELECTED" + } + }, + "required": [ + "type", + "operator" + ] + }, + "maxItems": 1000 + } + }, + "required": [ + "type" + ] + }, + "roleCompositionCampaignInfo": { + "type": "object", + "description": "Optional configuration options for role composition campaigns.", + "properties": { + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "roleIds": { + "type": "array", + "description": "Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "remediatorRef": { + "type": "object", + "description": "This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Legal Remediator Type", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the remediator.", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "name": { + "type": "string", + "description": "The name of the remediator.", + "readOnly": true, + "example": "Role Admin" + } + }, + "required": [ + "type", + "id" + ] + }, + "query": { + "type": "string", + "description": "Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "example": "Search Query" + }, + "description": { + "type": "string", + "description": "Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.", + "example": "Role Composition Description" + } + }, + "required": [ + "remediatorRef" + ] + }, + "sourcesWithOrphanEntitlements": { + "type": "array", + "description": "A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the source", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "Source with orphan entitlements" + } + } + } + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + ] + } + }, + "required": [ + "name", + "description", + "created", + "modified", + "campaign" + ] + }, + "examples": { + "Manager": { + "value": { + "id": "e7dbec99d49349c8951bd84f58a05120", + "name": "Manager Review", + "created": "2022-08-02T19:16:42.632Z", + "modified": null, + "description": "A review of everyone's access by their manager.", + "deadlineDuration": "P14D", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Manager Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Manager Review", + "description": "Review everyone's access.", + "deadline": null, + "type": "MANAGER", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "Search": { + "value": { + "id": "b7e6459eed5247ac8b98a5fed81fe27f", + "name": "Reporting Access Review", + "created": "2022-07-28T19:19:40.035Z", + "modified": null, + "description": "A review of everyone's access to the reporting system.", + "deadlineDuration": "P14D", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Search Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": { + "type": "ACCESS", + "description": "Identities with reporting abilities", + "reviewerId": null, + "reviewer": null, + "query": "@access(name: (\"reporter\"))", + "identityIds": null, + "accessConstraints": [] + }, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Search Campaign Review", + "description": "Review everyone's access to the reporting system.", + "deadline": null, + "type": "SEARCH", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "Source Owner": { + "value": { + "id": "b9f41bc69e7a4291b9de0630396d030d", + "name": "AD Source Review", + "created": "2022-08-02T13:40:36.857Z", + "modified": null, + "description": "A review of our AD source.", + "deadlineDuration": "P1M", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Source Owner Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": { + "sourceIds": [ + "2c918084707deba501709d45ce4e5569" + ] + }, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "AD Source Review", + "description": "Review everyone's access.", + "deadline": null, + "type": "SOURCE_OWNER", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "RoleComposition": { + "value": { + "id": "b9f41bc69e7a4291b9de0630396d030d", + "name": "Campaign With Admin Role", + "created": "2022-08-02T13:40:36.857Z", + "modified": null, + "description": "Campaign With Admin Role", + "deadlineDuration": null, + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": null, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": { + "remediatorRef": { + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "reviewerId": null, + "reviewer": null, + "roleIds": [ + "b15d609fc5c8434b865fe552315fda8f" + ], + "query": null, + "description": null + }, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Campaign With Admin Role", + "description": "Campaign With Admin Role", + "deadline": null, + "type": "ROLE_COMPOSITION", + "status": null, + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "getCampaignTemplates", + "tags": [ + "Certification Campaigns" + ], + "summary": "List Campaign Templates", + "description": "Use this API to get a list of all campaign templates. Scope can be reduced through standard V3 query params.\n\nThe API returns all campaign templates matching the query parameters. \n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-template:read", + "idn:campaign-template:manage" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "example": "name" + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, ge, gt, in, le, lt, ne, sw*\n\n**id**: *eq, ge, gt, in, le, lt, ne, sw*", + "example": "name eq \"manager template\"" + } + ], + "responses": { + "200": { + "description": "List of campaign template objects.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Campaign Template", + "properties": { + "id": { + "type": "string", + "description": "Id of the campaign template", + "example": "2c9079b270a266a60170a277bb960008" + }, + "name": { + "type": "string", + "description": "This template's name. Has no bearing on generated campaigns' names.", + "example": "Manager Campaign Template" + }, + "description": { + "type": "string", + "description": "This template's description. Has no bearing on generated campaigns' descriptions.", + "example": "Template for the annual manager campaign." + }, + "created": { + "type": "string", + "description": "Creation date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:44:00.364Z" + }, + "modified": { + "type": "string", + "description": "Modification date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:52:09.969Z" + }, + "scheduled": { + "type": "boolean", + "readOnly": true, + "description": "Indicates if this campaign template has been scheduled.", + "example": false, + "default": false + }, + "ownerRef": { + "type": "object", + "readOnly": true, + "description": "The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.", + "properties": { + "id": { + "type": "string", + "description": "Id of the owner", + "example": "2c918086676d3e0601677611dbde220f" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the owner", + "example": "IDENTITY" + }, + "name": { + "type": "string", + "description": "Name of the owner", + "example": "Mister Manager" + }, + "email": { + "type": "string", + "description": "Email of the owner", + "example": "mr.manager@example.com" + } + } + }, + "deadlineDuration": { + "type": "string", + "description": "The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign's deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was \"P2W\" (two weeks), the resulting campaign's deadline would be 2020-01-15 (the current date plus 14 days).", + "example": "P2W" + }, + "campaign": { + "type": "object", + "description": "This will hold campaign related information like name, description etc.", + "title": "Campaign", + "allOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Modified time of the campaign", + "example": "2020-03-03T22:20:12.674Z" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "filter": { + "type": "object", + "description": "Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.", + "properties": { + "id": { + "type": "string", + "description": "The ID of whatever type of filter is being used.", + "example": "0fbe863c063c4c88a35fd7f17e8a3df5" + }, + "type": { + "type": "string", + "description": "Type of the filter", + "enum": [ + "CAMPAIGN_FILTER", + "RULE" + ], + "example": "CAMPAIGN_FILTER" + }, + "name": { + "type": "string", + "description": "Name of the filter", + "example": "Test Filter" + } + } + }, + "sunsetCommentsRequired": { + "type": "boolean", + "description": "Determines if comments on sunset date changes are required.", + "default": true, + "example": true + }, + "sourceOwnerCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SOURCE_OWNER.", + "properties": { + "sourceIds": { + "type": "array", + "description": "The list of sources to be included in the campaign.", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + } + } + }, + "searchCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SEARCH.", + "properties": { + "type": { + "type": "string", + "description": "The type of search campaign represented.", + "enum": [ + "IDENTITY", + "ACCESS" + ], + "example": "ACCESS" + }, + "description": { + "type": "string", + "description": "Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.", + "example": "Search Campaign description" + }, + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "query": { + "type": "string", + "description": "The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set.", + "example": "Search Campaign query description" + }, + "identityIds": { + "type": "array", + "description": "A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.", + "items": { + "type": "string" + }, + "maxItems": 1000, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + }, + "accessConstraints": { + "type": "array", + "description": "Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ], + "description": "Type of Access", + "example": "ENTITLEMENT" + }, + "ids": { + "description": "Must be set only if operator is SELECTED.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "operator": { + "type": "string", + "enum": [ + "ALL", + "SELECTED" + ], + "description": "Used to determine whether the scope of the campaign should be reduced for selected ids or all.", + "example": "SELECTED" + } + }, + "required": [ + "type", + "operator" + ] + }, + "maxItems": 1000 + } + }, + "required": [ + "type" + ] + }, + "roleCompositionCampaignInfo": { + "type": "object", + "description": "Optional configuration options for role composition campaigns.", + "properties": { + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "roleIds": { + "type": "array", + "description": "Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "remediatorRef": { + "type": "object", + "description": "This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Legal Remediator Type", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the remediator.", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "name": { + "type": "string", + "description": "The name of the remediator.", + "readOnly": true, + "example": "Role Admin" + } + }, + "required": [ + "type", + "id" + ] + }, + "query": { + "type": "string", + "description": "Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "example": "Search Query" + }, + "description": { + "type": "string", + "description": "Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.", + "example": "Role Composition Description" + } + }, + "required": [ + "remediatorRef" + ] + }, + "sourcesWithOrphanEntitlements": { + "type": "array", + "description": "A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the source", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "Source with orphan entitlements" + } + } + } + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + ] + } + }, + "required": [ + "name", + "description", + "created", + "modified", + "campaign" + ] + } + }, + "example": [ + { + "id": "e7dbec99d49349c8951bd84f58a05120", + "name": "Manager Review", + "created": "2022-08-02T19:16:42.632Z", + "modified": null, + "description": "A review of everyone's access by their manager.", + "deadlineDuration": "P14D", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Manager Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Manager Review", + "description": "Review everyone's access.", + "deadline": null, + "type": "MANAGER", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + }, + { + "id": "b7e6459eed5247ac8b98a5fed81fe27f", + "name": "Reporting Access Review", + "created": "2022-07-28T19:19:40.035Z", + "modified": null, + "description": "A review of everyone's access to the reporting system.", + "deadlineDuration": "P14D", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Search Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": { + "type": "ACCESS", + "description": "Identities with reporting abilities", + "reviewerId": null, + "reviewer": null, + "query": "@access(name: (\"reporter\"))", + "identityIds": null, + "accessConstraints": [] + }, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Search Campaign", + "description": "Review everyone's access to the reporting system.", + "deadline": null, + "type": "SEARCH", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + }, + { + "id": "b9f41bc69e7a4291b9de0630396d030d", + "name": "Campaign With Admin Role", + "created": "2022-08-02T13:40:36.857Z", + "modified": null, + "description": "Campaign With Admin Role", + "deadlineDuration": null, + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": null, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": { + "remediatorRef": { + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "reviewerId": null, + "reviewer": null, + "roleIds": [ + "b15d609fc5c8434b865fe552315fda8f" + ], + "query": null, + "description": null + }, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Campaign With Admin Role", + "description": "Campaign With Admin Role", + "deadline": null, + "type": "ROLE_COMPOSITION", + "status": null, + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "mandatoryCommentRequirement": "NO_DECISIONS" + } + }, + { + "id": "b9f41bc69e7a4291b9de0630396d030d", + "name": "AD Source Review", + "created": "2022-08-02T13:40:36.857Z", + "modified": null, + "description": "A review of our AD source.", + "deadlineDuration": "P1M", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Source Owner Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": { + "sourceIds": [ + "2c918084707deba501709d45ce4e5569" + ] + }, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "AD Source Review", + "description": "Review everyone's access.", + "deadline": null, + "type": "SOURCE_OWNER", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaign-templates/{id}": { + "patch": { + "operationId": "patchCampaignTemplate", + "tags": [ + "Certification Campaigns" + ], + "summary": "Update a Campaign Template", + "description": "Use this API to update individual fields on a certification campaign template, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-template:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the campaign template being modified.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "requestBody": { + "required": true, + "description": "A list of campaign update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nThe following fields are patchable:\n* name\n* description\n* deadlineDuration\n* campaign (all fields that are allowed during create)\n", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/description", + "value": "Updated description!" + }, + { + "op": "replace", + "path": "/campaign/filter/id", + "value": "ff80818155fe8c080155fe8d925b0316" + } + ] + } + } + }, + "responses": { + "200": { + "description": "This response indicates that the PATCH operation succeeded, and the API returns the template's new representation.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Campaign Template", + "properties": { + "id": { + "type": "string", + "description": "Id of the campaign template", + "example": "2c9079b270a266a60170a277bb960008" + }, + "name": { + "type": "string", + "description": "This template's name. Has no bearing on generated campaigns' names.", + "example": "Manager Campaign Template" + }, + "description": { + "type": "string", + "description": "This template's description. Has no bearing on generated campaigns' descriptions.", + "example": "Template for the annual manager campaign." + }, + "created": { + "type": "string", + "description": "Creation date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:44:00.364Z" + }, + "modified": { + "type": "string", + "description": "Modification date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:52:09.969Z" + }, + "scheduled": { + "type": "boolean", + "readOnly": true, + "description": "Indicates if this campaign template has been scheduled.", + "example": false, + "default": false + }, + "ownerRef": { + "type": "object", + "readOnly": true, + "description": "The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.", + "properties": { + "id": { + "type": "string", + "description": "Id of the owner", + "example": "2c918086676d3e0601677611dbde220f" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the owner", + "example": "IDENTITY" + }, + "name": { + "type": "string", + "description": "Name of the owner", + "example": "Mister Manager" + }, + "email": { + "type": "string", + "description": "Email of the owner", + "example": "mr.manager@example.com" + } + } + }, + "deadlineDuration": { + "type": "string", + "description": "The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign's deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was \"P2W\" (two weeks), the resulting campaign's deadline would be 2020-01-15 (the current date plus 14 days).", + "example": "P2W" + }, + "campaign": { + "type": "object", + "description": "This will hold campaign related information like name, description etc.", + "title": "Campaign", + "allOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Modified time of the campaign", + "example": "2020-03-03T22:20:12.674Z" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "filter": { + "type": "object", + "description": "Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.", + "properties": { + "id": { + "type": "string", + "description": "The ID of whatever type of filter is being used.", + "example": "0fbe863c063c4c88a35fd7f17e8a3df5" + }, + "type": { + "type": "string", + "description": "Type of the filter", + "enum": [ + "CAMPAIGN_FILTER", + "RULE" + ], + "example": "CAMPAIGN_FILTER" + }, + "name": { + "type": "string", + "description": "Name of the filter", + "example": "Test Filter" + } + } + }, + "sunsetCommentsRequired": { + "type": "boolean", + "description": "Determines if comments on sunset date changes are required.", + "default": true, + "example": true + }, + "sourceOwnerCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SOURCE_OWNER.", + "properties": { + "sourceIds": { + "type": "array", + "description": "The list of sources to be included in the campaign.", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + } + } + }, + "searchCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SEARCH.", + "properties": { + "type": { + "type": "string", + "description": "The type of search campaign represented.", + "enum": [ + "IDENTITY", + "ACCESS" + ], + "example": "ACCESS" + }, + "description": { + "type": "string", + "description": "Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.", + "example": "Search Campaign description" + }, + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "query": { + "type": "string", + "description": "The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set.", + "example": "Search Campaign query description" + }, + "identityIds": { + "type": "array", + "description": "A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.", + "items": { + "type": "string" + }, + "maxItems": 1000, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + }, + "accessConstraints": { + "type": "array", + "description": "Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ], + "description": "Type of Access", + "example": "ENTITLEMENT" + }, + "ids": { + "description": "Must be set only if operator is SELECTED.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "operator": { + "type": "string", + "enum": [ + "ALL", + "SELECTED" + ], + "description": "Used to determine whether the scope of the campaign should be reduced for selected ids or all.", + "example": "SELECTED" + } + }, + "required": [ + "type", + "operator" + ] + }, + "maxItems": 1000 + } + }, + "required": [ + "type" + ] + }, + "roleCompositionCampaignInfo": { + "type": "object", + "description": "Optional configuration options for role composition campaigns.", + "properties": { + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "roleIds": { + "type": "array", + "description": "Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "remediatorRef": { + "type": "object", + "description": "This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Legal Remediator Type", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the remediator.", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "name": { + "type": "string", + "description": "The name of the remediator.", + "readOnly": true, + "example": "Role Admin" + } + }, + "required": [ + "type", + "id" + ] + }, + "query": { + "type": "string", + "description": "Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "example": "Search Query" + }, + "description": { + "type": "string", + "description": "Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.", + "example": "Role Composition Description" + } + }, + "required": [ + "remediatorRef" + ] + }, + "sourcesWithOrphanEntitlements": { + "type": "array", + "description": "A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the source", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "Source with orphan entitlements" + } + } + } + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + ] + } + }, + "required": [ + "name", + "description", + "created", + "modified", + "campaign" + ] + }, + "examples": { + "Manager": { + "value": { + "id": "e7dbec99d49349c8951bd84f58a05120", + "name": "Manager Review", + "created": "2022-08-02T19:16:42.632Z", + "modified": null, + "description": "A review of everyone's access by their manager.", + "deadlineDuration": "P14D", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Manager Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Manager Review", + "description": "Review everyone's access.", + "deadline": null, + "type": "MANAGER", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "Search": { + "value": { + "id": "b7e6459eed5247ac8b98a5fed81fe27f", + "name": "Reporting Access Review", + "created": "2022-07-28T19:19:40.035Z", + "modified": null, + "description": "A review of everyone's access to the reporting system.", + "deadlineDuration": "P14D", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Search Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": { + "type": "ACCESS", + "description": "Identities with reporting abilities", + "reviewerId": null, + "reviewer": null, + "query": "@access(name: (\"reporter\"))", + "identityIds": null, + "accessConstraints": [] + }, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Search Campaign Review", + "description": "Review everyone's access to the reporting system.", + "deadline": null, + "type": "SEARCH", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "Source Owner": { + "value": { + "id": "b9f41bc69e7a4291b9de0630396d030d", + "name": "AD Source Review", + "created": "2022-08-02T13:40:36.857Z", + "modified": null, + "description": "A review of our AD source.", + "deadlineDuration": "P1M", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Source Owner Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": { + "sourceIds": [ + "2c918084707deba501709d45ce4e5569" + ] + }, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "AD Source Review", + "description": "Review everyone's access.", + "deadline": null, + "type": "SOURCE_OWNER", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "RoleComposition": { + "value": { + "id": "b9f41bc69e7a4291b9de0630396d030d", + "name": "Campaign With Admin Role", + "created": "2022-08-02T13:40:36.857Z", + "modified": null, + "description": "Campaign With Admin Role", + "deadlineDuration": null, + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": null, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": { + "remediatorRef": { + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "reviewerId": null, + "reviewer": null, + "roleIds": [ + "b15d609fc5c8434b865fe552315fda8f" + ], + "query": null, + "description": null + }, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Campaign With Admin Role", + "description": "Campaign With Admin Role", + "deadline": null, + "type": "ROLE_COMPOSITION", + "status": null, + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "getCampaignTemplate", + "tags": [ + "Certification Campaigns" + ], + "summary": "Get a Campaign Template", + "description": "Use this API to fetch a certification campaign template by ID.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-template:read", + "idn:campaign-template:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Requested campaign template's ID.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "200": { + "description": "Data for the campaign matching the given ID.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Campaign Template", + "properties": { + "id": { + "type": "string", + "description": "Id of the campaign template", + "example": "2c9079b270a266a60170a277bb960008" + }, + "name": { + "type": "string", + "description": "This template's name. Has no bearing on generated campaigns' names.", + "example": "Manager Campaign Template" + }, + "description": { + "type": "string", + "description": "This template's description. Has no bearing on generated campaigns' descriptions.", + "example": "Template for the annual manager campaign." + }, + "created": { + "type": "string", + "description": "Creation date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:44:00.364Z" + }, + "modified": { + "type": "string", + "description": "Modification date of Campaign Template", + "readOnly": true, + "format": "date-time", + "example": "2020-03-05T22:52:09.969Z" + }, + "scheduled": { + "type": "boolean", + "readOnly": true, + "description": "Indicates if this campaign template has been scheduled.", + "example": false, + "default": false + }, + "ownerRef": { + "type": "object", + "readOnly": true, + "description": "The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.", + "properties": { + "id": { + "type": "string", + "description": "Id of the owner", + "example": "2c918086676d3e0601677611dbde220f" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the owner", + "example": "IDENTITY" + }, + "name": { + "type": "string", + "description": "Name of the owner", + "example": "Mister Manager" + }, + "email": { + "type": "string", + "description": "Email of the owner", + "example": "mr.manager@example.com" + } + } + }, + "deadlineDuration": { + "type": "string", + "description": "The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign's deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was \"P2W\" (two weeks), the resulting campaign's deadline would be 2020-01-15 (the current date plus 14 days).", + "example": "P2W" + }, + "campaign": { + "type": "object", + "description": "This will hold campaign related information like name, description etc.", + "title": "Campaign", + "allOf": [ + { + "type": "object", + "title": "Slim Campaign", + "required": [ + "name", + "description", + "type" + ], + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Id of the campaign", + "example": "2c9079b270a266a60170a2779fcb0007" + }, + "name": { + "description": "The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "type": "string", + "example": "Manager Campaign" + }, + "description": { + "type": "string", + "description": "The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.", + "example": "Everyone needs to be reviewed by their manager" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.", + "example": "2020-03-15T10:00:01.456Z" + }, + "type": { + "type": "string", + "description": "The type of campaign. Could be extended in the future.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "emailNotificationEnabled": { + "type": "boolean", + "description": "Enables email notification for this campaign", + "default": false, + "example": false + }, + "autoRevokeAllowed": { + "type": "boolean", + "description": "Allows auto revoke for this campaign", + "default": false, + "example": false + }, + "recommendationsEnabled": { + "type": "boolean", + "description": "Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "description": "The campaign's current status.", + "readOnly": true, + "enum": [ + "PENDING", + "STAGED", + "CANCELING", + "ACTIVATING", + "ACTIVE", + "COMPLETING", + "COMPLETED", + "ERROR", + "ARCHIVED" + ], + "example": "ACTIVE" + }, + "correlatedStatus": { + "type": "string", + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "created": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Created time of the campaign", + "example": "2020-03-03T22:15:13.611Z" + }, + "totalCertifications": { + "type": "integer", + "format": "int32", + "description": "The total number of certifications in this campaign.", + "readOnly": true, + "example": 100 + }, + "completedCertifications": { + "type": "integer", + "format": "int32", + "description": "The number of completed certifications in this campaign.", + "readOnly": true, + "example": 10 + }, + "alerts": { + "type": "array", + "description": "A list of errors and warnings that have accumulated.", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": [ + "ERROR", + "WARN", + "INFO" + ], + "description": "Denotes the level of the message", + "example": "ERROR" + }, + "localizations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "Modified time of the campaign", + "example": "2020-03-03T22:20:12.674Z" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "filter": { + "type": "object", + "description": "Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.", + "properties": { + "id": { + "type": "string", + "description": "The ID of whatever type of filter is being used.", + "example": "0fbe863c063c4c88a35fd7f17e8a3df5" + }, + "type": { + "type": "string", + "description": "Type of the filter", + "enum": [ + "CAMPAIGN_FILTER", + "RULE" + ], + "example": "CAMPAIGN_FILTER" + }, + "name": { + "type": "string", + "description": "Name of the filter", + "example": "Test Filter" + } + } + }, + "sunsetCommentsRequired": { + "type": "boolean", + "description": "Determines if comments on sunset date changes are required.", + "default": true, + "example": true + }, + "sourceOwnerCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SOURCE_OWNER.", + "properties": { + "sourceIds": { + "type": "array", + "description": "The list of sources to be included in the campaign.", + "items": { + "type": "string" + }, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + } + } + }, + "searchCampaignInfo": { + "type": "object", + "description": "Must be set only if the campaign type is SEARCH.", + "properties": { + "type": { + "type": "string", + "description": "The type of search campaign represented.", + "enum": [ + "IDENTITY", + "ACCESS" + ], + "example": "ACCESS" + }, + "description": { + "type": "string", + "description": "Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.", + "example": "Search Campaign description" + }, + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "query": { + "type": "string", + "description": "The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set.", + "example": "Search Campaign query description" + }, + "identityIds": { + "type": "array", + "description": "A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.", + "items": { + "type": "string" + }, + "maxItems": 1000, + "example": [ + "0fbe863c063c4c88a35fd7f17e8a3df5" + ] + }, + "accessConstraints": { + "type": "array", + "description": "Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access.", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ], + "description": "Type of Access", + "example": "ENTITLEMENT" + }, + "ids": { + "description": "Must be set only if operator is SELECTED.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "operator": { + "type": "string", + "enum": [ + "ALL", + "SELECTED" + ], + "description": "Used to determine whether the scope of the campaign should be reduced for selected ids or all.", + "example": "SELECTED" + } + }, + "required": [ + "type", + "operator" + ] + }, + "maxItems": 1000 + } + }, + "required": [ + "type" + ] + }, + "roleCompositionCampaignInfo": { + "type": "object", + "description": "Optional configuration options for role composition campaigns.", + "properties": { + "reviewer": { + "type": "object", + "description": "If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.", + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The reviewer's name.", + "example": "William Wilson" + } + } + }, + "roleIds": { + "type": "array", + "description": "Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "remediatorRef": { + "type": "object", + "description": "This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Legal Remediator Type", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the remediator.", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "name": { + "type": "string", + "description": "The name of the remediator.", + "readOnly": true, + "example": "Role Admin" + } + }, + "required": [ + "type", + "id" + ] + }, + "query": { + "type": "string", + "description": "Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.", + "example": "Search Query" + }, + "description": { + "type": "string", + "description": "Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.", + "example": "Role Composition Description" + } + }, + "required": [ + "remediatorRef" + ] + }, + "sourcesWithOrphanEntitlements": { + "type": "array", + "description": "A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).", + "readOnly": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the source", + "example": "2c90ad2a70ace7d50170acf22ca90010" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "Source with orphan entitlements" + } + } + } + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + ] + } + }, + "required": [ + "name", + "description", + "created", + "modified", + "campaign" + ] + }, + "examples": { + "Manager": { + "value": { + "id": "e7dbec99d49349c8951bd84f58a05120", + "name": "Manager Review", + "created": "2022-08-02T19:16:42.632Z", + "modified": null, + "description": "A review of everyone's access by their manager.", + "deadlineDuration": "P14D", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Manager Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Manager Review", + "description": "Review everyone's access.", + "deadline": null, + "type": "MANAGER", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "Search": { + "value": { + "id": "b7e6459eed5247ac8b98a5fed81fe27f", + "name": "Reporting Access Review", + "created": "2022-07-28T19:19:40.035Z", + "modified": null, + "description": "A review of everyone's access to the reporting system.", + "deadlineDuration": "P14D", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Search Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": { + "type": "ACCESS", + "description": "Identities with reporting abilities", + "reviewerId": null, + "reviewer": null, + "query": "@access(name: (\"reporter\"))", + "identityIds": null, + "accessConstraints": [] + }, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Search Campaign Review", + "description": "Review everyone's access to the reporting system.", + "deadline": null, + "type": "SEARCH", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "Source Owner": { + "value": { + "id": "b9f41bc69e7a4291b9de0630396d030d", + "name": "AD Source Review", + "created": "2022-08-02T13:40:36.857Z", + "modified": null, + "description": "A review of our AD source.", + "deadlineDuration": "P1M", + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": { + "type": "CAMPAIGN_FILTER", + "id": "e0adaae69852e8fe8b8a3d48e5ce757c", + "name": "Test Source Owner Filter" + }, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": { + "sourceIds": [ + "2c918084707deba501709d45ce4e5569" + ] + }, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": null, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "AD Source Review", + "description": "Review everyone's access.", + "deadline": null, + "type": "SOURCE_OWNER", + "status": null, + "emailNotificationEnabled": true, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + }, + "RoleComposition": { + "value": { + "id": "b9f41bc69e7a4291b9de0630396d030d", + "name": "Campaign With Admin Role", + "created": "2022-08-02T13:40:36.857Z", + "modified": null, + "description": "Campaign With Admin Role", + "deadlineDuration": null, + "ownerRef": { + "email": "support@testmail.identitysoon.com", + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "scheduled": false, + "campaign": { + "created": null, + "modified": null, + "filter": null, + "sunsetCommentsRequired": true, + "sourceOwnerCampaignInfo": null, + "searchCampaignInfo": null, + "roleCompositionCampaignInfo": { + "remediatorRef": { + "type": "IDENTITY", + "id": "7ec252acbd4245548bc25df22348cb75", + "name": "SailPoint Support" + }, + "reviewerId": null, + "reviewer": null, + "roleIds": [ + "b15d609fc5c8434b865fe552315fda8f" + ], + "query": null, + "description": null + }, + "alerts": null, + "totalCertifications": null, + "completedCertifications": null, + "sourcesWithOrphanEntitlements": null, + "id": null, + "name": "Campaign With Admin Role", + "description": "Campaign With Admin Role", + "deadline": null, + "type": "ROLE_COMPOSITION", + "status": null, + "emailNotificationEnabled": false, + "autoRevokeAllowed": false, + "recommendationsEnabled": false, + "correlatedStatus": "CORRELATED", + "mandatoryCommentRequirement": "NO_DECISIONS" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteCampaignTemplate", + "tags": [ + "Certification Campaigns" + ], + "summary": "Delete a Campaign Template", + "description": "Use this API to delete a certification campaign template by ID.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-template:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the campaign template being deleted.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "204": { + "description": "The campaign template was successfully deleted." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaign-templates/{id}/schedule": { + "get": { + "operationId": "getCampaignTemplateSchedule", + "tags": [ + "Certification Campaigns" + ], + "summary": "Get Campaign Template Schedule", + "description": "Use this API to get the schedule for a certification campaign template. The API returns a 404 if there is no schedule set.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the campaign template whose schedule is being fetched.", + "example": "04bedce387bd47b2ae1f86eb0bb36dee" + } + ], + "responses": { + "200": { + "description": "Current schedule for the campaign template. See the [Set Campaign Template Schedule endpoint documentation](https://developer.sailpoint.com/docs/api/v3/set-campaign-template-schedule) for more examples.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Determines the overall schedule cadence. In general, all time period fields smaller than the chosen type can be configured. For example, a DAILY schedule can have 'hours' set, but not 'days'; a WEEKLY schedule can have both 'hours' and 'days' set.", + "enum": [ + "WEEKLY", + "MONTHLY", + "ANNUALLY", + "CALENDAR" + ], + "example": "WEEKLY" + }, + "months": { + "type": "object", + "description": "Specifies which months of a schedule are active. Only valid for ANNUALLY schedule types. Examples:\n\nOn February and March:\n* type LIST\n* values \"2\", \"3\"\n\nEvery 3 months, starting in January (quarterly):\n* type LIST\n* values \"1\"\n* interval 3\n\nEvery two months between July and December:\n* type RANGE\n* values \"7\", \"12\"\n* interval 2\n", + "properties": { + "type": { + "type": "string", + "description": "Enum type to specify months value", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "type": "array", + "description": "Values of the months based on the enum type mentioned above", + "items": { + "type": "string" + }, + "example": [ + "1" + ] + }, + "interval": { + "type": "integer", + "example": 2, + "format": "int64", + "description": "Interval between the cert generations" + } + }, + "required": [ + "type", + "values" + ] + }, + "days": { + "type": "object", + "description": "Specifies which day(s) a schedule is active for. This is required for all schedule types.\nThe \"values\" field holds different data depending on the type of schedule:\n* WEEKLY: days of the week (1-7)\n* MONTHLY: days of the month (1-31, L, L-1...)\n* ANNUALLY: if the \"months\" field is also set: days of the month (1-31, L, L-1...); otherwise: ISO-8601 dates without year (\"--12-31\")\n* CALENDAR: ISO-8601 dates (\"2020-12-31\")\n\nNote that CALENDAR only supports the LIST type, and ANNUALLY does not support the RANGE type when provided\nwith ISO-8601 dates without year.\n\nExamples:\n\nOn Sundays:\n* type LIST\n* values \"1\"\n\nThe second to last day of the month:\n* type LIST\n* values \"L-1\"\n\nFrom the 20th to the last day of the month:\n* type RANGE\n* values \"20\", \"L\"\n\nEvery March 2nd:\n* type LIST\n* values \"--03-02\"\n\nOn March 2nd, 2021:\n* type: LIST\n* values \"2021-03-02\"\n", + "properties": { + "type": { + "type": "string", + "description": "Enum type to specify days value", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "type": "array", + "description": "Values of the days based on the enum type mentioned above", + "items": { + "type": "string" + }, + "example": [ + "1" + ] + }, + "interval": { + "type": "integer", + "example": 2, + "format": "int64", + "description": "Interval between the cert generations" + } + }, + "required": [ + "type", + "values" + ] + }, + "hours": { + "type": "object", + "description": "Specifies which hour(s) a schedule is active for. Examples:\n\nEvery three hours starting from 8AM, inclusive:\n* type LIST\n* values \"8\"\n* interval 3\n\nDuring business hours:\n* type RANGE\n* values \"9\", \"5\"\n\nAt 5AM, noon, and 5PM:\n* type LIST\n* values \"5\", \"12\", \"17\"\n", + "properties": { + "type": { + "type": "string", + "description": "Enum type to specify hours value", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "type": "array", + "description": "Values of the days based on the enum type mentioned above", + "items": { + "type": "string" + }, + "example": [ + "1" + ] + }, + "interval": { + "type": "integer", + "format": "int64", + "example": 2, + "description": "Interval between the cert generations" + } + }, + "required": [ + "type", + "values" + ] + }, + "expiration": { + "type": "string", + "format": "date-time", + "description": "Specifies the time after which this schedule will no longer occur.", + "example": "2022-09-19 13:55:26" + }, + "timeZoneId": { + "type": "string", + "description": "The time zone to use when running the schedule. For instance, if the schedule is scheduled to run at 1AM, and this field is set to \"CST\", the schedule will run at 1AM CST.", + "example": "CST" + } + }, + "required": [ + "type", + "hours" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "setCampaignTemplateSchedule", + "tags": [ + "Certification Campaigns" + ], + "summary": "Set Campaign Template Schedule", + "description": "Use this API to set the schedule for a certification campaign template. If a schedule already exists, the API overwrites it with the new one.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the campaign template being scheduled.", + "example": "04bedce387bd47b2ae1f86eb0bb36dee" + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Determines the overall schedule cadence. In general, all time period fields smaller than the chosen type can be configured. For example, a DAILY schedule can have 'hours' set, but not 'days'; a WEEKLY schedule can have both 'hours' and 'days' set.", + "enum": [ + "WEEKLY", + "MONTHLY", + "ANNUALLY", + "CALENDAR" + ], + "example": "WEEKLY" + }, + "months": { + "type": "object", + "description": "Specifies which months of a schedule are active. Only valid for ANNUALLY schedule types. Examples:\n\nOn February and March:\n* type LIST\n* values \"2\", \"3\"\n\nEvery 3 months, starting in January (quarterly):\n* type LIST\n* values \"1\"\n* interval 3\n\nEvery two months between July and December:\n* type RANGE\n* values \"7\", \"12\"\n* interval 2\n", + "properties": { + "type": { + "type": "string", + "description": "Enum type to specify months value", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "type": "array", + "description": "Values of the months based on the enum type mentioned above", + "items": { + "type": "string" + }, + "example": [ + "1" + ] + }, + "interval": { + "type": "integer", + "example": 2, + "format": "int64", + "description": "Interval between the cert generations" + } + }, + "required": [ + "type", + "values" + ] + }, + "days": { + "type": "object", + "description": "Specifies which day(s) a schedule is active for. This is required for all schedule types.\nThe \"values\" field holds different data depending on the type of schedule:\n* WEEKLY: days of the week (1-7)\n* MONTHLY: days of the month (1-31, L, L-1...)\n* ANNUALLY: if the \"months\" field is also set: days of the month (1-31, L, L-1...); otherwise: ISO-8601 dates without year (\"--12-31\")\n* CALENDAR: ISO-8601 dates (\"2020-12-31\")\n\nNote that CALENDAR only supports the LIST type, and ANNUALLY does not support the RANGE type when provided\nwith ISO-8601 dates without year.\n\nExamples:\n\nOn Sundays:\n* type LIST\n* values \"1\"\n\nThe second to last day of the month:\n* type LIST\n* values \"L-1\"\n\nFrom the 20th to the last day of the month:\n* type RANGE\n* values \"20\", \"L\"\n\nEvery March 2nd:\n* type LIST\n* values \"--03-02\"\n\nOn March 2nd, 2021:\n* type: LIST\n* values \"2021-03-02\"\n", + "properties": { + "type": { + "type": "string", + "description": "Enum type to specify days value", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "type": "array", + "description": "Values of the days based on the enum type mentioned above", + "items": { + "type": "string" + }, + "example": [ + "1" + ] + }, + "interval": { + "type": "integer", + "example": 2, + "format": "int64", + "description": "Interval between the cert generations" + } + }, + "required": [ + "type", + "values" + ] + }, + "hours": { + "type": "object", + "description": "Specifies which hour(s) a schedule is active for. Examples:\n\nEvery three hours starting from 8AM, inclusive:\n* type LIST\n* values \"8\"\n* interval 3\n\nDuring business hours:\n* type RANGE\n* values \"9\", \"5\"\n\nAt 5AM, noon, and 5PM:\n* type LIST\n* values \"5\", \"12\", \"17\"\n", + "properties": { + "type": { + "type": "string", + "description": "Enum type to specify hours value", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "type": "array", + "description": "Values of the days based on the enum type mentioned above", + "items": { + "type": "string" + }, + "example": [ + "1" + ] + }, + "interval": { + "type": "integer", + "format": "int64", + "example": 2, + "description": "Interval between the cert generations" + } + }, + "required": [ + "type", + "values" + ] + }, + "expiration": { + "type": "string", + "format": "date-time", + "description": "Specifies the time after which this schedule will no longer occur.", + "example": "2022-09-19 13:55:26" + }, + "timeZoneId": { + "type": "string", + "description": "The time zone to use when running the schedule. For instance, if the schedule is scheduled to run at 1AM, and this field is set to \"CST\", the schedule will run at 1AM CST.", + "example": "CST" + } + }, + "required": [ + "type", + "hours" + ] + }, + "examples": { + "Monthly": { + "description": "Runs on the 15th and last day of the month, at 5PM.", + "value": { + "type": "MONTHLY", + "hours": { + "type": "LIST", + "values": [ + "17" + ] + }, + "days": { + "type": "LIST", + "values": [ + "15" + ] + } + } + }, + "Once a year": { + "description": "Runs every January 1st at midnight.", + "value": { + "type": "ANNUALLY", + "hours": { + "type": "LIST", + "values": [ + "0" + ] + }, + "days": { + "type": "LIST", + "values": [ + "--01-01" + ] + } + } + }, + "Quarterly": { + "description": "Runs once a quarter (every 3 months) on the first of the month at 1AM.", + "value": { + "type": "ANNUALLY", + "hours": { + "type": "LIST", + "values": [ + "1" + ] + }, + "days": { + "type": "LIST", + "values": [ + "1" + ] + }, + "months": { + "type": "LIST", + "values": [ + "1" + ], + "interval": 3 + } + } + }, + "Yearly on Specific Days": { + "description": "Runs on March 12 and December 5 at 1AM, every year.", + "value": { + "type": "ANNUALLY", + "hours": { + "type": "LIST", + "values": [ + "1" + ] + }, + "days": { + "type": "LIST", + "values": [ + "--03-12", + "--12-05" + ] + } + } + }, + "On a Specific Date": { + "description": "Runs at 1AM on February 18th, 2020", + "value": { + "type": "CALENDAR", + "hours": { + "type": "LIST", + "values": [ + "1" + ] + }, + "days": { + "type": "LIST", + "values": [ + "2020-02-18" + ] + } + } + } + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteCampaignTemplateSchedule", + "tags": [ + "Certification Campaigns" + ], + "summary": "Delete Campaign Template Schedule", + "description": "Use this API to delete the schedule for a certification campaign template. The API returns a 404 if there is no schedule set.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the campaign template whose schedule is being deleted.", + "example": "04bedce387bd47b2ae1f86eb0bb36dee" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/campaign-templates/{id}/generate": { + "post": { + "operationId": "startGenerateCampaignTemplate", + "tags": [ + "Certification Campaigns" + ], + "summary": "Generate a Campaign from Template", + "security": [ + { + "UserContextAuth": [ + "idn:campaign-template:manage" + ] + } + ], + "description": "Use this API to generate a new certification campaign from a campaign template.\n\nThe campaign object contained in the template has special formatting applied to its name and description\nfields that determine the generated campaign's name/description. Placeholders in those fields are\nformatted with the current date and time upon generation.\n\nPlaceholders consist of a percent sign followed by a letter indicating what should be inserted. For\nexample, \"%Y\" inserts the current year, and a campaign template named \"Campaign for %y\" generates a\ncampaign called \"Campaign for 2020\" (assuming the year at generation time is 2020).\n\nValid placeholders are the date/time conversion suffix characters supported by [java.util.Formatter](https://docs.oracle.com/javase/8/docs/api/java/util/Formatter.html).\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the campaign template to use for generation.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "200": { + "description": "This response indicates that a campaign was successfully generated from this template, and the API returns a reference to the new campaign.", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "id", + "name", + "type", + "campaignType", + "description", + "correlatedStatus", + "mandatoryCommentRequirement" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the campaign.", + "example": "Campaign Name" + }, + "type": { + "type": "string", + "enum": [ + "CAMPAIGN" + ], + "description": "The type of object that is being referenced.", + "example": "CAMPAIGN" + }, + "campaignType": { + "type": "string", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH" + ], + "description": "The type of the campaign.", + "example": "MANAGER" + }, + "description": { + "type": "string", + "description": "The description of the campaign set by the admin who created it.", + "nullable": true, + "example": "A description of the campaign" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications": { + "get": { + "operationId": "listIdentityCertifications", + "tags": [ + "Certifications" + ], + "summary": "List Identity Campaign Certifications", + "description": "Use this API to get a list of identity campaign certifications for the specified query parameters. Any authenticated token can call this API, but only certifications you are authorized to review will be returned. This API does not support requests for certifications assigned to governance groups.", + "parameters": [ + { + "in": "query", + "name": "reviewer-identity", + "schema": { + "type": "string" + }, + "example": "me", + "description": "Reviewer's identity. *me* indicates the current user.", + "required": false + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "example": "id eq \"ef38f94347e94562b5bb8424a56397d8\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**campaign.id**: *eq, in*\n\n**phase**: *eq*\n\n**completed**: *eq, ne*" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "name,due", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, due, signed**" + } + ], + "responses": { + "200": { + "description": "List of identity campaign certifications.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "example": "2c9180835d2e5168015d32f890ca1581", + "type": "string", + "description": "id of the certification" + }, + "name": { + "example": "Source Owner Access Review for Employees [source]", + "type": "string", + "description": "name of the certification" + }, + "campaign": { + "type": "object", + "required": [ + "id", + "name", + "type", + "campaignType", + "description", + "correlatedStatus", + "mandatoryCommentRequirement" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the campaign.", + "example": "Campaign Name" + }, + "type": { + "type": "string", + "enum": [ + "CAMPAIGN" + ], + "description": "The type of object that is being referenced.", + "example": "CAMPAIGN" + }, + "campaignType": { + "type": "string", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH" + ], + "description": "The type of the campaign.", + "example": "MANAGER" + }, + "description": { + "type": "string", + "description": "The description of the campaign set by the admin who created it.", + "nullable": true, + "example": "A description of the campaign" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + }, + "completed": { + "type": "boolean", + "description": "Have all decisions been made?", + "example": true + }, + "identitiesCompleted": { + "type": "integer", + "description": "The number of identities for whom all decisions have been made and are complete.", + "example": 5, + "format": "int32" + }, + "identitiesTotal": { + "type": "integer", + "description": "The total number of identities in the Certification, both complete and incomplete.", + "example": 10, + "format": "int32" + }, + "created": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "created date" + }, + "modified": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "modified date" + }, + "decisionsMade": { + "type": "integer", + "description": "The number of approve/revoke/acknowledge decisions that have been made.", + "example": 20, + "format": "int32" + }, + "decisionsTotal": { + "type": "integer", + "description": "The total number of approve/revoke/acknowledge decisions.", + "example": 40, + "format": "int32" + }, + "due": { + "type": "string", + "format": "date-time", + "description": "The due date of the certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "signed": { + "type": "string", + "format": "date-time", + "nullable": true, + "description": "The date the reviewer signed off on the Certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + }, + "reassignment": { + "type": "object", + "nullable": true, + "properties": { + "from": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the certification.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the certification.", + "example": "Certification Name" + }, + "type": { + "type": "string", + "enum": [ + "CERTIFICATION" + ], + "example": "CERTIFICATION" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + } + } + }, + "comment": { + "type": "string", + "description": "The comment entered when the Certification was reassigned", + "example": "Reassigned for a reason" + } + } + }, + "hasErrors": { + "description": "Identifies if the certification has an error", + "type": "boolean", + "example": false + }, + "errorMessage": { + "description": "Description of the certification error", + "nullable": true, + "type": "string", + "example": "The certification has an error" + }, + "phase": { + "type": "string", + "description": "The current phase of the campaign.\n* `STAGED`: The campaign is waiting to be activated.\n* `ACTIVE`: The campaign is active.\n* `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete.\n", + "enum": [ + "STAGED", + "ACTIVE", + "SIGNED" + ], + "example": "ACTIVE" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}": { + "get": { + "operationId": "getIdentityCertification", + "tags": [ + "Certifications" + ], + "summary": "Identity Certification by ID", + "description": "This API returns a single identity campaign certification by its ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The certification id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "An identity campaign certification object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "example": "2c9180835d2e5168015d32f890ca1581", + "type": "string", + "description": "id of the certification" + }, + "name": { + "example": "Source Owner Access Review for Employees [source]", + "type": "string", + "description": "name of the certification" + }, + "campaign": { + "type": "object", + "required": [ + "id", + "name", + "type", + "campaignType", + "description", + "correlatedStatus", + "mandatoryCommentRequirement" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the campaign.", + "example": "Campaign Name" + }, + "type": { + "type": "string", + "enum": [ + "CAMPAIGN" + ], + "description": "The type of object that is being referenced.", + "example": "CAMPAIGN" + }, + "campaignType": { + "type": "string", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH" + ], + "description": "The type of the campaign.", + "example": "MANAGER" + }, + "description": { + "type": "string", + "description": "The description of the campaign set by the admin who created it.", + "nullable": true, + "example": "A description of the campaign" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + }, + "completed": { + "type": "boolean", + "description": "Have all decisions been made?", + "example": true + }, + "identitiesCompleted": { + "type": "integer", + "description": "The number of identities for whom all decisions have been made and are complete.", + "example": 5, + "format": "int32" + }, + "identitiesTotal": { + "type": "integer", + "description": "The total number of identities in the Certification, both complete and incomplete.", + "example": 10, + "format": "int32" + }, + "created": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "created date" + }, + "modified": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "modified date" + }, + "decisionsMade": { + "type": "integer", + "description": "The number of approve/revoke/acknowledge decisions that have been made.", + "example": 20, + "format": "int32" + }, + "decisionsTotal": { + "type": "integer", + "description": "The total number of approve/revoke/acknowledge decisions.", + "example": 40, + "format": "int32" + }, + "due": { + "type": "string", + "format": "date-time", + "description": "The due date of the certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "signed": { + "type": "string", + "format": "date-time", + "nullable": true, + "description": "The date the reviewer signed off on the Certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + }, + "reassignment": { + "type": "object", + "nullable": true, + "properties": { + "from": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the certification.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the certification.", + "example": "Certification Name" + }, + "type": { + "type": "string", + "enum": [ + "CERTIFICATION" + ], + "example": "CERTIFICATION" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + } + } + }, + "comment": { + "type": "string", + "description": "The comment entered when the Certification was reassigned", + "example": "Reassigned for a reason" + } + } + }, + "hasErrors": { + "description": "Identifies if the certification has an error", + "type": "boolean", + "example": false + }, + "errorMessage": { + "description": "Description of the certification error", + "nullable": true, + "type": "string", + "example": "The certification has an error" + }, + "phase": { + "type": "string", + "description": "The current phase of the campaign.\n* `STAGED`: The campaign is waiting to be activated.\n* `ACTIVE`: The campaign is active.\n* `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete.\n", + "enum": [ + "STAGED", + "ACTIVE", + "SIGNED" + ], + "example": "ACTIVE" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/access-review-items": { + "get": { + "operationId": "listIdentityAccessReviewItems", + "tags": [ + "Certifications" + ], + "summary": "List of Access Review Items", + "description": "This API returns a list of access review items for an identity campaign certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity campaign certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "required": false, + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**type**: *eq*\n\n**access.type**: *eq*\n\n**completed**: *eq, ne*\n\n**identitySummary.id**: *eq, in*\n\n**identitySummary.name**: *eq, sw*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "example": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "access.name,-accessProfile.sourceName", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**" + }, + { + "in": "query", + "name": "entitlements", + "required": false, + "schema": { + "type": "string" + }, + "example": "identityEntitlement", + "description": "Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs.\n\nAn error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time." + }, + { + "in": "query", + "name": "access-profiles", + "required": false, + "schema": { + "type": "string" + }, + "example": "accessProfile1", + "description": "Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs.\n\nAn error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time." + }, + { + "in": "query", + "name": "roles", + "required": false, + "schema": { + "type": "string" + }, + "example": "userRole", + "description": "Filter results to view access review items that pertain to any of the specified comma-separated role IDs.\n\nAn error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time." + } + ], + "responses": { + "200": { + "description": "A list of access review items", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "accessSummary": { + "type": "object", + "description": "An object holding the access that is being reviewed", + "properties": { + "access": { + "type": "object", + "properties": { + "type": { + "description": "The type of item being certified", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the item being certified", + "example": "2c9180867160846801719932c5153fb7" + }, + "name": { + "type": "string", + "description": "The name of the item being certified", + "example": "Entitlement for Company Database" + } + } + }, + "entitlement": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the entitlement", + "example": "2c918085718230600171993742c63558" + }, + "name": { + "type": "string", + "description": "The name of the entitlement", + "example": "CN=entitlement.bbb7c650" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Information about the entitlement", + "example": "Gives read/write access to the company database" + }, + "privileged": { + "type": "boolean", + "example": false, + "default": false, + "description": "Indicates if the entitlement is a privileged entitlement" + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the source", + "example": "memberOf" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute on the source", + "example": "CN=entitlement.bbb7c650" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The schema object type on the source used to represent the entitlement and its attributes", + "example": "groups" + }, + "sourceName": { + "type": "string", + "description": "The name of the source for which this entitlement belongs", + "example": "ODS-AD-Source" + }, + "sourceType": { + "type": "string", + "description": "The type of the source for which the entitlement belongs", + "example": "Active Directory - Direct" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source for which the entitlement belongs", + "example": "78ca6be511cb41fbb86dba2fcca7780c" + }, + "hasPermissions": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement has permissions", + "example": false + }, + "isPermission": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement is a representation of an account permission", + "example": false + }, + "revocable": { + "type": "boolean", + "default": false, + "description": "Indicates whether the entitlement can be revoked", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": false + }, + "containsDataAccess": { + "type": "boolean", + "description": "True if the entitlement has DAS data", + "default": false, + "example": true + }, + "dataAccess": { + "type": "object", + "description": "DAS data for the entitlement", + "nullable": true, + "properties": { + "policies": { + "type": "array", + "description": "List of classification policies that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the policy", + "example": "GDPR-20" + } + } + } + }, + "categories": { + "type": "array", + "description": "List of classification categories that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the category", + "example": "email-7" + }, + "matchCount": { + "type": "integer", + "description": "Number of matched for each category", + "example": 10 + } + } + } + }, + "impactScore": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Impact Score for this data", + "example": "Medium" + } + } + } + } + }, + "account": { + "type": "object", + "nullable": true, + "description": "Information about the status of the entitlement", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The native identity for this account", + "example": "CN=Alison Ferguso" + }, + "disabled": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently disabled" + }, + "locked": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently locked" + }, + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "nullable": true, + "type": "string", + "description": "The id associated with the account", + "example": "2c9180857182305e0171993737eb29e6" + }, + "name": { + "nullable": true, + "type": "string", + "description": "The account name", + "example": "Alison Ferguso" + }, + "created": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was created", + "example": "2020-04-20T20:11:05.067Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was last modified", + "example": "2020-05-20T18:57:16.987Z" + }, + "activityInsights": { + "type": "object", + "description": "Insights into account activity", + "properties": { + "accountID": { + "type": "string", + "description": "UUID of the account", + "example": "c4ddd5421d8549f0abd309162cafd3b1" + }, + "usageDays": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 90, + "description": "The number of days of activity", + "example": 45 + }, + "usageDaysState": { + "type": "string", + "enum": [ + "COMPLETE", + "UNKNOWN" + ], + "description": "Status indicating if the activity is complete or unknown", + "example": "COMPLETE" + } + } + } + } + } + } + }, + "accessProfile": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Access Profile", + "example": "2c91808a7190d06e01719938fcd20792" + }, + "name": { + "type": "string", + "description": "Name of the Access Profile", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "description": "Information about the Access Profile", + "example": "Collection of entitlements to read/write the employee database" + }, + "privileged": { + "type": "boolean", + "description": "Indicates if the entitlement is a privileged entitlement", + "example": false + }, + "cloudGoverned": { + "type": "boolean", + "description": "True if the entitlement is cloud governed", + "example": false + }, + "endDate": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "The date at which a user's access expires", + "example": "2021-12-25T00:00:00.000Z" + }, + "owner": { + "description": "Owner of the Access Profile", + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "entitlements": { + "type": "array", + "description": "A list of entitlements associated with this Access Profile", + "items": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the entitlement", + "example": "2c918085718230600171993742c63558" + }, + "name": { + "type": "string", + "description": "The name of the entitlement", + "example": "CN=entitlement.bbb7c650" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Information about the entitlement", + "example": "Gives read/write access to the company database" + }, + "privileged": { + "type": "boolean", + "example": false, + "default": false, + "description": "Indicates if the entitlement is a privileged entitlement" + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the source", + "example": "memberOf" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute on the source", + "example": "CN=entitlement.bbb7c650" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The schema object type on the source used to represent the entitlement and its attributes", + "example": "groups" + }, + "sourceName": { + "type": "string", + "description": "The name of the source for which this entitlement belongs", + "example": "ODS-AD-Source" + }, + "sourceType": { + "type": "string", + "description": "The type of the source for which the entitlement belongs", + "example": "Active Directory - Direct" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source for which the entitlement belongs", + "example": "78ca6be511cb41fbb86dba2fcca7780c" + }, + "hasPermissions": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement has permissions", + "example": false + }, + "isPermission": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement is a representation of an account permission", + "example": false + }, + "revocable": { + "type": "boolean", + "default": false, + "description": "Indicates whether the entitlement can be revoked", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": false + }, + "containsDataAccess": { + "type": "boolean", + "description": "True if the entitlement has DAS data", + "default": false, + "example": true + }, + "dataAccess": { + "type": "object", + "description": "DAS data for the entitlement", + "nullable": true, + "properties": { + "policies": { + "type": "array", + "description": "List of classification policies that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the policy", + "example": "GDPR-20" + } + } + } + }, + "categories": { + "type": "array", + "description": "List of classification categories that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the category", + "example": "email-7" + }, + "matchCount": { + "type": "integer", + "description": "Number of matched for each category", + "example": 10 + } + } + } + }, + "impactScore": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Impact Score for this data", + "example": "Medium" + } + } + } + } + }, + "account": { + "type": "object", + "nullable": true, + "description": "Information about the status of the entitlement", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The native identity for this account", + "example": "CN=Alison Ferguso" + }, + "disabled": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently disabled" + }, + "locked": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently locked" + }, + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "nullable": true, + "type": "string", + "description": "The id associated with the account", + "example": "2c9180857182305e0171993737eb29e6" + }, + "name": { + "nullable": true, + "type": "string", + "description": "The account name", + "example": "Alison Ferguso" + }, + "created": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was created", + "example": "2020-04-20T20:11:05.067Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was last modified", + "example": "2020-05-20T18:57:16.987Z" + }, + "activityInsights": { + "type": "object", + "description": "Insights into account activity", + "properties": { + "accountID": { + "type": "string", + "description": "UUID of the account", + "example": "c4ddd5421d8549f0abd309162cafd3b1" + }, + "usageDays": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 90, + "description": "The number of days of activity", + "example": 45 + }, + "usageDaysState": { + "type": "string", + "enum": [ + "COMPLETE", + "UNKNOWN" + ], + "description": "Status indicating if the activity is complete or unknown", + "example": "COMPLETE" + } + } + } + } + } + } + } + }, + "created": { + "type": "string", + "description": "Date the Access Profile was created.", + "format": "date-time", + "example": "2021-01-01T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "Date the Access Profile was last modified.", + "format": "date-time", + "example": "2021-02-01T22:32:58.104Z" + } + } + }, + "role": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the Role", + "example": "2c91808a7190d06e0171993907fd0794" + }, + "name": { + "type": "string", + "description": "The name of the Role", + "example": "Accounting-Employees" + }, + "description": { + "type": "string", + "description": "Information about the Role", + "example": "Role for members of the accounting department with the necessary Access Profiles" + }, + "privileged": { + "type": "boolean", + "description": "Indicates if the entitlement is a privileged entitlement", + "example": false + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "revocable": { + "type": "boolean", + "description": "Indicates whether the Role can be revoked or requested", + "example": false + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "The date when a user's access expires.", + "example": "2021-12-25T00:00:00.000Z" + }, + "accessProfiles": { + "type": "array", + "description": "The list of Access Profiles associated with this Role", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Access Profile", + "example": "2c91808a7190d06e01719938fcd20792" + }, + "name": { + "type": "string", + "description": "Name of the Access Profile", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "description": "Information about the Access Profile", + "example": "Collection of entitlements to read/write the employee database" + }, + "privileged": { + "type": "boolean", + "description": "Indicates if the entitlement is a privileged entitlement", + "example": false + }, + "cloudGoverned": { + "type": "boolean", + "description": "True if the entitlement is cloud governed", + "example": false + }, + "endDate": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "The date at which a user's access expires", + "example": "2021-12-25T00:00:00.000Z" + }, + "owner": { + "description": "Owner of the Access Profile", + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "entitlements": { + "type": "array", + "description": "A list of entitlements associated with this Access Profile", + "items": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the entitlement", + "example": "2c918085718230600171993742c63558" + }, + "name": { + "type": "string", + "description": "The name of the entitlement", + "example": "CN=entitlement.bbb7c650" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Information about the entitlement", + "example": "Gives read/write access to the company database" + }, + "privileged": { + "type": "boolean", + "example": false, + "default": false, + "description": "Indicates if the entitlement is a privileged entitlement" + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the source", + "example": "memberOf" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute on the source", + "example": "CN=entitlement.bbb7c650" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The schema object type on the source used to represent the entitlement and its attributes", + "example": "groups" + }, + "sourceName": { + "type": "string", + "description": "The name of the source for which this entitlement belongs", + "example": "ODS-AD-Source" + }, + "sourceType": { + "type": "string", + "description": "The type of the source for which the entitlement belongs", + "example": "Active Directory - Direct" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source for which the entitlement belongs", + "example": "78ca6be511cb41fbb86dba2fcca7780c" + }, + "hasPermissions": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement has permissions", + "example": false + }, + "isPermission": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement is a representation of an account permission", + "example": false + }, + "revocable": { + "type": "boolean", + "default": false, + "description": "Indicates whether the entitlement can be revoked", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": false + }, + "containsDataAccess": { + "type": "boolean", + "description": "True if the entitlement has DAS data", + "default": false, + "example": true + }, + "dataAccess": { + "type": "object", + "description": "DAS data for the entitlement", + "nullable": true, + "properties": { + "policies": { + "type": "array", + "description": "List of classification policies that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the policy", + "example": "GDPR-20" + } + } + } + }, + "categories": { + "type": "array", + "description": "List of classification categories that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the category", + "example": "email-7" + }, + "matchCount": { + "type": "integer", + "description": "Number of matched for each category", + "example": 10 + } + } + } + }, + "impactScore": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Impact Score for this data", + "example": "Medium" + } + } + } + } + }, + "account": { + "type": "object", + "nullable": true, + "description": "Information about the status of the entitlement", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The native identity for this account", + "example": "CN=Alison Ferguso" + }, + "disabled": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently disabled" + }, + "locked": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently locked" + }, + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "nullable": true, + "type": "string", + "description": "The id associated with the account", + "example": "2c9180857182305e0171993737eb29e6" + }, + "name": { + "nullable": true, + "type": "string", + "description": "The account name", + "example": "Alison Ferguso" + }, + "created": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was created", + "example": "2020-04-20T20:11:05.067Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was last modified", + "example": "2020-05-20T18:57:16.987Z" + }, + "activityInsights": { + "type": "object", + "description": "Insights into account activity", + "properties": { + "accountID": { + "type": "string", + "description": "UUID of the account", + "example": "c4ddd5421d8549f0abd309162cafd3b1" + }, + "usageDays": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 90, + "description": "The number of days of activity", + "example": 45 + }, + "usageDaysState": { + "type": "string", + "enum": [ + "COMPLETE", + "UNKNOWN" + ], + "description": "Status indicating if the activity is complete or unknown", + "example": "COMPLETE" + } + } + } + } + } + } + } + }, + "created": { + "type": "string", + "description": "Date the Access Profile was created.", + "format": "date-time", + "example": "2021-01-01T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "Date the Access Profile was last modified.", + "format": "date-time", + "example": "2021-02-01T22:32:58.104Z" + } + } + } + }, + "entitlements": { + "type": "array", + "description": "The list of entitlements associated with this Role", + "items": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the entitlement", + "example": "2c918085718230600171993742c63558" + }, + "name": { + "type": "string", + "description": "The name of the entitlement", + "example": "CN=entitlement.bbb7c650" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Information about the entitlement", + "example": "Gives read/write access to the company database" + }, + "privileged": { + "type": "boolean", + "example": false, + "default": false, + "description": "Indicates if the entitlement is a privileged entitlement" + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the source", + "example": "memberOf" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute on the source", + "example": "CN=entitlement.bbb7c650" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The schema object type on the source used to represent the entitlement and its attributes", + "example": "groups" + }, + "sourceName": { + "type": "string", + "description": "The name of the source for which this entitlement belongs", + "example": "ODS-AD-Source" + }, + "sourceType": { + "type": "string", + "description": "The type of the source for which the entitlement belongs", + "example": "Active Directory - Direct" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source for which the entitlement belongs", + "example": "78ca6be511cb41fbb86dba2fcca7780c" + }, + "hasPermissions": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement has permissions", + "example": false + }, + "isPermission": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement is a representation of an account permission", + "example": false + }, + "revocable": { + "type": "boolean", + "default": false, + "description": "Indicates whether the entitlement can be revoked", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": false + }, + "containsDataAccess": { + "type": "boolean", + "description": "True if the entitlement has DAS data", + "default": false, + "example": true + }, + "dataAccess": { + "type": "object", + "description": "DAS data for the entitlement", + "nullable": true, + "properties": { + "policies": { + "type": "array", + "description": "List of classification policies that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the policy", + "example": "GDPR-20" + } + } + } + }, + "categories": { + "type": "array", + "description": "List of classification categories that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the category", + "example": "email-7" + }, + "matchCount": { + "type": "integer", + "description": "Number of matched for each category", + "example": 10 + } + } + } + }, + "impactScore": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Impact Score for this data", + "example": "Medium" + } + } + } + } + }, + "account": { + "type": "object", + "nullable": true, + "description": "Information about the status of the entitlement", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The native identity for this account", + "example": "CN=Alison Ferguso" + }, + "disabled": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently disabled" + }, + "locked": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently locked" + }, + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "nullable": true, + "type": "string", + "description": "The id associated with the account", + "example": "2c9180857182305e0171993737eb29e6" + }, + "name": { + "nullable": true, + "type": "string", + "description": "The account name", + "example": "Alison Ferguso" + }, + "created": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was created", + "example": "2020-04-20T20:11:05.067Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was last modified", + "example": "2020-05-20T18:57:16.987Z" + }, + "activityInsights": { + "type": "object", + "description": "Insights into account activity", + "properties": { + "accountID": { + "type": "string", + "description": "UUID of the account", + "example": "c4ddd5421d8549f0abd309162cafd3b1" + }, + "usageDays": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 90, + "description": "The number of days of activity", + "example": 45 + }, + "usageDaysState": { + "type": "string", + "enum": [ + "COMPLETE", + "UNKNOWN" + ], + "description": "Status indicating if the activity is complete or unknown", + "example": "COMPLETE" + } + } + } + } + } + } + } + } + } + } + } + }, + "identitySummary": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the identity summary", + "example": "2c91808772a504f50172a9540e501ba7" + }, + "name": { + "type": "string", + "description": "Name of the linked identity", + "example": "Alison Ferguso" + }, + "identityId": { + "type": "string", + "description": "The ID of the identity being certified", + "example": "2c9180857182306001719937377a33de" + }, + "completed": { + "type": "boolean", + "description": "Indicates whether the review items for the linked identity's certification have been completed", + "example": true + } + } + }, + "id": { + "type": "string", + "description": "The review item's id", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "completed": { + "type": "boolean", + "description": "Whether the review item is complete", + "example": false + }, + "newAccess": { + "type": "boolean", + "description": "Indicates whether the review item is for new access to a source", + "example": false + }, + "decision": { + "type": "string", + "description": "The decision to approve or revoke the review item", + "enum": [ + "APPROVE", + "REVOKE" + ], + "example": "APPROVE" + }, + "comments": { + "nullable": true, + "type": "string", + "description": "Comments for this review item", + "example": "This user still needs access to this source" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/decide": { + "post": { + "operationId": "makeIdentityDecision", + "tags": [ + "Certifications" + ], + "summary": "Decide on a Certification Item", + "description": "The API makes a decision to approve or revoke one or more identity campaign certification items. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the identity campaign certification on which to make decisions", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "description": "A non-empty array of decisions to be made.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the review decision", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "decision": { + "type": "string", + "description": "The decision to approve or revoke the review item", + "enum": [ + "APPROVE", + "REVOKE" + ], + "example": "APPROVE" + }, + "proposedEndDate": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "The date at which a user's access should be taken away. Should only be set for `REVOKE` decisions." + }, + "bulk": { + "type": "boolean", + "description": "Indicates whether decision should be marked as part of a larger bulk decision", + "example": true + }, + "recommendation": { + "nullable": true, + "type": "object", + "properties": { + "recommendation": { + "type": "string", + "description": "The recommendation from IAI at the time of the decision. This field will be null if no recommendation was made.", + "example": null, + "nullable": true + }, + "reasons": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of reasons for the recommendation.", + "example": [ + "Reason 1", + "Reason 2" + ] + }, + "timestamp": { + "type": "string", + "format": "date-time", + "description": "The time at which the recommendation was recorded.", + "example": "2020-06-01T13:49:37.385Z" + } + } + }, + "comments": { + "type": "string", + "description": "Comments recorded when the decision was made", + "example": "This user no longer needs access to this source" + } + }, + "required": [ + "id", + "decision", + "bulk" + ] + }, + "minItems": 1, + "maxItems": 250 + }, + "example": [ + { + "id": "ef38f94347e94562b5bb8424a56396b5", + "decision": "APPROVE", + "bulk": true, + "comments": "This user still needs access to this source." + }, + { + "id": "ef38f94347e94562b5bb8424a56397d8", + "decision": "APPROVE", + "bulk": true, + "comments": "This user still needs access to this source too." + } + ] + } + } + }, + "responses": { + "200": { + "description": "An identity campaign certification object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "example": "2c9180835d2e5168015d32f890ca1581", + "type": "string", + "description": "id of the certification" + }, + "name": { + "example": "Source Owner Access Review for Employees [source]", + "type": "string", + "description": "name of the certification" + }, + "campaign": { + "type": "object", + "required": [ + "id", + "name", + "type", + "campaignType", + "description", + "correlatedStatus", + "mandatoryCommentRequirement" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the campaign.", + "example": "Campaign Name" + }, + "type": { + "type": "string", + "enum": [ + "CAMPAIGN" + ], + "description": "The type of object that is being referenced.", + "example": "CAMPAIGN" + }, + "campaignType": { + "type": "string", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH" + ], + "description": "The type of the campaign.", + "example": "MANAGER" + }, + "description": { + "type": "string", + "description": "The description of the campaign set by the admin who created it.", + "nullable": true, + "example": "A description of the campaign" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + }, + "completed": { + "type": "boolean", + "description": "Have all decisions been made?", + "example": true + }, + "identitiesCompleted": { + "type": "integer", + "description": "The number of identities for whom all decisions have been made and are complete.", + "example": 5, + "format": "int32" + }, + "identitiesTotal": { + "type": "integer", + "description": "The total number of identities in the Certification, both complete and incomplete.", + "example": 10, + "format": "int32" + }, + "created": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "created date" + }, + "modified": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "modified date" + }, + "decisionsMade": { + "type": "integer", + "description": "The number of approve/revoke/acknowledge decisions that have been made.", + "example": 20, + "format": "int32" + }, + "decisionsTotal": { + "type": "integer", + "description": "The total number of approve/revoke/acknowledge decisions.", + "example": 40, + "format": "int32" + }, + "due": { + "type": "string", + "format": "date-time", + "description": "The due date of the certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "signed": { + "type": "string", + "format": "date-time", + "nullable": true, + "description": "The date the reviewer signed off on the Certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + }, + "reassignment": { + "type": "object", + "nullable": true, + "properties": { + "from": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the certification.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the certification.", + "example": "Certification Name" + }, + "type": { + "type": "string", + "enum": [ + "CERTIFICATION" + ], + "example": "CERTIFICATION" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + } + } + }, + "comment": { + "type": "string", + "description": "The comment entered when the Certification was reassigned", + "example": "Reassigned for a reason" + } + } + }, + "hasErrors": { + "description": "Identifies if the certification has an error", + "type": "boolean", + "example": false + }, + "errorMessage": { + "description": "Description of the certification error", + "nullable": true, + "type": "string", + "example": "The certification has an error" + }, + "phase": { + "type": "string", + "description": "The current phase of the campaign.\n* `STAGED`: The campaign is waiting to be activated.\n* `ACTIVE`: The campaign is active.\n* `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete.\n", + "enum": [ + "STAGED", + "ACTIVE", + "SIGNED" + ], + "example": "ACTIVE" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/reassign": { + "post": { + "operationId": "reassignIdentityCertifications", + "tags": [ + "Certifications" + ], + "summary": "Reassign Identities or Items", + "description": "This API reassigns up to 50 identities or items in an identity campaign certification to another reviewer. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity campaign certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "reassign": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of item or identity being reassigned.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "type": { + "type": "string", + "description": "The type of item or identity being reassigned.", + "enum": [ + "TARGET_SUMMARY", + "ITEM", + "IDENTITY_SUMMARY" + ], + "example": "ITEM" + } + }, + "required": [ + "id", + "type" + ] + } + }, + "reassignTo": { + "type": "string", + "description": "The ID of the identity to which the certification is reassigned", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "reason": { + "type": "string", + "description": "The reason comment for why the reassign was made", + "example": "reassigned for some reason" + } + }, + "required": [ + "reassign", + "reassignTo", + "reason" + ] + } + } + } + }, + "responses": { + "200": { + "description": "An identity campaign certification details after completing the reassignment.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "example": "2c9180835d2e5168015d32f890ca1581", + "type": "string", + "description": "id of the certification" + }, + "name": { + "example": "Source Owner Access Review for Employees [source]", + "type": "string", + "description": "name of the certification" + }, + "campaign": { + "type": "object", + "required": [ + "id", + "name", + "type", + "campaignType", + "description", + "correlatedStatus", + "mandatoryCommentRequirement" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the campaign.", + "example": "Campaign Name" + }, + "type": { + "type": "string", + "enum": [ + "CAMPAIGN" + ], + "description": "The type of object that is being referenced.", + "example": "CAMPAIGN" + }, + "campaignType": { + "type": "string", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH" + ], + "description": "The type of the campaign.", + "example": "MANAGER" + }, + "description": { + "type": "string", + "description": "The description of the campaign set by the admin who created it.", + "nullable": true, + "example": "A description of the campaign" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + }, + "completed": { + "type": "boolean", + "description": "Have all decisions been made?", + "example": true + }, + "identitiesCompleted": { + "type": "integer", + "description": "The number of identities for whom all decisions have been made and are complete.", + "example": 5, + "format": "int32" + }, + "identitiesTotal": { + "type": "integer", + "description": "The total number of identities in the Certification, both complete and incomplete.", + "example": 10, + "format": "int32" + }, + "created": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "created date" + }, + "modified": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "modified date" + }, + "decisionsMade": { + "type": "integer", + "description": "The number of approve/revoke/acknowledge decisions that have been made.", + "example": 20, + "format": "int32" + }, + "decisionsTotal": { + "type": "integer", + "description": "The total number of approve/revoke/acknowledge decisions.", + "example": 40, + "format": "int32" + }, + "due": { + "type": "string", + "format": "date-time", + "description": "The due date of the certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "signed": { + "type": "string", + "format": "date-time", + "nullable": true, + "description": "The date the reviewer signed off on the Certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + }, + "reassignment": { + "type": "object", + "nullable": true, + "properties": { + "from": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the certification.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the certification.", + "example": "Certification Name" + }, + "type": { + "type": "string", + "enum": [ + "CERTIFICATION" + ], + "example": "CERTIFICATION" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + } + } + }, + "comment": { + "type": "string", + "description": "The comment entered when the Certification was reassigned", + "example": "Reassigned for a reason" + } + } + }, + "hasErrors": { + "description": "Identifies if the certification has an error", + "type": "boolean", + "example": false + }, + "errorMessage": { + "description": "Description of the certification error", + "nullable": true, + "type": "string", + "example": "The certification has an error" + }, + "phase": { + "type": "string", + "description": "The current phase of the campaign.\n* `STAGED`: The campaign is waiting to be activated.\n* `ACTIVE`: The campaign is active.\n* `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete.\n", + "enum": [ + "STAGED", + "ACTIVE", + "SIGNED" + ], + "example": "ACTIVE" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/sign-off": { + "post": { + "operationId": "signOffIdentityCertification", + "tags": [ + "Certifications" + ], + "summary": "Finalize Identity Certification Decisions", + "description": "This API finalizes all decisions made on an identity campaign certification and initiates any remediations required. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity campaign certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "An identity campaign certification object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "example": "2c9180835d2e5168015d32f890ca1581", + "type": "string", + "description": "id of the certification" + }, + "name": { + "example": "Source Owner Access Review for Employees [source]", + "type": "string", + "description": "name of the certification" + }, + "campaign": { + "type": "object", + "required": [ + "id", + "name", + "type", + "campaignType", + "description", + "correlatedStatus", + "mandatoryCommentRequirement" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the campaign.", + "example": "Campaign Name" + }, + "type": { + "type": "string", + "enum": [ + "CAMPAIGN" + ], + "description": "The type of object that is being referenced.", + "example": "CAMPAIGN" + }, + "campaignType": { + "type": "string", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH" + ], + "description": "The type of the campaign.", + "example": "MANAGER" + }, + "description": { + "type": "string", + "description": "The description of the campaign set by the admin who created it.", + "nullable": true, + "example": "A description of the campaign" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + }, + "completed": { + "type": "boolean", + "description": "Have all decisions been made?", + "example": true + }, + "identitiesCompleted": { + "type": "integer", + "description": "The number of identities for whom all decisions have been made and are complete.", + "example": 5, + "format": "int32" + }, + "identitiesTotal": { + "type": "integer", + "description": "The total number of identities in the Certification, both complete and incomplete.", + "example": 10, + "format": "int32" + }, + "created": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "created date" + }, + "modified": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "modified date" + }, + "decisionsMade": { + "type": "integer", + "description": "The number of approve/revoke/acknowledge decisions that have been made.", + "example": 20, + "format": "int32" + }, + "decisionsTotal": { + "type": "integer", + "description": "The total number of approve/revoke/acknowledge decisions.", + "example": 40, + "format": "int32" + }, + "due": { + "type": "string", + "format": "date-time", + "description": "The due date of the certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "signed": { + "type": "string", + "format": "date-time", + "nullable": true, + "description": "The date the reviewer signed off on the Certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + }, + "reassignment": { + "type": "object", + "nullable": true, + "properties": { + "from": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the certification.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the certification.", + "example": "Certification Name" + }, + "type": { + "type": "string", + "enum": [ + "CERTIFICATION" + ], + "example": "CERTIFICATION" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + } + } + }, + "comment": { + "type": "string", + "description": "The comment entered when the Certification was reassigned", + "example": "Reassigned for a reason" + } + } + }, + "hasErrors": { + "description": "Identifies if the certification has an error", + "type": "boolean", + "example": false + }, + "errorMessage": { + "description": "Description of the certification error", + "nullable": true, + "type": "string", + "example": "The certification has an error" + }, + "phase": { + "type": "string", + "description": "The current phase of the campaign.\n* `STAGED`: The campaign is waiting to be activated.\n* `ACTIVE`: The campaign is active.\n* `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete.\n", + "enum": [ + "STAGED", + "ACTIVE", + "SIGNED" + ], + "example": "ACTIVE" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/decision-summary": { + "get": { + "operationId": "getIdentityDecisionSummary", + "tags": [ + "Certification Summaries" + ], + "summary": "Summary of Certification Decisions", + "description": "This API returns a summary of the decisions made on an identity campaign certification. The decisions are summarized by type. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "example": "identitySummary.id eq \"ef38f94347e94562b5bb8424a56397d8\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**identitySummary.id**: *eq, in*" + } + ], + "responses": { + "200": { + "description": "Summary of the decisions made", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "entitlementDecisionsMade": { + "type": "integer", + "description": "Number of entitlement decisions that have been made", + "example": 3, + "format": "int32" + }, + "accessProfileDecisionsMade": { + "type": "integer", + "description": "Number of access profile decisions that have been made", + "example": 5, + "format": "int32" + }, + "roleDecisionsMade": { + "type": "integer", + "description": "Number of role decisions that have been made", + "example": 2, + "format": "int32" + }, + "accountDecisionsMade": { + "type": "integer", + "description": "Number of account decisions that have been made", + "example": 4, + "format": "int32" + }, + "entitlementDecisionsTotal": { + "type": "integer", + "description": "The total number of entitlement decisions on the certification, both complete and incomplete", + "example": 6, + "format": "int32" + }, + "accessProfileDecisionsTotal": { + "type": "integer", + "description": "The total number of access profile decisions on the certification, both complete and incomplete", + "example": 10, + "format": "int32" + }, + "roleDecisionsTotal": { + "type": "integer", + "description": "The total number of role decisions on the certification, both complete and incomplete", + "example": 4, + "format": "int32" + }, + "accountDecisionsTotal": { + "type": "integer", + "description": "The total number of account decisions on the certification, both complete and incomplete", + "example": 8, + "format": "int32" + }, + "entitlementsApproved": { + "type": "integer", + "description": "The number of entitlement decisions that have been made which were approved", + "example": 2, + "format": "int32" + }, + "entitlementsRevoked": { + "type": "integer", + "description": "The number of entitlement decisions that have been made which were revoked", + "example": 1, + "format": "int32" + }, + "accessProfilesApproved": { + "type": "integer", + "description": "The number of access profile decisions that have been made which were approved", + "example": 3, + "format": "int32" + }, + "accessProfilesRevoked": { + "type": "integer", + "description": "The number of access profile decisions that have been made which were revoked", + "example": 2, + "format": "int32" + }, + "rolesApproved": { + "type": "integer", + "description": "The number of role decisions that have been made which were approved", + "example": 2, + "format": "int32" + }, + "rolesRevoked": { + "type": "integer", + "description": "The number of role decisions that have been made which were revoked", + "example": 0, + "format": "int32" + }, + "accountsApproved": { + "type": "integer", + "description": "The number of account decisions that have been made which were approved", + "example": 1, + "format": "int32" + }, + "accountsRevoked": { + "type": "integer", + "description": "The number of account decisions that have been made which were revoked", + "example": 3, + "format": "int32" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/identity-summaries": { + "get": { + "operationId": "getIdentitySummaries", + "tags": [ + "Certification Summaries" + ], + "summary": "Identity Summaries for Campaign Certification", + "description": "This API returns a list of the identity summaries for a specific identity campaign certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity campaign certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "example": "id eq \"ef38f94347e94562b5bb8424a56397d8\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**completed**: *eq, ne*\n\n**name**: *eq, sw*" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "name", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**" + } + ], + "responses": { + "200": { + "description": "List of identity summaries", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the identity summary", + "example": "2c91808772a504f50172a9540e501ba7" + }, + "name": { + "type": "string", + "description": "Name of the linked identity", + "example": "Alison Ferguso" + }, + "identityId": { + "type": "string", + "description": "The ID of the identity being certified", + "example": "2c9180857182306001719937377a33de" + }, + "completed": { + "type": "boolean", + "description": "Indicates whether the review items for the linked identity's certification have been completed", + "example": true + } + } + } + }, + "example": [ + { + "id": "2c91808772a504f50172a9540e501ba7", + "name": "Aaron Grey", + "identityId": "2c9180857182306001719937379633e4", + "completed": false + }, + { + "id": "2c91808772a504f50172a9540e501ba8", + "name": "Aglae Wilson", + "identityId": "2c9180857182306001719937377a33de", + "completed": true + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/access-summaries/{type}": { + "get": { + "operationId": "getIdentityAccessSummaries", + "tags": [ + "Certification Summaries" + ], + "summary": "Access Summaries", + "description": "This API returns a list of access summaries for the specified identity campaign certification and type. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "security": [ + { + "oauth2": [ + "idn:certification:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity campaign certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "path", + "name": "type", + "schema": { + "type": "string", + "enum": [ + "ROLE", + "ACCESS_PROFILE", + "ENTITLEMENT" + ] + }, + "required": true, + "description": "The type of access review item to retrieve summaries for", + "example": "ACCESS_PROFILE" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "example": "access.id eq \"ef38f94347e94562b5bb8424a56397d8\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "access.name", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name**" + } + ], + "responses": { + "200": { + "description": "List of access summaries", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "An object holding the access that is being reviewed", + "properties": { + "access": { + "type": "object", + "properties": { + "type": { + "description": "The type of item being certified", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the item being certified", + "example": "2c9180867160846801719932c5153fb7" + }, + "name": { + "type": "string", + "description": "The name of the item being certified", + "example": "Entitlement for Company Database" + } + } + }, + "entitlement": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the entitlement", + "example": "2c918085718230600171993742c63558" + }, + "name": { + "type": "string", + "description": "The name of the entitlement", + "example": "CN=entitlement.bbb7c650" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Information about the entitlement", + "example": "Gives read/write access to the company database" + }, + "privileged": { + "type": "boolean", + "example": false, + "default": false, + "description": "Indicates if the entitlement is a privileged entitlement" + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the source", + "example": "memberOf" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute on the source", + "example": "CN=entitlement.bbb7c650" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The schema object type on the source used to represent the entitlement and its attributes", + "example": "groups" + }, + "sourceName": { + "type": "string", + "description": "The name of the source for which this entitlement belongs", + "example": "ODS-AD-Source" + }, + "sourceType": { + "type": "string", + "description": "The type of the source for which the entitlement belongs", + "example": "Active Directory - Direct" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source for which the entitlement belongs", + "example": "78ca6be511cb41fbb86dba2fcca7780c" + }, + "hasPermissions": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement has permissions", + "example": false + }, + "isPermission": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement is a representation of an account permission", + "example": false + }, + "revocable": { + "type": "boolean", + "default": false, + "description": "Indicates whether the entitlement can be revoked", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": false + }, + "containsDataAccess": { + "type": "boolean", + "description": "True if the entitlement has DAS data", + "default": false, + "example": true + }, + "dataAccess": { + "type": "object", + "description": "DAS data for the entitlement", + "nullable": true, + "properties": { + "policies": { + "type": "array", + "description": "List of classification policies that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the policy", + "example": "GDPR-20" + } + } + } + }, + "categories": { + "type": "array", + "description": "List of classification categories that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the category", + "example": "email-7" + }, + "matchCount": { + "type": "integer", + "description": "Number of matched for each category", + "example": 10 + } + } + } + }, + "impactScore": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Impact Score for this data", + "example": "Medium" + } + } + } + } + }, + "account": { + "type": "object", + "nullable": true, + "description": "Information about the status of the entitlement", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The native identity for this account", + "example": "CN=Alison Ferguso" + }, + "disabled": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently disabled" + }, + "locked": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently locked" + }, + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "nullable": true, + "type": "string", + "description": "The id associated with the account", + "example": "2c9180857182305e0171993737eb29e6" + }, + "name": { + "nullable": true, + "type": "string", + "description": "The account name", + "example": "Alison Ferguso" + }, + "created": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was created", + "example": "2020-04-20T20:11:05.067Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was last modified", + "example": "2020-05-20T18:57:16.987Z" + }, + "activityInsights": { + "type": "object", + "description": "Insights into account activity", + "properties": { + "accountID": { + "type": "string", + "description": "UUID of the account", + "example": "c4ddd5421d8549f0abd309162cafd3b1" + }, + "usageDays": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 90, + "description": "The number of days of activity", + "example": 45 + }, + "usageDaysState": { + "type": "string", + "enum": [ + "COMPLETE", + "UNKNOWN" + ], + "description": "Status indicating if the activity is complete or unknown", + "example": "COMPLETE" + } + } + } + } + } + } + }, + "accessProfile": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Access Profile", + "example": "2c91808a7190d06e01719938fcd20792" + }, + "name": { + "type": "string", + "description": "Name of the Access Profile", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "description": "Information about the Access Profile", + "example": "Collection of entitlements to read/write the employee database" + }, + "privileged": { + "type": "boolean", + "description": "Indicates if the entitlement is a privileged entitlement", + "example": false + }, + "cloudGoverned": { + "type": "boolean", + "description": "True if the entitlement is cloud governed", + "example": false + }, + "endDate": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "The date at which a user's access expires", + "example": "2021-12-25T00:00:00.000Z" + }, + "owner": { + "description": "Owner of the Access Profile", + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "entitlements": { + "type": "array", + "description": "A list of entitlements associated with this Access Profile", + "items": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the entitlement", + "example": "2c918085718230600171993742c63558" + }, + "name": { + "type": "string", + "description": "The name of the entitlement", + "example": "CN=entitlement.bbb7c650" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Information about the entitlement", + "example": "Gives read/write access to the company database" + }, + "privileged": { + "type": "boolean", + "example": false, + "default": false, + "description": "Indicates if the entitlement is a privileged entitlement" + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the source", + "example": "memberOf" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute on the source", + "example": "CN=entitlement.bbb7c650" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The schema object type on the source used to represent the entitlement and its attributes", + "example": "groups" + }, + "sourceName": { + "type": "string", + "description": "The name of the source for which this entitlement belongs", + "example": "ODS-AD-Source" + }, + "sourceType": { + "type": "string", + "description": "The type of the source for which the entitlement belongs", + "example": "Active Directory - Direct" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source for which the entitlement belongs", + "example": "78ca6be511cb41fbb86dba2fcca7780c" + }, + "hasPermissions": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement has permissions", + "example": false + }, + "isPermission": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement is a representation of an account permission", + "example": false + }, + "revocable": { + "type": "boolean", + "default": false, + "description": "Indicates whether the entitlement can be revoked", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": false + }, + "containsDataAccess": { + "type": "boolean", + "description": "True if the entitlement has DAS data", + "default": false, + "example": true + }, + "dataAccess": { + "type": "object", + "description": "DAS data for the entitlement", + "nullable": true, + "properties": { + "policies": { + "type": "array", + "description": "List of classification policies that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the policy", + "example": "GDPR-20" + } + } + } + }, + "categories": { + "type": "array", + "description": "List of classification categories that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the category", + "example": "email-7" + }, + "matchCount": { + "type": "integer", + "description": "Number of matched for each category", + "example": 10 + } + } + } + }, + "impactScore": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Impact Score for this data", + "example": "Medium" + } + } + } + } + }, + "account": { + "type": "object", + "nullable": true, + "description": "Information about the status of the entitlement", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The native identity for this account", + "example": "CN=Alison Ferguso" + }, + "disabled": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently disabled" + }, + "locked": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently locked" + }, + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "nullable": true, + "type": "string", + "description": "The id associated with the account", + "example": "2c9180857182305e0171993737eb29e6" + }, + "name": { + "nullable": true, + "type": "string", + "description": "The account name", + "example": "Alison Ferguso" + }, + "created": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was created", + "example": "2020-04-20T20:11:05.067Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was last modified", + "example": "2020-05-20T18:57:16.987Z" + }, + "activityInsights": { + "type": "object", + "description": "Insights into account activity", + "properties": { + "accountID": { + "type": "string", + "description": "UUID of the account", + "example": "c4ddd5421d8549f0abd309162cafd3b1" + }, + "usageDays": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 90, + "description": "The number of days of activity", + "example": 45 + }, + "usageDaysState": { + "type": "string", + "enum": [ + "COMPLETE", + "UNKNOWN" + ], + "description": "Status indicating if the activity is complete or unknown", + "example": "COMPLETE" + } + } + } + } + } + } + } + }, + "created": { + "type": "string", + "description": "Date the Access Profile was created.", + "format": "date-time", + "example": "2021-01-01T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "Date the Access Profile was last modified.", + "format": "date-time", + "example": "2021-02-01T22:32:58.104Z" + } + } + }, + "role": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the Role", + "example": "2c91808a7190d06e0171993907fd0794" + }, + "name": { + "type": "string", + "description": "The name of the Role", + "example": "Accounting-Employees" + }, + "description": { + "type": "string", + "description": "Information about the Role", + "example": "Role for members of the accounting department with the necessary Access Profiles" + }, + "privileged": { + "type": "boolean", + "description": "Indicates if the entitlement is a privileged entitlement", + "example": false + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "revocable": { + "type": "boolean", + "description": "Indicates whether the Role can be revoked or requested", + "example": false + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "The date when a user's access expires.", + "example": "2021-12-25T00:00:00.000Z" + }, + "accessProfiles": { + "type": "array", + "description": "The list of Access Profiles associated with this Role", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Access Profile", + "example": "2c91808a7190d06e01719938fcd20792" + }, + "name": { + "type": "string", + "description": "Name of the Access Profile", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "description": "Information about the Access Profile", + "example": "Collection of entitlements to read/write the employee database" + }, + "privileged": { + "type": "boolean", + "description": "Indicates if the entitlement is a privileged entitlement", + "example": false + }, + "cloudGoverned": { + "type": "boolean", + "description": "True if the entitlement is cloud governed", + "example": false + }, + "endDate": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "The date at which a user's access expires", + "example": "2021-12-25T00:00:00.000Z" + }, + "owner": { + "description": "Owner of the Access Profile", + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "entitlements": { + "type": "array", + "description": "A list of entitlements associated with this Access Profile", + "items": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the entitlement", + "example": "2c918085718230600171993742c63558" + }, + "name": { + "type": "string", + "description": "The name of the entitlement", + "example": "CN=entitlement.bbb7c650" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Information about the entitlement", + "example": "Gives read/write access to the company database" + }, + "privileged": { + "type": "boolean", + "example": false, + "default": false, + "description": "Indicates if the entitlement is a privileged entitlement" + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the source", + "example": "memberOf" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute on the source", + "example": "CN=entitlement.bbb7c650" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The schema object type on the source used to represent the entitlement and its attributes", + "example": "groups" + }, + "sourceName": { + "type": "string", + "description": "The name of the source for which this entitlement belongs", + "example": "ODS-AD-Source" + }, + "sourceType": { + "type": "string", + "description": "The type of the source for which the entitlement belongs", + "example": "Active Directory - Direct" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source for which the entitlement belongs", + "example": "78ca6be511cb41fbb86dba2fcca7780c" + }, + "hasPermissions": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement has permissions", + "example": false + }, + "isPermission": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement is a representation of an account permission", + "example": false + }, + "revocable": { + "type": "boolean", + "default": false, + "description": "Indicates whether the entitlement can be revoked", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": false + }, + "containsDataAccess": { + "type": "boolean", + "description": "True if the entitlement has DAS data", + "default": false, + "example": true + }, + "dataAccess": { + "type": "object", + "description": "DAS data for the entitlement", + "nullable": true, + "properties": { + "policies": { + "type": "array", + "description": "List of classification policies that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the policy", + "example": "GDPR-20" + } + } + } + }, + "categories": { + "type": "array", + "description": "List of classification categories that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the category", + "example": "email-7" + }, + "matchCount": { + "type": "integer", + "description": "Number of matched for each category", + "example": 10 + } + } + } + }, + "impactScore": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Impact Score for this data", + "example": "Medium" + } + } + } + } + }, + "account": { + "type": "object", + "nullable": true, + "description": "Information about the status of the entitlement", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The native identity for this account", + "example": "CN=Alison Ferguso" + }, + "disabled": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently disabled" + }, + "locked": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently locked" + }, + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "nullable": true, + "type": "string", + "description": "The id associated with the account", + "example": "2c9180857182305e0171993737eb29e6" + }, + "name": { + "nullable": true, + "type": "string", + "description": "The account name", + "example": "Alison Ferguso" + }, + "created": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was created", + "example": "2020-04-20T20:11:05.067Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was last modified", + "example": "2020-05-20T18:57:16.987Z" + }, + "activityInsights": { + "type": "object", + "description": "Insights into account activity", + "properties": { + "accountID": { + "type": "string", + "description": "UUID of the account", + "example": "c4ddd5421d8549f0abd309162cafd3b1" + }, + "usageDays": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 90, + "description": "The number of days of activity", + "example": 45 + }, + "usageDaysState": { + "type": "string", + "enum": [ + "COMPLETE", + "UNKNOWN" + ], + "description": "Status indicating if the activity is complete or unknown", + "example": "COMPLETE" + } + } + } + } + } + } + } + }, + "created": { + "type": "string", + "description": "Date the Access Profile was created.", + "format": "date-time", + "example": "2021-01-01T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "Date the Access Profile was last modified.", + "format": "date-time", + "example": "2021-02-01T22:32:58.104Z" + } + } + } + }, + "entitlements": { + "type": "array", + "description": "The list of entitlements associated with this Role", + "items": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "The id for the entitlement", + "example": "2c918085718230600171993742c63558" + }, + "name": { + "type": "string", + "description": "The name of the entitlement", + "example": "CN=entitlement.bbb7c650" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Information about the entitlement", + "example": "Gives read/write access to the company database" + }, + "privileged": { + "type": "boolean", + "example": false, + "default": false, + "description": "Indicates if the entitlement is a privileged entitlement" + }, + "owner": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the source", + "example": "memberOf" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute on the source", + "example": "CN=entitlement.bbb7c650" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The schema object type on the source used to represent the entitlement and its attributes", + "example": "groups" + }, + "sourceName": { + "type": "string", + "description": "The name of the source for which this entitlement belongs", + "example": "ODS-AD-Source" + }, + "sourceType": { + "type": "string", + "description": "The type of the source for which the entitlement belongs", + "example": "Active Directory - Direct" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source for which the entitlement belongs", + "example": "78ca6be511cb41fbb86dba2fcca7780c" + }, + "hasPermissions": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement has permissions", + "example": false + }, + "isPermission": { + "type": "boolean", + "default": false, + "description": "Indicates if the entitlement is a representation of an account permission", + "example": false + }, + "revocable": { + "type": "boolean", + "default": false, + "description": "Indicates whether the entitlement can be revoked", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": false + }, + "containsDataAccess": { + "type": "boolean", + "description": "True if the entitlement has DAS data", + "default": false, + "example": true + }, + "dataAccess": { + "type": "object", + "description": "DAS data for the entitlement", + "nullable": true, + "properties": { + "policies": { + "type": "array", + "description": "List of classification policies that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the policy", + "example": "GDPR-20" + } + } + } + }, + "categories": { + "type": "array", + "description": "List of classification categories that apply to resources the entitlement \\ groups has access to", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value of the category", + "example": "email-7" + }, + "matchCount": { + "type": "integer", + "description": "Number of matched for each category", + "example": 10 + } + } + } + }, + "impactScore": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Impact Score for this data", + "example": "Medium" + } + } + } + } + }, + "account": { + "type": "object", + "nullable": true, + "description": "Information about the status of the entitlement", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The native identity for this account", + "example": "CN=Alison Ferguso" + }, + "disabled": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently disabled" + }, + "locked": { + "type": "boolean", + "default": false, + "example": false, + "description": "Indicates whether this account is currently locked" + }, + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "nullable": true, + "type": "string", + "description": "The id associated with the account", + "example": "2c9180857182305e0171993737eb29e6" + }, + "name": { + "nullable": true, + "type": "string", + "description": "The account name", + "example": "Alison Ferguso" + }, + "created": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was created", + "example": "2020-04-20T20:11:05.067Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "When the account was last modified", + "example": "2020-05-20T18:57:16.987Z" + }, + "activityInsights": { + "type": "object", + "description": "Insights into account activity", + "properties": { + "accountID": { + "type": "string", + "description": "UUID of the account", + "example": "c4ddd5421d8549f0abd309162cafd3b1" + }, + "usageDays": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 90, + "description": "The number of days of activity", + "example": 45 + }, + "usageDaysState": { + "type": "string", + "enum": [ + "COMPLETE", + "UNKNOWN" + ], + "description": "Status indicating if the activity is complete or unknown", + "example": "COMPLETE" + } + } + } + } + } + } + } + } + } + } + } + } + }, + "example": [ + { + "access": { + "type": "ENTITLEMENT", + "id": "2c9180857182305e01719937429e2bad", + "name": "CN=Engineering" + }, + "entitlement": { + "id": "2c9180857182305e01719937429e2bad", + "name": "CN=Engineering", + "description": "Access to the engineering database", + "privileged": false, + "owner": { + "email": "brandon.gray@acme-solar.com", + "type": "IDENTITY", + "id": "2c9180867160846801719932c5153fb7", + "name": "Brandon Gray" + }, + "attributeName": "memberOf", + "attributeValue": "CN=Engineering", + "sourceName": "ODS-AD-Source", + "hasPermissions": true, + "revocable": true, + "containsDataAccess": true, + "dataAccess": { + "policies": [ + { + "value": "GDPR-1" + }, + { + "value": "GDPR-2" + } + ], + "categories": [ + { + "value": "email-7", + "matchCount": 74 + }, + { + "value": "email-9", + "matchCount": 30 + } + ], + "impactScore": { + "value": "Medium" + } + } + } + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/identity-summaries/{identitySummaryId}": { + "get": { + "operationId": "getIdentitySummary", + "tags": [ + "Certification Summaries" + ], + "summary": "Summary for Identity", + "description": "This API returns the summary for an identity on a specified identity campaign certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity campaign certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "path", + "name": "identitySummaryId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity summary ID", + "example": "2c91808772a504f50172a9540e501ba8" + } + ], + "responses": { + "200": { + "description": "An identity summary", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the identity summary", + "example": "2c91808772a504f50172a9540e501ba7" + }, + "name": { + "type": "string", + "description": "Name of the linked identity", + "example": "Alison Ferguso" + }, + "identityId": { + "type": "string", + "description": "The ID of the identity being certified", + "example": "2c9180857182306001719937377a33de" + }, + "completed": { + "type": "boolean", + "description": "Indicates whether the review items for the linked identity's certification have been completed", + "example": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{certificationId}/access-review-items/{itemId}/permissions": { + "get": { + "operationId": "getIdentityCertificationItemPermissions", + "tags": [ + "Certifications" + ], + "summary": "Permissions for Entitlement Certification Item", + "description": "This API returns the permissions associated with an entitlement certification item based on the certification item's ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:certification:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**target**: *eq, sw*\n\n**rights**: *ca*\n\nSupported composite operators: *and, or*\n\nAll field values (second filter operands) are case-insensitive for this API.\n\nOnly a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field.\n\nFor example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22`\n\nThe following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1", + "example": "target eq \"SYS.OBJAUTH2\"" + }, + { + "in": "path", + "name": "certificationId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "path", + "name": "itemId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The certification item ID", + "example": "2c91808671bcbab40171bd945d961227" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + } + ], + "responses": { + "200": { + "description": "A list of permissions associated with the given itemId", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.", + "properties": { + "rights": { + "type": "array", + "description": "All the rights (e.g. actions) that this permission allows on the target", + "readOnly": true, + "items": { + "type": "string", + "example": "SELECT" + } + }, + "target": { + "type": "string", + "description": "The target the permission would grants rights on.", + "readOnly": true, + "example": "SYS.GV_$TRANSACTION" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/reviewers": { + "get": { + "operationId": "listCertificationReviewers", + "tags": [ + "Certifications" + ], + "summary": "List of Reviewers for certification", + "description": "This API returns a list of reviewers for the certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:certification:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**email**: *eq, sw*", + "example": "name eq \"Bob\"" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, email**", + "example": "name" + } + ], + "responses": { + "200": { + "description": "A list of reviewers", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certifications/{id}/reassign-async": { + "post": { + "operationId": "submitReassignCertsAsync", + "tags": [ + "Certifications" + ], + "summary": "Reassign Certifications Asynchronously", + "description": "This API initiates a task to reassign up to 500 identities or items in an identity campaign certification to another reviewer. The `certification-tasks` API can be used to get an updated status on the task and determine when the reassignment is complete. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:certification:write" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity campaign certification ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "reassign": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of item or identity being reassigned.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "type": { + "type": "string", + "description": "The type of item or identity being reassigned.", + "enum": [ + "TARGET_SUMMARY", + "ITEM", + "IDENTITY_SUMMARY" + ], + "example": "ITEM" + } + }, + "required": [ + "id", + "type" + ] + } + }, + "reassignTo": { + "type": "string", + "description": "The ID of the identity to which the certification is reassigned", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "reason": { + "type": "string", + "description": "The reason comment for why the reassign was made", + "example": "reassigned for some reason" + } + }, + "required": [ + "reassign", + "reassignTo", + "reason" + ] + } + } + } + }, + "responses": { + "200": { + "description": "A certification task object for the reassignment which can be queried for status.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification task.", + "example": "2c918086719eec070171a7e3355a360a" + }, + "type": { + "type": "string", + "description": "The type of the certification task. More values may be added in the future.", + "enum": [ + "REASSIGN", + "ADMIN_REASSIGN", + "COMPLETE_CERTIFICATION", + "FINISH_CERTIFICATION", + "COMPLETE_CAMPAIGN", + "ACTIVATE_CAMPAIGN", + "CAMPAIGN_CREATE", + "CAMPAIGN_DELETE" + ], + "example": "ADMIN_REASSIGN" + }, + "targetType": { + "type": "string", + "description": "The type of item that is being operated on by this task whose ID is stored in the targetId field.", + "enum": [ + "CERTIFICATION", + "CAMPAIGN" + ], + "example": "CAMPAIGN" + }, + "targetId": { + "type": "string", + "description": "The ID of the item being operated on by this task.", + "example": "2c918086719eec070171a7e3355a834c" + }, + "status": { + "type": "string", + "description": "The status of the task.", + "enum": [ + "QUEUED", + "IN_PROGRESS", + "SUCCESS", + "ERROR" + ], + "example": "QUEUED" + }, + "errors": { + "description": "A list of errors that have been encountered by the task.", + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "reassignmentTrailDTOs": { + "description": "Reassignment trails that lead to self certification identity", + "type": "array", + "items": { + "type": "object", + "properties": { + "previousOwner": { + "type": "string", + "description": "The ID of previous owner identity.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "newOwner": { + "type": "string", + "description": "The ID of new owner identity.", + "example": "ef38f94347e94562b5bb8424a56397a3" + }, + "reassignmentType": { + "type": "string", + "description": "The type of reassignment.", + "example": "AUTOMATIC_REASSIGNMENT" + } + } + }, + "example": { + "previousOwner": "ef38f94347e94562b5bb8424a56397d8", + "newOwner": "ef38f94347e94562b5bb8424a56397a3", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + } + }, + "created": { + "type": "string", + "description": "The date and time on which this task was created.", + "format": "date-time", + "example": "2020-09-24T18:10:47.693Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certification-tasks/{id}": { + "get": { + "operationId": "getCertificationTask", + "tags": [ + "Certifications" + ], + "summary": "Certification Task by ID", + "description": "This API returns the certification task for the specified ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for the specified certification can also call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:certification:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The task ID", + "example": "63b32151-26c0-42f4-9299-8898dc1c9daa" + } + ], + "responses": { + "200": { + "description": "A certification task", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification task.", + "example": "2c918086719eec070171a7e3355a360a" + }, + "type": { + "type": "string", + "description": "The type of the certification task. More values may be added in the future.", + "enum": [ + "REASSIGN", + "ADMIN_REASSIGN", + "COMPLETE_CERTIFICATION", + "FINISH_CERTIFICATION", + "COMPLETE_CAMPAIGN", + "ACTIVATE_CAMPAIGN", + "CAMPAIGN_CREATE", + "CAMPAIGN_DELETE" + ], + "example": "ADMIN_REASSIGN" + }, + "targetType": { + "type": "string", + "description": "The type of item that is being operated on by this task whose ID is stored in the targetId field.", + "enum": [ + "CERTIFICATION", + "CAMPAIGN" + ], + "example": "CAMPAIGN" + }, + "targetId": { + "type": "string", + "description": "The ID of the item being operated on by this task.", + "example": "2c918086719eec070171a7e3355a834c" + }, + "status": { + "type": "string", + "description": "The status of the task.", + "enum": [ + "QUEUED", + "IN_PROGRESS", + "SUCCESS", + "ERROR" + ], + "example": "QUEUED" + }, + "errors": { + "description": "A list of errors that have been encountered by the task.", + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "reassignmentTrailDTOs": { + "description": "Reassignment trails that lead to self certification identity", + "type": "array", + "items": { + "type": "object", + "properties": { + "previousOwner": { + "type": "string", + "description": "The ID of previous owner identity.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "newOwner": { + "type": "string", + "description": "The ID of new owner identity.", + "example": "ef38f94347e94562b5bb8424a56397a3" + }, + "reassignmentType": { + "type": "string", + "description": "The type of reassignment.", + "example": "AUTOMATIC_REASSIGNMENT" + } + } + }, + "example": { + "previousOwner": "ef38f94347e94562b5bb8424a56397d8", + "newOwner": "ef38f94347e94562b5bb8424a56397a3", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + } + }, + "created": { + "type": "string", + "description": "The date and time on which this task was created.", + "format": "date-time", + "example": "2020-09-24T18:10:47.693Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/certification-tasks": { + "get": { + "operationId": "getPendingCertificationTasks", + "tags": [ + "Certifications" + ], + "summary": "List of Pending Certification Tasks", + "description": "This API returns a list of pending (`QUEUED` or `IN_PROGRESS`) certification tasks. Any authenticated token can call this API, but only certification tasks you are authorized to review will be returned.", + "security": [ + { + "UserContextAuth": [ + "idn:certification:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "reviewer-identity", + "schema": { + "type": "string", + "example": "Ada.1de82e55078344" + }, + "description": "The ID of reviewer identity. *me* indicates the current user.", + "required": false + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string", + "example": "type eq \"ADMIN_REASSIGN\"" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**targetId**: *eq, in*\n\n**type**: *eq, in*" + } + ], + "responses": { + "200": { + "description": "A list of pending certification tasks", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification task.", + "example": "2c918086719eec070171a7e3355a360a" + }, + "type": { + "type": "string", + "description": "The type of the certification task. More values may be added in the future.", + "enum": [ + "REASSIGN", + "ADMIN_REASSIGN", + "COMPLETE_CERTIFICATION", + "FINISH_CERTIFICATION", + "COMPLETE_CAMPAIGN", + "ACTIVATE_CAMPAIGN", + "CAMPAIGN_CREATE", + "CAMPAIGN_DELETE" + ], + "example": "ADMIN_REASSIGN" + }, + "targetType": { + "type": "string", + "description": "The type of item that is being operated on by this task whose ID is stored in the targetId field.", + "enum": [ + "CERTIFICATION", + "CAMPAIGN" + ], + "example": "CAMPAIGN" + }, + "targetId": { + "type": "string", + "description": "The ID of the item being operated on by this task.", + "example": "2c918086719eec070171a7e3355a834c" + }, + "status": { + "type": "string", + "description": "The status of the task.", + "enum": [ + "QUEUED", + "IN_PROGRESS", + "SUCCESS", + "ERROR" + ], + "example": "QUEUED" + }, + "errors": { + "description": "A list of errors that have been encountered by the task.", + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "reassignmentTrailDTOs": { + "description": "Reassignment trails that lead to self certification identity", + "type": "array", + "items": { + "type": "object", + "properties": { + "previousOwner": { + "type": "string", + "description": "The ID of previous owner identity.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "newOwner": { + "type": "string", + "description": "The ID of new owner identity.", + "example": "ef38f94347e94562b5bb8424a56397a3" + }, + "reassignmentType": { + "type": "string", + "description": "The type of reassignment.", + "example": "AUTOMATIC_REASSIGNMENT" + } + } + }, + "example": { + "previousOwner": "ef38f94347e94562b5bb8424a56397d8", + "newOwner": "ef38f94347e94562b5bb8424a56397a3", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + } + }, + "created": { + "type": "string", + "description": "The date and time on which this task was created.", + "format": "date-time", + "example": "2020-09-24T18:10:47.693Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/configuration-hub/object-mappings/{sourceOrg}": { + "get": { + "operationId": "getObjectMappings", + "security": [ + { + "UserContextAuth": [ + "sp:config-object-mapping:read", + "sp:config-object-mapping:manage" + ] + } + ], + "tags": [ + "Configuration Hub" + ], + "summary": "Gets list of object mappings", + "description": "This gets a list of existing object mappings between current org and source org.\nSource org should be \"default\" when getting object mappings that are not associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:read", + "parameters": [ + { + "in": "path", + "name": "sourceOrg", + "schema": { + "type": "string" + }, + "required": true, + "description": "The name of the source org.", + "example": "source-org" + } + ], + "responses": { + "200": { + "description": "List of existing object mappings between current org and source org.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "title": "Object Mapping Response", + "properties": { + "objectMappingId": { + "type": "string", + "description": "Id of the object mapping", + "example": "3d6e0144-963f-4bd6-8d8d-d77b4e507ce4" + }, + "objectType": { + "type": "string", + "description": "Type of the object the mapping value applies to", + "example": "IDENTITY", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "ENTITLEMENT", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ] + }, + "jsonPath": { + "type": "string", + "description": "JSONPath expression denoting the path within the object where the mapping value should be applied", + "example": "$.name" + }, + "sourceValue": { + "type": "string", + "description": "Original value at the jsonPath location within the object", + "example": "My Governance Group Name" + }, + "targetValue": { + "type": "string", + "description": "Value to be assigned at the jsonPath location within the object", + "example": "My New Governance Group Name" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not this object mapping is enabled", + "default": false, + "example": false + }, + "created": { + "type": "string", + "description": "Object mapping creation timestamp", + "example": "2024-03-19T23:18:53.732Z" + }, + "modified": { + "type": "string", + "description": "Object mapping latest update timestamp", + "example": "2024-03-19T23:18:53.732Z" + } + } + } + }, + "example": [ + { + "objectMappingId": "3d6e0144-963f-4bd6-8d8d-d77b4e507ce4", + "objectType": "GOVERNANCE_GROUP", + "jsonPath": "$.description", + "sourceValue": "Sample Governance Group", + "targetValue": "Sample Governance Group - Updated", + "enabled": true, + "created": "2024-03-19T23:18:53.732Z", + "modified": "2024-03-19T23:18:53.732Z" + }, + { + "objectMappingId": "e1d5cb80-65e2-4f92-ae2e-9588f61cc4cd", + "objectType": "IDENTITY", + "jsonPath": "$.name", + "sourceValue": "SailPoint Support", + "targetValue": "john.doe", + "enabled": false, + "created": "2024-03-19T23:18:06.238Z", + "modified": "2024-03-19T23:18:06.238Z" + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createObjectMapping", + "security": [ + { + "UserContextAuth": [ + "sp:config-object-mapping:manage" + ] + } + ], + "tags": [ + "Configuration Hub" + ], + "summary": "Creates an object mapping", + "description": "This creates an object mapping between current org and source org.\nSource org should be \"default\" when creating an object mapping that is not to be associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:manage", + "parameters": [ + { + "in": "path", + "name": "sourceOrg", + "schema": { + "type": "string" + }, + "required": true, + "description": "The name of the source org.", + "example": "source-org" + } + ], + "requestBody": { + "description": "The object mapping request body.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Object Mapping Request", + "required": [ + "objectType", + "jsonPath", + "sourceValue", + "targetValue" + ], + "properties": { + "objectType": { + "type": "string", + "description": "Type of the object the mapping value applies to, must be one from enum", + "example": "IDENTITY", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "ENTITLEMENT", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ] + }, + "jsonPath": { + "type": "string", + "description": "JSONPath expression denoting the path within the object where the mapping value should be applied", + "example": "$.name" + }, + "sourceValue": { + "type": "string", + "description": "Original value at the jsonPath location within the object", + "example": "My Governance Group Name" + }, + "targetValue": { + "type": "string", + "description": "Value to be assigned at the jsonPath location within the object", + "example": "My New Governance Group Name" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not this object mapping is enabled", + "default": false, + "example": false + } + } + }, + "example": { + "objectType": "GOVERNANCE_GROUP", + "jsonPath": "$.description", + "sourceValue": "Sample Governance Group", + "targetValue": "Sample Governance Group - Updated", + "enabled": true + } + } + } + }, + "responses": { + "200": { + "description": "The created object mapping between current org and source org.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Object Mapping Response", + "properties": { + "objectMappingId": { + "type": "string", + "description": "Id of the object mapping", + "example": "3d6e0144-963f-4bd6-8d8d-d77b4e507ce4" + }, + "objectType": { + "type": "string", + "description": "Type of the object the mapping value applies to", + "example": "IDENTITY", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "ENTITLEMENT", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ] + }, + "jsonPath": { + "type": "string", + "description": "JSONPath expression denoting the path within the object where the mapping value should be applied", + "example": "$.name" + }, + "sourceValue": { + "type": "string", + "description": "Original value at the jsonPath location within the object", + "example": "My Governance Group Name" + }, + "targetValue": { + "type": "string", + "description": "Value to be assigned at the jsonPath location within the object", + "example": "My New Governance Group Name" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not this object mapping is enabled", + "default": false, + "example": false + }, + "created": { + "type": "string", + "description": "Object mapping creation timestamp", + "example": "2024-03-19T23:18:53.732Z" + }, + "modified": { + "type": "string", + "description": "Object mapping latest update timestamp", + "example": "2024-03-19T23:18:53.732Z" + } + } + }, + "example": { + "objectMappingId": "3d6e0144-963f-4bd6-8d8d-d77b4e507ce4", + "objectType": "GOVERNANCE_GROUP", + "jsonPath": "$.description", + "sourceValue": "Sample Governance Group", + "targetValue": "Sample Governance Group - Updated", + "enabled": true, + "created": "2024-03-19T23:18:53.732Z", + "modified": "2024-03-19T23:18:53.732Z" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/configuration-hub/object-mappings/{sourceOrg}/{objectMappingId}": { + "delete": { + "operationId": "deleteObjectMapping", + "security": [ + { + "UserContextAuth": [ + "sp:config-object-mapping:manage" + ] + } + ], + "tags": [ + "Configuration Hub" + ], + "summary": "Deletes an object mapping", + "description": "This deletes an existing object mapping.\nSource org should be \"default\" when deleting an object mapping that is not associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:manage", + "parameters": [ + { + "in": "path", + "name": "sourceOrg", + "schema": { + "type": "string" + }, + "required": true, + "description": "The name of the source org.", + "example": "source-org" + }, + { + "in": "path", + "name": "objectMappingId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The id of the object mapping to be deleted.", + "example": "3d6e0144-963f-4bd6-8d8d-d77b4e507ce4" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/configuration-hub/object-mappings/{sourceOrg}/bulk-create": { + "post": { + "operationId": "createObjectMappings", + "security": [ + { + "UserContextAuth": [ + "sp:config-object-mapping:manage" + ] + } + ], + "tags": [ + "Configuration Hub" + ], + "summary": "Bulk creates object mappings", + "description": "This creates a set of object mappings (Max 25) between current org and source org.\nSource org should be \"default\" when creating object mappings that are not to be associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:manage", + "parameters": [ + { + "in": "path", + "name": "sourceOrg", + "schema": { + "type": "string" + }, + "required": true, + "description": "The name of the source org.", + "example": "source-org" + } + ], + "requestBody": { + "description": "The bulk create object mapping request body.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Bulk Create Object Mapping Request", + "required": [ + "newObjectMappings" + ], + "properties": { + "newObjectMappings": { + "type": "array", + "items": { + "type": "object", + "title": "Object Mapping Request", + "required": [ + "objectType", + "jsonPath", + "sourceValue", + "targetValue" + ], + "properties": { + "objectType": { + "type": "string", + "description": "Type of the object the mapping value applies to, must be one from enum", + "example": "IDENTITY", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "ENTITLEMENT", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ] + }, + "jsonPath": { + "type": "string", + "description": "JSONPath expression denoting the path within the object where the mapping value should be applied", + "example": "$.name" + }, + "sourceValue": { + "type": "string", + "description": "Original value at the jsonPath location within the object", + "example": "My Governance Group Name" + }, + "targetValue": { + "type": "string", + "description": "Value to be assigned at the jsonPath location within the object", + "example": "My New Governance Group Name" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not this object mapping is enabled", + "default": false, + "example": false + } + } + } + } + } + }, + "example": { + "newObjectsMappings": [ + { + "objectType": "SOURCE", + "jsonPath": "$.name", + "sourceValue": "Original SOURCE Name", + "targetValue": "New SOURCE Name", + "enabled": true + }, + { + "objectType": "IDENTITY", + "jsonPath": "$.name", + "sourceValue": "Original IDENTITY Name", + "targetValue": "New IDENTITY Name ", + "enabled": true + } + ] + } + } + } + }, + "responses": { + "200": { + "description": "The created object mapping between current org and source org.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Bulk Create Object Mapping Response", + "properties": { + "addedObjects": { + "type": "array", + "items": { + "type": "object", + "title": "Object Mapping Response", + "properties": { + "objectMappingId": { + "type": "string", + "description": "Id of the object mapping", + "example": "3d6e0144-963f-4bd6-8d8d-d77b4e507ce4" + }, + "objectType": { + "type": "string", + "description": "Type of the object the mapping value applies to", + "example": "IDENTITY", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "ENTITLEMENT", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ] + }, + "jsonPath": { + "type": "string", + "description": "JSONPath expression denoting the path within the object where the mapping value should be applied", + "example": "$.name" + }, + "sourceValue": { + "type": "string", + "description": "Original value at the jsonPath location within the object", + "example": "My Governance Group Name" + }, + "targetValue": { + "type": "string", + "description": "Value to be assigned at the jsonPath location within the object", + "example": "My New Governance Group Name" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not this object mapping is enabled", + "default": false, + "example": false + }, + "created": { + "type": "string", + "description": "Object mapping creation timestamp", + "example": "2024-03-19T23:18:53.732Z" + }, + "modified": { + "type": "string", + "description": "Object mapping latest update timestamp", + "example": "2024-03-19T23:18:53.732Z" + } + } + } + } + } + }, + "example": { + "addedObjects": [ + { + "objectMappingId": "603b1a61-d03d-4ed1-864f-a508fbd1995d", + "objectType": "SOURCE", + "jsonPath": "$.name", + "sourceValue": "Original SOURCE Name", + "targetValue": "New SOURCE Name", + "enabled": true, + "created": "2024-03-25T15:50:41.314Z", + "modified": "2024-03-25T15:50:41.299Z" + }, + { + "objectMappingId": "00bece34-f50d-4227-8878-76f620b5a971", + "objectType": "IDENTITY", + "jsonPath": "$.name", + "sourceValue": "Original IDENTITY Name", + "targetValue": "New IDENTITY Name ", + "enabled": true, + "created": "2024-03-25T15:50:41.316Z", + "modified": "2024-03-25T15:50:41.316Z" + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/configuration-hub/object-mappings/{sourceOrg}/bulk-patch": { + "post": { + "operationId": "updateObjectMappings", + "security": [ + { + "UserContextAuth": [ + "sp:config-object-mapping:manage" + ] + } + ], + "tags": [ + "Configuration Hub" + ], + "summary": "Bulk updates object mappings", + "description": "This updates a set of object mappings, only enabled and targetValue fields can be updated.\nSource org should be \"default\" when updating object mappings that are not associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:manage", + "parameters": [ + { + "in": "path", + "name": "sourceOrg", + "schema": { + "type": "string" + }, + "required": true, + "description": "The name of the source org.", + "example": "source-org" + } + ], + "requestBody": { + "description": "The object mapping request body.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Bulk Update Object Mapping Request", + "required": [ + "patches" + ], + "properties": { + "patches": { + "description": "Map of id of the object mapping to a JsonPatchOperation describing what to patch on that object mapping.", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": { + "603b1a61-d03d-4ed1-864f-a508fbd1995d": [ + { + "op": "replace", + "path": "/enabled", + "value": true + } + ], + "00bece34-f50d-4227-8878-76f620b5a971": [ + { + "op": "replace", + "path": "/targetValue", + "value": "New Target Value" + } + ] + } + } + } + }, + "example": { + "patches": { + "603b1a61-d03d-4ed1-864f-a508fbd1995d": [ + { + "op": "replace", + "path": "/enabled", + "value": true + } + ], + "00bece34-f50d-4227-8878-76f620b5a971": [ + { + "op": "replace", + "path": "/targetValue", + "value": "New Target Value" + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "The updated object mappings.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Bulk Update Object Mapping Response", + "properties": { + "patchedObjects": { + "type": "array", + "items": { + "type": "object", + "title": "Object Mapping Response", + "properties": { + "objectMappingId": { + "type": "string", + "description": "Id of the object mapping", + "example": "3d6e0144-963f-4bd6-8d8d-d77b4e507ce4" + }, + "objectType": { + "type": "string", + "description": "Type of the object the mapping value applies to", + "example": "IDENTITY", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "ENTITLEMENT", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ] + }, + "jsonPath": { + "type": "string", + "description": "JSONPath expression denoting the path within the object where the mapping value should be applied", + "example": "$.name" + }, + "sourceValue": { + "type": "string", + "description": "Original value at the jsonPath location within the object", + "example": "My Governance Group Name" + }, + "targetValue": { + "type": "string", + "description": "Value to be assigned at the jsonPath location within the object", + "example": "My New Governance Group Name" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not this object mapping is enabled", + "default": false, + "example": false + }, + "created": { + "type": "string", + "description": "Object mapping creation timestamp", + "example": "2024-03-19T23:18:53.732Z" + }, + "modified": { + "type": "string", + "description": "Object mapping latest update timestamp", + "example": "2024-03-19T23:18:53.732Z" + } + } + } + } + } + }, + "example": { + "patchedObjects": [ + { + "objectMappingId": "603b1a61-d03d-4ed1-864f-a508fbd1995d", + "objectType": "SOURCE", + "jsonPath": "$.name", + "sourceValue": "Original SOURCE Name", + "targetValue": "New SOURCE Name", + "enabled": true, + "created": "2024-03-25T15:50:41.314Z", + "modified": "2024-03-25T15:50:41.299Z" + }, + { + "objectMappingId": "00bece34-f50d-4227-8878-76f620b5a971", + "objectType": "IDENTITY", + "jsonPath": "$.name", + "sourceValue": "Original IDENTITY Name", + "targetValue": "New IDENTITY Name ", + "enabled": true, + "created": "2024-03-25T15:50:41.316Z", + "modified": "2024-03-25T15:50:41.316Z" + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/configuration-hub/backups/uploads": { + "post": { + "operationId": "importUploadedBackup", + "security": [ + { + "UserContextAuth": [ + "sp:config-backups:manage" + ] + } + ], + "tags": [ + "Configuration Hub" + ], + "summary": "Uploads a backup file", + "description": "This post will upload a JSON backup file into a tenant. Configuration files can be managed and deployed via Configuration Hub by uploading a json file which contains configuration data. The JSON file should be the same as the one used by our import endpoints. The object types that currently support by upload file functionality are the same as the ones supported by our regular backup functionality. here: [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).\n\nThe request will need the following security scope:\n- sp:config:manage", + "requestBody": { + "description": "The body will consist of \"data\" which should contain the json file and name wish should be the name you want to assign to the uploaded file\"\n\n__Example__\n\n data: \"uploaded.json\",\n name: \"A_NEW_UPLOADED_BACKUP\"\n\n__Sample Upload File__\n\n {\n \"version\": 1,\n \"tenant\": \"a-sample-tenant\",\n \"objects\":\n [\n {\n \"version\": 1,\n \"self\":\n {\n \"id\": \"0a59c7196d2917f8aa6d29686e6600fb\",\n \"type\": \"SOURCE\",\n \"name\": \"Extended Form\"\n },\n \"object\":\n {\n \"id\": \"0a59c7196d2917f8aa6d29686e6600fb\",\n \"name\": \"Extended Form\",\n \"type\": \"DelimitedFile\",\n \"connectorClass\": \"sailpoint.connector.DelimitedFileConnector\",\n \"connectorScriptName\": \"delimited-file-angularsc\",\n \"description\": \"Migrated app - Extended Form (original ID: 0a59c7196d2917f8aa6d29686e6600fb)\",\n \"deleteThreshold\": 10,\n \"provisionAsCsv\": false,\n \"owner\":\n {\n \"type\": \"IDENTITY\",\n \"id\": \"0a59c7196d2917f8816d29685fed00c3\",\n \"name\": \"slpt.services\"\n },\n \"connectorAttributes\":\n {\n \"beforemoveAccount\": \"Do Nothing\",\n \"beforemoverAccount\": \"Do Nothing\",\n \"busApp\": \"false\",\n \"file\": \"Empty\",\n \"filetransport\": \"local\",\n \"filterEmptyRecords\": \"true\",\n \"group.filetransport\": \"local\",\n \"group.filterEmptyRecords\": \"true\",\n \"group.partitionMode\": \"auto\",\n \"hasHeader\": \"true\",\n \"indexColumn\": \"ID\",\n \"isCaseInsensitiveMerge\": \"false\",\n \"isSortedByIndexColumn\": \"false\",\n \"loaProcess\": \"Do Nothing\",\n \"ltdProcess\": \"Do Nothing\",\n \"mergeRows\": \"false\",\n \"moverProcess\": \"Do Nothing\",\n \"moverRevocation\": \"Do Nothing\",\n \"nativeChangeDetectionAttributeScope\": \"entitlements\",\n \"nativeChangeDetectionEnabled\": \"false\",\n \"nativeChangeProcess\": \"Do Nothing\",\n \"parseType\": \"delimited\",\n \"partitionMode\": \"auto\",\n \"policyType\": \"Do Nothing\",\n \"rehireProcess\": \"Do Nothing\",\n \"reverseleaverProcess\": \"Do Nothing\",\n \"rtwloaProcess\": \"Do Nothing\",\n \"rtwltdProcess\": \"Do Nothing\",\n \"stopIfLineHasWrongColumnLength\": \"false\",\n \"templateApplication\": \"DelimitedFile Template\",\n \"terminationProcess\": \"Do Nothing\"\n },\n \"schemas\":\n [],\n \"provisioningPolicies\":\n [],\n \"features\":\n [\n \"DIRECT_PERMISSIONS\",\n \"NO_RANDOM_ACCESS\",\n \"DISCOVER_SCHEMA\"\n ]\n }\n }\n ]\n }\n", + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "data": { + "type": "string", + "format": "binary", + "description": "JSON file containing the objects to be imported." + }, + "name": { + "type": "string", + "description": "Name that will be assigned to the uploaded file." + } + }, + "required": [ + "data", + "name" + ] + } + } + } + }, + "responses": { + "202": { + "description": "Upload job accepted and queued for processing.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "Unique id assigned to this job.", + "example": "3469b87d-48ca-439a-868f-2160001da8c1" + }, + "status": { + "type": "string", + "description": "Status of the job.", + "enum": [ + "NOT_STARTED", + "IN_PROGRESS", + "COMPLETE", + "CANCELLED", + "FAILED" + ], + "example": "COMPLETE" + }, + "type": { + "type": "string", + "description": "Type of the job, either Backup or Draft.", + "enum": [ + "BACKUP", + "DRAFT" + ], + "example": "BACKUP" + }, + "tenant": { + "type": "string", + "description": "The name of the tenant performing the upload", + "example": "uploaderTenant" + }, + "requesterName": { + "type": "string", + "description": "The name of the requester.", + "example": "support" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time the job was started.", + "example": "2021-05-11T22:23:16Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time of the last update to the job.", + "example": "2021-05-11T22:23:16Z" + }, + "name": { + "type": "string", + "description": "The name assigned to the upload file in the request body.", + "example": "A_NEW_UPLOADED_BACKUP" + }, + "userCanDelete": { + "type": "boolean", + "default": true, + "description": "Is the job a regular backup job, if so is the user allowed to delete the backup file. Since this is an upload job it remains as false.", + "example": false + }, + "isPartial": { + "type": "boolean", + "default": false, + "description": "Is the job a regular backup job, if so is it partial. Since this is an upload job it remains as false.", + "example": false + }, + "backupType": { + "type": "string", + "description": "What kind of backup is this being treated as.", + "enum": [ + "UPLOADED", + "AUTOMATED", + "MANUAL" + ], + "example": "UPLOADED" + }, + "hydrationStatus": { + "type": "string", + "description": "have the objects contained in the upload file been hydrated.", + "enum": [ + "HYDRATED", + "NOT_HYDRATED" + ], + "example": "NOT_HYDRATED" + } + }, + "required": [ + "jobId", + "status", + "type", + "created", + "modified" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.\n", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "getUploadedBackups", + "security": [ + { + "UserContextAuth": [ + "sp:config-backups:read" + ] + } + ], + "tags": [ + "Configuration Hub" + ], + "summary": "Gets list of Uploaded backups", + "description": "Returns a list of the current uploaded backups associated with the current tenant.\nA filter \"status\" can be added to only return the Completed, Failed, or Successful uploads", + "parameters": [ + { + "in": "query", + "name": "status", + "schema": { + "type": "string" + }, + "required": false, + "description": "Filter listed uploaded backups by status of operation", + "example": "COMPLETE" + } + ], + "responses": { + "200": { + "description": "List of existing uploaded backups.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "Unique id assigned to this job.", + "example": "3469b87d-48ca-439a-868f-2160001da8c1" + }, + "status": { + "type": "string", + "description": "Status of the job.", + "enum": [ + "NOT_STARTED", + "IN_PROGRESS", + "COMPLETE", + "CANCELLED", + "FAILED" + ], + "example": "COMPLETE" + }, + "type": { + "type": "string", + "description": "Type of the job, either Backup or Draft.", + "enum": [ + "BACKUP", + "DRAFT" + ], + "example": "BACKUP" + }, + "tenant": { + "type": "string", + "description": "The name of the tenant performing the upload", + "example": "uploaderTenant" + }, + "requesterName": { + "type": "string", + "description": "The name of the requester.", + "example": "support" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time the job was started.", + "example": "2021-05-11T22:23:16Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time of the last update to the job.", + "example": "2021-05-11T22:23:16Z" + }, + "name": { + "type": "string", + "description": "The name assigned to the upload file in the request body.", + "example": "A_NEW_UPLOADED_BACKUP" + }, + "userCanDelete": { + "type": "boolean", + "default": true, + "description": "Is the job a regular backup job, if so is the user allowed to delete the backup file. Since this is an upload job it remains as false.", + "example": false + }, + "isPartial": { + "type": "boolean", + "default": false, + "description": "Is the job a regular backup job, if so is it partial. Since this is an upload job it remains as false.", + "example": false + }, + "backupType": { + "type": "string", + "description": "What kind of backup is this being treated as.", + "enum": [ + "UPLOADED", + "AUTOMATED", + "MANUAL" + ], + "example": "UPLOADED" + }, + "hydrationStatus": { + "type": "string", + "description": "have the objects contained in the upload file been hydrated.", + "enum": [ + "HYDRATED", + "NOT_HYDRATED" + ], + "example": "NOT_HYDRATED" + } + }, + "required": [ + "jobId", + "status", + "type", + "created", + "modified" + ] + } + }, + "example": [ + { + "jobId": "3d0fe04b-57df-4a46-a83b-8f04b0f9d10b", + "status": "FAILED", + "type": "BACKUP", + "tenant": "someTenant", + "message": "com.sailpoint.sp.config.exception.IncorrectBackupUploadFormatException: Uploaded backup file could not be parsed to correct format.", + "requesterName": "support", + "fileExists": false, + "created": "2024-04-04T17:29:16.904Z", + "modified": "2024-04-04T17:29:17.076Z", + "name": "dfs", + "userCanDelete": false, + "isPartial": false, + "backupType": "UPLOADED", + "hydrationStatus": "NOT_HYDRATED", + "totalObjectCount": 0 + }, + { + "jobId": "281d421c-0643-4004-9fe5-29a95d2f73df", + "status": "COMPLETE", + "type": "BACKUP", + "tenant": "someTenant", + "requesterName": "support", + "fileExists": true, + "created": "2024-03-07T21:11:00.375Z", + "modified": "2024-03-07T21:11:25.046Z", + "completed": "2024-03-07T21:11:00.66Z", + "name": "test1", + "userCanDelete": false, + "isPartial": false, + "backupType": "UPLOADED", + "hydrationStatus": "HYDRATED", + "totalObjectCount": 64 + }, + { + "jobId": "4831ad5c-f6cf-42a6-a191-8c4abec30006", + "status": "COMPLETE", + "type": "BACKUP", + "tenant": "someTenant", + "requesterName": "support", + "fileExists": true, + "created": "2024-02-26T18:19:26.312Z", + "modified": "2024-02-26T18:19:40.773Z", + "completed": "2024-02-26T18:19:26.545Z", + "name": "testing Daniel", + "userCanDelete": false, + "isPartial": false, + "backupType": "UPLOADED", + "hydrationStatus": "HYDRATED", + "totalObjectCount": 64 + }, + { + "jobId": "2ea830f3-2b14-4772-8a20-3d006742e419", + "status": "COMPLETE", + "type": "BACKUP", + "tenant": "someTenant", + "requesterName": "support", + "fileExists": true, + "created": "2024-02-20T22:08:31.064Z", + "modified": "2024-02-20T22:13:15.662Z", + "completed": "2024-02-20T22:08:31.689Z", + "name": "something new", + "userCanDelete": false, + "isPartial": false, + "backupType": "UPLOADED", + "hydrationStatus": "HYDRATED", + "totalObjectCount": 2 + }, + { + "jobId": "473b5cef-90e4-4cb3-ad43-7671c17d3a46", + "status": "COMPLETE", + "type": "BACKUP", + "tenant": "someTenant", + "requesterName": "support", + "fileExists": true, + "created": "2024-02-19T21:30:07.947Z", + "modified": "2024-02-19T21:31:01.65Z", + "completed": "2024-02-19T21:30:08.195Z", + "name": "test upload", + "userCanDelete": false, + "isPartial": false, + "backupType": "UPLOADED", + "hydrationStatus": "HYDRATED", + "totalObjectCount": 2 + }, + { + "jobId": "09491993-9cb6-49a7-8d37-8bef54d33502", + "status": "COMPLETE", + "type": "BACKUP", + "tenant": "someTenant", + "requesterName": "support", + "fileExists": true, + "created": "2024-02-19T19:54:15.373Z", + "modified": "2024-02-19T20:39:00.341Z", + "completed": "2024-02-19T19:54:15.605Z", + "name": "Testing Daniel", + "userCanDelete": false, + "isPartial": false, + "backupType": "UPLOADED", + "hydrationStatus": "HYDRATED", + "totalObjectCount": 2 + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/configuration-hub/backups/uploads/{id}": { + "delete": { + "operationId": "deleteUploadedBackup", + "security": [ + { + "UserContextAuth": [ + "sp:config-backups:manage", + "sp:config-backups:read" + ] + } + ], + "tags": [ + "Configuration Hub" + ], + "summary": "Deletes an uploaded backup file", + "description": "This deletes an Uploaded backup based on job ID.\nOn success, this endpoint will return an empty response.\nThe job id can be obtained from the response after a successful upload, or the list uploads endpoint.\nThe following scopes are required to access this endpoint: sp:config:manage", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The id of the uploaded backup.", + "example": "3d0fe04b-57df-4a46-a83b-8f04b0f9d10b" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "getUploadedBackup", + "security": [ + { + "UserContextAuth": [ + "sp:config-backups:read" + ] + } + ], + "tags": [ + "Configuration Hub" + ], + "summary": "Get an uploaded backup's information", + "description": "Returns all the information and status of an upload job.\n- sp:config-backups:read", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The id of the uploaded backup.", + "example": "3d0fe04b-57df-4a46-a83b-8f04b0f9d10b" + } + ], + "responses": { + "200": { + "description": "List of existing uploaded backups.", + "content": { + "application/json": { + "schema": { + "type": "object", + "items": { + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "Unique id assigned to this job.", + "example": "3469b87d-48ca-439a-868f-2160001da8c1" + }, + "status": { + "type": "string", + "description": "Status of the job.", + "enum": [ + "NOT_STARTED", + "IN_PROGRESS", + "COMPLETE", + "CANCELLED", + "FAILED" + ], + "example": "COMPLETE" + }, + "type": { + "type": "string", + "description": "Type of the job, either Backup or Draft.", + "enum": [ + "BACKUP", + "DRAFT" + ], + "example": "BACKUP" + }, + "tenant": { + "type": "string", + "description": "The name of the tenant performing the upload", + "example": "uploaderTenant" + }, + "requesterName": { + "type": "string", + "description": "The name of the requester.", + "example": "support" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time the job was started.", + "example": "2021-05-11T22:23:16Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time of the last update to the job.", + "example": "2021-05-11T22:23:16Z" + }, + "name": { + "type": "string", + "description": "The name assigned to the upload file in the request body.", + "example": "A_NEW_UPLOADED_BACKUP" + }, + "userCanDelete": { + "type": "boolean", + "default": true, + "description": "Is the job a regular backup job, if so is the user allowed to delete the backup file. Since this is an upload job it remains as false.", + "example": false + }, + "isPartial": { + "type": "boolean", + "default": false, + "description": "Is the job a regular backup job, if so is it partial. Since this is an upload job it remains as false.", + "example": false + }, + "backupType": { + "type": "string", + "description": "What kind of backup is this being treated as.", + "enum": [ + "UPLOADED", + "AUTOMATED", + "MANUAL" + ], + "example": "UPLOADED" + }, + "hydrationStatus": { + "type": "string", + "description": "have the objects contained in the upload file been hydrated.", + "enum": [ + "HYDRATED", + "NOT_HYDRATED" + ], + "example": "NOT_HYDRATED" + } + }, + "required": [ + "jobId", + "status", + "type", + "created", + "modified" + ] + } + }, + "example": { + "jobId": "2ea830f3-2b14-4772-8a20-3d006742e419", + "status": "COMPLETE", + "type": "BACKUP", + "tenant": "someTenant", + "requesterName": "support", + "fileExists": true, + "created": "2024-02-20T22:08:31.064Z", + "modified": "2024-02-20T22:13:15.662Z", + "completed": "2024-02-20T22:08:31.689Z", + "name": "something new", + "userCanDelete": false, + "isPartial": false, + "backupType": "UPLOADED", + "hydrationStatus": "HYDRATED", + "totalObjectCount": 2 + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/connectors/{scriptName}": { + "get": { + "tags": [ + "Connectors" + ], + "operationId": "getConnector", + "summary": "Gets connector by script name", + "description": "Fetches a connector that using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + }, + { + "in": "query", + "name": "locale", + "schema": { + "type": "string", + "enum": [ + "de", + "no", + "fi", + "sv", + "ru", + "pt", + "ko", + "zh-TW", + "en", + "it", + "fr", + "zh-CN", + "hu", + "es", + "cs", + "ja", + "pl", + "da", + "nl" + ], + "example": "de" + }, + "description": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"" + } + ], + "responses": { + "200": { + "description": "A Connector Dto object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The connector name", + "example": "name" + }, + "type": { + "type": "string", + "description": "The connector type", + "example": "ServiceNow" + }, + "className": { + "type": "string", + "description": "The connector class name", + "example": "class name" + }, + "scriptName": { + "type": "string", + "description": "The connector script name", + "example": "servicenow" + }, + "applicationXml": { + "type": "string", + "description": "The connector application xml", + "example": "\n\n\n" + }, + "correlationConfigXml": { + "type": "string", + "description": "The connector correlation config xml", + "example": "\n\n\n\n\n\n\t\n\t\t\n\t\t\n\t\t\n\t\n\n" + }, + "sourceConfigXml": { + "type": "string", + "description": "The connector source config xml", + "example": "
\n \n \n \n \n\n \n
" + }, + "sourceConfig": { + "type": "string", + "description": "The connector source config", + "example": "
\n \n \n \n \n\n \n
" + }, + "sourceConfigFrom": { + "type": "string", + "description": "The connector source config origin", + "example": "sp-connect" + }, + "s3Location": { + "type": "string", + "description": "storage path key for this connector", + "example": "custom-connector/scriptname" + }, + "uploadedFiles": { + "type": "array", + "description": "The list of uploaded files supported by the connector. If there was any executable files uploaded to thee connector. Typically this be empty as the executable be uploaded at source creation.", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "pod/org/connectorFiles/testconnector/test1.jar" + ] + }, + "fileUpload": { + "type": "boolean", + "description": "true if the source is file upload", + "example": true, + "default": false + }, + "directConnect": { + "type": "boolean", + "description": "true if the source is a direct connect source", + "example": true, + "default": false + }, + "translationProperties": { + "type": "object", + "description": "A map containing translation attributes by loacale key", + "additionalProperties": true, + "example": { + "de": "# Copyright (C) 2024 SailPoint Technologies, Inc. All rights reserved.\n# DO NOT EDIT. This file is generated by \"sailpointTranslate\" command.\nmenuLabel_ConnectionSettings=Verbindungseinstellungen\nmenuLabel_AggregationSettings=Aggregationseinstellungen\nsectionLabel_AuthenticationSettings=Verbindungseinstellungen\nsectionLabel_AggregationSettings=Aggregationseinstellungen\nsectionInfo_AuthenticationSettings=Konfigurieren Sie eine direkte Verbindung zwischen der Quelle Delinea Secret Server On-Premise und IdentityNow.

Geben Sie bei Zeit\\u00fcberschreitung bei Verbindung die maximal erlaubte Zeitdauer (in Minuten) f\\u00fcr die Verbindung von IdentityNow mit der Quelle ein.

Geben Sie die Host-URL der Delinea-SCIM-Serverquelle ein.

Geben Sie den API-Token der Quelle zur Authentifizierung ein.\nsectionInfo_AggregationSettings=Geben Sie die Einstellungen f\\u00fcr Ihre Aggregation an.

Geben Sie in das Feld Seitengr\\u00f6\\u00dfe die Anzahl an Kontoeintr\\u00e4gen ein, die auf einer einzelnen Seite aggregiert werden sollen, wenn gro\\u00dfe Datens\\u00e4tze durchlaufen werden.
\\n
Geben Sie im Kontofilter die Bedingungen f\\u00fcr den Kontofilter an. Beispiel: userName sw \"S\"

Geben Sie im Gruppenfilter die Gruppenfilterbedingungen an. Beispiel: displayName sw \"S\".\nplaceHolder_accAggregation=userName sw \"S\"\nplaceHolder_grpAggregation=displayName sw \"S\"\nplaceHolder_host=https://{Delinea_SCIM_Server_host}/v2\ndocLinkLabel_AuthenticationSettings=Mehr \\u00fcber Verbindungseinstellungen\ndocLinkLabel_Filters=Mehr \\u00fcber Konto- und Gruppenfilter\nHostURL=Host-URL\nConnectionTimeout=Zeit\\u00fcberschreitung bei Verbindung\nAPI_TOKEN=API-Token\nJSONPathMapping=JSON-Path-Attribut-Mapping\nFilterConditionForAccounts=Kontofilter\nFilterConditionForGroups=Gruppenfilter\nPage_Size=Seitengr\\u00f6\\u00dfe\nSchemaAttribute=Schema-Attribut\nJSONpath=JSON-Pfad\nShortDesc=Das Integrationsmodul IdentityNow f\\u00fcr Delinea Secret Server On-Premise bietet die M\\u00f6glichkeit einer tiefen Governance f\\u00fcr Konten und Gruppen. Es unterst\\u00fctzt au\\u00dferdem das End-to-End-Lebenszyklus-Management." + } + }, + "connectorMetadata": { + "type": "object", + "description": "A map containing metadata pertinent to the UI to be used", + "additionalProperties": true, + "example": { + "supportedUI": "EXTJS", + "platform": "ccg", + "shortDesc": "connector description" + } + }, + "status": { + "type": "string", + "enum": [ + "DEPRECATED", + "DEVELOPMENT", + "DEMO", + "RELEASED" + ], + "description": "The connector status", + "example": "RELEASED" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:read" + ] + } + ] + }, + "delete": { + "tags": [ + "Connectors" + ], + "operationId": "deleteCustomConnector", + "summary": "Deletes connector by script name", + "description": "Delete a custom connector that using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + } + ], + "responses": { + "204": { + "description": "The custom connector was successfully deleted." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:delete" + ] + } + ] + }, + "patch": { + "tags": [ + "Connectors" + ], + "operationId": "updateConnector", + "summary": "Update connector by script name", + "description": "Patch a custom connector that using its script name.\nA token with ORG_ADMIN authority is required to call this API. The following fields are patchable: * connectorMetadata * applicationXml * correlationConfigXml * sourceConfigXml", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + } + ], + "requestBody": { + "required": true, + "description": "A list of connector detail update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "A updated Connector Dto object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The connector name", + "example": "name" + }, + "type": { + "type": "string", + "description": "The connector type", + "example": "ServiceNow" + }, + "className": { + "type": "string", + "description": "The connector class name", + "example": "class name" + }, + "scriptName": { + "type": "string", + "description": "The connector script name", + "example": "servicenow" + }, + "applicationXml": { + "type": "string", + "description": "The connector application xml", + "example": "\n\n\n" + }, + "correlationConfigXml": { + "type": "string", + "description": "The connector correlation config xml", + "example": "\n\n\n\n\n\n\t\n\t\t\n\t\t\n\t\t\n\t\n\n" + }, + "sourceConfigXml": { + "type": "string", + "description": "The connector source config xml", + "example": "
\n \n \n \n \n\n \n
" + }, + "sourceConfig": { + "type": "string", + "description": "The connector source config", + "example": "
\n \n \n \n \n\n \n
" + }, + "sourceConfigFrom": { + "type": "string", + "description": "The connector source config origin", + "example": "sp-connect" + }, + "s3Location": { + "type": "string", + "description": "storage path key for this connector", + "example": "custom-connector/scriptname" + }, + "uploadedFiles": { + "type": "array", + "description": "The list of uploaded files supported by the connector. If there was any executable files uploaded to thee connector. Typically this be empty as the executable be uploaded at source creation.", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "pod/org/connectorFiles/testconnector/test1.jar" + ] + }, + "fileUpload": { + "type": "boolean", + "description": "true if the source is file upload", + "example": true, + "default": false + }, + "directConnect": { + "type": "boolean", + "description": "true if the source is a direct connect source", + "example": true, + "default": false + }, + "translationProperties": { + "type": "object", + "description": "A map containing translation attributes by loacale key", + "additionalProperties": true, + "example": { + "de": "# Copyright (C) 2024 SailPoint Technologies, Inc. All rights reserved.\n# DO NOT EDIT. This file is generated by \"sailpointTranslate\" command.\nmenuLabel_ConnectionSettings=Verbindungseinstellungen\nmenuLabel_AggregationSettings=Aggregationseinstellungen\nsectionLabel_AuthenticationSettings=Verbindungseinstellungen\nsectionLabel_AggregationSettings=Aggregationseinstellungen\nsectionInfo_AuthenticationSettings=Konfigurieren Sie eine direkte Verbindung zwischen der Quelle Delinea Secret Server On-Premise und IdentityNow.

Geben Sie bei Zeit\\u00fcberschreitung bei Verbindung die maximal erlaubte Zeitdauer (in Minuten) f\\u00fcr die Verbindung von IdentityNow mit der Quelle ein.

Geben Sie die Host-URL der Delinea-SCIM-Serverquelle ein.

Geben Sie den API-Token der Quelle zur Authentifizierung ein.\nsectionInfo_AggregationSettings=Geben Sie die Einstellungen f\\u00fcr Ihre Aggregation an.

Geben Sie in das Feld Seitengr\\u00f6\\u00dfe die Anzahl an Kontoeintr\\u00e4gen ein, die auf einer einzelnen Seite aggregiert werden sollen, wenn gro\\u00dfe Datens\\u00e4tze durchlaufen werden.
\\n
Geben Sie im Kontofilter die Bedingungen f\\u00fcr den Kontofilter an. Beispiel: userName sw \"S\"

Geben Sie im Gruppenfilter die Gruppenfilterbedingungen an. Beispiel: displayName sw \"S\".\nplaceHolder_accAggregation=userName sw \"S\"\nplaceHolder_grpAggregation=displayName sw \"S\"\nplaceHolder_host=https://{Delinea_SCIM_Server_host}/v2\ndocLinkLabel_AuthenticationSettings=Mehr \\u00fcber Verbindungseinstellungen\ndocLinkLabel_Filters=Mehr \\u00fcber Konto- und Gruppenfilter\nHostURL=Host-URL\nConnectionTimeout=Zeit\\u00fcberschreitung bei Verbindung\nAPI_TOKEN=API-Token\nJSONPathMapping=JSON-Path-Attribut-Mapping\nFilterConditionForAccounts=Kontofilter\nFilterConditionForGroups=Gruppenfilter\nPage_Size=Seitengr\\u00f6\\u00dfe\nSchemaAttribute=Schema-Attribut\nJSONpath=JSON-Pfad\nShortDesc=Das Integrationsmodul IdentityNow f\\u00fcr Delinea Secret Server On-Premise bietet die M\\u00f6glichkeit einer tiefen Governance f\\u00fcr Konten und Gruppen. Es unterst\\u00fctzt au\\u00dferdem das End-to-End-Lebenszyklus-Management." + } + }, + "connectorMetadata": { + "type": "object", + "description": "A map containing metadata pertinent to the UI to be used", + "additionalProperties": true, + "example": { + "supportedUI": "EXTJS", + "platform": "ccg", + "shortDesc": "connector description" + } + }, + "status": { + "type": "string", + "enum": [ + "DEPRECATED", + "DEVELOPMENT", + "DEMO", + "RELEASED" + ], + "description": "The connector status", + "example": "RELEASED" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:update" + ] + } + ] + } + }, + "/connectors": { + "get": { + "tags": [ + "Connectors" + ], + "operationId": "getConnectorList", + "summary": "Gets connector list", + "description": "Fetches list of connectors that have 'RELEASED' status using filtering and pagination.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw, co*\n\n**type**: *sw, co, eq*\n\n**directConnect**: *eq*\n\n**category**: *eq*\n\n**features**: *ca*\n\n**labels**: *ca*", + "example": "directConnect eq \"true\"" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "locale", + "schema": { + "type": "string", + "enum": [ + "de", + "no", + "fi", + "sv", + "ru", + "pt", + "ko", + "zh-TW", + "en", + "it", + "fr", + "zh-CN", + "hu", + "es", + "cs", + "ja", + "pl", + "da", + "nl" + ], + "example": "de" + }, + "description": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"" + } + ], + "responses": { + "200": { + "description": "A Connector Dto object", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "title": "custom connector response object", + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The connector name", + "example": "name" + }, + "type": { + "type": "string", + "description": "The connector type", + "example": "ServiceNow" + }, + "scriptName": { + "type": "string", + "description": "The connector script name", + "example": "servicenow" + }, + "className": { + "type": "string", + "nullable": true, + "description": "The connector class name.", + "example": "sailpoint.connector.OpenConnectorAdapter" + }, + "features": { + "type": "array", + "description": "The list of features supported by the connector", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "PROVISIONING", + "SYNC_PROVISIONING", + "SEARCH", + "UNSTRUCTURED_TARGETS" + ] + }, + "directConnect": { + "type": "boolean", + "description": "true if the source is a direct connect source", + "example": true, + "default": false + }, + "connectorMetadata": { + "type": "object", + "additionalProperties": true, + "description": "A map containing metadata pertinent to the connector", + "example": { + "supportedUI": "ANGULAR", + "platform": "ccg", + "shortDesc": "connector description" + } + }, + "status": { + "type": "string", + "enum": [ + "DEPRECATED", + "DEVELOPMENT", + "DEMO", + "RELEASED" + ], + "description": "The connector status", + "example": "RELEASED" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-source-config:read" + ] + } + ] + }, + "post": { + "tags": [ + "Connectors" + ], + "operationId": "createCustomConnector", + "summary": "Create custom connector", + "description": "Create custom connector.\nA token with ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "title": "custom connector create request", + "type": "object", + "required": [ + "name", + "className" + ], + "properties": { + "name": { + "type": "string", + "description": "The connector name. Need to be unique per tenant. The name will able be used to derive a url friendly unique scriptname that will be in response. Script name can then be used for all update endpoints", + "example": "custom connector" + }, + "type": { + "type": "string", + "description": "The connector type. If not specified will be defaulted to 'custom '+name", + "example": "custom connector type" + }, + "className": { + "type": "string", + "description": "The connector class name. If you are implementing openconnector standard (what is recommended), then this need to be set to sailpoint.connector.OpenConnectorAdapter", + "example": "sailpoint.connector.OpenConnectorAdapter" + }, + "directConnect": { + "type": "boolean", + "description": "true if the source is a direct connect source", + "default": true, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "DEVELOPMENT", + "DEMO", + "RELEASED" + ], + "description": "The connector status", + "example": "RELEASED" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "A Connector Dto object", + "content": { + "application/json": { + "schema": { + "title": "custom connector response object", + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The connector name", + "example": "name" + }, + "type": { + "type": "string", + "description": "The connector type", + "example": "ServiceNow" + }, + "scriptName": { + "type": "string", + "description": "The connector script name", + "example": "servicenow" + }, + "className": { + "type": "string", + "nullable": true, + "description": "The connector class name.", + "example": "sailpoint.connector.OpenConnectorAdapter" + }, + "features": { + "type": "array", + "description": "The list of features supported by the connector", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "PROVISIONING", + "SYNC_PROVISIONING", + "SEARCH", + "UNSTRUCTURED_TARGETS" + ] + }, + "directConnect": { + "type": "boolean", + "description": "true if the source is a direct connect source", + "example": true, + "default": false + }, + "connectorMetadata": { + "type": "object", + "additionalProperties": true, + "description": "A map containing metadata pertinent to the connector", + "example": { + "supportedUI": "ANGULAR", + "platform": "ccg", + "shortDesc": "connector description" + } + }, + "status": { + "type": "string", + "enum": [ + "DEPRECATED", + "DEVELOPMENT", + "DEMO", + "RELEASED" + ], + "description": "The connector status", + "example": "RELEASED" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:create" + ] + } + ] + } + }, + "/connectors/{scriptName}/source-config": { + "get": { + "tags": [ + "Connectors" + ], + "operationId": "getConnectorSourceConfig", + "description": "Fetches a connector's source config using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + } + ], + "responses": { + "200": { + "description": "The connector's source template", + "content": { + "application/xml": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:read" + ] + } + ] + }, + "put": { + "tags": [ + "Connectors" + ], + "operationId": "putSourceConfig", + "description": "Update a connector's source config using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "required": [ + "file" + ], + "properties": { + "file": { + "type": "string", + "description": "connector source config xml file", + "format": "binary" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The connector's update detail", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "The detailed message for an update. Typically the relevent error message when status is error.", + "example": "unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config" + }, + "scriptName": { + "type": "string", + "description": "The connector script name", + "example": "servicenow" + }, + "updatedFiles": { + "type": "array", + "description": "The list of updated files supported by the connector", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "pod/org/connectorFiles/testconnector/test1.jar" + ] + }, + "status": { + "type": "string", + "enum": [ + "ERROR", + "UPDATED", + "UNCHANGED", + "SKIPPED" + ], + "description": "The connector update status", + "example": "ERROR" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:update" + ] + } + ] + } + }, + "/connectors/{scriptName}/translations/{locale}": { + "get": { + "tags": [ + "Connectors" + ], + "operationId": "getConnectorTranslations", + "description": "Fetches a connector's translations using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + }, + { + "name": "locale", + "in": "path", + "required": true, + "schema": { + "type": "string", + "enum": [ + "de", + "no", + "fi", + "sv", + "ru", + "pt", + "ko", + "zh-TW", + "en", + "it", + "fr", + "zh-CN", + "hu", + "es", + "cs", + "ja", + "pl", + "da", + "nl" + ], + "example": "de" + }, + "description": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"" + } + ], + "responses": { + "200": { + "description": "The connector's translations", + "content": { + "text/plain": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:read" + ] + } + ] + }, + "put": { + "tags": [ + "Connectors" + ], + "operationId": "putTranslations", + "description": "Update a connector's translations using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + }, + { + "name": "locale", + "in": "path", + "required": true, + "schema": { + "type": "string", + "enum": [ + "de", + "no", + "fi", + "sv", + "ru", + "pt", + "ko", + "zh-TW", + "en", + "it", + "fr", + "zh-CN", + "hu", + "es", + "cs", + "ja", + "pl", + "da", + "nl" + ], + "example": "de" + }, + "description": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"" + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object" + } + } + } + }, + "responses": { + "200": { + "description": "The connector's update detail", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "The detailed message for an update. Typically the relevent error message when status is error.", + "example": "unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config" + }, + "scriptName": { + "type": "string", + "description": "The connector script name", + "example": "servicenow" + }, + "updatedFiles": { + "type": "array", + "description": "The list of updated files supported by the connector", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "pod/org/connectorFiles/testconnector/test1.jar" + ] + }, + "status": { + "type": "string", + "enum": [ + "ERROR", + "UPDATED", + "UNCHANGED", + "SKIPPED" + ], + "description": "The connector update status", + "example": "ERROR" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:update" + ] + } + ] + } + }, + "/connectors/{scriptName}/source-template": { + "get": { + "tags": [ + "Connectors" + ], + "operationId": "getConnectorSourceTemplate", + "description": "Fetches a connector's source template using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + } + ], + "responses": { + "200": { + "description": "The connector's source template", + "content": { + "application/xml": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:read" + ] + } + ] + }, + "put": { + "tags": [ + "Connectors" + ], + "operationId": "putSourceTemplate", + "description": "Update a connector's source template using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "required": [ + "file" + ], + "properties": { + "file": { + "type": "string", + "description": "connector source template xml file", + "format": "binary" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The connector's update detail", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "The detailed message for an update. Typically the relevent error message when status is error.", + "example": "unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config" + }, + "scriptName": { + "type": "string", + "description": "The connector script name", + "example": "servicenow" + }, + "updatedFiles": { + "type": "array", + "description": "The list of updated files supported by the connector", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "pod/org/connectorFiles/testconnector/test1.jar" + ] + }, + "status": { + "type": "string", + "enum": [ + "ERROR", + "UPDATED", + "UNCHANGED", + "SKIPPED" + ], + "description": "The connector update status", + "example": "ERROR" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:update" + ] + } + ] + } + }, + "/connectors/{scriptName}/correlation-config": { + "get": { + "tags": [ + "Connectors" + ], + "operationId": "getConnectorCorrelationConfig", + "description": "Fetches a connector's correlation config using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + } + ], + "responses": { + "200": { + "description": "The connector's correlation config", + "content": { + "application/xml": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:read" + ] + } + ] + }, + "put": { + "tags": [ + "Connectors" + ], + "operationId": "putCorrelationConfig", + "description": "Update a connector's correlation config using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "required": [ + "file" + ], + "properties": { + "file": { + "type": "string", + "description": "connector correlation config xml file", + "format": "binary" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The connector's update detail", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "The detailed message for an update. Typically the relevent error message when status is error.", + "example": "unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config" + }, + "scriptName": { + "type": "string", + "description": "The connector script name", + "example": "servicenow" + }, + "updatedFiles": { + "type": "array", + "description": "The list of updated files supported by the connector", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "pod/org/connectorFiles/testconnector/test1.jar" + ] + }, + "status": { + "type": "string", + "enum": [ + "ERROR", + "UPDATED", + "UNCHANGED", + "SKIPPED" + ], + "description": "The connector update status", + "example": "ERROR" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:connector-config:update" + ] + } + ] + } + }, + "/identities/{identity-id}/set-lifecycle-state": { + "post": { + "operationId": "setLifecycleState", + "tags": [ + "Lifecycle States" + ], + "summary": "Set Lifecycle State", + "description": "Use this API to set/update an identity's lifecycle state to the one provided and update the corresponding identity profile.\nA token with ORG_ADMIN or API authority and the appropriate user context is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-lifecycle-state:update" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identity-id", + "description": "ID of the identity to update.", + "required": true, + "example": "2c9180857893f1290178944561990364", + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "lifecycleStateId": { + "type": "string", + "description": "ID of the lifecycle state to set.", + "example": "2c9180877a86e408017a8c19fefe046c" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "accountActivityId": { + "type": "string", + "example": "2c9180837ab5b716017ab7c6c9ef1e20", + "description": "ID of the IdentityRequest object that is generated when the workflow launches. To follow the IdentityRequest, you can provide this ID with a [Get Account Activity request](https://developer.sailpoint.com/docs/api/v3/get-account-activity/). The response will contain relevant information about the IdentityRequest, such as its status." + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identity-profiles/{identity-profile-id}/lifecycle-states": { + "get": { + "operationId": "getLifecycleStates", + "tags": [ + "Lifecycle States" + ], + "summary": "Lists LifecycleStates", + "description": "Use this endpoint to list all lifecycle states by their associated identity profiles. \nA token with API, or ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-lifecycle-state:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "description": "Identity profile ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "created,modified", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**" + } + ], + "responses": { + "200": { + "description": "List of LifecycleState objects.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "technicalName" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "example": true, + "description": "Indicates whether the lifecycle state is enabled or disabled." + }, + "technicalName": { + "type": "string", + "example": "Technical Name", + "description": "The lifecycle state's technical name. This is for internal use." + }, + "description": { + "type": "string", + "example": "Lifecycle description", + "description": "Lifecycle state's description." + }, + "identityCount": { + "type": "integer", + "format": "int32", + "example": 42, + "readOnly": true, + "description": "Number of identities that have the lifecycle state." + }, + "emailNotificationOption": { + "type": "object", + "description": "This is used for representing email configuration for a lifecycle state", + "properties": { + "notifyManagers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the manager is notified of the lifecycle state change." + }, + "notifyAllAdmins": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then all the admins are notified of the lifecycle state change." + }, + "notifySpecificUsers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the users specified in \"emailAddressList\" below are notified of lifecycle state change." + }, + "emailAddressList": { + "type": "array", + "example": [ + "test@test.com", + "test2@test.com" + ], + "items": { + "type": "string" + }, + "description": "List of user email addresses. If \"notifySpecificUsers\" option is true, then these users are notified of lifecycle state change." + } + } + }, + "accountActions": { + "type": "array", + "items": { + "type": "object", + "description": "Object for specifying Actions to be performed on a specified list of sources' account.", + "properties": { + "action": { + "example": "ENABLE", + "type": "string", + "description": "Describes if action will be enabled or disabled", + "enum": [ + "ENABLE", + "DISABLE" + ] + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique source IDs. The sources must have the ENABLE feature or flat file source. See \"/sources\" endpoint for source features." + } + } + } + }, + "accessProfileIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique access-profile IDs that are associated with the lifecycle state." + }, + "identityState": { + "type": "string", + "nullable": true, + "example": null, + "description": "The lifecycle state's associated identity state. This field is generally 'null'." + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createLifecycleState", + "tags": [ + "Lifecycle States" + ], + "summary": "Create Lifecycle State", + "description": "Use this endpoint to create a lifecycle state.\nA token with ORG_ADMIN or API authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-lifecycle-state:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "description": "Identity profile ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + } + ], + "requestBody": { + "description": "Lifecycle state to be created.", + "required": true, + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "technicalName" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "example": true, + "description": "Indicates whether the lifecycle state is enabled or disabled." + }, + "technicalName": { + "type": "string", + "example": "Technical Name", + "description": "The lifecycle state's technical name. This is for internal use." + }, + "description": { + "type": "string", + "example": "Lifecycle description", + "description": "Lifecycle state's description." + }, + "identityCount": { + "type": "integer", + "format": "int32", + "example": 42, + "readOnly": true, + "description": "Number of identities that have the lifecycle state." + }, + "emailNotificationOption": { + "type": "object", + "description": "This is used for representing email configuration for a lifecycle state", + "properties": { + "notifyManagers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the manager is notified of the lifecycle state change." + }, + "notifyAllAdmins": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then all the admins are notified of the lifecycle state change." + }, + "notifySpecificUsers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the users specified in \"emailAddressList\" below are notified of lifecycle state change." + }, + "emailAddressList": { + "type": "array", + "example": [ + "test@test.com", + "test2@test.com" + ], + "items": { + "type": "string" + }, + "description": "List of user email addresses. If \"notifySpecificUsers\" option is true, then these users are notified of lifecycle state change." + } + } + }, + "accountActions": { + "type": "array", + "items": { + "type": "object", + "description": "Object for specifying Actions to be performed on a specified list of sources' account.", + "properties": { + "action": { + "example": "ENABLE", + "type": "string", + "description": "Describes if action will be enabled or disabled", + "enum": [ + "ENABLE", + "DISABLE" + ] + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique source IDs. The sources must have the ENABLE feature or flat file source. See \"/sources\" endpoint for source features." + } + } + } + }, + "accessProfileIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique access-profile IDs that are associated with the lifecycle state." + }, + "identityState": { + "type": "string", + "nullable": true, + "example": null, + "description": "The lifecycle state's associated identity state. This field is generally 'null'." + } + } + } + ] + } + } + } + }, + "responses": { + "201": { + "description": "Created LifecycleState object.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "technicalName" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "example": true, + "description": "Indicates whether the lifecycle state is enabled or disabled." + }, + "technicalName": { + "type": "string", + "example": "Technical Name", + "description": "The lifecycle state's technical name. This is for internal use." + }, + "description": { + "type": "string", + "example": "Lifecycle description", + "description": "Lifecycle state's description." + }, + "identityCount": { + "type": "integer", + "format": "int32", + "example": 42, + "readOnly": true, + "description": "Number of identities that have the lifecycle state." + }, + "emailNotificationOption": { + "type": "object", + "description": "This is used for representing email configuration for a lifecycle state", + "properties": { + "notifyManagers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the manager is notified of the lifecycle state change." + }, + "notifyAllAdmins": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then all the admins are notified of the lifecycle state change." + }, + "notifySpecificUsers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the users specified in \"emailAddressList\" below are notified of lifecycle state change." + }, + "emailAddressList": { + "type": "array", + "example": [ + "test@test.com", + "test2@test.com" + ], + "items": { + "type": "string" + }, + "description": "List of user email addresses. If \"notifySpecificUsers\" option is true, then these users are notified of lifecycle state change." + } + } + }, + "accountActions": { + "type": "array", + "items": { + "type": "object", + "description": "Object for specifying Actions to be performed on a specified list of sources' account.", + "properties": { + "action": { + "example": "ENABLE", + "type": "string", + "description": "Describes if action will be enabled or disabled", + "enum": [ + "ENABLE", + "DISABLE" + ] + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique source IDs. The sources must have the ENABLE feature or flat file source. See \"/sources\" endpoint for source features." + } + } + } + }, + "accessProfileIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique access-profile IDs that are associated with the lifecycle state." + }, + "identityState": { + "type": "string", + "nullable": true, + "example": null, + "description": "The lifecycle state's associated identity state. This field is generally 'null'." + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identity-profiles/{identity-profile-id}/lifecycle-states/{lifecycle-state-id}": { + "get": { + "operationId": "getLifecycleState", + "tags": [ + "Lifecycle States" + ], + "summary": "Get Lifecycle State", + "description": "Use this endpoint to get a lifecycle state by its ID and its associated identity profile ID. \nA token with ORG_ADMIN or API authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-lifecycle-state:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "description": "Identity profile ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + { + "in": "path", + "name": "lifecycle-state-id", + "description": "Lifecycle state ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "The requested LifecycleState was successfully retrieved.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "technicalName" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "example": true, + "description": "Indicates whether the lifecycle state is enabled or disabled." + }, + "technicalName": { + "type": "string", + "example": "Technical Name", + "description": "The lifecycle state's technical name. This is for internal use." + }, + "description": { + "type": "string", + "example": "Lifecycle description", + "description": "Lifecycle state's description." + }, + "identityCount": { + "type": "integer", + "format": "int32", + "example": 42, + "readOnly": true, + "description": "Number of identities that have the lifecycle state." + }, + "emailNotificationOption": { + "type": "object", + "description": "This is used for representing email configuration for a lifecycle state", + "properties": { + "notifyManagers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the manager is notified of the lifecycle state change." + }, + "notifyAllAdmins": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then all the admins are notified of the lifecycle state change." + }, + "notifySpecificUsers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the users specified in \"emailAddressList\" below are notified of lifecycle state change." + }, + "emailAddressList": { + "type": "array", + "example": [ + "test@test.com", + "test2@test.com" + ], + "items": { + "type": "string" + }, + "description": "List of user email addresses. If \"notifySpecificUsers\" option is true, then these users are notified of lifecycle state change." + } + } + }, + "accountActions": { + "type": "array", + "items": { + "type": "object", + "description": "Object for specifying Actions to be performed on a specified list of sources' account.", + "properties": { + "action": { + "example": "ENABLE", + "type": "string", + "description": "Describes if action will be enabled or disabled", + "enum": [ + "ENABLE", + "DISABLE" + ] + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique source IDs. The sources must have the ENABLE feature or flat file source. See \"/sources\" endpoint for source features." + } + } + } + }, + "accessProfileIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique access-profile IDs that are associated with the lifecycle state." + }, + "identityState": { + "type": "string", + "nullable": true, + "example": null, + "description": "The lifecycle state's associated identity state. This field is generally 'null'." + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "updateLifecycleStates", + "tags": [ + "Lifecycle States" + ], + "summary": "Update Lifecycle State", + "description": "Use this endpoint to update individual lifecycle state fields, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\nA token with ORG_ADMIN or API authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-lifecycle-state:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "description": "Identity profile ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + { + "in": "path", + "name": "lifecycle-state-id", + "description": "Lifecycle state ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "description": "A list of lifecycle state update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nThe following fields can be updated:\n* enabled\n* description\n* accountActions\n* accessProfileIds\n* emailNotificationOption\n", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/description", + "value": "Updated description!" + }, + { + "op": "replace", + "path": "/accessProfileIds", + "value": [ + "2c918087742bab150174407a80f3125e", + "2c918087742bab150174407a80f3124f" + ] + }, + { + "op": "replace", + "path": "/accountActions", + "value": [ + { + "action": "ENABLE", + "sourceIds": [ + "2c9180846a2f82fb016a481c1b1560c5", + "2c9180846a2f82fb016a481c1b1560cc" + ] + }, + { + "action": "DISABLE", + "sourceIds": [ + "2c91808869a0c9980169a207258513fb" + ] + } + ] + }, + { + "op": "replace", + "path": "/emailNotificationOption", + "value": { + "notifyManagers": true, + "notifyAllAdmins": false, + "notifySpecificUsers": false, + "emailAddressList": [] + } + } + ] + } + } + }, + "responses": { + "200": { + "description": "The LifecycleState was successfully updated.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "technicalName" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "example": true, + "description": "Indicates whether the lifecycle state is enabled or disabled." + }, + "technicalName": { + "type": "string", + "example": "Technical Name", + "description": "The lifecycle state's technical name. This is for internal use." + }, + "description": { + "type": "string", + "example": "Lifecycle description", + "description": "Lifecycle state's description." + }, + "identityCount": { + "type": "integer", + "format": "int32", + "example": 42, + "readOnly": true, + "description": "Number of identities that have the lifecycle state." + }, + "emailNotificationOption": { + "type": "object", + "description": "This is used for representing email configuration for a lifecycle state", + "properties": { + "notifyManagers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the manager is notified of the lifecycle state change." + }, + "notifyAllAdmins": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then all the admins are notified of the lifecycle state change." + }, + "notifySpecificUsers": { + "type": "boolean", + "default": false, + "example": true, + "description": "If true, then the users specified in \"emailAddressList\" below are notified of lifecycle state change." + }, + "emailAddressList": { + "type": "array", + "example": [ + "test@test.com", + "test2@test.com" + ], + "items": { + "type": "string" + }, + "description": "List of user email addresses. If \"notifySpecificUsers\" option is true, then these users are notified of lifecycle state change." + } + } + }, + "accountActions": { + "type": "array", + "items": { + "type": "object", + "description": "Object for specifying Actions to be performed on a specified list of sources' account.", + "properties": { + "action": { + "example": "ENABLE", + "type": "string", + "description": "Describes if action will be enabled or disabled", + "enum": [ + "ENABLE", + "DISABLE" + ] + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique source IDs. The sources must have the ENABLE feature or flat file source. See \"/sources\" endpoint for source features." + } + } + } + }, + "accessProfileIds": { + "type": "array", + "items": { + "type": "string" + }, + "uniqueItems": true, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ], + "description": "List of unique access-profile IDs that are associated with the lifecycle state." + }, + "identityState": { + "type": "string", + "nullable": true, + "example": null, + "description": "The lifecycle state's associated identity state. This field is generally 'null'." + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteLifecycleState", + "tags": [ + "Lifecycle States" + ], + "summary": "Delete Lifecycle State", + "description": "Use this endpoint to delete the lifecycle state by its ID. \nA token with API, or ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-lifecycle-state:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "description": "Identity profile ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + { + "in": "path", + "name": "lifecycle-state-id", + "description": "Lifecycle state ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "202": { + "description": "The request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Deleted lifecycle state.", + "properties": { + "type": { + "type": "string", + "description": "Deleted lifecycle state's DTO type.", + "enum": [ + "LIFECYCLE_STATE" + ], + "example": "LIFECYCLE_STATE" + }, + "id": { + "type": "string", + "description": "Deleted lifecycle state ID.", + "example": 12345 + }, + "name": { + "type": "string", + "description": "Deleted lifecycle state's display name.", + "example": "Contractor Lifecycle" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identity-profiles": { + "get": { + "operationId": "listIdentityProfiles", + "tags": [ + "Identity Profiles" + ], + "summary": "Identity Profiles List", + "description": "This returns a list of Identity Profiles based on the specified query parameters.\nA token with ORG_ADMIN or API authority is required to call this API to get a list of Identity Profiles.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "example": "id eq \"ef38f94347e94562b5bb8424a56397d8\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne, ge, gt, in, le, lt, isnull, sw*\n\n**name**: *eq, ne, in, le, lt, isnull, sw*\n\n**priority**: *eq, ne*" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "id,name", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**" + } + ], + "responses": { + "200": { + "description": "List of identityProfiles.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "authoritativeSource" + ], + "properties": { + "description": { + "type": "string", + "description": "The description of the Identity Profile.", + "example": "My custom flat file profile", + "nullable": true + }, + "owner": { + "type": "object", + "description": "The owner of the Identity Profile.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "priority": { + "type": "integer", + "format": "int64", + "description": "The priority for an Identity Profile.", + "example": 10 + }, + "authoritativeSource": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type of the object to which this reference applies", + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "HR Active Directory" + } + } + }, + "identityRefreshRequired": { + "type": "boolean", + "default": false, + "description": "True if a identity refresh is needed. Typically triggered when a change on the source has been made.", + "example": true + }, + "identityCount": { + "type": "integer", + "description": "The number of identities that belong to the Identity Profile.", + "format": "int32", + "example": 8 + }, + "identityAttributeConfig": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + }, + "identityExceptionReportReference": { + "type": "object", + "nullable": true, + "properties": { + "taskResultId": { + "type": "string", + "format": "uuid", + "description": "The id of the task result.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + "reportName": { + "type": "string", + "example": "My annual report", + "description": "The name of the report." + } + } + }, + "hasTimeBasedAttr": { + "description": "Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile.", + "type": "boolean", + "default": false, + "example": true + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:read" + ] + } + ] + }, + "post": { + "operationId": "createIdentityProfile", + "summary": "Create an Identity Profile", + "description": "This creates an Identity Profile.\n\nA token with ORG_ADMIN authority is required to call this API to create an Identity Profile.", + "tags": [ + "Identity Profiles" + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "authoritativeSource" + ], + "properties": { + "description": { + "type": "string", + "description": "The description of the Identity Profile.", + "example": "My custom flat file profile", + "nullable": true + }, + "owner": { + "type": "object", + "description": "The owner of the Identity Profile.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "priority": { + "type": "integer", + "format": "int64", + "description": "The priority for an Identity Profile.", + "example": 10 + }, + "authoritativeSource": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type of the object to which this reference applies", + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "HR Active Directory" + } + } + }, + "identityRefreshRequired": { + "type": "boolean", + "default": false, + "description": "True if a identity refresh is needed. Typically triggered when a change on the source has been made.", + "example": true + }, + "identityCount": { + "type": "integer", + "description": "The number of identities that belong to the Identity Profile.", + "format": "int32", + "example": 8 + }, + "identityAttributeConfig": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + }, + "identityExceptionReportReference": { + "type": "object", + "nullable": true, + "properties": { + "taskResultId": { + "type": "string", + "format": "uuid", + "description": "The id of the task result.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + "reportName": { + "type": "string", + "example": "My annual report", + "description": "The name of the report." + } + } + }, + "hasTimeBasedAttr": { + "description": "Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile.", + "type": "boolean", + "default": false, + "example": true + } + } + } + ] + } + } + } + }, + "responses": { + "201": { + "description": "The created Identity Profile", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "authoritativeSource" + ], + "properties": { + "description": { + "type": "string", + "description": "The description of the Identity Profile.", + "example": "My custom flat file profile", + "nullable": true + }, + "owner": { + "type": "object", + "description": "The owner of the Identity Profile.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "priority": { + "type": "integer", + "format": "int64", + "description": "The priority for an Identity Profile.", + "example": 10 + }, + "authoritativeSource": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type of the object to which this reference applies", + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "HR Active Directory" + } + } + }, + "identityRefreshRequired": { + "type": "boolean", + "default": false, + "description": "True if a identity refresh is needed. Typically triggered when a change on the source has been made.", + "example": true + }, + "identityCount": { + "type": "integer", + "description": "The number of identities that belong to the Identity Profile.", + "format": "int32", + "example": 8 + }, + "identityAttributeConfig": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + }, + "identityExceptionReportReference": { + "type": "object", + "nullable": true, + "properties": { + "taskResultId": { + "type": "string", + "format": "uuid", + "description": "The id of the task result.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + "reportName": { + "type": "string", + "example": "My annual report", + "description": "The name of the report." + } + } + }, + "hasTimeBasedAttr": { + "description": "Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile.", + "type": "boolean", + "default": false, + "example": true + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:manage" + ] + } + ] + } + }, + "/identity-profiles/bulk-delete": { + "post": { + "operationId": "deleteIdentityProfiles", + "tags": [ + "Identity Profiles" + ], + "summary": "Delete Identity Profiles", + "description": "This deletes multiple Identity Profiles via a list of supplied IDs.\n\nOn success, this endpoint will return a reference to the bulk delete task result.\n\nA token with ORG_ADMIN authority is required to call this API.\n\nThe following rights are required to access this endpoint: idn:identity-profile:delete", + "requestBody": { + "description": "Identity Profile bulk delete request body.", + "required": true, + "content": { + "application/json": { + "schema": { + "description": "List of Identity Profile IDs to delete.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c9180867b2a34e0017b3078d60b0699", + "2c9180867b2a34e0017b3078d60b0698" + ] + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returns a TaskResult object referencing the bulk delete job created.", + "content": { + "application/json": { + "schema": { + "description": "An object with a TaskResult reference of the bulk delete job", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Task identifier", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "Task name", + "example": "Background Object Terminator c8f030f2-b1a6-4e33-99e8-6935bc18735d" + }, + "description": { + "type": "string", + "description": "Task description", + "example": "Generic task for terminating data in the overlay, used by the TerminationService." + }, + "launcher": { + "type": "string", + "description": "User or process who launched the task", + "example": "support" + }, + "completed": { + "type": "string", + "format": "date-time", + "description": "Date time of completion", + "example": "Mon Aug 21 14:57:39 CDT 2023" + }, + "launched": { + "type": "string", + "format": "date-time", + "description": "Date time when the task was launched", + "example": "Mon Aug 21 14:55:39 CDT 2023" + }, + "completionStatus": { + "type": "string", + "enum": [ + "Success", + "Warning", + "Error", + "Terminated", + "TempError" + ], + "description": "Task result status", + "example": "Success" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:delete" + ] + } + ] + } + }, + "/identity-profiles/export": { + "get": { + "operationId": "exportIdentityProfiles", + "tags": [ + "Identity Profiles" + ], + "summary": "Export Identity Profiles", + "description": "This exports existing identity profiles in the format specified by the sp-config service.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "example": "id eq \"ef38f94347e94562b5bb8424a56397d8\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne*\n\n**name**: *eq, ne*\n\n**priority**: *eq, ne*" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "id,name", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority**" + } + ], + "responses": { + "200": { + "description": "List of export objects with identity profiles.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Identity profile exported object.", + "properties": { + "version": { + "type": "integer", + "example": 1, + "description": "Version or object from the target service.", + "format": "int32" + }, + "self": { + "type": "object", + "description": "Self block for exported object.", + "properties": { + "type": { + "type": "string", + "description": "Exported object's DTO type.", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "Exported object's ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Exported object's display name.", + "example": "HR Active Directory" + } + } + }, + "object": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "authoritativeSource" + ], + "properties": { + "description": { + "type": "string", + "description": "The description of the Identity Profile.", + "example": "My custom flat file profile", + "nullable": true + }, + "owner": { + "type": "object", + "description": "The owner of the Identity Profile.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "priority": { + "type": "integer", + "format": "int64", + "description": "The priority for an Identity Profile.", + "example": 10 + }, + "authoritativeSource": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type of the object to which this reference applies", + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "HR Active Directory" + } + } + }, + "identityRefreshRequired": { + "type": "boolean", + "default": false, + "description": "True if a identity refresh is needed. Typically triggered when a change on the source has been made.", + "example": true + }, + "identityCount": { + "type": "integer", + "description": "The number of identities that belong to the Identity Profile.", + "format": "int32", + "example": 8 + }, + "identityAttributeConfig": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + }, + "identityExceptionReportReference": { + "type": "object", + "nullable": true, + "properties": { + "taskResultId": { + "type": "string", + "format": "uuid", + "description": "The id of the task result.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + "reportName": { + "type": "string", + "example": "My annual report", + "description": "The name of the report." + } + } + }, + "hasTimeBasedAttr": { + "description": "Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile.", + "type": "boolean", + "default": false, + "example": true + } + } + } + ] + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:read" + ] + } + ] + } + }, + "/identity-profiles/import": { + "post": { + "operationId": "importIdentityProfiles", + "summary": "Import Identity Profiles", + "description": "This imports previously exported identity profiles.", + "tags": [ + "Identity Profiles" + ], + "requestBody": { + "description": "Previously exported Identity Profiles.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Identity profile exported object.", + "properties": { + "version": { + "type": "integer", + "example": 1, + "description": "Version or object from the target service.", + "format": "int32" + }, + "self": { + "type": "object", + "description": "Self block for exported object.", + "properties": { + "type": { + "type": "string", + "description": "Exported object's DTO type.", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "Exported object's ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Exported object's display name.", + "example": "HR Active Directory" + } + } + }, + "object": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "authoritativeSource" + ], + "properties": { + "description": { + "type": "string", + "description": "The description of the Identity Profile.", + "example": "My custom flat file profile", + "nullable": true + }, + "owner": { + "type": "object", + "description": "The owner of the Identity Profile.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "priority": { + "type": "integer", + "format": "int64", + "description": "The priority for an Identity Profile.", + "example": 10 + }, + "authoritativeSource": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type of the object to which this reference applies", + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "HR Active Directory" + } + } + }, + "identityRefreshRequired": { + "type": "boolean", + "default": false, + "description": "True if a identity refresh is needed. Typically triggered when a change on the source has been made.", + "example": true + }, + "identityCount": { + "type": "integer", + "description": "The number of identities that belong to the Identity Profile.", + "format": "int32", + "example": 8 + }, + "identityAttributeConfig": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + }, + "identityExceptionReportReference": { + "type": "object", + "nullable": true, + "properties": { + "taskResultId": { + "type": "string", + "format": "uuid", + "description": "The id of the task result.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + "reportName": { + "type": "string", + "example": "My annual report", + "description": "The name of the report." + } + } + }, + "hasTimeBasedAttr": { + "description": "Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile.", + "type": "boolean", + "default": false, + "example": true + } + } + } + ] + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The result of importing Identity Profiles.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Import Object Response Body", + "description": "Response model for import of a single object.", + "properties": { + "infos": { + "description": "Informational messages returned from the target service on import.", + "type": "array", + "items": { + "type": "object", + "title": "Config Import/Export Message", + "description": "Message model for Config Import/Export.", + "properties": { + "key": { + "type": "string", + "description": "Message key.", + "example": "UNKNOWN_REFERENCE_RESOLVER" + }, + "text": { + "type": "string", + "description": "Message text.", + "example": "Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]" + }, + "details": { + "type": "object", + "description": "Message details if any, in key:value pairs.", + "additionalProperties": true, + "example": { + "details": "message details" + } + } + }, + "required": [ + "key", + "text", + "details" + ] + } + }, + "warnings": { + "description": "Warning messages returned from the target service on import.", + "type": "array", + "items": { + "type": "object", + "title": "Config Import/Export Message", + "description": "Message model for Config Import/Export.", + "properties": { + "key": { + "type": "string", + "description": "Message key.", + "example": "UNKNOWN_REFERENCE_RESOLVER" + }, + "text": { + "type": "string", + "description": "Message text.", + "example": "Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]" + }, + "details": { + "type": "object", + "description": "Message details if any, in key:value pairs.", + "additionalProperties": true, + "example": { + "details": "message details" + } + } + }, + "required": [ + "key", + "text", + "details" + ] + } + }, + "errors": { + "description": "Error messages returned from the target service on import.", + "type": "array", + "items": { + "type": "object", + "title": "Config Import/Export Message", + "description": "Message model for Config Import/Export.", + "properties": { + "key": { + "type": "string", + "description": "Message key.", + "example": "UNKNOWN_REFERENCE_RESOLVER" + }, + "text": { + "type": "string", + "description": "Message text.", + "example": "Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]" + }, + "details": { + "type": "object", + "description": "Message details if any, in key:value pairs.", + "additionalProperties": true, + "example": { + "details": "message details" + } + } + }, + "required": [ + "key", + "text", + "details" + ] + } + }, + "importedObjects": { + "description": "References to objects that were created or updated by the import.", + "type": "array", + "items": { + "type": "object", + "description": "Object created or updated by import.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of object created or updated by import.", + "enum": [ + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "RULE", + "SOURCE", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of object created or updated by import.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Display name of object created or updated by import.", + "example": "HR Active Directory" + } + } + } + } + }, + "required": [ + "infos", + "warnings", + "errors", + "importedObjects" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:manage" + ] + } + ] + } + }, + "/identity-profiles/{identity-profile-id}": { + "get": { + "operationId": "getIdentityProfile", + "tags": [ + "Identity Profiles" + ], + "summary": "Get single Identity Profile", + "description": "This returns a single Identity Profile based on ID.\n\nA token with ORG_ADMIN or API authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "The Identity Profile ID.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + } + ], + "responses": { + "200": { + "description": "An Identity Profile object.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "authoritativeSource" + ], + "properties": { + "description": { + "type": "string", + "description": "The description of the Identity Profile.", + "example": "My custom flat file profile", + "nullable": true + }, + "owner": { + "type": "object", + "description": "The owner of the Identity Profile.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "priority": { + "type": "integer", + "format": "int64", + "description": "The priority for an Identity Profile.", + "example": 10 + }, + "authoritativeSource": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type of the object to which this reference applies", + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "HR Active Directory" + } + } + }, + "identityRefreshRequired": { + "type": "boolean", + "default": false, + "description": "True if a identity refresh is needed. Typically triggered when a change on the source has been made.", + "example": true + }, + "identityCount": { + "type": "integer", + "description": "The number of identities that belong to the Identity Profile.", + "format": "int32", + "example": 8 + }, + "identityAttributeConfig": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + }, + "identityExceptionReportReference": { + "type": "object", + "nullable": true, + "properties": { + "taskResultId": { + "type": "string", + "format": "uuid", + "description": "The id of the task result.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + "reportName": { + "type": "string", + "example": "My annual report", + "description": "The name of the report." + } + } + }, + "hasTimeBasedAttr": { + "description": "Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile.", + "type": "boolean", + "default": false, + "example": true + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:read" + ] + } + ] + }, + "delete": { + "operationId": "deleteIdentityProfile", + "tags": [ + "Identity Profiles" + ], + "summary": "Delete an Identity Profile", + "description": "This deletes an Identity Profile based on ID.\n\nOn success, this endpoint will return a reference to the bulk delete task result.\n\nA token with ORG_ADMIN authority is required to call this API.\n\nThe following rights are required to access this endpoint: idn:identity-profile:delete", + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "The Identity Profile ID.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "202": { + "description": "Accepted - Returns a TaskResult object referencing the bulk delete job created.", + "content": { + "application/json": { + "schema": { + "description": "An object with a TaskResult reference of the delete job.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Task identifier", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "Task name", + "example": "Background Object Terminator c8f030f2-b1a6-4e33-99e8-6935bc18735d" + }, + "description": { + "type": "string", + "description": "Task description", + "example": "Generic task for terminating data in the overlay, used by the TerminationService." + }, + "launcher": { + "type": "string", + "description": "User or process who launched the task", + "example": "support" + }, + "completed": { + "type": "string", + "format": "date-time", + "description": "Date time of completion", + "example": "Mon Aug 21 14:57:39 CDT 2023" + }, + "launched": { + "type": "string", + "format": "date-time", + "description": "Date time when the task was launched", + "example": "Mon Aug 21 14:55:39 CDT 2023" + }, + "completionStatus": { + "type": "string", + "enum": [ + "Success", + "Warning", + "Error", + "Terminated", + "TempError" + ], + "description": "Task result status", + "example": "Success" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:delete" + ] + } + ] + }, + "patch": { + "operationId": "updateIdentityProfile", + "tags": [ + "Identity Profiles" + ], + "summary": "Update the Identity Profile", + "description": "This updates the specified Identity Profile.\n\nA token with ORG_ADMIN authority is required to call this API to update the Identity Profile.\n\nSome fields of the Schema cannot be updated. These fields are listed below:\n* id\n* name\n* created\n* modified\n* identityCount\n* identityRefreshRequired\n* Authoritative Source and Identity Attribute Configuration cannot be modified at once.", + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "The Identity Profile ID", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "description": "A list of Identity Profile update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "examples": { + "add-attribute-transform": { + "summary": "Add an attribute transform", + "value": [ + { + "op": "add", + "path": "/identityAttributeConfig/attributeTransforms/0", + "value": { + "identityAttributeName": "location", + "transformDefinition": { + "type": "accountAttribute", + "attributes": { + "sourceName": "Employees", + "attributeName": "location", + "sourceId": "2c91808878b7d63b0178c66ffcdc4ce4" + } + } + } + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "The updated Identity Profile.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "authoritativeSource" + ], + "properties": { + "description": { + "type": "string", + "description": "The description of the Identity Profile.", + "example": "My custom flat file profile", + "nullable": true + }, + "owner": { + "type": "object", + "description": "The owner of the Identity Profile.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "priority": { + "type": "integer", + "format": "int64", + "description": "The priority for an Identity Profile.", + "example": 10 + }, + "authoritativeSource": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type of the object to which this reference applies", + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "HR Active Directory" + } + } + }, + "identityRefreshRequired": { + "type": "boolean", + "default": false, + "description": "True if a identity refresh is needed. Typically triggered when a change on the source has been made.", + "example": true + }, + "identityCount": { + "type": "integer", + "description": "The number of identities that belong to the Identity Profile.", + "format": "int32", + "example": 8 + }, + "identityAttributeConfig": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + }, + "identityExceptionReportReference": { + "type": "object", + "nullable": true, + "properties": { + "taskResultId": { + "type": "string", + "format": "uuid", + "description": "The id of the task result.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + "reportName": { + "type": "string", + "example": "My annual report", + "description": "The name of the report." + } + } + }, + "hasTimeBasedAttr": { + "description": "Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile.", + "type": "boolean", + "default": false, + "example": true + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:manage" + ] + } + ] + } + }, + "/identity-profiles/{identity-profile-id}/default-identity-attribute-config": { + "get": { + "operationId": "getDefaultIdentityAttributeConfig", + "tags": [ + "Identity Profiles" + ], + "summary": "Get default Identity Attribute Config", + "description": "This returns the default identity attribute config.\nA token with ORG_ADMIN authority is required to call this API to get the default identity attribute config.", + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "The Identity Profile ID.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + } + ], + "responses": { + "200": { + "description": "An Identity Attribute Config object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:manage" + ] + } + ] + } + }, + "/identity-profiles/{identity-profile-id}/process-identities": { + "post": { + "operationId": "syncIdentityProfile", + "tags": [ + "Identity Profiles" + ], + "summary": "Process identities under profile", + "description": "Process identities under the profile\nThis operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing) and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing) that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized. \nThis should only be run on identity profiles that have the `identityRefreshRequired` attribute set to `true`. If `identityRefreshRequired` is false, then there is no benefit to running this operation. Typically, this operation is performed when a change is made to the identity profile or its related lifecycle states that requires a refresh.\nThis operation will perform the following activities on all identities under the identity profile.\n1. Updates identity attribute according to the identity profile mappings. 2. Determines the identity's correct manager through manager correlation. 3. Updates the identity's access according to their assigned lifecycle state. 4. Updates the identity's access based on role assignment criteria.\nA token with ORG_ADMIN authority is required to call this API.", + "externalDocs": { + "description": "Learn more about manually processing identities here", + "url": "https://documentation.sailpoint.com/saas/help/setup/identity_processing.html" + }, + "parameters": [ + { + "in": "path", + "name": "identity-profile-id", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "The Identity Profile ID to be processed", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "202": { + "description": "Accepted status after refresh has launched", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:refresh" + ] + } + ] + } + }, + "/managed-clients": { + "get": { + "tags": [ + "Managed Clients" + ], + "summary": "Get Managed Clients", + "description": "Get a list of Managed Clients.", + "operationId": "getManagedClients", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**name**: *eq*\n\n**clientId**: *eq*\n\n**clusterId**: *eq*", + "example": "name eq \"client name\"" + } + ], + "responses": { + "200": { + "description": "Responds with a list of ManagedClient based on the query params provided", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "description": "Managed Client", + "type": "object", + "required": [ + "clientId", + "clusterId", + "description", + "type" + ], + "properties": { + "id": { + "description": "ManagedClient ID", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "2c9180878eaf4204018eb019c3570003" + }, + "alertKey": { + "description": "ManagedClient alert key", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "CLIENT_STATUS_NOT_CONFIGURED" + }, + "apiGatewayBaseUrl": { + "nullable": true, + "type": "string" + }, + "cookbook": { + "nullable": true, + "type": "string" + }, + "ccId": { + "description": "Previous CC ID to be used in data migration. (This field will be deleted after CC migration!)", + "nullable": true, + "type": "integer", + "format": "int64", + "example": 2248 + }, + "clientId": { + "description": "The client ID used in API management", + "type": "string", + "example": "00be54a2-bb6d-402f-9159-beb2d5319347" + }, + "clusterId": { + "description": "Cluster ID that the ManagedClient is linked to", + "type": "string", + "example": "e1ff7bb24c934240bbf55e1aa39e41c5" + }, + "description": { + "description": "ManagedClient description", + "type": "string", + "default": "", + "example": "A short description of the ManagedClient" + }, + "ipAddress": { + "description": "The public IP address of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "123.456.78.90" + }, + "lastSeen": { + "description": "When the ManagedClient was last seen by the server", + "readOnly": true, + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-01-01T00:00:00.000000Z" + }, + "name": { + "description": "ManagedClient name", + "nullable": true, + "type": "string", + "default": "VA-$clientId", + "example": "aName" + }, + "sinceLastSeen": { + "description": "Milliseconds since the ManagedClient has polled the server", + "readOnly": true, + "nullable": true, + "type": "string", + "example": 15000 + }, + "status": { + "description": "Status of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + "NORMAL", + "UNDEFINED", + "NOT_CONFIGURED", + "CONFIGURING", + "WARNING", + "ERROR", + "FAILED", + null + ], + "example": "NORMAL" + }, + "type": { + "description": "Type of the ManagedClient (VA, CCG)", + "type": "string", + "example": "VA" + }, + "clusterType": { + "description": "Cluster Type of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + null, + "idn", + "iai", + "spConnectCluster", + "sqsCluster", + "das-rc", + "das-pc", + "das-dc" + ], + "example": "idn" + }, + "vaDownloadUrl": { + "description": "ManagedClient VA download URL", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "aUrl" + }, + "vaVersion": { + "description": "Version that the ManagedClient's VA is running", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "va-megapod-useast1-610-1621372012" + }, + "secret": { + "description": "Client's apiKey", + "nullable": true, + "type": "string", + "example": "ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381" + }, + "createdAt": { + "description": "The date/time this ManagedClient was created", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "updatedAt": { + "description": "The date/time this ManagedClient was last updated", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "provisionStatus": { + "description": "The provisioning status of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + null, + "PROVISIONED", + "DRAFT" + ], + "example": "PROVISIONED" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:read", + "idn:remote-client:manage" + ] + } + ] + }, + "post": { + "tags": [ + "Managed Clients" + ], + "summary": "Create a new Managed Client", + "description": "Create a new Managed Client.\nThe API returns a result that includes the Managed Client ID.", + "operationId": "createManagedClient", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "description": "Managed Client Request", + "type": "object", + "required": [ + "clusterId" + ], + "properties": { + "clusterId": { + "description": "Cluster ID that the ManagedClient is linked to", + "type": "string", + "example": "aClusterId" + }, + "description": { + "description": "description for the ManagedClient to create", + "type": "string", + "nullable": true, + "example": "A short description of the ManagedClient" + }, + "name": { + "description": "name for the ManagedClient to create", + "type": "string", + "nullable": true, + "example": "aName" + }, + "type": { + "description": "Type of the ManagedClient (VA, CCG) to create", + "type": "string", + "nullable": true, + "example": "VA" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The created ManagedClient", + "content": { + "application/json": { + "schema": { + "description": "Managed Client", + "type": "object", + "required": [ + "clientId", + "clusterId", + "description", + "type" + ], + "properties": { + "id": { + "description": "ManagedClient ID", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "2c9180878eaf4204018eb019c3570003" + }, + "alertKey": { + "description": "ManagedClient alert key", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "CLIENT_STATUS_NOT_CONFIGURED" + }, + "apiGatewayBaseUrl": { + "nullable": true, + "type": "string" + }, + "cookbook": { + "nullable": true, + "type": "string" + }, + "ccId": { + "description": "Previous CC ID to be used in data migration. (This field will be deleted after CC migration!)", + "nullable": true, + "type": "integer", + "format": "int64", + "example": 2248 + }, + "clientId": { + "description": "The client ID used in API management", + "type": "string", + "example": "00be54a2-bb6d-402f-9159-beb2d5319347" + }, + "clusterId": { + "description": "Cluster ID that the ManagedClient is linked to", + "type": "string", + "example": "e1ff7bb24c934240bbf55e1aa39e41c5" + }, + "description": { + "description": "ManagedClient description", + "type": "string", + "default": "", + "example": "A short description of the ManagedClient" + }, + "ipAddress": { + "description": "The public IP address of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "123.456.78.90" + }, + "lastSeen": { + "description": "When the ManagedClient was last seen by the server", + "readOnly": true, + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-01-01T00:00:00.000000Z" + }, + "name": { + "description": "ManagedClient name", + "nullable": true, + "type": "string", + "default": "VA-$clientId", + "example": "aName" + }, + "sinceLastSeen": { + "description": "Milliseconds since the ManagedClient has polled the server", + "readOnly": true, + "nullable": true, + "type": "string", + "example": 15000 + }, + "status": { + "description": "Status of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + "NORMAL", + "UNDEFINED", + "NOT_CONFIGURED", + "CONFIGURING", + "WARNING", + "ERROR", + "FAILED", + null + ], + "example": "NORMAL" + }, + "type": { + "description": "Type of the ManagedClient (VA, CCG)", + "type": "string", + "example": "VA" + }, + "clusterType": { + "description": "Cluster Type of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + null, + "idn", + "iai", + "spConnectCluster", + "sqsCluster", + "das-rc", + "das-pc", + "das-dc" + ], + "example": "idn" + }, + "vaDownloadUrl": { + "description": "ManagedClient VA download URL", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "aUrl" + }, + "vaVersion": { + "description": "Version that the ManagedClient's VA is running", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "va-megapod-useast1-610-1621372012" + }, + "secret": { + "description": "Client's apiKey", + "nullable": true, + "type": "string", + "example": "ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381" + }, + "createdAt": { + "description": "The date/time this ManagedClient was created", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "updatedAt": { + "description": "The date/time this ManagedClient was last updated", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "provisionStatus": { + "description": "The provisioning status of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + null, + "PROVISIONED", + "DRAFT" + ], + "example": "PROVISIONED" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:manage" + ] + } + ] + } + }, + "/managed-clients/{id}": { + "get": { + "tags": [ + "Managed Clients" + ], + "summary": "Get a Managed Client", + "description": "Get a Managed Client.", + "operationId": "getManagedClient", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Managed Client ID.", + "required": true, + "example": "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7", + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Responds with a Managed Client", + "content": { + "application/json": { + "schema": { + "description": "Managed Client", + "type": "object", + "required": [ + "clientId", + "clusterId", + "description", + "type" + ], + "properties": { + "id": { + "description": "ManagedClient ID", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "2c9180878eaf4204018eb019c3570003" + }, + "alertKey": { + "description": "ManagedClient alert key", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "CLIENT_STATUS_NOT_CONFIGURED" + }, + "apiGatewayBaseUrl": { + "nullable": true, + "type": "string" + }, + "cookbook": { + "nullable": true, + "type": "string" + }, + "ccId": { + "description": "Previous CC ID to be used in data migration. (This field will be deleted after CC migration!)", + "nullable": true, + "type": "integer", + "format": "int64", + "example": 2248 + }, + "clientId": { + "description": "The client ID used in API management", + "type": "string", + "example": "00be54a2-bb6d-402f-9159-beb2d5319347" + }, + "clusterId": { + "description": "Cluster ID that the ManagedClient is linked to", + "type": "string", + "example": "e1ff7bb24c934240bbf55e1aa39e41c5" + }, + "description": { + "description": "ManagedClient description", + "type": "string", + "default": "", + "example": "A short description of the ManagedClient" + }, + "ipAddress": { + "description": "The public IP address of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "123.456.78.90" + }, + "lastSeen": { + "description": "When the ManagedClient was last seen by the server", + "readOnly": true, + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-01-01T00:00:00.000000Z" + }, + "name": { + "description": "ManagedClient name", + "nullable": true, + "type": "string", + "default": "VA-$clientId", + "example": "aName" + }, + "sinceLastSeen": { + "description": "Milliseconds since the ManagedClient has polled the server", + "readOnly": true, + "nullable": true, + "type": "string", + "example": 15000 + }, + "status": { + "description": "Status of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + "NORMAL", + "UNDEFINED", + "NOT_CONFIGURED", + "CONFIGURING", + "WARNING", + "ERROR", + "FAILED", + null + ], + "example": "NORMAL" + }, + "type": { + "description": "Type of the ManagedClient (VA, CCG)", + "type": "string", + "example": "VA" + }, + "clusterType": { + "description": "Cluster Type of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + null, + "idn", + "iai", + "spConnectCluster", + "sqsCluster", + "das-rc", + "das-pc", + "das-dc" + ], + "example": "idn" + }, + "vaDownloadUrl": { + "description": "ManagedClient VA download URL", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "aUrl" + }, + "vaVersion": { + "description": "Version that the ManagedClient's VA is running", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "va-megapod-useast1-610-1621372012" + }, + "secret": { + "description": "Client's apiKey", + "nullable": true, + "type": "string", + "example": "ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381" + }, + "createdAt": { + "description": "The date/time this ManagedClient was created", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "updatedAt": { + "description": "The date/time this ManagedClient was last updated", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "provisionStatus": { + "description": "The provisioning status of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + null, + "PROVISIONED", + "DRAFT" + ], + "example": "PROVISIONED" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:read", + "idn:remote-client:manage", + "idn:managed-client-status:read", + "idn:managed-client-status:manage" + ] + } + ] + }, + "patch": { + "tags": [ + "Managed Clients" + ], + "summary": "Update a Managed Client", + "description": "Update an existing Managed Client.", + "operationId": "updateManagedClient", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Managed Client ID.", + "example": "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7" + } + ], + "requestBody": { + "required": true, + "description": "The JSONPatch payload used to update the object.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The updated Managed Client", + "content": { + "application/json": { + "schema": { + "description": "Managed Client", + "type": "object", + "required": [ + "clientId", + "clusterId", + "description", + "type" + ], + "properties": { + "id": { + "description": "ManagedClient ID", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "2c9180878eaf4204018eb019c3570003" + }, + "alertKey": { + "description": "ManagedClient alert key", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "CLIENT_STATUS_NOT_CONFIGURED" + }, + "apiGatewayBaseUrl": { + "nullable": true, + "type": "string" + }, + "cookbook": { + "nullable": true, + "type": "string" + }, + "ccId": { + "description": "Previous CC ID to be used in data migration. (This field will be deleted after CC migration!)", + "nullable": true, + "type": "integer", + "format": "int64", + "example": 2248 + }, + "clientId": { + "description": "The client ID used in API management", + "type": "string", + "example": "00be54a2-bb6d-402f-9159-beb2d5319347" + }, + "clusterId": { + "description": "Cluster ID that the ManagedClient is linked to", + "type": "string", + "example": "e1ff7bb24c934240bbf55e1aa39e41c5" + }, + "description": { + "description": "ManagedClient description", + "type": "string", + "default": "", + "example": "A short description of the ManagedClient" + }, + "ipAddress": { + "description": "The public IP address of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "123.456.78.90" + }, + "lastSeen": { + "description": "When the ManagedClient was last seen by the server", + "readOnly": true, + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-01-01T00:00:00.000000Z" + }, + "name": { + "description": "ManagedClient name", + "nullable": true, + "type": "string", + "default": "VA-$clientId", + "example": "aName" + }, + "sinceLastSeen": { + "description": "Milliseconds since the ManagedClient has polled the server", + "readOnly": true, + "nullable": true, + "type": "string", + "example": 15000 + }, + "status": { + "description": "Status of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + "NORMAL", + "UNDEFINED", + "NOT_CONFIGURED", + "CONFIGURING", + "WARNING", + "ERROR", + "FAILED", + null + ], + "example": "NORMAL" + }, + "type": { + "description": "Type of the ManagedClient (VA, CCG)", + "type": "string", + "example": "VA" + }, + "clusterType": { + "description": "Cluster Type of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + null, + "idn", + "iai", + "spConnectCluster", + "sqsCluster", + "das-rc", + "das-pc", + "das-dc" + ], + "example": "idn" + }, + "vaDownloadUrl": { + "description": "ManagedClient VA download URL", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "aUrl" + }, + "vaVersion": { + "description": "Version that the ManagedClient's VA is running", + "readOnly": true, + "nullable": true, + "type": "string", + "example": "va-megapod-useast1-610-1621372012" + }, + "secret": { + "description": "Client's apiKey", + "nullable": true, + "type": "string", + "example": "ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381" + }, + "createdAt": { + "description": "The date/time this ManagedClient was created", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "updatedAt": { + "description": "The date/time this ManagedClient was last updated", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "provisionStatus": { + "description": "The provisioning status of the ManagedClient", + "readOnly": true, + "nullable": true, + "type": "string", + "enum": [ + null, + "PROVISIONED", + "DRAFT" + ], + "example": "PROVISIONED" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:manage" + ] + } + ] + }, + "delete": { + "operationId": "deleteManagedClient", + "tags": [ + "Managed Clients" + ], + "summary": "Delete a Managed Client", + "description": "Delete an existing Managed Client.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Managed Client ID.", + "example": "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7" + } + ], + "responses": { + "204": { + "description": "The Managed Client was successfully deleted." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:manage" + ] + } + ] + } + }, + "/managed-clients/{id}/status": { + "get": { + "tags": [ + "Managed Clients" + ], + "summary": "Get Managed Client Status.", + "description": "Retrieve the Status of a Managed Client by ID.", + "operationId": "getManagedClientStatus", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the Managed Client to get Status of", + "required": true, + "schema": { + "type": "string", + "example": "aClientId" + } + }, + { + "name": "type", + "in": "query", + "description": "Type of the Managed Client to get Status of", + "required": true, + "schema": { + "example": "VA", + "description": "Managed Client type", + "type": "string", + "nullable": true, + "enum": [ + "CCG", + "VA", + "INTERNAL", + "IIQ_HARVESTER", + null + ] + } + } + ], + "responses": { + "200": { + "description": "Responds with the Status of the Managed Client with the given ID and Type.", + "content": { + "application/json": { + "schema": { + "description": "Managed Client Status", + "type": "object", + "required": [ + "body", + "status", + "type", + "timestamp" + ], + "properties": { + "body": { + "description": "ManagedClientStatus body information", + "type": "object", + "example": { + "alertKey": "", + "id": "5678", + "clusterId": "1234", + "ccg_etag": "ccg_etag123xyz456", + "ccg_pin": "NONE", + "cookbook_etag": "20210420125956-20210511144538", + "hostname": "megapod-useast1-secret-hostname.sailpoint.com", + "internal_ip": "127.0.0.1", + "lastSeen": "1620843964604", + "sinceSeen": "14708", + "sinceSeenMillis": "14708", + "localDev": false, + "stacktrace": "", + "state": null, + "status": "NORMAL", + "uuid": null, + "product": "idn", + "va_version": null, + "platform_version": "2", + "os_version": "2345.3.1", + "os_type": "flatcar", + "hypervisor": "unknown" + } + }, + "status": { + "description": "status of the Managed Client", + "example": "NORMAL", + "type": "string", + "enum": [ + "NORMAL", + "UNDEFINED", + "NOT_CONFIGURED", + "CONFIGURING", + "WARNING", + "ERROR", + "FAILED" + ] + }, + "type": { + "description": "type of the Managed Client", + "example": "CCG", + "type": "string", + "nullable": true, + "enum": [ + "CCG", + "VA", + "INTERNAL", + "IIQ_HARVESTER", + null + ] + }, + "timestamp": { + "description": "timestamp on the Client Status update", + "type": "string", + "format": "date-time", + "example": "2020-01-01T00:00:00.000000Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:managed-client-status:read" + ] + } + ] + } + }, + "/managed-clusters": { + "get": { + "tags": [ + "Managed Clusters" + ], + "summary": "Retrieve all Managed Clusters.", + "description": "Retrieve all Managed Clusters for the current Org, based on request context.", + "operationId": "getManagedClusters", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**operational**: *eq*", + "example": "operational eq \"operation\"" + } + ], + "responses": { + "200": { + "description": "Responds with a list of ManagedCluster.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "description": "Managed Cluster", + "type": "object", + "required": [ + "id", + "clientType", + "ccgVersion" + ], + "properties": { + "id": { + "description": "ManagedCluster ID", + "type": "string", + "example": "e1ff7bb24c934240bbf55e1aa39e41c5" + }, + "name": { + "description": "ManagedCluster name", + "type": "string", + "example": "Managed Cluster Name" + }, + "pod": { + "description": "ManagedCluster pod", + "type": "string", + "example": "megapod-useast1" + }, + "org": { + "description": "ManagedCluster org", + "type": "string", + "example": "denali" + }, + "type": { + "description": "The Type of Cluster", + "example": "idn", + "nullable": false, + "default": "idn", + "type": "string", + "enum": [ + "idn", + "iai" + ] + }, + "configuration": { + "description": "ManagedProcess configuration map", + "type": "object", + "additionalProperties": { + "type": "string" + }, + "example": { + "clusterExternalId": "e1ff7bb24c934240bbf55e1aa39e41c5", + "clusterType": "sqsCluster", + "gmtOffset": "-5" + } + }, + "keyPair": { + "description": "key pair for the ManagedCluster", + "type": "object", + "properties": { + "publicKey": { + "nullable": true, + "description": "ManagedCluster publicKey", + "type": "string", + "example": "-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----" + }, + "publicKeyThumbprint": { + "nullable": true, + "description": "ManagedCluster publicKeyThumbprint", + "type": "string", + "example": "6CMlaJIV44-xJxcB3CJBjDUUn54" + }, + "publicKeyCertificate": { + "nullable": true, + "description": "ManagedCluster publicKeyCertificate", + "type": "string", + "example": "-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----" + } + } + }, + "attributes": { + "description": "Specific Attributes for Configuring a ManagedCluster by Type", + "type": "object", + "properties": { + "queue": { + "description": "ManagedCluster keystore for sqsCluster type", + "type": "object", + "properties": { + "name": { + "description": "ManagedCluster queue name", + "type": "string", + "example": "megapod-useast1-denali-lwt-cluster-1533" + }, + "region": { + "description": "ManagedCluster queue aws region", + "type": "string", + "example": "us-east-1" + } + } + }, + "keystore": { + "nullable": true, + "description": "ManagedCluster keystore for spConnectCluster type", + "type": "string", + "example": "/u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW" + } + } + }, + "description": { + "description": "ManagedCluster description", + "type": "string", + "default": "q", + "example": "A short description of the managed cluster." + }, + "redis": { + "description": "Redis configuration for the ManagedCluster", + "type": "object", + "properties": { + "redisHost": { + "description": "ManagedCluster redisHost", + "type": "string", + "example": "megapod-useast1-shared-redis.cloud.sailpoint.com" + }, + "redisPort": { + "description": "ManagedCluster redisPort", + "type": "integer", + "format": "int32", + "example": 6379 + } + } + }, + "clientType": { + "description": "type of client for the ManagedCluster", + "type": "string", + "example": "CCG", + "nullable": true, + "enum": [ + "CCG", + "VA", + "INTERNAL", + "IIQ_HARVESTER", + null + ] + }, + "ccgVersion": { + "description": "CCG version used by the ManagedCluster", + "type": "string", + "example": "v01" + }, + "pinnedConfig": { + "description": "boolean flag indiacting whether or not the cluster configuration is pinned", + "type": "boolean", + "default": false, + "example": false + }, + "logConfiguration": { + "description": "client log configuration for the cluster", + "example": "{ \"rootLevel\": \"WARN\", \"logLevels\": { \"foobar\": \"WARN\" } }", + "nullable": true, + "type": "object", + "required": [ + "durationMinutes", + "rootLevel" + ], + "properties": { + "clientId": { + "description": "Log configuration's client ID", + "type": "string", + "example": "aClientId" + }, + "durationMinutes": { + "description": "Duration in minutes for log configuration to remain in effect before resetting to defaults", + "type": "integer", + "format": "int32", + "example": 120, + "minimum": 5, + "maximum": 1440 + }, + "expiration": { + "description": "Expiration date-time of the log configuration request", + "example": "2020-12-15T19:13:36.079Z", + "type": "string", + "format": "date-time" + }, + "rootLevel": { + "description": "Root log level to apply, the default level for all logs. For more information about logging levels, refer to the \"Logging Levels\" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).", + "default": "INFO", + "example": "TRACE", + "type": "string", + "enum": [ + "OFF", + "FATAL", + "ERROR", + "WARN", + "INFO", + "DEBUG", + "TRACE" + ] + }, + "logLevels": { + "description": "Map of log level by key. The keys are logging classes, and the values are logging levels. To see the available connectors and their logging classes, refer to the \"Logging Classes\" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).", + "example": { + "sailpoint.connector.ADLDAPConnector": "TRACE" + }, + "type": "object", + "additionalProperties": { + "default": "INFO", + "example": "TRACE", + "description": "Standard Log4j log level", + "type": "string", + "enum": [ + "OFF", + "FATAL", + "ERROR", + "WARN", + "INFO", + "DEBUG", + "TRACE" + ] + } + } + } + }, + "operational": { + "description": "Whether or not the cluster is operational or not", + "type": "boolean", + "default": false, + "example": false + }, + "status": { + "description": "Cluster status", + "type": "string", + "example": "NORMAL" + }, + "publicKeyCertificate": { + "nullable": true, + "description": "Public key certificate", + "type": "string", + "example": "-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----" + }, + "publicKeyThumbprint": { + "nullable": true, + "description": "Public key thumbprint", + "type": "string", + "example": "obc6pLiulGbtZ" + }, + "publicKey": { + "nullable": true, + "description": "Public key", + "type": "string", + "example": "-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----" + }, + "alertKey": { + "description": "Key describing any immediate cluster alerts", + "type": "string", + "example": "LIMITED_RESOURCES" + }, + "clientIds": { + "type": "array", + "description": "List of clients in a cluster", + "items": { + "type": "string" + }, + "example": [ + "1244", + "1245" + ] + }, + "serviceCount": { + "description": "Number of services bound to a cluster", + "type": "integer", + "format": "int32", + "default": 0, + "example": 6 + }, + "ccId": { + "description": "CC ID only used in calling CC, will be removed without notice when Migration to CEGS is finished", + "type": "string", + "default": "0", + "example": "1533" + }, + "createdAt": { + "description": "The date/time this cluster was created", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "updatedAt": { + "description": "The date/time this cluster was last updated", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:read", + "idn:remote-client:manage" + ] + } + ] + }, + "post": { + "tags": [ + "Managed Clusters" + ], + "summary": "Create a new Managed Cluster", + "description": "Create a new Managed Cluster.\nThe API returns a result that includes the Managed Cluster ID.", + "operationId": "createManagedCluster", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "description": "Request to create Managed Cluster", + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "description": "ManagedCluster name", + "type": "string", + "nullable": false, + "example": "Managed Cluster Name" + }, + "type": { + "description": "The Type of Cluster", + "example": "idn", + "type": "string", + "enum": [ + "idn", + "iai" + ] + }, + "configuration": { + "description": "ManagedProcess configuration map", + "type": "object", + "additionalProperties": { + "type": "string" + }, + "example": { + "clusterExternalId": "externalId", + "ccgVersion": "77.0.0" + } + }, + "description": { + "description": "ManagedCluster description", + "type": "string", + "nullable": true, + "example": "A short description of the managed cluster." + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The created ManagedClient", + "content": { + "application/json": { + "schema": { + "description": "Managed Cluster", + "type": "object", + "required": [ + "id", + "clientType", + "ccgVersion" + ], + "properties": { + "id": { + "description": "ManagedCluster ID", + "type": "string", + "example": "e1ff7bb24c934240bbf55e1aa39e41c5" + }, + "name": { + "description": "ManagedCluster name", + "type": "string", + "example": "Managed Cluster Name" + }, + "pod": { + "description": "ManagedCluster pod", + "type": "string", + "example": "megapod-useast1" + }, + "org": { + "description": "ManagedCluster org", + "type": "string", + "example": "denali" + }, + "type": { + "description": "The Type of Cluster", + "example": "idn", + "nullable": false, + "default": "idn", + "type": "string", + "enum": [ + "idn", + "iai" + ] + }, + "configuration": { + "description": "ManagedProcess configuration map", + "type": "object", + "additionalProperties": { + "type": "string" + }, + "example": { + "clusterExternalId": "e1ff7bb24c934240bbf55e1aa39e41c5", + "clusterType": "sqsCluster", + "gmtOffset": "-5" + } + }, + "keyPair": { + "description": "key pair for the ManagedCluster", + "type": "object", + "properties": { + "publicKey": { + "nullable": true, + "description": "ManagedCluster publicKey", + "type": "string", + "example": "-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----" + }, + "publicKeyThumbprint": { + "nullable": true, + "description": "ManagedCluster publicKeyThumbprint", + "type": "string", + "example": "6CMlaJIV44-xJxcB3CJBjDUUn54" + }, + "publicKeyCertificate": { + "nullable": true, + "description": "ManagedCluster publicKeyCertificate", + "type": "string", + "example": "-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----" + } + } + }, + "attributes": { + "description": "Specific Attributes for Configuring a ManagedCluster by Type", + "type": "object", + "properties": { + "queue": { + "description": "ManagedCluster keystore for sqsCluster type", + "type": "object", + "properties": { + "name": { + "description": "ManagedCluster queue name", + "type": "string", + "example": "megapod-useast1-denali-lwt-cluster-1533" + }, + "region": { + "description": "ManagedCluster queue aws region", + "type": "string", + "example": "us-east-1" + } + } + }, + "keystore": { + "nullable": true, + "description": "ManagedCluster keystore for spConnectCluster type", + "type": "string", + "example": "/u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW" + } + } + }, + "description": { + "description": "ManagedCluster description", + "type": "string", + "default": "q", + "example": "A short description of the managed cluster." + }, + "redis": { + "description": "Redis configuration for the ManagedCluster", + "type": "object", + "properties": { + "redisHost": { + "description": "ManagedCluster redisHost", + "type": "string", + "example": "megapod-useast1-shared-redis.cloud.sailpoint.com" + }, + "redisPort": { + "description": "ManagedCluster redisPort", + "type": "integer", + "format": "int32", + "example": 6379 + } + } + }, + "clientType": { + "description": "type of client for the ManagedCluster", + "type": "string", + "example": "CCG", + "nullable": true, + "enum": [ + "CCG", + "VA", + "INTERNAL", + "IIQ_HARVESTER", + null + ] + }, + "ccgVersion": { + "description": "CCG version used by the ManagedCluster", + "type": "string", + "example": "v01" + }, + "pinnedConfig": { + "description": "boolean flag indiacting whether or not the cluster configuration is pinned", + "type": "boolean", + "default": false, + "example": false + }, + "logConfiguration": { + "description": "client log configuration for the cluster", + "example": "{ \"rootLevel\": \"WARN\", \"logLevels\": { \"foobar\": \"WARN\" } }", + "nullable": true, + "type": "object", + "required": [ + "durationMinutes", + "rootLevel" + ], + "properties": { + "clientId": { + "description": "Log configuration's client ID", + "type": "string", + "example": "aClientId" + }, + "durationMinutes": { + "description": "Duration in minutes for log configuration to remain in effect before resetting to defaults", + "type": "integer", + "format": "int32", + "example": 120, + "minimum": 5, + "maximum": 1440 + }, + "expiration": { + "description": "Expiration date-time of the log configuration request", + "example": "2020-12-15T19:13:36.079Z", + "type": "string", + "format": "date-time" + }, + "rootLevel": { + "description": "Root log level to apply, the default level for all logs. For more information about logging levels, refer to the \"Logging Levels\" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).", + "default": "INFO", + "example": "TRACE", + "type": "string", + "enum": [ + "OFF", + "FATAL", + "ERROR", + "WARN", + "INFO", + "DEBUG", + "TRACE" + ] + }, + "logLevels": { + "description": "Map of log level by key. The keys are logging classes, and the values are logging levels. To see the available connectors and their logging classes, refer to the \"Logging Classes\" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).", + "example": { + "sailpoint.connector.ADLDAPConnector": "TRACE" + }, + "type": "object", + "additionalProperties": { + "default": "INFO", + "example": "TRACE", + "description": "Standard Log4j log level", + "type": "string", + "enum": [ + "OFF", + "FATAL", + "ERROR", + "WARN", + "INFO", + "DEBUG", + "TRACE" + ] + } + } + } + }, + "operational": { + "description": "Whether or not the cluster is operational or not", + "type": "boolean", + "default": false, + "example": false + }, + "status": { + "description": "Cluster status", + "type": "string", + "example": "NORMAL" + }, + "publicKeyCertificate": { + "nullable": true, + "description": "Public key certificate", + "type": "string", + "example": "-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----" + }, + "publicKeyThumbprint": { + "nullable": true, + "description": "Public key thumbprint", + "type": "string", + "example": "obc6pLiulGbtZ" + }, + "publicKey": { + "nullable": true, + "description": "Public key", + "type": "string", + "example": "-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----" + }, + "alertKey": { + "description": "Key describing any immediate cluster alerts", + "type": "string", + "example": "LIMITED_RESOURCES" + }, + "clientIds": { + "type": "array", + "description": "List of clients in a cluster", + "items": { + "type": "string" + }, + "example": [ + "1244", + "1245" + ] + }, + "serviceCount": { + "description": "Number of services bound to a cluster", + "type": "integer", + "format": "int32", + "default": 0, + "example": 6 + }, + "ccId": { + "description": "CC ID only used in calling CC, will be removed without notice when Migration to CEGS is finished", + "type": "string", + "default": "0", + "example": "1533" + }, + "createdAt": { + "description": "The date/time this cluster was created", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "updatedAt": { + "description": "The date/time this cluster was last updated", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:manage" + ] + } + ] + } + }, + "/managed-clusters/{id}": { + "get": { + "tags": [ + "Managed Clusters" + ], + "summary": "Get a specified Managed Cluster.", + "description": "Retrieve a ManagedCluster by ID.", + "operationId": "getManagedCluster", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ManagedCluster ID.", + "required": true, + "example": "2c9180897de347a2017de8859e8c5039", + "style": "simple", + "explode": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Responds with ManagedCluster having the given ID.", + "content": { + "application/json": { + "schema": { + "description": "Managed Cluster", + "type": "object", + "required": [ + "id", + "clientType", + "ccgVersion" + ], + "properties": { + "id": { + "description": "ManagedCluster ID", + "type": "string", + "example": "e1ff7bb24c934240bbf55e1aa39e41c5" + }, + "name": { + "description": "ManagedCluster name", + "type": "string", + "example": "Managed Cluster Name" + }, + "pod": { + "description": "ManagedCluster pod", + "type": "string", + "example": "megapod-useast1" + }, + "org": { + "description": "ManagedCluster org", + "type": "string", + "example": "denali" + }, + "type": { + "description": "The Type of Cluster", + "example": "idn", + "nullable": false, + "default": "idn", + "type": "string", + "enum": [ + "idn", + "iai" + ] + }, + "configuration": { + "description": "ManagedProcess configuration map", + "type": "object", + "additionalProperties": { + "type": "string" + }, + "example": { + "clusterExternalId": "e1ff7bb24c934240bbf55e1aa39e41c5", + "clusterType": "sqsCluster", + "gmtOffset": "-5" + } + }, + "keyPair": { + "description": "key pair for the ManagedCluster", + "type": "object", + "properties": { + "publicKey": { + "nullable": true, + "description": "ManagedCluster publicKey", + "type": "string", + "example": "-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----" + }, + "publicKeyThumbprint": { + "nullable": true, + "description": "ManagedCluster publicKeyThumbprint", + "type": "string", + "example": "6CMlaJIV44-xJxcB3CJBjDUUn54" + }, + "publicKeyCertificate": { + "nullable": true, + "description": "ManagedCluster publicKeyCertificate", + "type": "string", + "example": "-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----" + } + } + }, + "attributes": { + "description": "Specific Attributes for Configuring a ManagedCluster by Type", + "type": "object", + "properties": { + "queue": { + "description": "ManagedCluster keystore for sqsCluster type", + "type": "object", + "properties": { + "name": { + "description": "ManagedCluster queue name", + "type": "string", + "example": "megapod-useast1-denali-lwt-cluster-1533" + }, + "region": { + "description": "ManagedCluster queue aws region", + "type": "string", + "example": "us-east-1" + } + } + }, + "keystore": { + "nullable": true, + "description": "ManagedCluster keystore for spConnectCluster type", + "type": "string", + "example": "/u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW" + } + } + }, + "description": { + "description": "ManagedCluster description", + "type": "string", + "default": "q", + "example": "A short description of the managed cluster." + }, + "redis": { + "description": "Redis configuration for the ManagedCluster", + "type": "object", + "properties": { + "redisHost": { + "description": "ManagedCluster redisHost", + "type": "string", + "example": "megapod-useast1-shared-redis.cloud.sailpoint.com" + }, + "redisPort": { + "description": "ManagedCluster redisPort", + "type": "integer", + "format": "int32", + "example": 6379 + } + } + }, + "clientType": { + "description": "type of client for the ManagedCluster", + "type": "string", + "example": "CCG", + "nullable": true, + "enum": [ + "CCG", + "VA", + "INTERNAL", + "IIQ_HARVESTER", + null + ] + }, + "ccgVersion": { + "description": "CCG version used by the ManagedCluster", + "type": "string", + "example": "v01" + }, + "pinnedConfig": { + "description": "boolean flag indiacting whether or not the cluster configuration is pinned", + "type": "boolean", + "default": false, + "example": false + }, + "logConfiguration": { + "description": "client log configuration for the cluster", + "example": "{ \"rootLevel\": \"WARN\", \"logLevels\": { \"foobar\": \"WARN\" } }", + "nullable": true, + "type": "object", + "required": [ + "durationMinutes", + "rootLevel" + ], + "properties": { + "clientId": { + "description": "Log configuration's client ID", + "type": "string", + "example": "aClientId" + }, + "durationMinutes": { + "description": "Duration in minutes for log configuration to remain in effect before resetting to defaults", + "type": "integer", + "format": "int32", + "example": 120, + "minimum": 5, + "maximum": 1440 + }, + "expiration": { + "description": "Expiration date-time of the log configuration request", + "example": "2020-12-15T19:13:36.079Z", + "type": "string", + "format": "date-time" + }, + "rootLevel": { + "description": "Root log level to apply, the default level for all logs. For more information about logging levels, refer to the \"Logging Levels\" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).", + "default": "INFO", + "example": "TRACE", + "type": "string", + "enum": [ + "OFF", + "FATAL", + "ERROR", + "WARN", + "INFO", + "DEBUG", + "TRACE" + ] + }, + "logLevels": { + "description": "Map of log level by key. The keys are logging classes, and the values are logging levels. To see the available connectors and their logging classes, refer to the \"Logging Classes\" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).", + "example": { + "sailpoint.connector.ADLDAPConnector": "TRACE" + }, + "type": "object", + "additionalProperties": { + "default": "INFO", + "example": "TRACE", + "description": "Standard Log4j log level", + "type": "string", + "enum": [ + "OFF", + "FATAL", + "ERROR", + "WARN", + "INFO", + "DEBUG", + "TRACE" + ] + } + } + } + }, + "operational": { + "description": "Whether or not the cluster is operational or not", + "type": "boolean", + "default": false, + "example": false + }, + "status": { + "description": "Cluster status", + "type": "string", + "example": "NORMAL" + }, + "publicKeyCertificate": { + "nullable": true, + "description": "Public key certificate", + "type": "string", + "example": "-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----" + }, + "publicKeyThumbprint": { + "nullable": true, + "description": "Public key thumbprint", + "type": "string", + "example": "obc6pLiulGbtZ" + }, + "publicKey": { + "nullable": true, + "description": "Public key", + "type": "string", + "example": "-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----" + }, + "alertKey": { + "description": "Key describing any immediate cluster alerts", + "type": "string", + "example": "LIMITED_RESOURCES" + }, + "clientIds": { + "type": "array", + "description": "List of clients in a cluster", + "items": { + "type": "string" + }, + "example": [ + "1244", + "1245" + ] + }, + "serviceCount": { + "description": "Number of services bound to a cluster", + "type": "integer", + "format": "int32", + "default": 0, + "example": 6 + }, + "ccId": { + "description": "CC ID only used in calling CC, will be removed without notice when Migration to CEGS is finished", + "type": "string", + "default": "0", + "example": "1533" + }, + "createdAt": { + "description": "The date/time this cluster was created", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "updatedAt": { + "description": "The date/time this cluster was last updated", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:read", + "idn:remote-client:manage" + ] + } + ] + }, + "patch": { + "tags": [ + "Managed Clusters" + ], + "summary": "Update a Managed Cluster", + "description": "Update an existing Managed Cluster.", + "operationId": "updateManagedCluster", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Managed Cluster ID.", + "example": "2c9180897de347a2017de8859e8c5039" + } + ], + "requestBody": { + "required": true, + "description": "The JSONPatch payload used to update the object.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The updated Managed Cluster", + "content": { + "application/json": { + "schema": { + "description": "Managed Cluster", + "type": "object", + "required": [ + "id", + "clientType", + "ccgVersion" + ], + "properties": { + "id": { + "description": "ManagedCluster ID", + "type": "string", + "example": "e1ff7bb24c934240bbf55e1aa39e41c5" + }, + "name": { + "description": "ManagedCluster name", + "type": "string", + "example": "Managed Cluster Name" + }, + "pod": { + "description": "ManagedCluster pod", + "type": "string", + "example": "megapod-useast1" + }, + "org": { + "description": "ManagedCluster org", + "type": "string", + "example": "denali" + }, + "type": { + "description": "The Type of Cluster", + "example": "idn", + "nullable": false, + "default": "idn", + "type": "string", + "enum": [ + "idn", + "iai" + ] + }, + "configuration": { + "description": "ManagedProcess configuration map", + "type": "object", + "additionalProperties": { + "type": "string" + }, + "example": { + "clusterExternalId": "e1ff7bb24c934240bbf55e1aa39e41c5", + "clusterType": "sqsCluster", + "gmtOffset": "-5" + } + }, + "keyPair": { + "description": "key pair for the ManagedCluster", + "type": "object", + "properties": { + "publicKey": { + "nullable": true, + "description": "ManagedCluster publicKey", + "type": "string", + "example": "-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----" + }, + "publicKeyThumbprint": { + "nullable": true, + "description": "ManagedCluster publicKeyThumbprint", + "type": "string", + "example": "6CMlaJIV44-xJxcB3CJBjDUUn54" + }, + "publicKeyCertificate": { + "nullable": true, + "description": "ManagedCluster publicKeyCertificate", + "type": "string", + "example": "-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----" + } + } + }, + "attributes": { + "description": "Specific Attributes for Configuring a ManagedCluster by Type", + "type": "object", + "properties": { + "queue": { + "description": "ManagedCluster keystore for sqsCluster type", + "type": "object", + "properties": { + "name": { + "description": "ManagedCluster queue name", + "type": "string", + "example": "megapod-useast1-denali-lwt-cluster-1533" + }, + "region": { + "description": "ManagedCluster queue aws region", + "type": "string", + "example": "us-east-1" + } + } + }, + "keystore": { + "nullable": true, + "description": "ManagedCluster keystore for spConnectCluster type", + "type": "string", + "example": "/u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW" + } + } + }, + "description": { + "description": "ManagedCluster description", + "type": "string", + "default": "q", + "example": "A short description of the managed cluster." + }, + "redis": { + "description": "Redis configuration for the ManagedCluster", + "type": "object", + "properties": { + "redisHost": { + "description": "ManagedCluster redisHost", + "type": "string", + "example": "megapod-useast1-shared-redis.cloud.sailpoint.com" + }, + "redisPort": { + "description": "ManagedCluster redisPort", + "type": "integer", + "format": "int32", + "example": 6379 + } + } + }, + "clientType": { + "description": "type of client for the ManagedCluster", + "type": "string", + "example": "CCG", + "nullable": true, + "enum": [ + "CCG", + "VA", + "INTERNAL", + "IIQ_HARVESTER", + null + ] + }, + "ccgVersion": { + "description": "CCG version used by the ManagedCluster", + "type": "string", + "example": "v01" + }, + "pinnedConfig": { + "description": "boolean flag indiacting whether or not the cluster configuration is pinned", + "type": "boolean", + "default": false, + "example": false + }, + "logConfiguration": { + "description": "client log configuration for the cluster", + "example": "{ \"rootLevel\": \"WARN\", \"logLevels\": { \"foobar\": \"WARN\" } }", + "nullable": true, + "type": "object", + "required": [ + "durationMinutes", + "rootLevel" + ], + "properties": { + "clientId": { + "description": "Log configuration's client ID", + "type": "string", + "example": "aClientId" + }, + "durationMinutes": { + "description": "Duration in minutes for log configuration to remain in effect before resetting to defaults", + "type": "integer", + "format": "int32", + "example": 120, + "minimum": 5, + "maximum": 1440 + }, + "expiration": { + "description": "Expiration date-time of the log configuration request", + "example": "2020-12-15T19:13:36.079Z", + "type": "string", + "format": "date-time" + }, + "rootLevel": { + "description": "Root log level to apply, the default level for all logs. For more information about logging levels, refer to the \"Logging Levels\" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).", + "default": "INFO", + "example": "TRACE", + "type": "string", + "enum": [ + "OFF", + "FATAL", + "ERROR", + "WARN", + "INFO", + "DEBUG", + "TRACE" + ] + }, + "logLevels": { + "description": "Map of log level by key. The keys are logging classes, and the values are logging levels. To see the available connectors and their logging classes, refer to the \"Logging Classes\" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).", + "example": { + "sailpoint.connector.ADLDAPConnector": "TRACE" + }, + "type": "object", + "additionalProperties": { + "default": "INFO", + "example": "TRACE", + "description": "Standard Log4j log level", + "type": "string", + "enum": [ + "OFF", + "FATAL", + "ERROR", + "WARN", + "INFO", + "DEBUG", + "TRACE" + ] + } + } + } + }, + "operational": { + "description": "Whether or not the cluster is operational or not", + "type": "boolean", + "default": false, + "example": false + }, + "status": { + "description": "Cluster status", + "type": "string", + "example": "NORMAL" + }, + "publicKeyCertificate": { + "nullable": true, + "description": "Public key certificate", + "type": "string", + "example": "-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----" + }, + "publicKeyThumbprint": { + "nullable": true, + "description": "Public key thumbprint", + "type": "string", + "example": "obc6pLiulGbtZ" + }, + "publicKey": { + "nullable": true, + "description": "Public key", + "type": "string", + "example": "-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----" + }, + "alertKey": { + "description": "Key describing any immediate cluster alerts", + "type": "string", + "example": "LIMITED_RESOURCES" + }, + "clientIds": { + "type": "array", + "description": "List of clients in a cluster", + "items": { + "type": "string" + }, + "example": [ + "1244", + "1245" + ] + }, + "serviceCount": { + "description": "Number of services bound to a cluster", + "type": "integer", + "format": "int32", + "default": 0, + "example": 6 + }, + "ccId": { + "description": "CC ID only used in calling CC, will be removed without notice when Migration to CEGS is finished", + "type": "string", + "default": "0", + "example": "1533" + }, + "createdAt": { + "description": "The date/time this cluster was created", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + }, + "updatedAt": { + "description": "The date/time this cluster was last updated", + "example": "2023-08-04T20:48:01.865Z", + "nullable": true, + "type": "string", + "format": "date-time" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:manage" + ] + } + ] + }, + "delete": { + "operationId": "deleteManagedCluster", + "tags": [ + "Managed Clusters" + ], + "summary": "Delete a Managed Cluster", + "description": "Delete an existing Managed Cluster.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Managed Cluster ID.", + "example": "2c9180897de347a2017de8859e8c5039" + }, + { + "in": "query", + "name": "removeClients", + "schema": { + "type": "boolean", + "default": false + }, + "required": false, + "description": "Flag to determine the need to delete a cluster with clients", + "example": false + } + ], + "responses": { + "204": { + "description": "The Managed Cluster was successfully deleted." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:remote-client:manage" + ] + } + ] + } + }, + "/mfa/okta-verify/config": { + "get": { + "operationId": "getMFAOktaConfig", + "tags": [ + "MFA Configuration" + ], + "summary": "Configuration of Okta MFA method", + "description": "This API returns the configuration of an Okta MFA method. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:mfa-configuration:read", + "idn:mfa-configuration:manage" + ] + } + ], + "responses": { + "200": { + "description": "The configuration of an Okta MFA method.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "mfaMethod": { + "type": "string", + "nullable": true, + "description": "Mfa method name", + "example": "okta-verify" + }, + "enabled": { + "type": "boolean", + "description": "If MFA method is enabled.", + "default": false, + "example": true + }, + "host": { + "type": "string", + "nullable": true, + "description": "The server host name or IP address of the MFA provider.", + "example": "example.com" + }, + "accessKey": { + "type": "string", + "nullable": true, + "description": "The secret key for authenticating requests to the MFA provider.", + "example": "qw123Y3QlA5UqocYpdU3rEkzrK2D497y" + }, + "identityAttribute": { + "type": "string", + "nullable": true, + "description": "Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider.", + "example": "email" + } + } + }, + "example": { + "mfaMethod": "okta-verify", + "enabled": true, + "host": "www.example.com", + "accessKey": "d******Y", + "identityAttribute": "email" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "setMFAOktaConfig", + "tags": [ + "MFA Configuration" + ], + "summary": "Set Okta MFA configuration", + "description": "This API sets the configuration of an Okta MFA method. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:mfa-configuration:manage" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "mfaMethod": { + "type": "string", + "nullable": true, + "description": "Mfa method name", + "example": "okta-verify" + }, + "enabled": { + "type": "boolean", + "description": "If MFA method is enabled.", + "default": false, + "example": true + }, + "host": { + "type": "string", + "nullable": true, + "description": "The server host name or IP address of the MFA provider.", + "example": "example.com" + }, + "accessKey": { + "type": "string", + "nullable": true, + "description": "The secret key for authenticating requests to the MFA provider.", + "example": "qw123Y3QlA5UqocYpdU3rEkzrK2D497y" + }, + "identityAttribute": { + "type": "string", + "nullable": true, + "description": "Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider.", + "example": "email" + } + } + }, + "example": { + "mfaMethod": "okta-verify", + "enabled": true, + "host": "www.example.com", + "accessKey": "dk778Y3QlA5UqocYpdU3rEkzrK2D497y", + "identityAttribute": "email" + } + } + } + }, + "responses": { + "200": { + "description": "MFA configuration of an Okta MFA method.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "mfaMethod": { + "type": "string", + "nullable": true, + "description": "Mfa method name", + "example": "okta-verify" + }, + "enabled": { + "type": "boolean", + "description": "If MFA method is enabled.", + "default": false, + "example": true + }, + "host": { + "type": "string", + "nullable": true, + "description": "The server host name or IP address of the MFA provider.", + "example": "example.com" + }, + "accessKey": { + "type": "string", + "nullable": true, + "description": "The secret key for authenticating requests to the MFA provider.", + "example": "qw123Y3QlA5UqocYpdU3rEkzrK2D497y" + }, + "identityAttribute": { + "type": "string", + "nullable": true, + "description": "Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider.", + "example": "email" + } + } + }, + "example": { + "mfaMethod": "okta-verify", + "enabled": true, + "host": "www.example.com", + "accessKey": "d******Y", + "identityAttribute": "email" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/mfa/duo-web/config": { + "get": { + "operationId": "getMFADuoConfig", + "tags": [ + "MFA Configuration" + ], + "summary": "Configuration of Duo MFA method", + "description": "This API returns the configuration of an Duo MFA method. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:mfa-configuration:read", + "idn:mfa-configuration:manage" + ] + } + ], + "responses": { + "200": { + "description": "The configuration of an Duo MFA method.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "mfaMethod": { + "type": "string", + "nullable": true, + "description": "Mfa method name", + "example": "duo-web" + }, + "enabled": { + "type": "boolean", + "description": "If MFA method is enabled.", + "default": false, + "example": true + }, + "host": { + "type": "string", + "nullable": true, + "description": "The server host name or IP address of the MFA provider.", + "example": "example.com" + }, + "accessKey": { + "type": "string", + "nullable": true, + "description": "The secret key for authenticating requests to the MFA provider.", + "example": "qw123Y3QlA5UqocYpdU3rEkzrK2D497y" + }, + "identityAttribute": { + "type": "string", + "nullable": true, + "description": "Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider.", + "example": "email" + }, + "configProperties": { + "description": "A map with additional config properties for the given MFA method - duo-web.", + "type": "object", + "nullable": true, + "additionalProperties": true, + "example": { + "skey": "qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x", + "ikey": "Q123WE45R6TY7890ZXCV" + } + } + } + }, + "example": { + "mfaMethod": "duo-web", + "enabled": true, + "host": "www.example.com", + "accessKey": "d******Y", + "identityAttribute": "email", + "configProperties": { + "skey": "6******B", + "ikey": "Q123WE45R6TY7890ZXCV" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "setMFADuoConfig", + "tags": [ + "MFA Configuration" + ], + "summary": "Set Duo MFA configuration", + "description": "This API sets the configuration of an Duo MFA method. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:mfa-configuration:manage" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "mfaMethod": { + "type": "string", + "nullable": true, + "description": "Mfa method name", + "example": "duo-web" + }, + "enabled": { + "type": "boolean", + "description": "If MFA method is enabled.", + "default": false, + "example": true + }, + "host": { + "type": "string", + "nullable": true, + "description": "The server host name or IP address of the MFA provider.", + "example": "example.com" + }, + "accessKey": { + "type": "string", + "nullable": true, + "description": "The secret key for authenticating requests to the MFA provider.", + "example": "qw123Y3QlA5UqocYpdU3rEkzrK2D497y" + }, + "identityAttribute": { + "type": "string", + "nullable": true, + "description": "Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider.", + "example": "email" + }, + "configProperties": { + "description": "A map with additional config properties for the given MFA method - duo-web.", + "type": "object", + "nullable": true, + "additionalProperties": true, + "example": { + "skey": "qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x", + "ikey": "Q123WE45R6TY7890ZXCV" + } + } + } + }, + "example": { + "mfaMethod": "duo-web", + "enabled": true, + "host": "www.example.com", + "accessKey": "qw123Y3QlA5UqocYpdU3rEkzrK2D497y", + "identityAttribute": "email", + "configProperties": { + "skey": "12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B", + "ikey": "Q123WE45R6TY7890ZXCV" + } + } + } + } + }, + "responses": { + "200": { + "description": "MFA configuration of an Duo MFA method.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "mfaMethod": { + "type": "string", + "nullable": true, + "description": "Mfa method name", + "example": "duo-web" + }, + "enabled": { + "type": "boolean", + "description": "If MFA method is enabled.", + "default": false, + "example": true + }, + "host": { + "type": "string", + "nullable": true, + "description": "The server host name or IP address of the MFA provider.", + "example": "example.com" + }, + "accessKey": { + "type": "string", + "nullable": true, + "description": "The secret key for authenticating requests to the MFA provider.", + "example": "qw123Y3QlA5UqocYpdU3rEkzrK2D497y" + }, + "identityAttribute": { + "type": "string", + "nullable": true, + "description": "Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider.", + "example": "email" + }, + "configProperties": { + "description": "A map with additional config properties for the given MFA method - duo-web.", + "type": "object", + "nullable": true, + "additionalProperties": true, + "example": { + "skey": "qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x", + "ikey": "Q123WE45R6TY7890ZXCV" + } + } + } + }, + "example": { + "mfaMethod": "duo-web", + "enabled": true, + "host": "www.example.com", + "accessKey": "q******y", + "identityAttribute": "email", + "configProperties": { + "skey": "1******B", + "ikey": "Q123WE45R6TY7890ZXCV" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/mfa/kba/config": { + "get": { + "operationId": "getMFAKbaConfig", + "tags": [ + "MFA Configuration" + ], + "summary": "Configuration of KBA MFA method", + "description": "This API returns the KBA configuration for MFA. A token with USER or ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "query", + "name": "allLanguages", + "required": false, + "schema": { + "type": "boolean" + }, + "description": "Indicator whether the question text should be returned in all configured languages\n * If true, the question text is returned in all languages that it is configured in.\n * If false, the question text is returned in the user locale if available, else for the default locale. \n * If not passed, it behaves the same way as passing this parameter as false", + "example": "allLanguages=true" + } + ], + "security": [ + { + "UserContextAuth": [ + "idn:mfa-kba:read" + ] + } + ], + "responses": { + "200": { + "description": "The configuration for KBA MFA method.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "description": "KBA Configuration", + "type": "object", + "properties": { + "id": { + "type": "string", + "nullable": false, + "description": "KBA Question Id", + "example": "143cfd3b-c23f-426b-ae5f-d3db06fa5919" + }, + "text": { + "type": "string", + "nullable": false, + "description": "KBA Question description", + "example": "[{\"text\":\"Nouvelle question MFA -1 ?\",\"locale\":\"fr\"},{\"text\":\"MFA new question -1 ?\",\"locale\":\"\"}]" + }, + "hasAnswer": { + "type": "boolean", + "nullable": false, + "description": "Denotes whether the KBA question has an answer configured for any user in the tenant", + "example": true + }, + "numAnswers": { + "type": "integer", + "format": "int32", + "nullable": false, + "description": "Denotes the number of KBA configurations for this question", + "example": 5 + } + }, + "required": [ + "id", + "text", + "hasAnswer", + "numAnswers" + ] + } + }, + "example": [ + { + "id": "143cfd3b-c23f-426b-ae5f-d3db06fa5919", + "text": "MFA new question -1 ?", + "hasAnswer": false, + "numAnswers": 0 + }, + { + "id": "173421", + "text": "What is your alphanumeric PIN?", + "hasAnswer": false, + "numAnswers": 3 + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/mfa/kba/config/answers": { + "post": { + "operationId": "setMFAKBAConfig", + "tags": [ + "MFA Configuration" + ], + "summary": "Set MFA KBA configuration", + "description": "This API sets answers to challenge questions. Any configured questions omitted from the request are removed from user KBA configuration.\nA token with USER authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "nullable": false, + "description": "Question Id", + "example": "c54fee53-2d63-4fc5-9259-3e93b9994135" + }, + "answer": { + "type": "string", + "nullable": false, + "description": "An answer for the KBA question", + "example": "Your answer" + } + }, + "required": [ + "id", + "answer" + ] + } + }, + "example": [ + { + "id": "173423", + "answer": "822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34" + }, + { + "id": "c54fee53-2d63-4fc5-9259-3e93b9994135", + "answer": "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08" + } + ] + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:mfa-kba:authenticate" + ] + } + ], + "responses": { + "200": { + "description": "The new KBA configuration for the user.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "nullable": false, + "description": "Question Id", + "example": "c54fee53-2d63-4fc5-9259-3e93b9994135" + }, + "question": { + "type": "string", + "nullable": false, + "description": "Question description", + "example": "[{\"text\":\"Nouvelle question MFA -1 ?\",\"locale\":\"fr\"},{\"text\":\"MFA new question -1 ?\",\"locale\":\"\"}]" + }, + "hasAnswer": { + "type": "boolean", + "nullable": false, + "description": "Denotes whether the KBA question has an answer configured for the current user", + "example": true + } + }, + "required": [ + "id", + "question", + "hasAnswer" + ] + } + }, + "example": [ + { + "id": "143cfd3b-c23f-426b-ae5f-d3db06fa5919", + "question": "[{\"text\":\"Nouvelle question MFA -1 ?\",\"locale\":\"fr\"},{\"text\":\"MFA new question -1 ?\",\"locale\":\"\"}]", + "hasAnswer": false + }, + { + "id": "173421", + "question": "[{\"text\":\"What is your alphanumeric PIN?\",\"locale\":\"\"}]", + "hasAnswer": true + }, + { + "id": "c54fee53-2d63-4fc5-9259-3e93b9994135", + "question": "[{\"text\":\"Nouvelle question MFA - 2 ?\",\"locale\":\"fr\"},{\"text\":\"MFA new question - 2 ?\",\"locale\":\"\"}]", + "hasAnswer": true + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/mfa/{method}/test": { + "get": { + "operationId": "testMFAConfig", + "tags": [ + "MFA Configuration" + ], + "summary": "MFA method's test configuration", + "description": "This API validates that the configuration is valid and will properly authenticate with the MFA provider identified by the method path parameter.\nA token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:mfa-configuration:read", + "idn:mfa-configuration:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "method", + "schema": { + "type": "string", + "example": "okta-verify" + }, + "required": true, + "description": "The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'." + } + ], + "responses": { + "200": { + "description": "The result of configuration test for the MFA provider.", + "content": { + "application/json": { + "schema": { + "description": "Response model for configuration test of a given MFA method", + "type": "object", + "properties": { + "state": { + "type": "string", + "enum": [ + "SUCCESS", + "FAILED" + ], + "description": "The configuration test result.", + "example": "SUCCESS", + "readOnly": true + }, + "error": { + "type": "string", + "example": "MFA Method is disabled.", + "description": "The error message to indicate the failure of configuration test.", + "readOnly": true + } + } + }, + "example": { + "state": "SUCCESS", + "error": null + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-records": { + "post": { + "operationId": "createNonEmployeeRecord", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Create Non-Employee Record", + "description": "This request will create a non-employee record.\nRequires role context of `idn:nesr:create`", + "requestBody": { + "description": "Non-Employee record creation request body.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "william.smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "sourceId": { + "type": "string", + "description": "Non-Employee's source id.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee, 10 attributes is the maximum size supported.", + "example": { + "description": "Auditing" + } + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2020-03-24T00:00:00-05:00" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2021-03-25T00:00:00-05:00" + } + }, + "required": [ + "accountName", + "firstName", + "lastName", + "email", + "phone", + "manager", + "sourceId", + "startDate", + "endDate" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Created non-employee record.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee record id.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "Abby.Smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "sourceId": { + "type": "string", + "description": "Non-Employee's source id.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee.", + "example": { + "description": "Auditing" + } + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2019-08-23T18:52:59.162Z" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2020-08-23T18:52:59.162Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "listNonEmployeeRecords", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "List Non-Employee Records", + "description": "This gets a list of non-employee records. There are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:read`, in which case they can get a list of all of the non-employees.\n 2. The user is an account manager, in which case they can get a list of the non-employees that they manage.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "accountName,sourceId", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, accountName, sourceId, manager, firstName, lastName, email, phone, startDate, endDate, created, modified**" + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "example": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq*" + } + ], + "responses": { + "200": { + "description": "Non-Employee record objects", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee record id.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "Abby.Smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "sourceId": { + "type": "string", + "description": "Non-Employee's source id.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee.", + "example": { + "description": "Auditing" + } + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2019-08-23T18:52:59.162Z" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2020-08-23T18:52:59.162Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-records/{id}": { + "get": { + "operationId": "getNonEmployeeRecord", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Get a Non-Employee Record", + "description": "This gets a non-employee record.\nRequires role context of `idn:nesr:read`", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Non-Employee record id (UUID)", + "required": true, + "example": "ef38f94347e94562b5bb8424a56397d8", + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Non-Employee record object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee record id.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "Abby.Smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "sourceId": { + "type": "string", + "description": "Non-Employee's source id.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee.", + "example": { + "description": "Auditing" + } + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2019-08-23T18:52:59.162Z" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2020-08-23T18:52:59.162Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "updateNonEmployeeRecord", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Update Non-Employee Record", + "description": "This request will update a non-employee record. There are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:update`, in which case they\nupdate all available fields.\n 2. The user is owner of the source, in this case they can only update the\nend date.", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Non-employee record id (UUID)", + "example": "ef38f94347e94562b5bb8424a56397d8", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "description": "Non-employee record creation request body. Attributes are restricted by user type. Owner of source can update end date. Organization admins can update all available fields.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "william.smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "sourceId": { + "type": "string", + "description": "Non-Employee's source id.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee, 10 attributes is the maximum size supported.", + "example": { + "description": "Auditing" + } + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2020-03-24T00:00:00-05:00" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2021-03-25T00:00:00-05:00" + } + }, + "required": [ + "accountName", + "firstName", + "lastName", + "email", + "phone", + "manager", + "sourceId", + "startDate", + "endDate" + ] + } + } + } + }, + "responses": { + "200": { + "description": "An updated non-employee record.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee record id.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "Abby.Smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "sourceId": { + "type": "string", + "description": "Non-Employee's source id.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee.", + "example": { + "description": "Auditing" + } + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2019-08-23T18:52:59.162Z" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2020-08-23T18:52:59.162Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchNonEmployeeRecord", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Patch Non-Employee Record", + "description": "This request will patch a non-employee record. There are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:update`, in which case they\nupdate all available fields.\n 2. The user is owner of the source, in this case they can only update the\nend date.", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Non-employee record id (UUID)", + "example": "ef38f94347e94562b5bb8424a56397d8", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "description": "A list of non-employee update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Attributes are restricted by user type. Owner of source can update end date. Organization admins can update all available fields.", + "required": true, + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/endDate", + "value": "2019-08-23T18:40:35.772Z" + } + ] + } + } + }, + "responses": { + "200": { + "description": "A patched non-employee record.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee record id.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "Abby.Smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "sourceId": { + "type": "string", + "description": "Non-Employee's source id.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee.", + "example": { + "description": "Auditing" + } + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2019-08-23T18:52:59.162Z" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2020-08-23T18:52:59.162Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteNonEmployeeRecord", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Delete Non-Employee Record", + "description": "This request will delete a non-employee record.\nRequires role context of `idn:nesr:delete`", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Non-Employee record id (UUID)", + "example": "ef38f94347e94562b5bb8424a56397d8", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-records/bulk-delete": { + "post": { + "operationId": "deleteNonEmployeeRecordsInBulk", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Delete Multiple Non-Employee Records", + "description": "This request will delete multiple non-employee records based on the non-employee ids provided. Requires role context of `idn:nesr:delete`", + "requestBody": { + "description": "Non-Employee bulk delete request body.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "ids": { + "description": "List of non-employee ids.", + "type": "array", + "items": { + "type": "string", + "format": "uuid" + }, + "example": [ + "2b838de9-db9b-abcf-e646-d4f274ad4238", + "2d838de9-db9b-abcf-e646-d4f274ad4238" + ] + } + }, + "required": [ + "ids" + ] + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-requests": { + "post": { + "operationId": "createNonEmployeeRequest", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Create Non-Employee Request", + "description": "This request will create a non-employee request and notify the approver. Requires role context of `idn:nesr:create` or the user must own the source.", + "requestBody": { + "description": "Non-Employee creation request body", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "william.smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "sourceId": { + "type": "string", + "description": "Non-Employee's source id.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee, 10 attributes is the maximum size supported.", + "example": { + "description": "Auditing" + } + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2020-03-24T00:00:00-05:00" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2021-03-25T00:00:00-05:00" + } + }, + "required": [ + "accountName", + "firstName", + "lastName", + "email", + "phone", + "manager", + "sourceId", + "startDate", + "endDate" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Non-Employee request creation object", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + { + "type": "object", + "properties": { + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "william.smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "nonEmployeeSource": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee.", + "example": { + "description": "Auditing" + } + }, + "approvalItems": { + "description": "List of approval item for the request", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee approval item id", + "example": "2c1e388b-1e55-4b0a-ab5c-897f1204159c" + }, + "approver": { + "description": "Reference to the associated Identity", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + }, + "accountName": { + "type": "string", + "description": "Requested identity account name", + "example": "test.account" + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "approvalOrder": { + "type": "number", + "description": "Approval order", + "example": 1, + "format": "float" + }, + "comment": { + "type": "string", + "description": "comment of approver", + "example": "I approve" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "comment": { + "type": "string", + "description": "comment of requester", + "example": "approved" + }, + "completionDate": { + "type": "string", + "format": "date-time", + "description": "When the request was completely approved.", + "example": "2020-03-24T11:11:41.139-05:00" + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2020-03-24T00:00:00-05:00" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2021-03-25T00:00:00-05:00" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2020-03-24T11:11:41.139-05:00" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2020-03-24T11:11:41.139-05:00" + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "400.1 Bad Request Content": { + "description": "Response for bad request content", + "value": { + "detailCode": "400.1 Bad Request Content", + "trackingId": "e7eab60924f64aa284175b9fa3309599", + "messages": [ + { + "locale": "en", + "localeOrigin": "REQUEST", + "text": "firstName is required; accountName is required;" + } + ] + } + }, + "400.1.409 Reference conflict": { + "description": "Response for reference conflict", + "value": { + "detailCode": "400.1.409 Reference conflict", + "trackingId": "e7eab60924f64aa284175b9fa3309599", + "messages": [ + { + "locale": "en", + "localeOrigin": "REQUEST", + "text": "Unable to create Non-Employee because the accountName \"existed\" is already being used." + } + ] + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "listNonEmployeeRequests", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "List Non-Employee Requests", + "description": "This gets a list of non-employee requests. There are two contextual uses for the `requested-for` path parameter:\n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request a list non-employee requests assigned to a particular account manager by passing in that manager's id.\n 2. The current user is an account manager, in which case \"me\" should be\nprovided as the `requested-for` value. This will provide the user with a list of the non-employee requests in the source(s) he or she manages.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "requested-for", + "required": true, + "schema": { + "type": "string" + }, + "example": "e136567de87e4d029e60b3c3c55db56d", + "description": "The identity for whom the request was made. *me* indicates the current user." + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "created,approvalStatus", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, approvalStatus, firstName, lastName, email, phone, accountName, startDate, endDate**" + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "example": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq* " + } + ], + "responses": { + "200": { + "description": "List of non-employee request objects.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + { + "type": "object", + "properties": { + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "william.smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "nonEmployeeSource": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee.", + "example": { + "description": "Auditing" + } + }, + "approvalItems": { + "description": "List of approval item for the request", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee approval item id", + "example": "2c1e388b-1e55-4b0a-ab5c-897f1204159c" + }, + "approver": { + "description": "Reference to the associated Identity", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + }, + "accountName": { + "type": "string", + "description": "Requested identity account name", + "example": "test.account" + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "approvalOrder": { + "type": "number", + "description": "Approval order", + "example": 1, + "format": "float" + }, + "comment": { + "type": "string", + "description": "comment of approver", + "example": "I approve" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "comment": { + "type": "string", + "description": "comment of requester", + "example": "approved" + }, + "completionDate": { + "type": "string", + "format": "date-time", + "description": "When the request was completely approved.", + "example": "2020-03-24T11:11:41.139-05:00" + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2020-03-24T00:00:00-05:00" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2021-03-25T00:00:00-05:00" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2020-03-24T11:11:41.139-05:00" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2020-03-24T11:11:41.139-05:00" + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-requests/{id}": { + "get": { + "operationId": "getNonEmployeeRequest", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Get a Non-Employee Request", + "description": "This gets a non-employee request.\nThere are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:read`, in this case the user\ncan get the non-employee request for any user.\n 2. The user must be the owner of the non-employee request.", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Non-Employee request id (UUID)", + "example": "ac110005-7156-1150-8171-5b292e3e0084", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Non-Employee request object.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + { + "type": "object", + "properties": { + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "william.smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "nonEmployeeSource": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee.", + "example": { + "description": "Auditing" + } + }, + "approvalItems": { + "description": "List of approval item for the request", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee approval item id", + "example": "2c1e388b-1e55-4b0a-ab5c-897f1204159c" + }, + "approver": { + "description": "Reference to the associated Identity", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + }, + "accountName": { + "type": "string", + "description": "Requested identity account name", + "example": "test.account" + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "approvalOrder": { + "type": "number", + "description": "Approval order", + "example": 1, + "format": "float" + }, + "comment": { + "type": "string", + "description": "comment of approver", + "example": "I approve" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "comment": { + "type": "string", + "description": "comment of requester", + "example": "approved" + }, + "completionDate": { + "type": "string", + "format": "date-time", + "description": "When the request was completely approved.", + "example": "2020-03-24T11:11:41.139-05:00" + }, + "startDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment start date.", + "example": "2020-03-24T00:00:00-05:00" + }, + "endDate": { + "type": "string", + "format": "date-time", + "description": "Non-Employee employment end date.", + "example": "2021-03-25T00:00:00-05:00" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2020-03-24T11:11:41.139-05:00" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2020-03-24T11:11:41.139-05:00" + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteNonEmployeeRequest", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Delete Non-Employee Request", + "description": "This request will delete a non-employee request. \nRequires role context of `idn:nesr:delete`", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Non-Employee request id in the UUID format", + "required": true, + "schema": { + "type": "string", + "format": "uuid" + }, + "example": "ac110005-7156-1150-8171-5b292e3e0084" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-requests/summary/{requested-for}": { + "get": { + "operationId": "getNonEmployeeRequestSummary", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Get Summary of Non-Employee Requests", + "description": "This request will retrieve a summary of non-employee requests. There are two contextual uses for the `requested-for` path parameter:\n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request a summary of all non-employee approval requests assigned to a particular account manager by passing in that manager's id.\n 2. The current user is an account manager, in which case \"me\" should be\nprovided as the `requested-for` value. This will provide the user with a summary of the non-employee requests in the source(s) he or she manages.", + "parameters": [ + { + "in": "path", + "name": "requested-for", + "description": "The identity (UUID) of the non-employee account manager for whom the summary is being retrieved. Use \"me\" instead to indicate the current user.", + "required": true, + "schema": { + "type": "string", + "format": "uuid (if user is Org Admin)" + }, + "example": "2c91808280430dfb0180431a59440460" + } + ], + "responses": { + "200": { + "description": "Non-Employee request summary object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "approved": { + "type": "integer", + "description": "The number of approved non-employee requests on all sources that *requested-for* user manages.", + "example": 2, + "format": "int32" + }, + "rejected": { + "type": "integer", + "description": "The number of rejected non-employee requests on all sources that *requested-for* user manages.", + "example": 2, + "format": "int32" + }, + "pending": { + "type": "integer", + "description": "The number of pending non-employee requests on all sources that *requested-for* user manages.", + "example": 2, + "format": "int32" + }, + "nonEmployeeCount": { + "type": "integer", + "description": "The number of non-employee records on all sources that *requested-for* user manages.", + "example": 2, + "format": "int32" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-sources": { + "post": { + "operationId": "createNonEmployeeSource", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Create Non-Employee Source", + "description": "This request will create a non-employee source. Requires role context of `idn:nesr:create`", + "requestBody": { + "description": "Non-Employee source creation request body.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Description of non-employee source.", + "example": "Source description" + }, + "owner": { + "description": "Owner of non-employee source.", + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Identity id.", + "example": "2c91808570313110017040b06f344ec9" + } + }, + "required": [ + "id" + ] + }, + "managementWorkgroup": { + "type": "string", + "description": "The ID for the management workgroup that contains source sub-admins", + "example": "123299" + }, + "approvers": { + "description": "List of approvers.", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Identity id.", + "example": "2c91808570313110017040b06f344ec9" + } + }, + "required": [ + "id" + ] + }, + "maxItems": 3 + }, + "accountManagers": { + "description": "List of account managers.", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Identity id.", + "example": "2c91808570313110017040b06f344ec9" + } + }, + "required": [ + "id" + ] + }, + "maxItems": 10 + } + }, + "required": [ + "owner", + "name", + "description" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Created non-employee source.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + { + "type": "object", + "properties": { + "approvers": { + "description": "List of approvers", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + }, + "accountManagers": { + "description": "List of account managers", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "cloudExternalId": { + "type": "string", + "description": "Legacy ID used for sources from the V1 API. This attribute will be removed from a future version of the API and will not be considered a breaking change. No clients should rely on this ID always being present.", + "example": "99999" + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "listNonEmployeeSources", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "List Non-Employee Sources", + "description": "This gets a list of non-employee sources. There are two contextual uses for the requested-for path parameter: \n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request a list sources assigned to a particular account manager by passing in that manager's id.\n 2. The current user is an account manager, in which case \"me\" should be\nprovided as the `requested-for` value. This will provide the user with a list of the sources that he or she owns.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "requested-for", + "required": true, + "schema": { + "type": "string" + }, + "example": "me", + "description": "The identity for whom the request was made. *me* indicates the current user." + }, + { + "in": "query", + "name": "non-employee-count", + "required": false, + "example": true, + "schema": { + "type": "boolean" + }, + "description": "The flag to determine whether return a non-employee count associate with source." + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "name,created", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, sourceId**" + } + ], + "responses": { + "200": { + "description": "List of non-employee sources objects.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + { + "type": "object", + "properties": { + "approvers": { + "description": "List of approvers", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + }, + "accountManagers": { + "description": "List of account managers", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "nonEmployeeCount": { + "type": "integer", + "description": "Number of non-employee records associated with this source.", + "format": "int32", + "example": 120, + "nullable": true + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-sources/{sourceId}": { + "get": { + "operationId": "getNonEmployeeSource", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Get a Non-Employee Source", + "description": "This gets a non-employee source. There are two contextual uses for the requested-for path parameter: \n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request any source.\n 2. The current user is an account manager, in which case the user can only\nrequest sources that they own.", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "description": "Source Id", + "example": "2c91808b7c28b350017c2a2ec5790aa1", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Non-Employee source object.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + { + "type": "object", + "properties": { + "approvers": { + "description": "List of approvers", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + }, + "accountManagers": { + "description": "List of account managers", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchNonEmployeeSource", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Patch a Non-Employee Source", + "description": "patch a non-employee source. (partial update)
Patchable field: **name, description, approvers, accountManagers** Requires role context of `idn:nesr:update`.", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "description": "Source Id", + "required": true, + "schema": { + "type": "string" + }, + "example": "e136567de87e4d029e60b3c3c55db56d" + } + ], + "requestBody": { + "description": "A list of non-employee source update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.", + "required": true, + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/name", + "value": { + "new name": null + } + }, + { + "op": "replace", + "path": "/approvers", + "value": [ + "2c91809f703bb37a017040a2fe8748c7", + "48b1f463c9e8427db5a5071bd81914b8" + ] + } + ] + } + } + }, + "responses": { + "200": { + "description": "A patched non-employee source object.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + { + "type": "object", + "properties": { + "approvers": { + "description": "List of approvers", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + }, + "accountManagers": { + "description": "List of account managers", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteNonEmployeeSource", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Delete Non-Employee Source", + "description": "This request will delete a non-employee source. Requires role context of `idn:nesr:delete`.", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "description": "Source Id", + "required": true, + "schema": { + "type": "string" + }, + "example": "e136567de87e4d029e60b3c3c55db56d" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-sources/{id}/non-employees/download": { + "get": { + "operationId": "exportNonEmployeeRecords", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Exports Non-Employee Records to CSV", + "description": "This requests a CSV download for all non-employees from a provided source. Requires role context of `idn:nesr:read`", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Source Id (UUID)", + "required": true, + "schema": { + "type": "string" + }, + "example": "e136567de87e4d029e60b3c3c55db56d" + } + ], + "responses": { + "200": { + "description": "Exported CSV", + "content": { + "text/csv": { + "example": "accountName,firstName,lastName,phone,email,manager,startDate,endDate\nJon.Smith, Jon, Smith, 555-555-5555, jon@jon.doe.nope.com, Jim Smith, 2020-04-05T08:00:00-10:00,2020-08-07T19:00:00-10:00\nWilliam.Chaffin, William, Chaffin, 555-555-5555, william@chaffins.nope.com, Bertram Chaffin, 2020-04-05T08:00:00-10:00,2020-08-07T19:00:00-10:00\n" + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-sources/{id}/non-employee-bulk-upload": { + "post": { + "operationId": "importNonEmployeeRecordsInBulk", + "security": [ + { + "UserContextAuth": [ + "idn:nelm:manage" + ] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Imports, or Updates, Non-Employee Records", + "description": "This post will import, or update, Non-Employee records found in the CSV. Requires role context of `idn:nesr:create`", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Source Id (UUID)", + "required": true, + "schema": { + "type": "string" + }, + "example": "e136567de87e4d029e60b3c3c55db56d" + } + ], + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "data": { + "type": "string", + "format": "binary" + } + }, + "required": [ + "data" + ] + } + } + } + }, + "responses": { + "202": { + "description": "The CSV was accepted to be bulk inserted now or at a later time.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The bulk upload job's ID. (UUID)", + "example": "2c91808568c529c60168cca6f90cffff" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source to bulk-upload non-employees to. (UUID)", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date-time the job was submitted.", + "example": "2019-08-23T18:52:59.162Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date-time that the job was last updated.", + "example": "2019-08-23T18:52:59.162Z" + }, + "status": { + "type": "string", + "enum": [ + "PENDING", + "IN_PROGRESS", + "COMPLETED", + "ERROR" + ], + "description": "Returns the following values indicating the progress or result of the bulk upload job.\n\"PENDING\" means the job is queued and waiting to be processed.\n\"IN_PROGRESS\" means the job is currently being processed.\n\"COMPLETED\" means the job has been completed without any errors.\n\"ERROR\" means the job failed to process with errors.\n", + "example": "PENDING" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.\nThe response body will contain the list of specific errors with one on each line.\n", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-sources/{id}/non-employee-bulk-upload/status": { + "get": { + "operationId": "getNonEmployeeBulkUploadStatus", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Obtain the status of bulk upload on the source", + "description": "The nonEmployeeBulkUploadStatus API returns the status of the newest bulk upload job for the specified source.\nRequires role context of `idn:nesr:read`\n", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Source ID (UUID)", + "required": true, + "schema": { + "type": "string" + }, + "example": "e136567de87e4d029e60b3c3c55db56d" + } + ], + "responses": { + "200": { + "description": "Status of the newest bulk-upload job, if any.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "PENDING", + "IN_PROGRESS", + "COMPLETED", + "ERROR" + ], + "description": "Returns the following values indicating the progress or result of the bulk upload job.\n\"PENDING\" means the job is queued and waiting to be processed.\n\"IN_PROGRESS\" means the job is currently being processed.\n\"COMPLETED\" means the job has been completed without any errors.\n\"ERROR\" means the job failed to process with errors.\nnull means job has been submitted to the source.\n", + "example": "PENDING" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-sources/{id}/schema-attributes-template/download": { + "get": { + "operationId": "exportNonEmployeeSourceSchemaTemplate", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Exports Source Schema Template", + "description": "This requests a download for the Source Schema Template for a provided source. Requires role context of `idn:nesr:read`", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Source Id (UUID)", + "required": true, + "example": "ef38f94347e94562b5bb8424a56397d8", + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Exported Source Schema Template", + "content": { + "text/csv": { + "example": "accountName,firstName,lastName,phone,email,manager,startDate,endDate\n" + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-approvals": { + "get": { + "operationId": "listNonEmployeeApprovals", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Get List of Non-Employee Approval Requests", + "description": "This gets a list of non-employee approval requests.\nThere are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:read`, in which case they\ncan list the approvals for any approver.\n 2. The user owns the requested approval.", + "parameters": [ + { + "in": "query", + "name": "requested-for", + "schema": { + "type": "string" + }, + "description": "The identity for whom the request was made. *me* indicates the current user.", + "required": false, + "example": "2c91808280430dfb0180431a59440460" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**approvalStatus**: *eq*", + "example": "approvalStatus eq \"Pending\"", + "required": false + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "required": false, + "example": "created" + } + ], + "responses": { + "200": { + "description": "List of approval items.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee approval item id", + "example": "2c1e388b-1e55-4b0a-ab5c-897f1204159c" + }, + "approver": { + "description": "Reference to the associated Identity", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + }, + "accountName": { + "type": "string", + "description": "Requested identity account name", + "example": "test.account" + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "approvalOrder": { + "type": "number", + "description": "Approval order", + "example": 1, + "format": "float" + }, + "comment": { + "type": "string", + "description": "comment of approver", + "example": "I approve" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + }, + { + "type": "object", + "properties": { + "nonEmployeeRequest": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee request id.", + "example": "ac110005-7156-1150-8171-5b292e3e0084" + }, + "requester": { + "example": { + "type": "IDENTITY", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "William Smith" + }, + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + } + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-approvals/{id}": { + "get": { + "operationId": "getNonEmployeeApproval", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Get a non-employee approval item detail", + "description": "Gets a non-employee approval item detail. There are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:read`, in which case they\ncan get any approval.\n 2. The user owns the requested approval.", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Non-Employee approval item id (UUID)", + "required": true, + "schema": { + "type": "string" + }, + "example": "e136567de87e4d029e60b3c3c55db56d" + }, + { + "in": "query", + "name": "include-detail", + "description": "The object nonEmployeeRequest will not be included detail when set to false. *Default value is true*", + "required": false, + "schema": { + "type": "boolean" + }, + "example": true + } + ], + "responses": { + "200": { + "description": "Non-Employee approval item object.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee approval item id", + "example": "2c1e388b-1e55-4b0a-ab5c-897f1204159c" + }, + "approver": { + "description": "Reference to the associated Identity", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + }, + "accountName": { + "type": "string", + "description": "Requested identity account name", + "example": "test.account" + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "approvalOrder": { + "type": "number", + "description": "Approval order", + "example": 1, + "format": "float" + }, + "comment": { + "type": "string", + "description": "comment of approver", + "example": "I approve" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + }, + { + "type": "object", + "properties": { + "nonEmployeeRequest": { + "description": "Non-Employee request associated to this approval", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee request id.", + "example": "ac110005-7156-1150-8171-5b292e3e0084" + }, + "requester": { + "example": { + "type": "IDENTITY", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "William Smith" + }, + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + } + }, + { + "type": "object", + "properties": { + "accountName": { + "type": "string", + "description": "Requested identity account name.", + "example": "william.smith" + }, + "firstName": { + "type": "string", + "description": "Non-Employee's first name.", + "example": "William" + }, + "lastName": { + "type": "string", + "description": "Non-Employee's last name.", + "example": "Smith" + }, + "email": { + "type": "string", + "description": "Non-Employee's email.", + "example": "william.smith@example.com" + }, + "phone": { + "type": "string", + "description": "Non-Employee's phone.", + "example": "5555555555" + }, + "manager": { + "type": "string", + "description": "The account ID of a valid identity to serve as this non-employee's manager.", + "example": "jane.doe" + }, + "nonEmployeeSource": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee source id.", + "example": "a0303682-5e4a-44f7-bdc2-6ce6112549c1" + }, + "sourceId": { + "type": "string", + "description": "Source Id associated with this non-employee source.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Source name associated with this non-employee source.", + "example": "Retail" + }, + "description": { + "type": "string", + "description": "Source description associated with this non-employee source.", + "example": "Source description" + } + } + }, + { + "type": "object", + "properties": { + "schemaAttributes": { + "description": "List of schema attributes associated with this non-employee source.", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "example": "ac110005-7156-1150-8171-5b292e3e0084", + "description": "Schema Attribute Id" + }, + "system": { + "type": "boolean", + "description": "True if this schema attribute is mandatory on all non-employees sources.", + "example": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was created.", + "example": "2019-08-23T18:40:35.772Z" + }, + "type": { + "type": "string", + "enum": [ + "TEXT", + "DATE", + "IDENTITY" + ], + "description": "Enum representing the type of data a schema attribute accepts.", + "example": "TEXT" + }, + "label": { + "type": "string", + "description": "Label displayed on the UI for this schema attribute.", + "example": "Account Name" + }, + "technicalName": { + "type": "string", + "description": "The technical name of the attribute. Must be unique per source.", + "example": "account.name" + }, + "helpText": { + "type": "string", + "description": "help text displayed by UI.", + "example": "The unique identifier for the account" + }, + "placeholder": { + "type": "string", + "description": "Hint text that fills UI box.", + "example": "Enter a unique user name for this account." + }, + "required": { + "type": "boolean", + "description": "If true, the schema attribute is required for all non-employees in the source", + "example": true + } + }, + "required": [ + "type", + "technicalName", + "label" + ] + } + } + } + } + ] + }, + "data": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Attribute blob/bag for a non-employee.", + "example": { + "description": "Auditing" + } + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "comment": { + "type": "string", + "description": "comment of requester", + "example": "approved" + }, + "completionDate": { + "type": "string", + "format": "date-time", + "description": "When the request was completely approved.", + "example": "2020-03-24T11:11:41.139-05:00" + }, + "startDate": { + "type": "string", + "format": "date", + "description": "Non-Employee employment start date.", + "example": "2020-03-24" + }, + "endDate": { + "type": "string", + "format": "date", + "description": "Non-Employee employment end date.", + "example": "2021-03-25" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2020-03-24T11:11:41.139-05:00" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2020-03-24T11:11:41.139-05:00" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-approvals/{id}/approve": { + "post": { + "operationId": "approveNonEmployeeRequest", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Approve a Non-Employee Request", + "description": "Approves a non-employee approval request and notifies the next approver. The current user must be the requested approver.", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Non-Employee approval item id (UUID)", + "required": true, + "schema": { + "type": "string" + }, + "example": "e136567de87e4d029e60b3c3c55db56d" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "Comment on the approval item.", + "maxLength": 4000, + "example": "Approved by manager" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Non-Employee approval item object.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee approval item id", + "example": "2c1e388b-1e55-4b0a-ab5c-897f1204159c" + }, + "approver": { + "description": "Reference to the associated Identity", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + }, + "accountName": { + "type": "string", + "description": "Requested identity account name", + "example": "test.account" + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "approvalOrder": { + "type": "number", + "description": "Approval order", + "example": 1, + "format": "float" + }, + "comment": { + "type": "string", + "description": "comment of approver", + "example": "I approve" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + }, + { + "type": "object", + "properties": { + "nonEmployeeRequest": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee request id.", + "example": "ac110005-7156-1150-8171-5b292e3e0084" + }, + "requester": { + "example": { + "type": "IDENTITY", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "William Smith" + }, + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + } + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-approvals/{id}/reject": { + "post": { + "operationId": "rejectNonEmployeeRequest", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Reject a Non-Employee Request", + "description": "This endpoint will reject an approval item request and notify user. The current user must be the requested approver.", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "Non-Employee approval item id (UUID)", + "required": true, + "schema": { + "type": "string" + }, + "example": "e136567de87e4d029e60b3c3c55db56d" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "Comment on the approval item.", + "maxLength": 4000, + "example": "approved" + } + }, + "required": [ + "comment" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Non-Employee approval item object.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee approval item id", + "example": "2c1e388b-1e55-4b0a-ab5c-897f1204159c" + }, + "approver": { + "description": "Reference to the associated Identity", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + }, + "accountName": { + "type": "string", + "description": "Requested identity account name", + "example": "test.account" + }, + "approvalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "REJECTED", + "PENDING", + "NOT_READY", + "CANCELLED" + ], + "description": "Enum representing the non-employee request approval status", + "example": "APPROVED" + }, + "approvalOrder": { + "type": "number", + "description": "Approval order", + "example": 1, + "format": "float" + }, + "comment": { + "type": "string", + "description": "comment of approver", + "example": "I approve" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the request was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the request was created.", + "example": "2019-08-23T18:40:35.772Z" + } + } + }, + { + "type": "object", + "properties": { + "nonEmployeeRequest": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "Non-Employee request id.", + "example": "ac110005-7156-1150-8171-5b292e3e0084" + }, + "requester": { + "example": { + "type": "IDENTITY", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "William Smith" + }, + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GOVERNANCE_GROUP", + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Identifies if the identity is a normal identity or a governance group" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "5168015d32f890ca15812c9180835d2e" + } + } + } + } + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-approvals/summary/{requested-for}": { + "get": { + "operationId": "getNonEmployeeApprovalSummary", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Get Summary of Non-Employee Approval Requests", + "description": "This request will retrieve a summary of non-employee approval requests. There are two contextual uses for the `requested-for` path parameter:\n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request a summary of all non-employee approval requests assigned to a particular approver by passing in that approver's id.\n 2. The current user is an approver, in which case \"me\" should be provided\nas the `requested-for` value. This will provide the approver with a summary of the approval items assigned to him or her.", + "parameters": [ + { + "in": "path", + "name": "requested-for", + "schema": { + "type": "string" + }, + "description": "The identity (UUID) of the approver for whom for whom the summary is being retrieved. Use \"me\" instead to indicate the current user.", + "required": true, + "example": "2c91808280430dfb0180431a59440460" + } + ], + "responses": { + "200": { + "description": "summary of non-employee approval requests", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "approved": { + "type": "integer", + "description": "The number of approved non-employee approval requests.", + "format": "int32", + "example": 2 + }, + "pending": { + "type": "integer", + "description": "The number of pending non-employee approval requests.", + "format": "int32", + "example": 2 + }, + "rejected": { + "type": "integer", + "description": "The number of rejected non-employee approval requests.", + "format": "int32", + "example": 2 + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-sources/{sourceId}/schema-attributes": { + "get": { + "operationId": "getNonEmployeeSourceSchemaAttributes", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "List Schema Attributes Non-Employee Source", + "description": "This API gets the list of schema attributes for the specified Non-Employee SourceId. There are 8 mandatory attributes added to each new Non-Employee Source automatically. Additionaly, user can add up to 10 custom attributes. This interface returns all the mandatory attributes followed by any custom attributes. At most, a total of 18 attributes will be returned.\nRequires role context of `idn:nesr:read` or the user must be an account manager of the source.", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "example": "ef38f94347e94562b5bb8424a56397d8", + "description": "The Source id" + } + ], + "responses": { + "200": { + "description": "A list of Schema Attributes", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "example": "ac110005-7156-1150-8171-5b292e3e0084", + "description": "Schema Attribute Id" + }, + "system": { + "type": "boolean", + "description": "True if this schema attribute is mandatory on all non-employees sources.", + "example": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was created.", + "example": "2019-08-23T18:40:35.772Z" + }, + "type": { + "type": "string", + "enum": [ + "TEXT", + "DATE", + "IDENTITY" + ], + "description": "Enum representing the type of data a schema attribute accepts.", + "example": "TEXT" + }, + "label": { + "type": "string", + "description": "Label displayed on the UI for this schema attribute.", + "example": "Account Name" + }, + "technicalName": { + "type": "string", + "description": "The technical name of the attribute. Must be unique per source.", + "example": "account.name" + }, + "helpText": { + "type": "string", + "description": "help text displayed by UI.", + "example": "The unique identifier for the account" + }, + "placeholder": { + "type": "string", + "description": "Hint text that fills UI box.", + "example": "Enter a unique user name for this account." + }, + "required": { + "type": "boolean", + "description": "If true, the schema attribute is required for all non-employees in the source", + "example": true + } + }, + "required": [ + "type", + "technicalName", + "label" + ] + }, + "maxItems": 18 + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createNonEmployeeSourceSchemaAttributes", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Create a new Schema Attribute for Non-Employee Source", + "description": "This API creates a new schema attribute for Non-Employee Source. The schema technical name must be unique in the source. Attempts to create a schema attribute with an existing name will result in a \"400.1.409 Reference conflict\" response. At most, 10 custom attributes can be created per schema. Attempts to create more than 10 will result in a \"400.1.4 Limit violation\" response.\nRequires role context of `idn:nesr:create`", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Source id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Type of the attribute. Only type 'TEXT' is supported for custom attributes.", + "example": "TEXT" + }, + "label": { + "type": "string", + "description": "Label displayed on the UI for this schema attribute.", + "example": "Account Name" + }, + "technicalName": { + "type": "string", + "description": "The technical name of the attribute. Must be unique per source.", + "example": "account.name" + }, + "helpText": { + "type": "string", + "description": "help text displayed by UI.", + "example": "The unique identifier for the account" + }, + "placeholder": { + "type": "string", + "description": "Hint text that fills UI box.", + "example": "Enter a unique user name for this account." + }, + "required": { + "type": "boolean", + "description": "If true, the schema attribute is required for all non-employees in the source", + "example": true + } + }, + "required": [ + "type", + "technicalName", + "label" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Schema Attribute created.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "example": "ac110005-7156-1150-8171-5b292e3e0084", + "description": "Schema Attribute Id" + }, + "system": { + "type": "boolean", + "description": "True if this schema attribute is mandatory on all non-employees sources.", + "example": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was created.", + "example": "2019-08-23T18:40:35.772Z" + }, + "type": { + "type": "string", + "enum": [ + "TEXT", + "DATE", + "IDENTITY" + ], + "description": "Enum representing the type of data a schema attribute accepts.", + "example": "TEXT" + }, + "label": { + "type": "string", + "description": "Label displayed on the UI for this schema attribute.", + "example": "Account Name" + }, + "technicalName": { + "type": "string", + "description": "The technical name of the attribute. Must be unique per source.", + "example": "account.name" + }, + "helpText": { + "type": "string", + "description": "help text displayed by UI.", + "example": "The unique identifier for the account" + }, + "placeholder": { + "type": "string", + "description": "Hint text that fills UI box.", + "example": "Enter a unique user name for this account." + }, + "required": { + "type": "boolean", + "description": "If true, the schema attribute is required for all non-employees in the source", + "example": true + } + }, + "required": [ + "type", + "technicalName", + "label" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteNonEmployeeSourceSchemaAttributes", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Delete all custom schema attributes for Non-Employee Source", + "description": "This end-point deletes all custom schema attributes for a non-employee source. Requires role context of `idn:nesr:delete`", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Source id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "204": { + "description": "All custon Schema Attributes were successfully deleted." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/non-employee-sources/{sourceId}/schema-attributes/{attributeId}": { + "get": { + "operationId": "getNonEmployeeSchemaAttribute", + "security": [ + { + "UserContextAuth": [] + } + ], + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Get Schema Attribute Non-Employee Source", + "description": "This API gets a schema attribute by Id for the specified Non-Employee SourceId. Requires role context of `idn:nesr:read` or the user must be an account manager of the source.", + "parameters": [ + { + "in": "path", + "name": "attributeId", + "schema": { + "type": "string" + }, + "required": true, + "example": "ef38f94347e94562b5bb8424a56397d8", + "description": "The Schema Attribute Id (UUID)" + }, + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "example": "ef38f94347e94562b5bb8424a56397d8", + "description": "The Source id" + } + ], + "responses": { + "200": { + "description": "The Schema Attribute", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "example": "ac110005-7156-1150-8171-5b292e3e0084", + "description": "Schema Attribute Id" + }, + "system": { + "type": "boolean", + "description": "True if this schema attribute is mandatory on all non-employees sources.", + "example": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was created.", + "example": "2019-08-23T18:40:35.772Z" + }, + "type": { + "type": "string", + "enum": [ + "TEXT", + "DATE", + "IDENTITY" + ], + "description": "Enum representing the type of data a schema attribute accepts.", + "example": "TEXT" + }, + "label": { + "type": "string", + "description": "Label displayed on the UI for this schema attribute.", + "example": "Account Name" + }, + "technicalName": { + "type": "string", + "description": "The technical name of the attribute. Must be unique per source.", + "example": "account.name" + }, + "helpText": { + "type": "string", + "description": "help text displayed by UI.", + "example": "The unique identifier for the account" + }, + "placeholder": { + "type": "string", + "description": "Hint text that fills UI box.", + "example": "Enter a unique user name for this account." + }, + "required": { + "type": "boolean", + "description": "If true, the schema attribute is required for all non-employees in the source", + "example": true + } + }, + "required": [ + "type", + "technicalName", + "label" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchNonEmployeeSchemaAttribute", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Patch a Schema Attribute for Non-Employee Source", + "description": "This end-point patches a specific schema attribute for a non-employee SourceId.\nRequires role context of `idn:nesr:update`\n", + "parameters": [ + { + "in": "path", + "name": "attributeId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Schema Attribute Id (UUID)", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Source id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "description": "A list of schema attribute update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following properties are allowed for update ':' 'label', 'helpText', 'placeholder', 'required'.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/label", + "value": { + "new attribute label": null + } + } + ] + } + }, + "required": true + }, + "responses": { + "200": { + "description": "The Schema Attribute was successfully patched.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "example": "ac110005-7156-1150-8171-5b292e3e0084", + "description": "Schema Attribute Id" + }, + "system": { + "type": "boolean", + "description": "True if this schema attribute is mandatory on all non-employees sources.", + "example": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was last modified.", + "example": "2019-08-23T18:52:59.162Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "When the schema attribute was created.", + "example": "2019-08-23T18:40:35.772Z" + }, + "type": { + "type": "string", + "enum": [ + "TEXT", + "DATE", + "IDENTITY" + ], + "description": "Enum representing the type of data a schema attribute accepts.", + "example": "TEXT" + }, + "label": { + "type": "string", + "description": "Label displayed on the UI for this schema attribute.", + "example": "Account Name" + }, + "technicalName": { + "type": "string", + "description": "The technical name of the attribute. Must be unique per source.", + "example": "account.name" + }, + "helpText": { + "type": "string", + "description": "help text displayed by UI.", + "example": "The unique identifier for the account" + }, + "placeholder": { + "type": "string", + "description": "Hint text that fills UI box.", + "example": "Enter a unique user name for this account." + }, + "required": { + "type": "boolean", + "description": "If true, the schema attribute is required for all non-employees in the source", + "example": true + } + }, + "required": [ + "type", + "technicalName", + "label" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteNonEmployeeSchemaAttribute", + "tags": [ + "Non-Employee Lifecycle Management" + ], + "summary": "Delete a Schema Attribute for Non-Employee Source", + "description": "This end-point deletes a specific schema attribute for a non-employee source.\nRequires role context of `idn:nesr:delete`\n", + "parameters": [ + { + "in": "path", + "name": "attributeId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Schema Attribute Id (UUID)", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Source id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "204": { + "description": "The Schema Attribute was successfully deleted." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/oauth-clients": { + "get": { + "operationId": "listOauthClients", + "security": [ + { + "UserContextAuth": [ + "sp:oauth-client:manage" + ] + } + ], + "tags": [ + "OAuth Clients" + ], + "summary": "List OAuth Clients", + "description": "This gets a list of OAuth clients.", + "parameters": [ + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "example": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "responses": { + "200": { + "description": "List of OAuth clients.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the OAuth client", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "businessName": { + "type": "string", + "nullable": true, + "description": "The name of the business the API Client should belong to", + "example": "Acme-Solar" + }, + "homepageUrl": { + "type": "string", + "nullable": true, + "description": "The homepage URL associated with the owner of the API Client", + "example": "http://localhost:12345" + }, + "name": { + "type": "string", + "description": "A human-readable name for the API Client", + "example": "Demo API Client" + }, + "description": { + "type": "string", + "nullable": true, + "description": "A description of the API Client", + "example": "An API client used for the authorization_code, refresh_token, and client_credentials flows" + }, + "accessTokenValiditySeconds": { + "type": "integer", + "format": "int32", + "description": "The number of seconds an access token generated for this API Client is valid for", + "example": 750 + }, + "refreshTokenValiditySeconds": { + "type": "integer", + "format": "int32", + "description": "The number of seconds a refresh token generated for this API Client is valid for", + "example": 86400 + }, + "redirectUris": { + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "description": "A list of the approved redirect URIs used with the authorization_code flow", + "example": [ + "http://localhost:12345" + ] + }, + "grantTypes": { + "type": "array", + "items": { + "description": "OAuth2 Grant Type", + "type": "string", + "example": "CLIENT_CREDENTIALS", + "enum": [ + "CLIENT_CREDENTIALS", + "AUTHORIZATION_CODE", + "REFRESH_TOKEN" + ] + }, + "description": "A list of OAuth 2.0 grant types this API Client can be used with", + "example": [ + "AUTHORIZATION_CODE", + "CLIENT_CREDENTIALS", + "REFRESH_TOKEN" + ] + }, + "accessType": { + "description": "The access type (online or offline) of this API Client", + "example": "OFFLINE", + "type": "string", + "enum": [ + "ONLINE", + "OFFLINE" + ] + }, + "type": { + "description": "The type of the API Client (public or confidential)", + "example": "CONFIDENTIAL", + "type": "string", + "enum": [ + "CONFIDENTIAL", + "PUBLIC" + ] + }, + "internal": { + "type": "boolean", + "description": "An indicator of whether the API Client can be used for requests internal to IDN", + "example": false + }, + "enabled": { + "type": "boolean", + "description": "An indicator of whether the API Client is enabled for use", + "example": true + }, + "strongAuthSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports strong authentication", + "example": false + }, + "claimsSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow", + "example": false + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when the API Client was created", + "example": "2017-07-11T18:45:37.098Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when the API Client was last updated", + "example": "2018-06-25T20:22:28.104Z" + }, + "secret": { + "type": "string", + "nullable": true + }, + "metadata": { + "type": "string", + "nullable": true + }, + "lastUsed": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "The date and time, down to the millisecond, when this API Client was last used to generate an access token. This timestamp does not get updated on every API Client usage, but only once a day. This property can be useful for identifying which API Clients are no longer actively used and can be removed.", + "example": "2017-07-11T18:45:37.098Z" + }, + "scope": { + "type": "array", + "nullable": true, + "items": { + "type": "string", + "default": "sp:scopes:all" + }, + "description": "Scopes of the API Client.", + "example": [ + "demo:api-client-scope:first", + "demo:api-client-scope:second" + ] + } + }, + "required": [ + "id", + "businessName", + "homepageUrl", + "name", + "description", + "accessTokenValiditySeconds", + "refreshTokenValiditySeconds", + "redirectUris", + "grantTypes", + "accessType", + "type", + "internal", + "enabled", + "strongAuthSupported", + "claimsSupported", + "created", + "modified", + "scope" + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createOauthClient", + "security": [ + { + "UserContextAuth": [ + "sp:oauth-client:manage" + ] + } + ], + "tags": [ + "OAuth Clients" + ], + "summary": "Create OAuth Client", + "description": "This creates an OAuth client.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "businessName": { + "type": "string", + "nullable": true, + "description": "The name of the business the API Client should belong to", + "example": "Acme-Solar" + }, + "homepageUrl": { + "type": "string", + "nullable": true, + "description": "The homepage URL associated with the owner of the API Client", + "example": "http://localhost:12345" + }, + "name": { + "type": "string", + "nullable": true, + "description": "A human-readable name for the API Client", + "example": "Demo API Client" + }, + "description": { + "type": "string", + "nullable": true, + "description": "A description of the API Client", + "example": "An API client used for the authorization_code, refresh_token, and client_credentials flows" + }, + "accessTokenValiditySeconds": { + "description": "The number of seconds an access token generated for this API Client is valid for", + "type": "integer", + "format": "int32", + "example": 750 + }, + "refreshTokenValiditySeconds": { + "description": "The number of seconds a refresh token generated for this API Client is valid for", + "example": 86400, + "type": "integer", + "format": "int32" + }, + "redirectUris": { + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "description": "A list of the approved redirect URIs. Provide one or more URIs when assigning the AUTHORIZATION_CODE grant type to a new OAuth Client.", + "example": [ + "http://localhost:12345" + ] + }, + "grantTypes": { + "type": "array", + "nullable": true, + "items": { + "description": "OAuth2 Grant Type", + "type": "string", + "example": "CLIENT_CREDENTIALS", + "enum": [ + "CLIENT_CREDENTIALS", + "AUTHORIZATION_CODE", + "REFRESH_TOKEN" + ] + }, + "description": "A list of OAuth 2.0 grant types this API Client can be used with", + "example": [ + "AUTHORIZATION_CODE", + "CLIENT_CREDENTIALS", + "REFRESH_TOKEN" + ] + }, + "accessType": { + "description": "The access type (online or offline) of this API Client", + "example": "OFFLINE", + "type": "string", + "enum": [ + "ONLINE", + "OFFLINE" + ] + }, + "type": { + "description": "The type of the API Client (public or confidential)", + "example": "CONFIDENTIAL", + "type": "string", + "enum": [ + "CONFIDENTIAL", + "PUBLIC" + ] + }, + "internal": { + "type": "boolean", + "description": "An indicator of whether the API Client can be used for requests internal within the product.", + "example": false + }, + "enabled": { + "type": "boolean", + "description": "An indicator of whether the API Client is enabled for use", + "example": true + }, + "strongAuthSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports strong authentication", + "example": false + }, + "claimsSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow", + "example": false + }, + "scope": { + "type": "array", + "nullable": true, + "items": { + "type": "string", + "default": "sp:scopes:all" + }, + "description": "Scopes of the API Client. If no scope is specified, the client will be created with the default scope \"sp:scopes:all\". This means the API Client will have all the rights of the owner who created it.", + "example": [ + "demo:api-client-scope:first", + "demo:api-client-scope:second" + ] + } + }, + "required": [ + "name", + "description", + "accessTokenValiditySeconds", + "grantTypes", + "accessType", + "enabled" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Request succeeded.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the OAuth client", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "secret": { + "type": "string", + "description": "Secret of the OAuth client (This field is only returned on the intial create call.)", + "example": "5c32dd9b21adb51c77794d46e71de117a1d0ddb36a7ff941fa28014ab7de2cf3" + }, + "businessName": { + "type": "string", + "description": "The name of the business the API Client should belong to", + "example": "Acme-Solar" + }, + "homepageUrl": { + "type": "string", + "description": "The homepage URL associated with the owner of the API Client", + "example": "http://localhost:12345" + }, + "name": { + "type": "string", + "description": "A human-readable name for the API Client", + "example": "Demo API Client" + }, + "description": { + "type": "string", + "description": "A description of the API Client", + "example": "An API client used for the authorization_code, refresh_token, and client_credentials flows" + }, + "accessTokenValiditySeconds": { + "description": "The number of seconds an access token generated for this API Client is valid for", + "example": 750, + "type": "integer", + "format": "int32" + }, + "refreshTokenValiditySeconds": { + "description": "The number of seconds a refresh token generated for this API Client is valid for", + "example": 86400, + "type": "integer", + "format": "int32" + }, + "redirectUris": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the approved redirect URIs used with the authorization_code flow", + "example": [ + "http://localhost:12345" + ] + }, + "grantTypes": { + "type": "array", + "items": { + "description": "OAuth2 Grant Type", + "type": "string", + "example": "CLIENT_CREDENTIALS", + "enum": [ + "CLIENT_CREDENTIALS", + "AUTHORIZATION_CODE", + "REFRESH_TOKEN" + ] + }, + "description": "A list of OAuth 2.0 grant types this API Client can be used with", + "example": [ + "AUTHORIZATION_CODE", + "CLIENT_CREDENTIALS", + "REFRESH_TOKEN" + ] + }, + "accessType": { + "description": "The access type (online or offline) of this API Client", + "example": "OFFLINE", + "type": "string", + "enum": [ + "ONLINE", + "OFFLINE" + ] + }, + "type": { + "description": "The type of the API Client (public or confidential)", + "example": "CONFIDENTIAL", + "type": "string", + "enum": [ + "CONFIDENTIAL", + "PUBLIC" + ] + }, + "internal": { + "type": "boolean", + "description": "An indicator of whether the API Client can be used for requests internal to IDN", + "example": false + }, + "enabled": { + "type": "boolean", + "description": "An indicator of whether the API Client is enabled for use", + "example": true + }, + "strongAuthSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports strong authentication", + "example": false + }, + "claimsSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow", + "example": false + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when the API Client was created", + "example": "2017-07-11T18:45:37.098Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when the API Client was last updated", + "example": "2018-06-25T20:22:28.104Z" + }, + "scope": { + "type": "array", + "nullable": true, + "items": { + "type": "string", + "default": "sp:scopes:all" + }, + "description": "Scopes of the API Client.", + "example": [ + "demo:api-client-scope:first", + "demo:api-client-scope:second" + ] + } + }, + "required": [ + "id", + "secret", + "businessName", + "homepageUrl", + "name", + "description", + "accessTokenValiditySeconds", + "refreshTokenValiditySeconds", + "redirectUris", + "grantTypes", + "accessType", + "type", + "internal", + "enabled", + "strongAuthSupported", + "claimsSupported", + "created", + "modified", + "scope" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/oauth-clients/{id}": { + "get": { + "operationId": "getOauthClient", + "security": [ + { + "UserContextAuth": [ + "sp:oauth-client:manage", + "sp:oauth-client:read" + ] + } + ], + "tags": [ + "OAuth Clients" + ], + "summary": "Get OAuth Client", + "description": "This gets details of an OAuth client.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The OAuth client id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "Request succeeded.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the OAuth client", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "businessName": { + "type": "string", + "nullable": true, + "description": "The name of the business the API Client should belong to", + "example": "Acme-Solar" + }, + "homepageUrl": { + "type": "string", + "nullable": true, + "description": "The homepage URL associated with the owner of the API Client", + "example": "http://localhost:12345" + }, + "name": { + "type": "string", + "description": "A human-readable name for the API Client", + "example": "Demo API Client" + }, + "description": { + "type": "string", + "nullable": true, + "description": "A description of the API Client", + "example": "An API client used for the authorization_code, refresh_token, and client_credentials flows" + }, + "accessTokenValiditySeconds": { + "type": "integer", + "format": "int32", + "description": "The number of seconds an access token generated for this API Client is valid for", + "example": 750 + }, + "refreshTokenValiditySeconds": { + "type": "integer", + "format": "int32", + "description": "The number of seconds a refresh token generated for this API Client is valid for", + "example": 86400 + }, + "redirectUris": { + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "description": "A list of the approved redirect URIs used with the authorization_code flow", + "example": [ + "http://localhost:12345" + ] + }, + "grantTypes": { + "type": "array", + "items": { + "description": "OAuth2 Grant Type", + "type": "string", + "example": "CLIENT_CREDENTIALS", + "enum": [ + "CLIENT_CREDENTIALS", + "AUTHORIZATION_CODE", + "REFRESH_TOKEN" + ] + }, + "description": "A list of OAuth 2.0 grant types this API Client can be used with", + "example": [ + "AUTHORIZATION_CODE", + "CLIENT_CREDENTIALS", + "REFRESH_TOKEN" + ] + }, + "accessType": { + "description": "The access type (online or offline) of this API Client", + "example": "OFFLINE", + "type": "string", + "enum": [ + "ONLINE", + "OFFLINE" + ] + }, + "type": { + "description": "The type of the API Client (public or confidential)", + "example": "CONFIDENTIAL", + "type": "string", + "enum": [ + "CONFIDENTIAL", + "PUBLIC" + ] + }, + "internal": { + "type": "boolean", + "description": "An indicator of whether the API Client can be used for requests internal to IDN", + "example": false + }, + "enabled": { + "type": "boolean", + "description": "An indicator of whether the API Client is enabled for use", + "example": true + }, + "strongAuthSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports strong authentication", + "example": false + }, + "claimsSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow", + "example": false + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when the API Client was created", + "example": "2017-07-11T18:45:37.098Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when the API Client was last updated", + "example": "2018-06-25T20:22:28.104Z" + }, + "secret": { + "type": "string", + "nullable": true + }, + "metadata": { + "type": "string", + "nullable": true + }, + "lastUsed": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "The date and time, down to the millisecond, when this API Client was last used to generate an access token. This timestamp does not get updated on every API Client usage, but only once a day. This property can be useful for identifying which API Clients are no longer actively used and can be removed.", + "example": "2017-07-11T18:45:37.098Z" + }, + "scope": { + "type": "array", + "nullable": true, + "items": { + "type": "string", + "default": "sp:scopes:all" + }, + "description": "Scopes of the API Client.", + "example": [ + "demo:api-client-scope:first", + "demo:api-client-scope:second" + ] + } + }, + "required": [ + "id", + "businessName", + "homepageUrl", + "name", + "description", + "accessTokenValiditySeconds", + "refreshTokenValiditySeconds", + "redirectUris", + "grantTypes", + "accessType", + "type", + "internal", + "enabled", + "strongAuthSupported", + "claimsSupported", + "created", + "modified", + "scope" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteOauthClient", + "security": [ + { + "UserContextAuth": [ + "sp:oauth-client:manage" + ] + } + ], + "tags": [ + "OAuth Clients" + ], + "summary": "Delete OAuth Client", + "description": "This deletes an OAuth client.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The OAuth client id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "204": { + "description": "No content." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchOauthClient", + "security": [ + { + "UserContextAuth": [ + "sp:oauth-client:manage" + ] + } + ], + "tags": [ + "OAuth Clients" + ], + "summary": "Patch OAuth Client", + "description": "This performs a targeted update to the field(s) of an OAuth client.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The OAuth client id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "description": "A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nThe following fields are patchable:\n* tenant\n* businessName\n* homepageUrl\n* name\n* description\n* accessTokenValiditySeconds\n* refreshTokenValiditySeconds\n* redirectUris\n* grantTypes\n* accessType\n* enabled\n* strongAuthSupported\n* claimsSupported\n", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/strongAuthSupported", + "value": true + }, + { + "op": "replace", + "path": "/businessName", + "value": "acme-solar" + } + ] + } + } + }, + "responses": { + "200": { + "description": "Indicates the PATCH operation succeeded, and returns the OAuth client's new representation.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the OAuth client", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "businessName": { + "type": "string", + "nullable": true, + "description": "The name of the business the API Client should belong to", + "example": "Acme-Solar" + }, + "homepageUrl": { + "type": "string", + "nullable": true, + "description": "The homepage URL associated with the owner of the API Client", + "example": "http://localhost:12345" + }, + "name": { + "type": "string", + "description": "A human-readable name for the API Client", + "example": "Demo API Client" + }, + "description": { + "type": "string", + "nullable": true, + "description": "A description of the API Client", + "example": "An API client used for the authorization_code, refresh_token, and client_credentials flows" + }, + "accessTokenValiditySeconds": { + "type": "integer", + "format": "int32", + "description": "The number of seconds an access token generated for this API Client is valid for", + "example": 750 + }, + "refreshTokenValiditySeconds": { + "type": "integer", + "format": "int32", + "description": "The number of seconds a refresh token generated for this API Client is valid for", + "example": 86400 + }, + "redirectUris": { + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "description": "A list of the approved redirect URIs used with the authorization_code flow", + "example": [ + "http://localhost:12345" + ] + }, + "grantTypes": { + "type": "array", + "items": { + "description": "OAuth2 Grant Type", + "type": "string", + "example": "CLIENT_CREDENTIALS", + "enum": [ + "CLIENT_CREDENTIALS", + "AUTHORIZATION_CODE", + "REFRESH_TOKEN" + ] + }, + "description": "A list of OAuth 2.0 grant types this API Client can be used with", + "example": [ + "AUTHORIZATION_CODE", + "CLIENT_CREDENTIALS", + "REFRESH_TOKEN" + ] + }, + "accessType": { + "description": "The access type (online or offline) of this API Client", + "example": "OFFLINE", + "type": "string", + "enum": [ + "ONLINE", + "OFFLINE" + ] + }, + "type": { + "description": "The type of the API Client (public or confidential)", + "example": "CONFIDENTIAL", + "type": "string", + "enum": [ + "CONFIDENTIAL", + "PUBLIC" + ] + }, + "internal": { + "type": "boolean", + "description": "An indicator of whether the API Client can be used for requests internal to IDN", + "example": false + }, + "enabled": { + "type": "boolean", + "description": "An indicator of whether the API Client is enabled for use", + "example": true + }, + "strongAuthSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports strong authentication", + "example": false + }, + "claimsSupported": { + "type": "boolean", + "description": "An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow", + "example": false + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when the API Client was created", + "example": "2017-07-11T18:45:37.098Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when the API Client was last updated", + "example": "2018-06-25T20:22:28.104Z" + }, + "secret": { + "type": "string", + "nullable": true + }, + "metadata": { + "type": "string", + "nullable": true + }, + "lastUsed": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "The date and time, down to the millisecond, when this API Client was last used to generate an access token. This timestamp does not get updated on every API Client usage, but only once a day. This property can be useful for identifying which API Clients are no longer actively used and can be removed.", + "example": "2017-07-11T18:45:37.098Z" + }, + "scope": { + "type": "array", + "nullable": true, + "items": { + "type": "string", + "default": "sp:scopes:all" + }, + "description": "Scopes of the API Client.", + "example": [ + "demo:api-client-scope:first", + "demo:api-client-scope:second" + ] + } + }, + "required": [ + "id", + "businessName", + "homepageUrl", + "name", + "description", + "accessTokenValiditySeconds", + "refreshTokenValiditySeconds", + "redirectUris", + "grantTypes", + "accessType", + "type", + "internal", + "enabled", + "strongAuthSupported", + "claimsSupported", + "created", + "modified", + "scope" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/password-sync-groups": { + "get": { + "operationId": "getPasswordSyncGroups", + "tags": [ + "Password Sync Groups" + ], + "summary": "Get Password Sync Group List", + "description": "This API returns a list of password sync groups. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:password-sync-group-management:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + } + ], + "responses": { + "200": { + "description": "A list of password sync groups.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the sync group", + "example": "6881f631-3bd5-4213-9c75-8e05cc3e35dd" + }, + "name": { + "description": "Name of the sync group", + "type": "string", + "example": "Password Sync Group 1" + }, + "passwordPolicyId": { + "type": "string", + "description": "ID of the password policy", + "example": "2c91808d744ba0ce01746f93b6204501" + }, + "sourceIds": { + "type": "array", + "description": "List of password managed sources IDs", + "items": { + "type": "string" + }, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + }, + "created": { + "type": "string", + "description": "The date and time this sync group was created", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + }, + "modified": { + "type": "string", + "description": "The date and time this sync group was last modified", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createPasswordSyncGroup", + "tags": [ + "Password Sync Groups" + ], + "summary": "Create Password Sync Group", + "description": "This API creates a password sync group based on the specifications provided. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:password-sync-group-management:write" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the sync group", + "example": "6881f631-3bd5-4213-9c75-8e05cc3e35dd" + }, + "name": { + "description": "Name of the sync group", + "type": "string", + "example": "Password Sync Group 1" + }, + "passwordPolicyId": { + "type": "string", + "description": "ID of the password policy", + "example": "2c91808d744ba0ce01746f93b6204501" + }, + "sourceIds": { + "type": "array", + "description": "List of password managed sources IDs", + "items": { + "type": "string" + }, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + }, + "created": { + "type": "string", + "description": "The date and time this sync group was created", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + }, + "modified": { + "type": "string", + "description": "The date and time this sync group was last modified", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + } + } + }, + "example": { + "name": "Password Sync Group 2", + "passwordPolicyId": "2c91808d744ba0ce01746f93b6204501", + "sourceIds": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Reference to the password sync group.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the sync group", + "example": "6881f631-3bd5-4213-9c75-8e05cc3e35dd" + }, + "name": { + "description": "Name of the sync group", + "type": "string", + "example": "Password Sync Group 1" + }, + "passwordPolicyId": { + "type": "string", + "description": "ID of the password policy", + "example": "2c91808d744ba0ce01746f93b6204501" + }, + "sourceIds": { + "type": "array", + "description": "List of password managed sources IDs", + "items": { + "type": "string" + }, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + }, + "created": { + "type": "string", + "description": "The date and time this sync group was created", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + }, + "modified": { + "type": "string", + "description": "The date and time this sync group was last modified", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + } + } + }, + "example": { + "id": "6881f631-3bd5-4213-9c75-8e05cc3e35dd", + "name": "Password Sync Group 2", + "passwordPolicyId": "2c91808d744ba0ce01746f93b6204501", + "sourceIds": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/password-sync-groups/{id}": { + "get": { + "operationId": "getPasswordSyncGroup", + "tags": [ + "Password Sync Groups" + ], + "summary": "Get Password Sync Group by ID", + "description": "This API returns the sync group for the specified ID. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:password-sync-group-management:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of password sync group to retrieve.", + "example": "6881f631-3bd5-4213-9c75-8e05cc3e35dd" + } + ], + "responses": { + "200": { + "description": "Reference to the password sync group.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the sync group", + "example": "6881f631-3bd5-4213-9c75-8e05cc3e35dd" + }, + "name": { + "description": "Name of the sync group", + "type": "string", + "example": "Password Sync Group 1" + }, + "passwordPolicyId": { + "type": "string", + "description": "ID of the password policy", + "example": "2c91808d744ba0ce01746f93b6204501" + }, + "sourceIds": { + "type": "array", + "description": "List of password managed sources IDs", + "items": { + "type": "string" + }, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + }, + "created": { + "type": "string", + "description": "The date and time this sync group was created", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + }, + "modified": { + "type": "string", + "description": "The date and time this sync group was last modified", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + } + } + }, + "example": { + "id": "6881f631-3bd5-4213-9c75-8e05cc3e35dd", + "name": "Password Sync Group 1", + "passwordPolicyId": "2c91808d744ba0ce01746f93b6204501", + "sourceIds": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "updatePasswordSyncGroup", + "tags": [ + "Password Sync Groups" + ], + "summary": "Update Password Sync Group by ID", + "description": "This API updates the specified password sync group. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:password-sync-group-management:write" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of password sync group to update.", + "example": "6881f631-3bd5-4213-9c75-8e05cc3e35dd" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the sync group", + "example": "6881f631-3bd5-4213-9c75-8e05cc3e35dd" + }, + "name": { + "description": "Name of the sync group", + "type": "string", + "example": "Password Sync Group 1" + }, + "passwordPolicyId": { + "type": "string", + "description": "ID of the password policy", + "example": "2c91808d744ba0ce01746f93b6204501" + }, + "sourceIds": { + "type": "array", + "description": "List of password managed sources IDs", + "items": { + "type": "string" + }, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + }, + "created": { + "type": "string", + "description": "The date and time this sync group was created", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + }, + "modified": { + "type": "string", + "description": "The date and time this sync group was last modified", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + } + } + }, + "example": { + "id": "6881f631-3bd5-4213-9c75-8e05cc3e35dd", + "name": "Password Sync Group 2", + "passwordPolicyId": "2c91808d744ba0ce01746f93b6204501", + "sourceIds": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Reference to the password sync group.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the sync group", + "example": "6881f631-3bd5-4213-9c75-8e05cc3e35dd" + }, + "name": { + "description": "Name of the sync group", + "type": "string", + "example": "Password Sync Group 1" + }, + "passwordPolicyId": { + "type": "string", + "description": "ID of the password policy", + "example": "2c91808d744ba0ce01746f93b6204501" + }, + "sourceIds": { + "type": "array", + "description": "List of password managed sources IDs", + "items": { + "type": "string" + }, + "example": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + }, + "created": { + "type": "string", + "description": "The date and time this sync group was created", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + }, + "modified": { + "type": "string", + "description": "The date and time this sync group was last modified", + "format": "date-time", + "example": "2023-03-16T04:00:00Z", + "nullable": true + } + } + }, + "example": { + "id": "6881f631-3bd5-4213-9c75-8e05cc3e35dd", + "name": "Password Sync Group 2", + "passwordPolicyId": "2c91808d744ba0ce01746f93b6204501", + "sourceIds": [ + "2c918084660f45d6016617daa9210584", + "2c918084660f45d6016617daa9210500" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deletePasswordSyncGroup", + "tags": [ + "Password Sync Groups" + ], + "summary": "Delete Password Sync Group by ID", + "description": "This API deletes the specified password sync group. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:password-sync-group-management:write" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of password sync group to delete.", + "example": "6881f631-3bd5-4213-9c75-8e05cc3e35dd" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/password-policies/{id}": { + "get": { + "operationId": "getPasswordPolicyById", + "tags": [ + "Password Policies" + ], + "summary": "Get Password Policy by ID", + "description": "This API returns the password policy for the specified ID. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:password-policy:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of password policy to retrieve.", + "example": "ff808081838d9e9d01838da6a03e0005" + } + ], + "responses": { + "200": { + "description": "Reference to the password policy.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The password policy Id.", + "example": "2c91808e7d976f3b017d9f5ceae440c8" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Description for current password policy.", + "example": "Information about the Password Policy" + }, + "name": { + "type": "string", + "description": "The name of the password policy.", + "example": "PasswordPolicy Example" + }, + "dateCreated": { + "type": "string", + "format": "date-time", + "description": "Date the Password Policy was created.", + "example": 1639056206564 + }, + "lastUpdated": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "Date the Password Policy was updated.", + "example": 1939056206564 + }, + "firstExpirationReminder": { + "type": "integer", + "format": "int64", + "description": "The number of days before expiration remaninder.", + "example": 45 + }, + "accountIdMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account Id. By default is equals to -1.", + "example": 4 + }, + "accountNameMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account name. By default is equals to -1.", + "example": 6 + }, + "minAlpha": { + "type": "integer", + "format": "int64", + "description": "Maximum alpha. By default is equals to 0.", + "example": 5 + }, + "minCharacterTypes": { + "type": "integer", + "format": "int64", + "description": "MinCharacterTypes. By default is equals to -1.", + "example": 5 + }, + "maxLength": { + "type": "integer", + "format": "int64", + "description": "Maximum length of the password.", + "example": 25 + }, + "minLength": { + "type": "integer", + "format": "int64", + "description": "Minimum length of the password. By default is equals to 0.", + "example": 8 + }, + "maxRepeatedChars": { + "type": "integer", + "format": "int64", + "description": "Maximum repetition of the same character in the password. By default is equals to -1.", + "example": 3 + }, + "minLower": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of lower case character in the password. By default is equals to 0.", + "example": 8 + }, + "minNumeric": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of numeric characters in the password. By default is equals to 0.", + "example": 8 + }, + "minSpecial": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of special symbols in the password. By default is equals to 0.", + "example": 8 + }, + "minUpper": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of upper case symbols in the password. By default is equals to 0.", + "example": 8 + }, + "passwordExpiration": { + "type": "integer", + "format": "int64", + "description": "Number of days before current password expires. By default is equals to 90.", + "example": 8 + }, + "defaultPolicy": { + "type": "boolean", + "description": "Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default.", + "example": true, + "default": false + }, + "enablePasswdExpiration": { + "type": "boolean", + "description": "Defines whether this policy is enabled to expire or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthn": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthOffNetwork": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth of network or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthUntrustedGeographies": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth for untrusted geographies. This field is false by default.", + "example": true, + "default": false + }, + "useAccountAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses account attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "useDictionary": { + "type": "boolean", + "description": "Defines whether this policy uses dictionary or not. This field is false by default.", + "example": false, + "default": false + }, + "useIdentityAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses identity attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountId": { + "type": "boolean", + "description": "Defines whether this policy validate against account id or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountName": { + "type": "boolean", + "description": "Defines whether this policy validate against account name or not. This field is false by default.", + "example": true, + "default": false + }, + "created": { + "type": "string", + "nullable": true + }, + "modified": { + "type": "string", + "nullable": true + }, + "sourceIds": { + "type": "array", + "description": "List of sources IDs managed by this password policy.", + "items": { + "type": "string" + }, + "example": [ + "2c91808382ffee0b01830de154f14034", + "2f98808382ffee0b01830de154f12134" + ] + } + } + }, + "example": { + "description": "Default Password Policy", + "id": "2c91808e7d976f3b017d9f5ceae440c8", + "name": "Example PP", + "dateCreated": 1639056206564, + "lastUpdated": 1662385430753, + "firstExpirationReminder": 90, + "accountIdMinWordLength": 3, + "accountNameMinWordLength": 3, + "maxLength": 0, + "maxRepeatedChars": 4, + "minAlpha": 1, + "minCharacterTypes": -1, + "minLength": 8, + "minLower": 0, + "minNumeric": 1, + "minSpecial": 0, + "minUpper": 0, + "passwordExpiration": 90, + "defaultPolicy": true, + "enablePasswdExpiration": false, + "requireStrongAuthn": false, + "requireStrongAuthOffNetwork": false, + "requireStrongAuthUntrustedGeographies": false, + "useAccountAttributes": false, + "useDictionary": false, + "useIdentityAttributes": false, + "validateAgainstAccountId": true, + "validateAgainstAccountName": true, + "sourceIds": [ + "2c91808382ffee0b01830de154f14034", + "2c91808582ffee0c01830de36511405f" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "setPasswordPolicy", + "tags": [ + "Password Policies" + ], + "summary": "Update Password Policy by ID", + "description": "This API updates the specified password policy. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:password-policy:write" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of password policy to update.", + "example": "ff808081838d9e9d01838da6a03e0007" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The password policy Id.", + "example": "2c91808e7d976f3b017d9f5ceae440c8" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Description for current password policy.", + "example": "Information about the Password Policy" + }, + "name": { + "type": "string", + "description": "The name of the password policy.", + "example": "PasswordPolicy Example" + }, + "dateCreated": { + "type": "string", + "format": "date-time", + "description": "Date the Password Policy was created.", + "example": 1639056206564 + }, + "lastUpdated": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "Date the Password Policy was updated.", + "example": 1939056206564 + }, + "firstExpirationReminder": { + "type": "integer", + "format": "int64", + "description": "The number of days before expiration remaninder.", + "example": 45 + }, + "accountIdMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account Id. By default is equals to -1.", + "example": 4 + }, + "accountNameMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account name. By default is equals to -1.", + "example": 6 + }, + "minAlpha": { + "type": "integer", + "format": "int64", + "description": "Maximum alpha. By default is equals to 0.", + "example": 5 + }, + "minCharacterTypes": { + "type": "integer", + "format": "int64", + "description": "MinCharacterTypes. By default is equals to -1.", + "example": 5 + }, + "maxLength": { + "type": "integer", + "format": "int64", + "description": "Maximum length of the password.", + "example": 25 + }, + "minLength": { + "type": "integer", + "format": "int64", + "description": "Minimum length of the password. By default is equals to 0.", + "example": 8 + }, + "maxRepeatedChars": { + "type": "integer", + "format": "int64", + "description": "Maximum repetition of the same character in the password. By default is equals to -1.", + "example": 3 + }, + "minLower": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of lower case character in the password. By default is equals to 0.", + "example": 8 + }, + "minNumeric": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of numeric characters in the password. By default is equals to 0.", + "example": 8 + }, + "minSpecial": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of special symbols in the password. By default is equals to 0.", + "example": 8 + }, + "minUpper": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of upper case symbols in the password. By default is equals to 0.", + "example": 8 + }, + "passwordExpiration": { + "type": "integer", + "format": "int64", + "description": "Number of days before current password expires. By default is equals to 90.", + "example": 8 + }, + "defaultPolicy": { + "type": "boolean", + "description": "Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default.", + "example": true, + "default": false + }, + "enablePasswdExpiration": { + "type": "boolean", + "description": "Defines whether this policy is enabled to expire or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthn": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthOffNetwork": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth of network or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthUntrustedGeographies": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth for untrusted geographies. This field is false by default.", + "example": true, + "default": false + }, + "useAccountAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses account attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "useDictionary": { + "type": "boolean", + "description": "Defines whether this policy uses dictionary or not. This field is false by default.", + "example": false, + "default": false + }, + "useIdentityAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses identity attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountId": { + "type": "boolean", + "description": "Defines whether this policy validate against account id or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountName": { + "type": "boolean", + "description": "Defines whether this policy validate against account name or not. This field is false by default.", + "example": true, + "default": false + }, + "created": { + "type": "string", + "nullable": true + }, + "modified": { + "type": "string", + "nullable": true + }, + "sourceIds": { + "type": "array", + "description": "List of sources IDs managed by this password policy.", + "items": { + "type": "string" + }, + "example": [ + "2c91808382ffee0b01830de154f14034", + "2f98808382ffee0b01830de154f12134" + ] + } + } + }, + "example": { + "description": "Password Policy after update.", + "id": "2c91808e7d976f3b017d9f5ceae440c8", + "name": "Improved Password Policy", + "dateCreated": 1639056206564, + "lastUpdated": 1662385430753, + "firstExpirationReminder": 90, + "accountIdMinWordLength": 3, + "accountNameMinWordLength": 3, + "maxLength": 0, + "maxRepeatedChars": 4, + "minAlpha": 1, + "minCharacterTypes": -1, + "minLength": 8, + "minLower": 0, + "minNumeric": 1, + "minSpecial": 0, + "minUpper": 0, + "passwordExpiration": 90, + "defaultPolicy": false, + "enablePasswdExpiration": false, + "requireStrongAuthn": false, + "requireStrongAuthOffNetwork": false, + "requireStrongAuthUntrustedGeographies": false, + "useAccountAttributes": false, + "useDictionary": false, + "useIdentityAttributes": false, + "validateAgainstAccountId": true, + "validateAgainstAccountName": true, + "sourceIds": [ + "2c91808382ffee0b01830de154f14034", + "2c91808582ffee0c01830de36511405f" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Reference to the password policy.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The password policy Id.", + "example": "2c91808e7d976f3b017d9f5ceae440c8" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Description for current password policy.", + "example": "Information about the Password Policy" + }, + "name": { + "type": "string", + "description": "The name of the password policy.", + "example": "PasswordPolicy Example" + }, + "dateCreated": { + "type": "string", + "format": "date-time", + "description": "Date the Password Policy was created.", + "example": 1639056206564 + }, + "lastUpdated": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "Date the Password Policy was updated.", + "example": 1939056206564 + }, + "firstExpirationReminder": { + "type": "integer", + "format": "int64", + "description": "The number of days before expiration remaninder.", + "example": 45 + }, + "accountIdMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account Id. By default is equals to -1.", + "example": 4 + }, + "accountNameMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account name. By default is equals to -1.", + "example": 6 + }, + "minAlpha": { + "type": "integer", + "format": "int64", + "description": "Maximum alpha. By default is equals to 0.", + "example": 5 + }, + "minCharacterTypes": { + "type": "integer", + "format": "int64", + "description": "MinCharacterTypes. By default is equals to -1.", + "example": 5 + }, + "maxLength": { + "type": "integer", + "format": "int64", + "description": "Maximum length of the password.", + "example": 25 + }, + "minLength": { + "type": "integer", + "format": "int64", + "description": "Minimum length of the password. By default is equals to 0.", + "example": 8 + }, + "maxRepeatedChars": { + "type": "integer", + "format": "int64", + "description": "Maximum repetition of the same character in the password. By default is equals to -1.", + "example": 3 + }, + "minLower": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of lower case character in the password. By default is equals to 0.", + "example": 8 + }, + "minNumeric": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of numeric characters in the password. By default is equals to 0.", + "example": 8 + }, + "minSpecial": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of special symbols in the password. By default is equals to 0.", + "example": 8 + }, + "minUpper": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of upper case symbols in the password. By default is equals to 0.", + "example": 8 + }, + "passwordExpiration": { + "type": "integer", + "format": "int64", + "description": "Number of days before current password expires. By default is equals to 90.", + "example": 8 + }, + "defaultPolicy": { + "type": "boolean", + "description": "Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default.", + "example": true, + "default": false + }, + "enablePasswdExpiration": { + "type": "boolean", + "description": "Defines whether this policy is enabled to expire or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthn": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthOffNetwork": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth of network or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthUntrustedGeographies": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth for untrusted geographies. This field is false by default.", + "example": true, + "default": false + }, + "useAccountAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses account attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "useDictionary": { + "type": "boolean", + "description": "Defines whether this policy uses dictionary or not. This field is false by default.", + "example": false, + "default": false + }, + "useIdentityAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses identity attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountId": { + "type": "boolean", + "description": "Defines whether this policy validate against account id or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountName": { + "type": "boolean", + "description": "Defines whether this policy validate against account name or not. This field is false by default.", + "example": true, + "default": false + }, + "created": { + "type": "string", + "nullable": true + }, + "modified": { + "type": "string", + "nullable": true + }, + "sourceIds": { + "type": "array", + "description": "List of sources IDs managed by this password policy.", + "items": { + "type": "string" + }, + "example": [ + "2c91808382ffee0b01830de154f14034", + "2f98808382ffee0b01830de154f12134" + ] + } + } + }, + "example": { + "description": "Password Policy after update.", + "id": "2c91808e7d976f3b017d9f5ceae440c8", + "name": "Improved Password Policy", + "dateCreated": 1639056206564, + "lastUpdated": 1662385430753, + "firstExpirationReminder": 90, + "accountIdMinWordLength": 3, + "accountNameMinWordLength": 3, + "maxLength": 0, + "maxRepeatedChars": 4, + "minAlpha": 1, + "minCharacterTypes": -1, + "minLength": 8, + "minLower": 0, + "minNumeric": 1, + "minSpecial": 0, + "minUpper": 0, + "passwordExpiration": 90, + "defaultPolicy": false, + "enablePasswdExpiration": false, + "requireStrongAuthn": false, + "requireStrongAuthOffNetwork": false, + "requireStrongAuthUntrustedGeographies": false, + "useAccountAttributes": false, + "useDictionary": false, + "useIdentityAttributes": false, + "validateAgainstAccountId": true, + "validateAgainstAccountName": true, + "sourceIds": [ + "2c91808382ffee0b01830de154f14034", + "2c91808582ffee0c01830de36511405f" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deletePasswordPolicy", + "tags": [ + "Password Policies" + ], + "summary": "Delete Password Policy by ID", + "description": "This API deletes the specified password policy. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:password-policy:write" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of password policy to delete.", + "example": "ff808081838d9e9d01838da6a03e0002" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/password-policies": { + "post": { + "operationId": "createPasswordPolicy", + "tags": [ + "Password Policies" + ], + "summary": "Create Password Policy", + "description": "This API creates the specified password policy. A token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:password-policy:write" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The password policy Id.", + "example": "2c91808e7d976f3b017d9f5ceae440c8" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Description for current password policy.", + "example": "Information about the Password Policy" + }, + "name": { + "type": "string", + "description": "The name of the password policy.", + "example": "PasswordPolicy Example" + }, + "dateCreated": { + "type": "string", + "format": "date-time", + "description": "Date the Password Policy was created.", + "example": 1639056206564 + }, + "lastUpdated": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "Date the Password Policy was updated.", + "example": 1939056206564 + }, + "firstExpirationReminder": { + "type": "integer", + "format": "int64", + "description": "The number of days before expiration remaninder.", + "example": 45 + }, + "accountIdMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account Id. By default is equals to -1.", + "example": 4 + }, + "accountNameMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account name. By default is equals to -1.", + "example": 6 + }, + "minAlpha": { + "type": "integer", + "format": "int64", + "description": "Maximum alpha. By default is equals to 0.", + "example": 5 + }, + "minCharacterTypes": { + "type": "integer", + "format": "int64", + "description": "MinCharacterTypes. By default is equals to -1.", + "example": 5 + }, + "maxLength": { + "type": "integer", + "format": "int64", + "description": "Maximum length of the password.", + "example": 25 + }, + "minLength": { + "type": "integer", + "format": "int64", + "description": "Minimum length of the password. By default is equals to 0.", + "example": 8 + }, + "maxRepeatedChars": { + "type": "integer", + "format": "int64", + "description": "Maximum repetition of the same character in the password. By default is equals to -1.", + "example": 3 + }, + "minLower": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of lower case character in the password. By default is equals to 0.", + "example": 8 + }, + "minNumeric": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of numeric characters in the password. By default is equals to 0.", + "example": 8 + }, + "minSpecial": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of special symbols in the password. By default is equals to 0.", + "example": 8 + }, + "minUpper": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of upper case symbols in the password. By default is equals to 0.", + "example": 8 + }, + "passwordExpiration": { + "type": "integer", + "format": "int64", + "description": "Number of days before current password expires. By default is equals to 90.", + "example": 8 + }, + "defaultPolicy": { + "type": "boolean", + "description": "Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default.", + "example": true, + "default": false + }, + "enablePasswdExpiration": { + "type": "boolean", + "description": "Defines whether this policy is enabled to expire or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthn": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthOffNetwork": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth of network or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthUntrustedGeographies": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth for untrusted geographies. This field is false by default.", + "example": true, + "default": false + }, + "useAccountAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses account attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "useDictionary": { + "type": "boolean", + "description": "Defines whether this policy uses dictionary or not. This field is false by default.", + "example": false, + "default": false + }, + "useIdentityAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses identity attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountId": { + "type": "boolean", + "description": "Defines whether this policy validate against account id or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountName": { + "type": "boolean", + "description": "Defines whether this policy validate against account name or not. This field is false by default.", + "example": true, + "default": false + }, + "created": { + "type": "string", + "nullable": true + }, + "modified": { + "type": "string", + "nullable": true + }, + "sourceIds": { + "type": "array", + "description": "List of sources IDs managed by this password policy.", + "items": { + "type": "string" + }, + "example": [ + "2c91808382ffee0b01830de154f14034", + "2f98808382ffee0b01830de154f12134" + ] + } + } + }, + "example": { + "description": "New Password Policy with high requirements to password complexity.", + "id": null, + "name": "High security Password Policy", + "dateCreated": 1639056206564, + "lastUpdated": 1662385430753, + "firstExpirationReminder": 90, + "accountIdMinWordLength": 3, + "accountNameMinWordLength": 3, + "maxLength": 0, + "maxRepeatedChars": 4, + "minAlpha": 1, + "minCharacterTypes": -1, + "minLength": 8, + "minLower": 0, + "minNumeric": 1, + "minSpecial": 0, + "minUpper": 0, + "passwordExpiration": 90, + "defaultPolicy": false, + "enablePasswdExpiration": false, + "requireStrongAuthn": false, + "requireStrongAuthOffNetwork": false, + "requireStrongAuthUntrustedGeographies": false, + "useAccountAttributes": false, + "useDictionary": false, + "useIdentityAttributes": false, + "validateAgainstAccountId": true, + "validateAgainstAccountName": true, + "sourceIds": [ + "2c91808382ffee0b01830de154f14034", + "2c91808582ffee0c01830de36511405f" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Reference to the password policy.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The password policy Id.", + "example": "2c91808e7d976f3b017d9f5ceae440c8" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Description for current password policy.", + "example": "Information about the Password Policy" + }, + "name": { + "type": "string", + "description": "The name of the password policy.", + "example": "PasswordPolicy Example" + }, + "dateCreated": { + "type": "string", + "format": "date-time", + "description": "Date the Password Policy was created.", + "example": 1639056206564 + }, + "lastUpdated": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "Date the Password Policy was updated.", + "example": 1939056206564 + }, + "firstExpirationReminder": { + "type": "integer", + "format": "int64", + "description": "The number of days before expiration remaninder.", + "example": 45 + }, + "accountIdMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account Id. By default is equals to -1.", + "example": 4 + }, + "accountNameMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account name. By default is equals to -1.", + "example": 6 + }, + "minAlpha": { + "type": "integer", + "format": "int64", + "description": "Maximum alpha. By default is equals to 0.", + "example": 5 + }, + "minCharacterTypes": { + "type": "integer", + "format": "int64", + "description": "MinCharacterTypes. By default is equals to -1.", + "example": 5 + }, + "maxLength": { + "type": "integer", + "format": "int64", + "description": "Maximum length of the password.", + "example": 25 + }, + "minLength": { + "type": "integer", + "format": "int64", + "description": "Minimum length of the password. By default is equals to 0.", + "example": 8 + }, + "maxRepeatedChars": { + "type": "integer", + "format": "int64", + "description": "Maximum repetition of the same character in the password. By default is equals to -1.", + "example": 3 + }, + "minLower": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of lower case character in the password. By default is equals to 0.", + "example": 8 + }, + "minNumeric": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of numeric characters in the password. By default is equals to 0.", + "example": 8 + }, + "minSpecial": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of special symbols in the password. By default is equals to 0.", + "example": 8 + }, + "minUpper": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of upper case symbols in the password. By default is equals to 0.", + "example": 8 + }, + "passwordExpiration": { + "type": "integer", + "format": "int64", + "description": "Number of days before current password expires. By default is equals to 90.", + "example": 8 + }, + "defaultPolicy": { + "type": "boolean", + "description": "Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default.", + "example": true, + "default": false + }, + "enablePasswdExpiration": { + "type": "boolean", + "description": "Defines whether this policy is enabled to expire or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthn": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthOffNetwork": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth of network or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthUntrustedGeographies": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth for untrusted geographies. This field is false by default.", + "example": true, + "default": false + }, + "useAccountAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses account attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "useDictionary": { + "type": "boolean", + "description": "Defines whether this policy uses dictionary or not. This field is false by default.", + "example": false, + "default": false + }, + "useIdentityAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses identity attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountId": { + "type": "boolean", + "description": "Defines whether this policy validate against account id or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountName": { + "type": "boolean", + "description": "Defines whether this policy validate against account name or not. This field is false by default.", + "example": true, + "default": false + }, + "created": { + "type": "string", + "nullable": true + }, + "modified": { + "type": "string", + "nullable": true + }, + "sourceIds": { + "type": "array", + "description": "List of sources IDs managed by this password policy.", + "items": { + "type": "string" + }, + "example": [ + "2c91808382ffee0b01830de154f14034", + "2f98808382ffee0b01830de154f12134" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "listPasswordPolicies", + "tags": [ + "Password Policies" + ], + "summary": "List Password Policies", + "description": "This gets list of all Password Policies.\nRequires role of ORG_ADMIN", + "security": [ + { + "UserContextAuth": [ + "idn:password-policy:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + } + ], + "responses": { + "200": { + "description": "List of all Password Policies.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The password policy Id.", + "example": "2c91808e7d976f3b017d9f5ceae440c8" + }, + "description": { + "type": "string", + "nullable": true, + "description": "Description for current password policy.", + "example": "Information about the Password Policy" + }, + "name": { + "type": "string", + "description": "The name of the password policy.", + "example": "PasswordPolicy Example" + }, + "dateCreated": { + "type": "string", + "format": "date-time", + "description": "Date the Password Policy was created.", + "example": 1639056206564 + }, + "lastUpdated": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "Date the Password Policy was updated.", + "example": 1939056206564 + }, + "firstExpirationReminder": { + "type": "integer", + "format": "int64", + "description": "The number of days before expiration remaninder.", + "example": 45 + }, + "accountIdMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account Id. By default is equals to -1.", + "example": 4 + }, + "accountNameMinWordLength": { + "type": "integer", + "format": "int64", + "description": "The minimun length of account name. By default is equals to -1.", + "example": 6 + }, + "minAlpha": { + "type": "integer", + "format": "int64", + "description": "Maximum alpha. By default is equals to 0.", + "example": 5 + }, + "minCharacterTypes": { + "type": "integer", + "format": "int64", + "description": "MinCharacterTypes. By default is equals to -1.", + "example": 5 + }, + "maxLength": { + "type": "integer", + "format": "int64", + "description": "Maximum length of the password.", + "example": 25 + }, + "minLength": { + "type": "integer", + "format": "int64", + "description": "Minimum length of the password. By default is equals to 0.", + "example": 8 + }, + "maxRepeatedChars": { + "type": "integer", + "format": "int64", + "description": "Maximum repetition of the same character in the password. By default is equals to -1.", + "example": 3 + }, + "minLower": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of lower case character in the password. By default is equals to 0.", + "example": 8 + }, + "minNumeric": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of numeric characters in the password. By default is equals to 0.", + "example": 8 + }, + "minSpecial": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of special symbols in the password. By default is equals to 0.", + "example": 8 + }, + "minUpper": { + "type": "integer", + "format": "int64", + "description": "Minimum amount of upper case symbols in the password. By default is equals to 0.", + "example": 8 + }, + "passwordExpiration": { + "type": "integer", + "format": "int64", + "description": "Number of days before current password expires. By default is equals to 90.", + "example": 8 + }, + "defaultPolicy": { + "type": "boolean", + "description": "Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default.", + "example": true, + "default": false + }, + "enablePasswdExpiration": { + "type": "boolean", + "description": "Defines whether this policy is enabled to expire or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthn": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthOffNetwork": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth of network or not. This field is false by default.", + "example": true, + "default": false + }, + "requireStrongAuthUntrustedGeographies": { + "type": "boolean", + "description": "Defines whether this policy require strong Auth for untrusted geographies. This field is false by default.", + "example": true, + "default": false + }, + "useAccountAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses account attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "useDictionary": { + "type": "boolean", + "description": "Defines whether this policy uses dictionary or not. This field is false by default.", + "example": false, + "default": false + }, + "useIdentityAttributes": { + "type": "boolean", + "description": "Defines whether this policy uses identity attributes or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountId": { + "type": "boolean", + "description": "Defines whether this policy validate against account id or not. This field is false by default.", + "example": false, + "default": false + }, + "validateAgainstAccountName": { + "type": "boolean", + "description": "Defines whether this policy validate against account name or not. This field is false by default.", + "example": true, + "default": false + }, + "created": { + "type": "string", + "nullable": true + }, + "modified": { + "type": "string", + "nullable": true + }, + "sourceIds": { + "type": "array", + "description": "List of sources IDs managed by this password policy.", + "items": { + "type": "string" + }, + "example": [ + "2c91808382ffee0b01830de154f14034", + "2f98808382ffee0b01830de154f12134" + ] + } + } + } + }, + "example": [ + { + "description": "Example Password Policy", + "id": "2c91808e7d976f3b017d9f5ceae440c8", + "name": "Example PP", + "dateCreated": 1639056206564, + "lastUpdated": 1662385430753, + "firstExpirationReminder": 90, + "accountIdMinWordLength": 3, + "accountNameMinWordLength": 3, + "maxLength": 0, + "maxRepeatedChars": 4, + "minAlpha": 1, + "minCharacterTypes": -1, + "minLength": 8, + "minLower": 0, + "minNumeric": 1, + "minSpecial": 0, + "minUpper": 0, + "passwordExpiration": 90, + "defaultPolicy": false, + "enablePasswdExpiration": false, + "requireStrongAuthn": false, + "requireStrongAuthOffNetwork": false, + "requireStrongAuthUntrustedGeographies": false, + "useAccountAttributes": false, + "useDictionary": false, + "useIdentityAttributes": false, + "validateAgainstAccountId": true, + "validateAgainstAccountName": true, + "sourceIds": [ + "2c91808382ffee0b01830de154f14034", + "2c91808582ffee0c01830de36511405f" + ] + }, + { + "description": null, + "id": "2c91808780b8b8430180ff7a093f3bf2", + "name": "Password Policy 1 test", + "dateCreated": 1653553629503, + "lastUpdated": null, + "firstExpirationReminder": null, + "accountIdMinWordLength": -1, + "accountNameMinWordLength": -1, + "maxLength": 0, + "maxRepeatedChars": -1, + "minAlpha": 1, + "minCharacterTypes": -1, + "minLength": 8, + "minLower": 0, + "minNumeric": 1, + "minSpecial": 0, + "minUpper": 0, + "passwordExpiration": 90, + "defaultPolicy": false, + "enablePasswdExpiration": false, + "requireStrongAuthn": false, + "requireStrongAuthOffNetwork": false, + "requireStrongAuthUntrustedGeographies": false, + "useAccountAttributes": false, + "useDictionary": false, + "useIdentityAttributes": true, + "validateAgainstAccountId": false, + "validateAgainstAccountName": false, + "sourceIds": [] + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/personal-access-tokens": { + "get": { + "operationId": "listPersonalAccessTokens", + "security": [ + { + "UserContextAuth": [ + "sp:my-personal-access-tokens:read", + "sp:my-personal-access-tokens:manage", + "sp:all-personal-access-tokens:read", + "sp:all-personal-access-tokens:manage" + ] + } + ], + "tags": [ + "Personal Access Tokens" + ], + "summary": "List Personal Access Tokens", + "description": "This gets a collection of personal access tokens associated with the optional `owner-id`. query parameter. If the `owner-id` query parameter is omitted, all personal access tokens for a tenant will be retrieved, but the caller must have the 'idn:all-personal-access-tokens:read' right.", + "parameters": [ + { + "in": "query", + "name": "owner-id", + "description": "The identity ID of the owner whose personal access tokens should be listed. If \"me\", the caller should have the following right: 'idn:my-personal-access-tokens:read'\nIf an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. \nIf the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'", + "required": false, + "schema": { + "type": "string", + "default": null, + "example": "2c9180867b50d088017b554662fb281e" + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "example": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "responses": { + "200": { + "description": "List of personal access tokens.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the personal access token (to be used as the username for Basic Auth).", + "example": "86f1dc6fe8f54414950454cbb11278fa" + }, + "name": { + "type": "string", + "description": "The name of the personal access token. Cannot be the same as other personal access tokens owned by a user.", + "example": "NodeJS Integration" + }, + "scope": { + "type": "array", + "nullable": true, + "items": { + "type": "string", + "default": "sp:scopes:all" + }, + "description": "Scopes of the personal access token.", + "example": [ + "demo:personal-access-token-scope:first", + "demo:personal-access-token-scope:second" + ] + }, + "owner": { + "type": "object", + "description": "Personal access token owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Personal access token owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Personal access token owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Personal access token owner's human-readable display name.", + "example": "Support" + } + } + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when this personal access token was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "lastUsed": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "The date and time, down to the millisecond, when this personal access token was last used to generate an access token. This timestamp does not get updated on every PAT usage, but only once a day. This property can be useful for identifying which PATs are no longer actively used and can be removed.", + "example": "2017-07-11T18:45:37.098Z" + }, + "managed": { + "type": "boolean", + "default": false, + "example": false, + "description": "If true, this token is managed by the SailPoint platform, and is not visible in the user interface. For example, Workflows will create managed personal access tokens for users who create workflows." + } + }, + "required": [ + "id", + "name", + "scope", + "owner", + "created" + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createPersonalAccessToken", + "security": [ + { + "UserContextAuth": [ + "sp:my-personal-access-tokens:manage", + "sp:all-personal-access-tokens:manage" + ] + } + ], + "tags": [ + "Personal Access Tokens" + ], + "summary": "Create Personal Access Token", + "description": "This creates a personal access token.", + "requestBody": { + "description": "Name and scope of personal access token.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Object for specifying the name of a personal access token to create", + "properties": { + "name": { + "type": "string", + "description": "The name of the personal access token (PAT) to be created. Cannot be the same as another PAT owned by the user for whom this PAT is being created.", + "example": "NodeJS Integration" + }, + "scope": { + "type": "array", + "nullable": true, + "items": { + "type": "string", + "default": "sp:scopes:all" + }, + "description": "Scopes of the personal access token. If no scope is specified, the token will be created with the default scope \"sp:scopes:all\". This means the personal access token will have all the rights of the owner who created it.", + "example": [ + "demo:personal-access-token-scope:first", + "demo:personal-access-token-scope:second" + ] + } + }, + "required": [ + "name" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Created. Note - this is the only time Personal Access Tokens' secret attribute will be displayed.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the personal access token (to be used as the username for Basic Auth).", + "example": "86f1dc6fe8f54414950454cbb11278fa" + }, + "secret": { + "type": "string", + "description": "The secret of the personal access token (to be used as the password for Basic Auth).", + "example": "1d1bef2b9f426383447f64f69349fc7cac176042578d205c256ba3f37c59adb9" + }, + "scope": { + "type": "array", + "nullable": true, + "items": { + "type": "string", + "default": "sp:scopes:all" + }, + "description": "Scopes of the personal access token.", + "example": [ + "demo:personal-access-token-scope:first", + "demo:personal-access-token-scope:second" + ] + }, + "name": { + "type": "string", + "description": "The name of the personal access token. Cannot be the same as other personal access tokens owned by a user.", + "example": "NodeJS Integration" + }, + "owner": { + "type": "object", + "description": "Personal access token owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Personal access token owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Personal access token owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Personal access token owner's human-readable display name.", + "example": "Support" + } + } + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when this personal access token was created.", + "example": "2017-07-11T18:45:37.098Z" + } + }, + "required": [ + "id", + "secret", + "scope", + "name", + "owner", + "created" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/personal-access-tokens/{id}": { + "patch": { + "operationId": "patchPersonalAccessToken", + "security": [ + { + "UserContextAuth": [ + "sp:my-personal-access-tokens:manage" + ] + } + ], + "tags": [ + "Personal Access Tokens" + ], + "summary": "Patch Personal Access Token", + "description": "This performs a targeted update to the field(s) of a Personal Access Token.\nChanging scopes for a Personal Access Token does not impact existing bearer tokens. You will need to create a new bearer token to have the new scopes. Please note that it can take up to 20 minutes for scope changes to be seen on new bearer tokens.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Personal Access Token id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "description": "A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nThe following fields are patchable:\n* name\n* scope\n", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/name", + "value": "New name" + }, + { + "op": "replace", + "path": "/scope", + "value": [ + "sp:scopes:all" + ] + } + ] + } + } + }, + "responses": { + "200": { + "description": "Indicates the PATCH operation succeeded, and returns the PAT's new representation.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the personal access token (to be used as the username for Basic Auth).", + "example": "86f1dc6fe8f54414950454cbb11278fa" + }, + "name": { + "type": "string", + "description": "The name of the personal access token. Cannot be the same as other personal access tokens owned by a user.", + "example": "NodeJS Integration" + }, + "scope": { + "type": "array", + "nullable": true, + "items": { + "type": "string", + "default": "sp:scopes:all" + }, + "description": "Scopes of the personal access token.", + "example": [ + "demo:personal-access-token-scope:first", + "demo:personal-access-token-scope:second" + ] + }, + "owner": { + "type": "object", + "description": "Personal access token owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Personal access token owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Personal access token owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Personal access token owner's human-readable display name.", + "example": "Support" + } + } + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time, down to the millisecond, when this personal access token was created.", + "example": "2017-07-11T18:45:37.098Z" + }, + "lastUsed": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "The date and time, down to the millisecond, when this personal access token was last used to generate an access token. This timestamp does not get updated on every PAT usage, but only once a day. This property can be useful for identifying which PATs are no longer actively used and can be removed.", + "example": "2017-07-11T18:45:37.098Z" + }, + "managed": { + "type": "boolean", + "default": false, + "example": false, + "description": "If true, this token is managed by the SailPoint platform, and is not visible in the user interface. For example, Workflows will create managed personal access tokens for users who create workflows." + } + }, + "required": [ + "id", + "name", + "scope", + "owner", + "created" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deletePersonalAccessToken", + "security": [ + { + "UserContextAuth": [ + "sp:my-personal-access-tokens:manage", + "sp:all-personal-access-tokens:manage" + ] + } + ], + "tags": [ + "Personal Access Tokens" + ], + "summary": "Delete Personal Access Token", + "description": "This deletes a personal access token.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The personal access token id", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "204": { + "description": "No content." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/public-identities": { + "get": { + "operationId": "getPublicIdentities", + "tags": [ + "Public Identities" + ], + "summary": "Get a list of public identities", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "required": false, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**alias**: *eq, sw*\n\n**email**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*", + "example": "firstname eq \"John\"" + }, + { + "in": "query", + "name": "add-core-filters", + "description": "If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*:\n - Should be either correlated or protected.\n - Should not be \"spadmin\" or \"cloudadmin\".\n - uid should not be null.\n - lastname should not be null.\n - email should not be null.", + "required": false, + "example": false, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "required": false, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "example": "name" + } + ], + "responses": { + "200": { + "description": "A list of public identity objects.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "title": "Public Identity", + "description": "Details about a public identity", + "properties": { + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180857182305e0171993735622948" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Alison Ferguso" + }, + "alias": { + "type": "string", + "description": "Alternate unique identifier for the identity.", + "example": "alison.ferguso" + }, + "email": { + "nullable": true, + "type": "string", + "description": "Email address of identity.", + "example": "alison.ferguso@acme-solar.com" + }, + "status": { + "nullable": true, + "type": "string", + "description": "The lifecycle status for the identity", + "example": "Active" + }, + "identityState": { + "nullable": true, + "type": "string", + "enum": [ + "ACTIVE", + "INACTIVE_SHORT_TERM", + "INACTIVE_LONG_TERM", + null + ], + "example": "ACTIVE", + "description": "The current state of the identity, which determines how Identity Security Cloud interacts with the identity.\nAn identity that is Active will be included identity picklists in Request Center, identity processing, and more.\nIdentities that are Inactive will be excluded from these features.\n" + }, + "manager": { + "description": "An identity reference to the manager of this identity", + "type": "object", + "nullable": true, + "properties": { + "type": { + "example": "IDENTITY", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Thomas Edison" + } + } + }, + "attributes": { + "type": "array", + "description": "The public identity attributes of the identity", + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The attribute key", + "example": "country" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the attribute", + "example": "Country" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "US" + } + } + } + } + } + } + }, + "example": [ + { + "id": "2c9180857182305e0171993735622948", + "name": "Alison Ferguso", + "alias": "alison.ferguso", + "email": "alison.ferguso@acme-solar.com", + "status": "Active", + "manager": { + "type": "IDENTITY", + "id": "2c9180a46faadee4016fb4e018c20639", + "name": "Thomas Edison" + }, + "attributes": [ + { + "key": "phone", + "name": "Phone", + "value": "5125551234" + }, + { + "key": "country", + "name": "Country", + "value": "US" + } + ] + }, + { + "id": "2c9180a46faadee4016fb4e018c20639", + "name": "Thomas Edison", + "alias": "thomas.edison", + "email": "thomas.edison@acme-solar.com", + "status": "Active", + "manager": { + "type": "IDENTITY", + "id": "2c918086676d3e0601677611dbde220f", + "name": "Mister Manager" + }, + "attributes": [ + { + "key": "phone", + "name": "Phone", + "value": "5125554321" + }, + { + "key": "country", + "name": "Country", + "value": "US" + } + ] + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/public-identities-config": { + "get": { + "operationId": "getPublicIdentityConfig", + "tags": [ + "Public Identities Config" + ], + "summary": "Get the Public Identities Configuration", + "description": "Returns the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns. A token with ORG ADMIN authority is required to call this API.", + "responses": { + "200": { + "description": "Request succeeded.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Details of up to 5 Identity attributes that will be publicly accessible for all Identities to anyone in the org.", + "properties": { + "attributes": { + "type": "array", + "description": "Up to 5 identity attributes that will be available to everyone in the org for all users in the org.", + "items": { + "type": "object", + "description": "Used to map an attribute key for an Identity to its display name.", + "properties": { + "key": { + "type": "string", + "description": "The attribute key", + "example": "country" + }, + "name": { + "type": "string", + "description": "The attribute display name", + "example": "Country" + } + } + } + }, + "modified": { + "nullable": true, + "type": "string", + "description": "When this configuration was last modified.", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modifiedBy": { + "description": "The identity who last modified this configuration.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "example": "IDENTITY", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Thomas Edison" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "updatePublicIdentityConfig", + "tags": [ + "Public Identities Config" + ], + "summary": "Update the Public Identities Configuration", + "description": "Updates the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns. A token with ORG ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Details of up to 5 Identity attributes that will be publicly accessible for all Identities to anyone in the org.", + "properties": { + "attributes": { + "type": "array", + "description": "Up to 5 identity attributes that will be available to everyone in the org for all users in the org.", + "items": { + "type": "object", + "description": "Used to map an attribute key for an Identity to its display name.", + "properties": { + "key": { + "type": "string", + "description": "The attribute key", + "example": "country" + }, + "name": { + "type": "string", + "description": "The attribute display name", + "example": "Country" + } + } + } + }, + "modified": { + "nullable": true, + "type": "string", + "description": "When this configuration was last modified.", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modifiedBy": { + "description": "The identity who last modified this configuration.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "example": "IDENTITY", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Thomas Edison" + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Request succeeded.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Details of up to 5 Identity attributes that will be publicly accessible for all Identities to anyone in the org.", + "properties": { + "attributes": { + "type": "array", + "description": "Up to 5 identity attributes that will be available to everyone in the org for all users in the org.", + "items": { + "type": "object", + "description": "Used to map an attribute key for an Identity to its display name.", + "properties": { + "key": { + "type": "string", + "description": "The attribute key", + "example": "country" + }, + "name": { + "type": "string", + "description": "The attribute display name", + "example": "Country" + } + } + } + }, + "modified": { + "nullable": true, + "type": "string", + "description": "When this configuration was last modified.", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modifiedBy": { + "description": "The identity who last modified this configuration.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "example": "IDENTITY", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Thomas Edison" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/requestable-objects": { + "get": { + "operationId": "listRequestableObjects", + "tags": [ + "Requestable Objects" + ], + "summary": "Requestable Objects List", + "description": "This endpoint returns a list of acccess items that that can be requested through the Access Request endpoints. Access items are marked with AVAILABLE, PENDING or ASSIGNED with respect to the identity provided using *identity-id* query param.\nAny authenticated token can call this endpoint to see their requestable access items. A token with ORG_ADMIN authority is required to call this endpoint to return a list of all of the requestable access items for the org or for another identity.", + "parameters": [ + { + "in": "query", + "name": "identity-id", + "required": false, + "schema": { + "type": "string" + }, + "example": "e7eab60924f64aa284175b9fa3309599", + "description": "If present, the value returns only requestable objects for the specified identity.\n * Admin users can call this with any identity ID value.\n * Non-admin users can only specify *me* or pass their own identity ID value.\n * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result." + }, + { + "in": "query", + "name": "types", + "description": "Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.", + "required": false, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The currently supported requestable object types. ", + "example": "ACCESS_PROFILE" + } + }, + "example": "ROLE,ACCESS_PROFILE", + "explode": false + }, + { + "in": "query", + "name": "term", + "required": false, + "schema": { + "type": "string" + }, + "example": "Finance Role", + "description": "It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored." + }, + { + "in": "query", + "name": "statuses", + "description": "Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.", + "required": false, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AVAILABLE", + "PENDING", + "ASSIGNED", + null + ], + "description": "Status indicating the ability of an access request for the object to be made by or on behalf of the identity specified by *identity-id*. *AVAILABLE* indicates the object is available to request. *PENDING* indicates the object is unavailable because the identity has a pending request in flight. *ASSIGNED* indicates the object is unavailable because the identity already has the indicated role or access profile. If *identity-id* is not specified (allowed only for admin users), then status will be *AVAILABLE* for all results.", + "example": "AVAILABLE" + } + }, + "explode": false, + "example": [ + "ASSIGNED", + "PENDING" + ] + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "example": "name sw \"bob\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n", + "required": false + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "required": false, + "example": "name", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**\n" + } + ], + "responses": { + "200": { + "description": "List of requestable objects", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the requestable object itself", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the requestable object", + "example": "Applied Research Access" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "The time when the requestable object was created" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "The time when the requestable object was last modified" + }, + "description": { + "type": "string", + "description": "Description of the requestable object.", + "example": "Access to research information, lab results, and schematics.", + "nullable": true + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The currently supported requestable object types. ", + "example": "ACCESS_PROFILE" + }, + "requestStatus": { + "allOf": [ + { + "type": "string", + "enum": [ + "AVAILABLE", + "PENDING", + "ASSIGNED", + null + ], + "description": "Status indicating the ability of an access request for the object to be made by or on behalf of the identity specified by *identity-id*. *AVAILABLE* indicates the object is available to request. *PENDING* indicates the object is unavailable because the identity has a pending request in flight. *ASSIGNED* indicates the object is unavailable because the identity already has the indicated role or access profile. If *identity-id* is not specified (allowed only for admin users), then status will be *AVAILABLE* for all results.", + "example": "AVAILABLE" + }, + { + "nullable": true + } + ] + }, + "identityRequestId": { + "type": "string", + "description": "If *requestStatus* is *PENDING*, indicates the id of the associated account activity.", + "nullable": true, + "example": null + }, + "ownerRef": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Whether the requester must provide comments when requesting the object.", + "example": false + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/roles": { + "get": { + "operationId": "listRoles", + "tags": [ + "Roles" + ], + "summary": "List Roles", + "description": "This API returns a list of Roles.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API.", + "parameters": [ + { + "in": "query", + "name": "for-subadmin", + "schema": { + "type": "string" + }, + "description": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.", + "example": "5168015d32f890ca15812c9180835d2e", + "required": false + }, + { + "in": "query", + "name": "limit", + "description": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 50, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 50, + "default": 50 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*", + "example": "requestable eq false", + "required": false + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "example": "name,-modified", + "required": false + }, + { + "in": "query", + "name": "for-segment-ids", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "example": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d", + "required": false + }, + { + "in": "query", + "name": "include-unsegmented", + "schema": { + "type": "boolean", + "default": true + }, + "description": "Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "example": false, + "required": false + } + ], + "responses": { + "200": { + "description": "List of Roles", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A Role", + "properties": { + "id": { + "type": "string", + "description": "The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.", + "example": "2c918086749d78830174a1a40e121518" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the Role", + "maxLength": 128, + "example": "Role 2567" + }, + "created": { + "type": "string", + "description": "Date the Role was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Role was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "A human-readable description of the Role", + "example": "Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor." + }, + "owner": { + "type": "object", + "nullable": false, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the Access Profile", + "example": "ff808081751e6e129f1518161919ecca" + }, + "type": { + "type": "string", + "description": "Type of requested object. This field must be either left null or set to 'ACCESS_PROFILE' when creating an Access Profile, otherwise a 400 Bad Request error will result.", + "enum": [ + "ACCESS_PROFILE" + ], + "example": "ACCESS_PROFILE" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the Access Profile. This field is ignored on input.", + "example": "Access Profile 2567" + } + } + }, + "nullable": true + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "membership": { + "nullable": true, + "type": "object", + "description": "When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.", + "properties": { + "type": { + "type": "string", + "enum": [ + "STANDARD", + "IDENTITY_LIST" + ], + "description": "This enum characterizes the type of a Role's membership selector. Only the following two are fully supported:\n\nSTANDARD: Indicates that Role membership is defined in terms of a criteria expression\n\nIDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed", + "example": "IDENTITY_LIST" + }, + "criteria": { + "nullable": true, + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "identities": { + "type": "array", + "items": { + "type": "object", + "description": "A reference to an Identity in an IDENTITY_LIST role membership criteria.", + "properties": { + "type": { + "nullable": true, + "example": "IDENTITY", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the Identity.", + "example": "Thomas Edison" + }, + "aliasName": { + "type": "string", + "nullable": true, + "description": "User name of the Identity", + "example": "t.edison" + } + } + }, + "nullable": true, + "description": "Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST." + } + } + }, + "legacyMembershipInfo": { + "type": "object", + "nullable": true, + "description": "This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.", + "example": { + "type": "IDENTITY_LIST" + }, + "additionalProperties": true + }, + "enabled": { + "type": "boolean", + "description": "Whether the Role is enabled or not.", + "example": true, + "default": false + }, + "requestable": { + "type": "boolean", + "description": "Whether the Role can be the target of access requests.", + "example": true, + "default": false + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "default": null, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": false, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": false, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Role is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "dimensional": { + "type": "boolean", + "nullable": true + }, + "dimensionRefs": { + "type": "string", + "nullable": true + } + }, + "required": [ + "name", + "owner" + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:role-unchecked:read", + "idn:role-unchecked:manage", + "idn:role-checked:manage", + "idn:role-checked:read" + ] + } + ] + }, + "post": { + "operationId": "createRole", + "tags": [ + "Roles" + ], + "summary": "Create a Role", + "description": "This API creates a role.\n\nYou must have a token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority to call this API. \n\nIn addition, a ROLE_SUBADMIN may not create a role including an access profile if that access profile is associated with a source the ROLE_SUBADMIN is not associated with themselves. \n\nThe maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles. However, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "A Role", + "properties": { + "id": { + "type": "string", + "description": "The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.", + "example": "2c918086749d78830174a1a40e121518" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the Role", + "maxLength": 128, + "example": "Role 2567" + }, + "created": { + "type": "string", + "description": "Date the Role was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Role was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "A human-readable description of the Role", + "example": "Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor." + }, + "owner": { + "type": "object", + "nullable": false, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the Access Profile", + "example": "ff808081751e6e129f1518161919ecca" + }, + "type": { + "type": "string", + "description": "Type of requested object. This field must be either left null or set to 'ACCESS_PROFILE' when creating an Access Profile, otherwise a 400 Bad Request error will result.", + "enum": [ + "ACCESS_PROFILE" + ], + "example": "ACCESS_PROFILE" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the Access Profile. This field is ignored on input.", + "example": "Access Profile 2567" + } + } + }, + "nullable": true + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "membership": { + "nullable": true, + "type": "object", + "description": "When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.", + "properties": { + "type": { + "type": "string", + "enum": [ + "STANDARD", + "IDENTITY_LIST" + ], + "description": "This enum characterizes the type of a Role's membership selector. Only the following two are fully supported:\n\nSTANDARD: Indicates that Role membership is defined in terms of a criteria expression\n\nIDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed", + "example": "IDENTITY_LIST" + }, + "criteria": { + "nullable": true, + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "identities": { + "type": "array", + "items": { + "type": "object", + "description": "A reference to an Identity in an IDENTITY_LIST role membership criteria.", + "properties": { + "type": { + "nullable": true, + "example": "IDENTITY", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the Identity.", + "example": "Thomas Edison" + }, + "aliasName": { + "type": "string", + "nullable": true, + "description": "User name of the Identity", + "example": "t.edison" + } + } + }, + "nullable": true, + "description": "Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST." + } + } + }, + "legacyMembershipInfo": { + "type": "object", + "nullable": true, + "description": "This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.", + "example": { + "type": "IDENTITY_LIST" + }, + "additionalProperties": true + }, + "enabled": { + "type": "boolean", + "description": "Whether the Role is enabled or not.", + "example": true, + "default": false + }, + "requestable": { + "type": "boolean", + "description": "Whether the Role can be the target of access requests.", + "example": true, + "default": false + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "default": null, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": false, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": false, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Role is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "dimensional": { + "type": "boolean", + "nullable": true + }, + "dimensionRefs": { + "type": "string", + "nullable": true + } + }, + "required": [ + "name", + "owner" + ] + } + } + } + }, + "responses": { + "201": { + "description": "Role created", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "A Role", + "properties": { + "id": { + "type": "string", + "description": "The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.", + "example": "2c918086749d78830174a1a40e121518" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the Role", + "maxLength": 128, + "example": "Role 2567" + }, + "created": { + "type": "string", + "description": "Date the Role was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Role was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "A human-readable description of the Role", + "example": "Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor." + }, + "owner": { + "type": "object", + "nullable": false, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the Access Profile", + "example": "ff808081751e6e129f1518161919ecca" + }, + "type": { + "type": "string", + "description": "Type of requested object. This field must be either left null or set to 'ACCESS_PROFILE' when creating an Access Profile, otherwise a 400 Bad Request error will result.", + "enum": [ + "ACCESS_PROFILE" + ], + "example": "ACCESS_PROFILE" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the Access Profile. This field is ignored on input.", + "example": "Access Profile 2567" + } + } + }, + "nullable": true + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "membership": { + "nullable": true, + "type": "object", + "description": "When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.", + "properties": { + "type": { + "type": "string", + "enum": [ + "STANDARD", + "IDENTITY_LIST" + ], + "description": "This enum characterizes the type of a Role's membership selector. Only the following two are fully supported:\n\nSTANDARD: Indicates that Role membership is defined in terms of a criteria expression\n\nIDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed", + "example": "IDENTITY_LIST" + }, + "criteria": { + "nullable": true, + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "identities": { + "type": "array", + "items": { + "type": "object", + "description": "A reference to an Identity in an IDENTITY_LIST role membership criteria.", + "properties": { + "type": { + "nullable": true, + "example": "IDENTITY", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the Identity.", + "example": "Thomas Edison" + }, + "aliasName": { + "type": "string", + "nullable": true, + "description": "User name of the Identity", + "example": "t.edison" + } + } + }, + "nullable": true, + "description": "Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST." + } + } + }, + "legacyMembershipInfo": { + "type": "object", + "nullable": true, + "description": "This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.", + "example": { + "type": "IDENTITY_LIST" + }, + "additionalProperties": true + }, + "enabled": { + "type": "boolean", + "description": "Whether the Role is enabled or not.", + "example": true, + "default": false + }, + "requestable": { + "type": "boolean", + "description": "Whether the Role can be the target of access requests.", + "example": true, + "default": false + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "default": null, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": false, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": false, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Role is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "dimensional": { + "type": "boolean", + "nullable": true + }, + "dimensionRefs": { + "type": "string", + "nullable": true + } + }, + "required": [ + "name", + "owner" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:role-unchecked:manage", + "idn:role-checked:manage" + ] + } + ] + } + }, + "/roles/{id}": { + "get": { + "operationId": "getRole", + "tags": [ + "Roles" + ], + "summary": "Get a Role", + "description": "This API returns a Role by its ID.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "ID of the Role", + "example": "2c91808a7813090a017814121e121518" + } + ], + "responses": { + "200": { + "description": "List of all Roles", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "A Role", + "properties": { + "id": { + "type": "string", + "description": "The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.", + "example": "2c918086749d78830174a1a40e121518" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the Role", + "maxLength": 128, + "example": "Role 2567" + }, + "created": { + "type": "string", + "description": "Date the Role was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Role was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "A human-readable description of the Role", + "example": "Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor." + }, + "owner": { + "type": "object", + "nullable": false, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the Access Profile", + "example": "ff808081751e6e129f1518161919ecca" + }, + "type": { + "type": "string", + "description": "Type of requested object. This field must be either left null or set to 'ACCESS_PROFILE' when creating an Access Profile, otherwise a 400 Bad Request error will result.", + "enum": [ + "ACCESS_PROFILE" + ], + "example": "ACCESS_PROFILE" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the Access Profile. This field is ignored on input.", + "example": "Access Profile 2567" + } + } + }, + "nullable": true + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "membership": { + "nullable": true, + "type": "object", + "description": "When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.", + "properties": { + "type": { + "type": "string", + "enum": [ + "STANDARD", + "IDENTITY_LIST" + ], + "description": "This enum characterizes the type of a Role's membership selector. Only the following two are fully supported:\n\nSTANDARD: Indicates that Role membership is defined in terms of a criteria expression\n\nIDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed", + "example": "IDENTITY_LIST" + }, + "criteria": { + "nullable": true, + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "identities": { + "type": "array", + "items": { + "type": "object", + "description": "A reference to an Identity in an IDENTITY_LIST role membership criteria.", + "properties": { + "type": { + "nullable": true, + "example": "IDENTITY", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the Identity.", + "example": "Thomas Edison" + }, + "aliasName": { + "type": "string", + "nullable": true, + "description": "User name of the Identity", + "example": "t.edison" + } + } + }, + "nullable": true, + "description": "Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST." + } + } + }, + "legacyMembershipInfo": { + "type": "object", + "nullable": true, + "description": "This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.", + "example": { + "type": "IDENTITY_LIST" + }, + "additionalProperties": true + }, + "enabled": { + "type": "boolean", + "description": "Whether the Role is enabled or not.", + "example": true, + "default": false + }, + "requestable": { + "type": "boolean", + "description": "Whether the Role can be the target of access requests.", + "example": true, + "default": false + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "default": null, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": false, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": false, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Role is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "dimensional": { + "type": "boolean", + "nullable": true + }, + "dimensionRefs": { + "type": "string", + "nullable": true + } + }, + "required": [ + "name", + "owner" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:role-unchecked:read", + "idn:role-unchecked:manage", + "idn:role-checked:manage", + "idn:role-checked:read" + ] + } + ] + }, + "patch": { + "operationId": "patchRole", + "tags": [ + "Roles" + ], + "summary": "Patch a specified Role", + "description": "This API updates an existing role using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.\n\nThe following fields are patchable:\n\n* name\n* description\n* enabled\n* owner\n* accessProfiles\n* membership\n* requestable\n* accessRequestConfig\n* revokeRequestConfig\n* segments\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.\n\nThe maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.\n\nWhen you use this API to modify a role's membership identities, you can only modify up to a limit of 500 membership identities at a time. ", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the Role to patch", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121e121518" + } + } + ], + "requestBody": { + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "examples": { + "Make a Role Requestable and Enable it in One Call": { + "description": "This example shows how multiple fields may be updated with a single patch call.", + "value": [ + { + "op": "replace", + "path": "/requestable", + "value": true + }, + { + "op": "replace", + "path": "/enabled", + "value": true + } + ] + }, + "Assign a Role to a Segment": { + "description": "This example illustrates the use of patch to assign a Role to a Segment by adding the Segment's ID to the Role's segments array.", + "value": [ + { + "op": "add", + "path": "/segments/-", + "value": "f7b1b8a3-5fed-4fd4-ad29-82014e137e19" + } + ] + }, + "Set the Membership Selection Criteria to a List of Identities": { + "description": "This example shows how to define a Role's membershp by providing a list of Identities, referenced by their IDs.", + "value": [ + { + "op": "replace", + "path": "/membership", + "value": { + "type": "IDENTITY_LIST", + "identities": [ + { + "id": "2c91808973fe906c0174262092014ed9" + }, + { + "id": "2c918086262092014ed94fb8a47612f3" + } + ] + } + } + ] + }, + "Set the Membership Selection Criteria to a Standard Expression": { + "description": "This example shows how to define a Role's membership using STANDARD criteria. In this case, the Role will be granted to all Identities which have the *Engineering* attribute from the indicated Source.", + "value": [ + { + "op": "replace", + "path": "/membership", + "value": { + "type": "STANDARD", + "criteria": { + "operation": "OR", + "children": [ + { + "operation": "EQUALS", + "key": { + "type": "ENTITLEMENT", + "property": "attribute.memberOf", + "sourceId": "2c9180887701fb2014213e122092014e" + }, + "stringValue": "Engineering" + } + ] + } + } + } + ] + }, + "Add a New Clause as the Child of an Existing Standard Expression": { + "description": "This example shows how to add a child clause to an existing STANDARD criteria expression.", + "value": [ + { + "op": "add", + "path": "/membership/criteria/children/-", + "value": { + "operation": "ENDS_WITH", + "key": { + "type": "IDENTITY", + "property": "attribute.email" + }, + "stringValue": "@identitynow.com" + } + } + ] + } + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Responds with the Role as updated.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "A Role", + "properties": { + "id": { + "type": "string", + "description": "The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.", + "example": "2c918086749d78830174a1a40e121518" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the Role", + "maxLength": 128, + "example": "Role 2567" + }, + "created": { + "type": "string", + "description": "Date the Role was created", + "format": "date-time", + "example": "2021-03-01T22:32:58.104Z", + "readOnly": true + }, + "modified": { + "type": "string", + "description": "Date the Role was last modified.", + "format": "date-time", + "example": "2021-03-02T20:22:28.104Z", + "readOnly": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "A human-readable description of the Role", + "example": "Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor." + }, + "owner": { + "type": "object", + "nullable": false, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the Access Profile", + "example": "ff808081751e6e129f1518161919ecca" + }, + "type": { + "type": "string", + "description": "Type of requested object. This field must be either left null or set to 'ACCESS_PROFILE' when creating an Access Profile, otherwise a 400 Bad Request error will result.", + "enum": [ + "ACCESS_PROFILE" + ], + "example": "ACCESS_PROFILE" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the Access Profile. This field is ignored on input.", + "example": "Access Profile 2567" + } + } + }, + "nullable": true + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + }, + "membership": { + "nullable": true, + "type": "object", + "description": "When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.", + "properties": { + "type": { + "type": "string", + "enum": [ + "STANDARD", + "IDENTITY_LIST" + ], + "description": "This enum characterizes the type of a Role's membership selector. Only the following two are fully supported:\n\nSTANDARD: Indicates that Role membership is defined in terms of a criteria expression\n\nIDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed", + "example": "IDENTITY_LIST" + }, + "criteria": { + "nullable": true, + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "nullable": true, + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + }, + "children": { + "type": "array", + "items": { + "type": "object", + "description": "Defines STANDARD type Role membership", + "properties": { + "operation": { + "type": "string", + "enum": [ + "EQUALS", + "NOT_EQUALS", + "CONTAINS", + "STARTS_WITH", + "ENDS_WITH", + "AND", + "OR" + ], + "description": "An operation", + "example": "EQUALS" + }, + "key": { + "type": "object", + "nullable": true, + "description": "Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY", + "ACCOUNT", + "ENTITLEMENT" + ], + "description": "Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.", + "example": "ACCOUNT" + }, + "property": { + "type": "string", + "description": "The name of the attribute or entitlement to which the associated criteria applies.", + "example": "attribute.email" + }, + "sourceId": { + "type": "string", + "nullable": true, + "description": "ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT", + "example": "2c9180867427f3a301745aec18211519" + } + }, + "required": [ + "type", + "property" + ] + }, + "stringValue": { + "type": "string", + "description": "String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.", + "example": "carlee.cert1c9f9b6fd@mailinator.com" + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "nullable": true, + "description": "Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa." + } + } + }, + "identities": { + "type": "array", + "items": { + "type": "object", + "description": "A reference to an Identity in an IDENTITY_LIST role membership criteria.", + "properties": { + "type": { + "nullable": true, + "example": "IDENTITY", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the Identity.", + "example": "Thomas Edison" + }, + "aliasName": { + "type": "string", + "nullable": true, + "description": "User name of the Identity", + "example": "t.edison" + } + } + }, + "nullable": true, + "description": "Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST." + } + } + }, + "legacyMembershipInfo": { + "type": "object", + "nullable": true, + "description": "This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.", + "example": { + "type": "IDENTITY_LIST" + }, + "additionalProperties": true + }, + "enabled": { + "type": "boolean", + "description": "Whether the Role is enabled or not.", + "example": true, + "default": false + }, + "requestable": { + "type": "boolean", + "description": "Whether the Role can be the target of access requests.", + "example": true, + "default": false + }, + "accessRequestConfig": { + "nullable": true, + "description": "Access request configuration for this object", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": true, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": true, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "revocationRequestConfig": { + "nullable": true, + "default": null, + "description": "Revocation request configuration for this object.", + "type": "object", + "properties": { + "commentsRequired": { + "type": "boolean", + "description": "Whether the requester of the containing object must provide comments justifying the request", + "example": false, + "nullable": true, + "default": false + }, + "denialCommentsRequired": { + "type": "boolean", + "description": "Whether an approver must provide comments when denying the request", + "example": false, + "nullable": true, + "default": false + }, + "approvalSchemes": { + "type": "array", + "description": "List describing the steps in approving the revocation request", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**OWNER**: Owner of the associated Role\n\n**MANAGER**: Manager of the Identity making the request\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + } + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Role is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "dimensional": { + "type": "boolean", + "nullable": true + }, + "dimensionRefs": { + "type": "string", + "nullable": true + } + }, + "required": [ + "name", + "owner" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:role-unchecked:manage", + "idn:role-checked:manage" + ] + } + ] + }, + "delete": { + "operationId": "deleteRole", + "tags": [ + "Roles" + ], + "summary": "Delete a Role", + "description": "This API deletes a Role by its ID.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "ID of the Role", + "example": "2c91808a7813090a017814121e121518" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:role-unchecked:manage", + "idn:role-checked:manage" + ] + } + ] + } + }, + "/roles/bulk-delete": { + "post": { + "operationId": "deleteBulkRoles", + "summary": "Delete Role(s)", + "tags": [ + "Roles" + ], + "description": "This endpoint initiates a bulk deletion of one or more roles.\nWhen the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information. \nThis endpoint can only bulk delete up to a limit of 50 roles per request. \nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this endpoint. In addition, a token with ROLE_SUBADMIN authority can only call this endpoint if all roles included in the request are associated with sources with management workgroups the ROLE_SUBADMIN is a member of.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "roleIds": { + "description": "List of IDs of Roles to be deleted.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c9180847812e0b1017817051919ecca", + "2c9180887812e0b201781e129f151816" + ] + } + }, + "required": [ + "roleIds" + ] + }, + "example": { + "roleIds": [ + "2c91808876438bb2017668b91919ecca", + "2c91808876438ba801766e129f151816" + ] + } + } + } + }, + "responses": { + "202": { + "description": "Returns an object with the id of the task performing the delete operation.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Task result.", + "properties": { + "type": { + "type": "string", + "description": "Task result DTO type.", + "enum": [ + "TASK_RESULT" + ], + "example": "TASK_RESULT" + }, + "id": { + "type": "string", + "description": "Task result ID.", + "example": "464ae7bf791e49fdb74606a2e4a89635" + }, + "name": { + "type": "string", + "description": "Task result display name.", + "nullable": true, + "example": null + } + } + }, + "example": { + "type": "TASK_RESULT", + "id": "464ae7bf791e49fdb74606a2e4a89635", + "name": null + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "400.1 Bad Request Content": { + "description": "Response for bad request content", + "value": { + "detailCode": "400.1 Bad Request Content", + "trackingId": "1ea1adcb84da4dcb890145e05745774e", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The request was syntactically correct but its content is semantically invalid." + } + ] + } + }, + "400.1 Role ids limit violation": { + "description": "Role ids limit violation response", + "value": { + "detailCode": "400.1 Bad Request Content", + "trackingId": "77aa89ac6f0e422dbc588866abc22be9", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "roleIds count exceeded max limit of 50 for bulk-delete." + } + ] + } + }, + "400.1.404 Referenced object not found": { + "description": "Referenced object not found response", + "value": { + "detailCode": "400.1.404 Referenced object not found", + "trackingId": "77aa89ac6f0e422dbc588866abc22be9", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "Referenced roleIds [\"2c91808876438bb2017668b91919ecca\"] was not found." + } + ] + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:role-unchecked:manage", + "idn:role-checked:manage" + ] + } + ] + } + }, + "/roles/{id}/assigned-identities": { + "get": { + "operationId": "getRoleAssignedIdentities", + "tags": [ + "Roles" + ], + "summary": "List Identities assigned a Role", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "description": "ID of the Role for which the assigned Identities are to be listed", + "example": "2c91808a7813090a017814121e121518", + "required": true + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**aliasName**: *eq, sw*\n\n**email**: *eq, sw*\n\n**name**: *eq, sw, co*", + "example": "name sw Joe" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, aliasName, email**", + "example": "aliasName,name" + } + ], + "responses": { + "200": { + "description": "List of Identities assigned the Role", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A subset of the fields of an Identity which is a member of a Role.", + "properties": { + "id": { + "type": "string", + "description": "The ID of the Identity", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "aliasName": { + "type": "string", + "description": "The alias / username of the Identity", + "example": "t.edison" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the Identity", + "example": "Thomas Edison" + }, + "email": { + "type": "string", + "description": "Email address of the Identity", + "example": "t.edison@identitynow.com" + }, + "roleAssignmentSource": { + "type": "string", + "enum": [ + "ACCESS_REQUEST", + "ROLE_MEMBERSHIP" + ], + "description": "Type which indicates how a particular Identity obtained a particular Role", + "example": "ACCESS_REQUEST" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:role-unchecked:read", + "idn:role-unchecked:manage", + "idn:role-checked:manage", + "idn:role-checked:read" + ] + } + ] + } + }, + "/saved-searches": { + "post": { + "security": [ + { + "UserContextAuth": [ + "sp:saved-search:create" + ] + } + ], + "tags": [ + "Saved Search" + ], + "description": "Creates a new saved search.\n", + "summary": "Create a saved search", + "operationId": "createSavedSearch", + "requestBody": { + "description": "The saved search to persist.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "description": "The name of the saved search.\n", + "type": "string", + "example": "Disabled accounts" + }, + "description": { + "description": "The description of the saved search.\n", + "type": "string", + "nullable": true, + "example": "Disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "description": "The date the saved search was initially created.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "description": "The last date the saved search was modified.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "indices": { + "description": "The names of the Elasticsearch indices in which to search.\n", + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "columns": { + "description": "The columns to be returned (specifies the order in which they will be presented) for each document type.\n\nThe currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "object", + "properties": { + "field": { + "description": "The name of the field.\n", + "type": "string", + "example": "email" + }, + "header": { + "description": "The value of the header.\n", + "type": "string", + "example": "Work Email" + } + }, + "required": [ + "field" + ] + } + }, + "example": { + "identity": [ + { + "field": "displayName", + "header": "Display Name" + }, + { + "field": "e-mail", + "header": "Work Email" + } + ] + } + }, + "query": { + "description": "The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL.\n", + "type": "string", + "example": "@accounts(disabled:true)" + }, + "fields": { + "description": "The fields to be searched against in a multi-field query.\n", + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "disabled" + ] + }, + "orderBy": { + "description": "Sort by index. This takes precedence over the `sort` property.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "nullable": true, + "example": { + "identity": [ + "lastName", + "firstName" + ], + "role": [ + "name" + ] + } + }, + "sort": { + "description": "The fields to be used to sort the search results.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName" + ], + "nullable": true + }, + "filters": { + "nullable": true, + "allOf": [ + { + "type": "object", + "description": "The filters to be applied for each filtered field name.", + "example": { + "attributes.cloudAuthoritativeSource": { + "type": "EXISTS", + "exclude": true + }, + "accessCount": { + "type": "RANGE", + "range": { + "lower": { + "value": "3" + } + } + }, + "created": { + "type": "RANGE", + "range": { + "lower": { + "value": "2019-12-01", + "inclusive": true + }, + "upper": { + "value": "2020-01-01" + } + } + }, + "source.name": { + "type": "TERMS", + "terms": [ + "HR Employees", + "Corporate Active Directory" + ], + "exclude": true + }, + "protected": { + "type": "TERMS", + "terms": [ + "true" + ] + } + } + }, + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + } + ] + } + }, + "required": [ + "indices", + "query" + ] + } + ] + } + } + }, + "required": true + }, + "responses": { + "201": { + "description": "The persisted saved search.", + "content": { + "application/json": { + "schema": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The saved search ID.\n", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64" + }, + "owner": { + "description": "The owner of the saved search.\n", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "description": "The id of the object.\n", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "type": "string", + "description": "The ID of the identity that owns this saved search.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "public": { + "type": "boolean", + "description": "Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time.", + "default": false, + "example": false + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the saved search.\n", + "type": "string", + "example": "Disabled accounts" + }, + "description": { + "description": "The description of the saved search.\n", + "type": "string", + "nullable": true, + "example": "Disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "description": "The date the saved search was initially created.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "description": "The last date the saved search was modified.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "indices": { + "description": "The names of the Elasticsearch indices in which to search.\n", + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "columns": { + "description": "The columns to be returned (specifies the order in which they will be presented) for each document type.\n\nThe currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "object", + "properties": { + "field": { + "description": "The name of the field.\n", + "type": "string", + "example": "email" + }, + "header": { + "description": "The value of the header.\n", + "type": "string", + "example": "Work Email" + } + }, + "required": [ + "field" + ] + } + }, + "example": { + "identity": [ + { + "field": "displayName", + "header": "Display Name" + }, + { + "field": "e-mail", + "header": "Work Email" + } + ] + } + }, + "query": { + "description": "The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL.\n", + "type": "string", + "example": "@accounts(disabled:true)" + }, + "fields": { + "description": "The fields to be searched against in a multi-field query.\n", + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "disabled" + ] + }, + "orderBy": { + "description": "Sort by index. This takes precedence over the `sort` property.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "nullable": true, + "example": { + "identity": [ + "lastName", + "firstName" + ], + "role": [ + "name" + ] + } + }, + "sort": { + "description": "The fields to be used to sort the search results.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName" + ], + "nullable": true + }, + "filters": { + "nullable": true, + "allOf": [ + { + "type": "object", + "description": "The filters to be applied for each filtered field name.", + "example": { + "attributes.cloudAuthoritativeSource": { + "type": "EXISTS", + "exclude": true + }, + "accessCount": { + "type": "RANGE", + "range": { + "lower": { + "value": "3" + } + } + }, + "created": { + "type": "RANGE", + "range": { + "lower": { + "value": "2019-12-01", + "inclusive": true + }, + "upper": { + "value": "2020-01-01" + } + } + }, + "source.name": { + "type": "TERMS", + "terms": [ + "HR Employees", + "Corporate Active Directory" + ], + "exclude": true + }, + "protected": { + "type": "TERMS", + "terms": [ + "true" + ] + } + } + }, + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + } + ] + } + }, + "required": [ + "indices", + "query" + ] + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "security": [ + { + "UserContextAuth": [ + "sp:saved-search:read" + ] + } + ], + "tags": [ + "Saved Search" + ], + "description": "Returns a list of saved searches.\n", + "summary": "A list of Saved Searches", + "operationId": "listSavedSearches", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "filters", + "in": "query", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*", + "example": "owner.id eq \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"" + } + ], + "responses": { + "200": { + "description": "The list of requested saved searches.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The saved search ID.\n", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64" + }, + "owner": { + "description": "The owner of the saved search.\n", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "description": "The id of the object.\n", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "type": "string", + "description": "The ID of the identity that owns this saved search.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "public": { + "type": "boolean", + "description": "Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time.", + "default": false, + "example": false + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the saved search.\n", + "type": "string", + "example": "Disabled accounts" + }, + "description": { + "description": "The description of the saved search.\n", + "type": "string", + "nullable": true, + "example": "Disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "description": "The date the saved search was initially created.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "description": "The last date the saved search was modified.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "indices": { + "description": "The names of the Elasticsearch indices in which to search.\n", + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "columns": { + "description": "The columns to be returned (specifies the order in which they will be presented) for each document type.\n\nThe currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "object", + "properties": { + "field": { + "description": "The name of the field.\n", + "type": "string", + "example": "email" + }, + "header": { + "description": "The value of the header.\n", + "type": "string", + "example": "Work Email" + } + }, + "required": [ + "field" + ] + } + }, + "example": { + "identity": [ + { + "field": "displayName", + "header": "Display Name" + }, + { + "field": "e-mail", + "header": "Work Email" + } + ] + } + }, + "query": { + "description": "The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL.\n", + "type": "string", + "example": "@accounts(disabled:true)" + }, + "fields": { + "description": "The fields to be searched against in a multi-field query.\n", + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "disabled" + ] + }, + "orderBy": { + "description": "Sort by index. This takes precedence over the `sort` property.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "nullable": true, + "example": { + "identity": [ + "lastName", + "firstName" + ], + "role": [ + "name" + ] + } + }, + "sort": { + "description": "The fields to be used to sort the search results.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName" + ], + "nullable": true + }, + "filters": { + "nullable": true, + "allOf": [ + { + "type": "object", + "description": "The filters to be applied for each filtered field name.", + "example": { + "attributes.cloudAuthoritativeSource": { + "type": "EXISTS", + "exclude": true + }, + "accessCount": { + "type": "RANGE", + "range": { + "lower": { + "value": "3" + } + } + }, + "created": { + "type": "RANGE", + "range": { + "lower": { + "value": "2019-12-01", + "inclusive": true + }, + "upper": { + "value": "2020-01-01" + } + } + }, + "source.name": { + "type": "TERMS", + "terms": [ + "HR Employees", + "Corporate Active Directory" + ], + "exclude": true + }, + "protected": { + "type": "TERMS", + "terms": [ + "true" + ] + } + } + }, + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + } + ] + } + }, + "required": [ + "indices", + "query" + ] + } + ] + } + } + } + }, + "headers": { + "X-Total-Count": { + "description": "The total result count (returned only if the *count* parameter is specified as *true*).", + "schema": { + "type": "integer" + }, + "example": 5 + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/saved-searches/{id}": { + "put": { + "tags": [ + "Saved Search" + ], + "description": "Updates an existing saved search. \n\n>**NOTE: You cannot update the `owner` of the saved search.**\n", + "summary": "Updates an existing saved search\n", + "operationId": "putSavedSearch", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "ID of the requested document.", + "schema": { + "type": "string" + }, + "required": true, + "example": "2c91808568c529c60168cca6f90c1313" + } + ], + "requestBody": { + "description": "The saved search to persist.", + "content": { + "application/json": { + "schema": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The saved search ID.\n", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64" + }, + "owner": { + "description": "The owner of the saved search.\n", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "description": "The id of the object.\n", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "type": "string", + "description": "The ID of the identity that owns this saved search.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "public": { + "type": "boolean", + "description": "Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time.", + "default": false, + "example": false + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the saved search.\n", + "type": "string", + "example": "Disabled accounts" + }, + "description": { + "description": "The description of the saved search.\n", + "type": "string", + "nullable": true, + "example": "Disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "description": "The date the saved search was initially created.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "description": "The last date the saved search was modified.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "indices": { + "description": "The names of the Elasticsearch indices in which to search.\n", + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "columns": { + "description": "The columns to be returned (specifies the order in which they will be presented) for each document type.\n\nThe currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "object", + "properties": { + "field": { + "description": "The name of the field.\n", + "type": "string", + "example": "email" + }, + "header": { + "description": "The value of the header.\n", + "type": "string", + "example": "Work Email" + } + }, + "required": [ + "field" + ] + } + }, + "example": { + "identity": [ + { + "field": "displayName", + "header": "Display Name" + }, + { + "field": "e-mail", + "header": "Work Email" + } + ] + } + }, + "query": { + "description": "The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL.\n", + "type": "string", + "example": "@accounts(disabled:true)" + }, + "fields": { + "description": "The fields to be searched against in a multi-field query.\n", + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "disabled" + ] + }, + "orderBy": { + "description": "Sort by index. This takes precedence over the `sort` property.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "nullable": true, + "example": { + "identity": [ + "lastName", + "firstName" + ], + "role": [ + "name" + ] + } + }, + "sort": { + "description": "The fields to be used to sort the search results.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName" + ], + "nullable": true + }, + "filters": { + "nullable": true, + "allOf": [ + { + "type": "object", + "description": "The filters to be applied for each filtered field name.", + "example": { + "attributes.cloudAuthoritativeSource": { + "type": "EXISTS", + "exclude": true + }, + "accessCount": { + "type": "RANGE", + "range": { + "lower": { + "value": "3" + } + } + }, + "created": { + "type": "RANGE", + "range": { + "lower": { + "value": "2019-12-01", + "inclusive": true + }, + "upper": { + "value": "2020-01-01" + } + } + }, + "source.name": { + "type": "TERMS", + "terms": [ + "HR Employees", + "Corporate Active Directory" + ], + "exclude": true + }, + "protected": { + "type": "TERMS", + "terms": [ + "true" + ] + } + } + }, + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + } + ] + } + }, + "required": [ + "indices", + "query" + ] + } + ] + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "The persisted saved search.", + "content": { + "application/json": { + "schema": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The saved search ID.\n", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64" + }, + "owner": { + "description": "The owner of the saved search.\n", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "description": "The id of the object.\n", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "type": "string", + "description": "The ID of the identity that owns this saved search.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "public": { + "type": "boolean", + "description": "Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time.", + "default": false, + "example": false + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the saved search.\n", + "type": "string", + "example": "Disabled accounts" + }, + "description": { + "description": "The description of the saved search.\n", + "type": "string", + "nullable": true, + "example": "Disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "description": "The date the saved search was initially created.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "description": "The last date the saved search was modified.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "indices": { + "description": "The names of the Elasticsearch indices in which to search.\n", + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "columns": { + "description": "The columns to be returned (specifies the order in which they will be presented) for each document type.\n\nThe currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "object", + "properties": { + "field": { + "description": "The name of the field.\n", + "type": "string", + "example": "email" + }, + "header": { + "description": "The value of the header.\n", + "type": "string", + "example": "Work Email" + } + }, + "required": [ + "field" + ] + } + }, + "example": { + "identity": [ + { + "field": "displayName", + "header": "Display Name" + }, + { + "field": "e-mail", + "header": "Work Email" + } + ] + } + }, + "query": { + "description": "The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL.\n", + "type": "string", + "example": "@accounts(disabled:true)" + }, + "fields": { + "description": "The fields to be searched against in a multi-field query.\n", + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "disabled" + ] + }, + "orderBy": { + "description": "Sort by index. This takes precedence over the `sort` property.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "nullable": true, + "example": { + "identity": [ + "lastName", + "firstName" + ], + "role": [ + "name" + ] + } + }, + "sort": { + "description": "The fields to be used to sort the search results.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName" + ], + "nullable": true + }, + "filters": { + "nullable": true, + "allOf": [ + { + "type": "object", + "description": "The filters to be applied for each filtered field name.", + "example": { + "attributes.cloudAuthoritativeSource": { + "type": "EXISTS", + "exclude": true + }, + "accessCount": { + "type": "RANGE", + "range": { + "lower": { + "value": "3" + } + } + }, + "created": { + "type": "RANGE", + "range": { + "lower": { + "value": "2019-12-01", + "inclusive": true + }, + "upper": { + "value": "2020-01-01" + } + } + }, + "source.name": { + "type": "TERMS", + "terms": [ + "HR Employees", + "Corporate Active Directory" + ], + "exclude": true + }, + "protected": { + "type": "TERMS", + "terms": [ + "true" + ] + } + } + }, + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + } + ] + } + }, + "required": [ + "indices", + "query" + ] + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "tags": [ + "Saved Search" + ], + "description": "Returns the specified saved search.\n", + "summary": "Return saved search by ID", + "operationId": "getSavedSearch", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "ID of the requested document.", + "schema": { + "type": "string" + }, + "required": true, + "example": "2c91808568c529c60168cca6f90c1313" + } + ], + "responses": { + "200": { + "description": "The requested saved search.", + "content": { + "application/json": { + "schema": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The saved search ID.\n", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64" + }, + "owner": { + "description": "The owner of the saved search.\n", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "description": "The id of the object.\n", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "type": "string", + "description": "The ID of the identity that owns this saved search.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "public": { + "type": "boolean", + "description": "Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time.", + "default": false, + "example": false + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the saved search.\n", + "type": "string", + "example": "Disabled accounts" + }, + "description": { + "description": "The description of the saved search.\n", + "type": "string", + "nullable": true, + "example": "Disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "description": "The date the saved search was initially created.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "description": "The last date the saved search was modified.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "indices": { + "description": "The names of the Elasticsearch indices in which to search.\n", + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "columns": { + "description": "The columns to be returned (specifies the order in which they will be presented) for each document type.\n\nThe currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "object", + "properties": { + "field": { + "description": "The name of the field.\n", + "type": "string", + "example": "email" + }, + "header": { + "description": "The value of the header.\n", + "type": "string", + "example": "Work Email" + } + }, + "required": [ + "field" + ] + } + }, + "example": { + "identity": [ + { + "field": "displayName", + "header": "Display Name" + }, + { + "field": "e-mail", + "header": "Work Email" + } + ] + } + }, + "query": { + "description": "The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL.\n", + "type": "string", + "example": "@accounts(disabled:true)" + }, + "fields": { + "description": "The fields to be searched against in a multi-field query.\n", + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "disabled" + ] + }, + "orderBy": { + "description": "Sort by index. This takes precedence over the `sort` property.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "nullable": true, + "example": { + "identity": [ + "lastName", + "firstName" + ], + "role": [ + "name" + ] + } + }, + "sort": { + "description": "The fields to be used to sort the search results.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName" + ], + "nullable": true + }, + "filters": { + "nullable": true, + "allOf": [ + { + "type": "object", + "description": "The filters to be applied for each filtered field name.", + "example": { + "attributes.cloudAuthoritativeSource": { + "type": "EXISTS", + "exclude": true + }, + "accessCount": { + "type": "RANGE", + "range": { + "lower": { + "value": "3" + } + } + }, + "created": { + "type": "RANGE", + "range": { + "lower": { + "value": "2019-12-01", + "inclusive": true + }, + "upper": { + "value": "2020-01-01" + } + } + }, + "source.name": { + "type": "TERMS", + "terms": [ + "HR Employees", + "Corporate Active Directory" + ], + "exclude": true + }, + "protected": { + "type": "TERMS", + "terms": [ + "true" + ] + } + } + }, + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + } + ] + } + }, + "required": [ + "indices", + "query" + ] + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "tags": [ + "Saved Search" + ], + "description": "Deletes the specified saved search.\n", + "summary": "Delete document by ID", + "operationId": "deleteSavedSearch", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "ID of the requested document.", + "schema": { + "type": "string" + }, + "required": true, + "example": "2c91808568c529c60168cca6f90c1313" + } + ], + "responses": { + "204": { + "description": "No Content - Indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/saved-searches/{id}/execute": { + "post": { + "tags": [ + "Saved Search" + ], + "description": "Executes the specified saved search.\n", + "summary": "Execute a saved search by ID", + "operationId": "executeSavedSearch", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "ID of the requested document.", + "schema": { + "type": "string" + }, + "required": true, + "example": "2c91808568c529c60168cca6f90c1313" + } + ], + "requestBody": { + "description": "When saved search execution is triggered by a scheduled search, *scheduleId* will specify the ID of the triggering scheduled search.\n\nIf *scheduleId* is not specified (when execution is triggered by a UI test), the *owner* and *recipients* arguments must be provided.\n", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "scheduleId": { + "description": "The ID of the scheduled search that triggered the saved search execution.\n", + "type": "string", + "example": "7a724640-0c17-4ce9-a8c3-4a89738459c8" + }, + "owner": { + "description": "The owner of the scheduled search being tested.\n", + "allOf": [ + { + "type": "object", + "description": "A typed reference to the object.\n", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "description": "The id of the object.\n", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + } + }, + "required": [ + "type", + "id" + ] + } + ] + }, + "recipients": { + "description": "The email recipients of the scheduled search being tested.\n", + "type": "array", + "items": { + "type": "object", + "description": "A typed reference to the object.\n", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "description": "The id of the object.\n", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + } + }, + "required": [ + "type", + "id" + ] + } + } + } + }, + "examples": { + "scheduled": { + "summary": "Triggered by Scheduled Search", + "value": { + "scheduleId": "7a724640-0c17-4ce9-a8c3-4a89738459c8" + } + }, + "test": { + "summary": "Triggered by UI Test", + "value": { + "owner": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313" + }, + "recipients": [ + { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313" + } + ] + } + } + } + } + }, + "required": true + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/scheduled-searches": { + "post": { + "tags": [ + "Scheduled Search" + ], + "description": "Creates a new scheduled search.\n", + "summary": "Create a new scheduled search", + "operationId": "createScheduledSearch", + "requestBody": { + "description": "The scheduled search to persist.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "description": "The name of the scheduled search.\n", + "type": "string", + "example": "Daily disabled accounts", + "nullable": true + }, + "description": { + "description": "The description of the scheduled search.\n", + "type": "string", + "nullable": true, + "example": "Daily disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "savedSearchId": { + "description": "The ID of the saved search that will be executed.", + "type": "string", + "example": "554f1511-f0a1-4744-ab14-599514d3e57c" + }, + "created": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The date the scheduled search was initially created.", + "readOnly": true + }, + "modified": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The last date the scheduled search was modified.", + "readOnly": true + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "description": "A list of identities that should receive the scheduled search report via email.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + } + }, + "enabled": { + "description": "Indicates if the scheduled search is enabled.\n", + "type": "boolean", + "default": false, + "example": false + }, + "emailEmptyResults": { + "description": "Indicates if email generation should occur when search returns no results.\n", + "type": "boolean", + "default": false, + "example": false + }, + "displayQueryDetails": { + "description": "Indicates if the generated email should include the query and search results preview (which could include PII).\n", + "type": "boolean", + "default": false, + "example": false + } + }, + "required": [ + "savedSearchId", + "schedule", + "recipients" + ] + } + ] + }, + "examples": { + "Daily Search": { + "description": "A search that executes each day at a 9 AM", + "value": { + "savedSearchId": "9c620e13-cd33-4804-a13d-403bd7bcdbad", + "schedule": { + "type": "DAILY", + "hours": { + "type": "LIST", + "values": [ + "9" + ] + } + }, + "recipients": [ + { + "type": "IDENTITY", + "id": "2c9180867624cbd7017642d8c8c81f67" + } + ] + } + }, + "Weekly Search": { + "description": "A search that executes each week on select days and times", + "value": { + "savedSearchId": "9c620e13-cd33-4804-a13d-403bd7bcdbad", + "schedule": { + "type": "WEEKLY", + "days": { + "type": "LIST", + "values": [ + "MON", + "TUE", + "WED", + "THU", + "FRI", + "SAT", + "SUN" + ] + }, + "hours": { + "type": "LIST", + "values": [ + "9" + ] + } + }, + "recipients": [ + { + "type": "IDENTITY", + "id": "2c9180867624cbd7017642d8c8c81f67" + } + ] + } + }, + "Monthly Search": { + "description": "A search that executes each month on select days and times", + "value": { + "savedSearchId": "9c620e13-cd33-4804-a13d-403bd7bcdbad", + "schedule": { + "type": "MONTHLY", + "days": { + "type": "LIST", + "values": [ + "1", + "7", + "14", + "L" + ] + }, + "hours": { + "type": "LIST", + "values": [ + "9" + ] + } + }, + "recipients": [ + { + "type": "IDENTITY", + "id": "2c9180867624cbd7017642d8c8c81f67" + } + ] + } + }, + "Annual Search": { + "description": "A search that executes each year on the defined months, days, and times.", + "value": { + "savedSearchId": "9c620e13-cd33-4804-a13d-403bd7bcdbad", + "schedule": { + "type": "ANNUALLY", + "months": { + "type": "LIST", + "values": [ + "1" + ], + "interval": 3 + }, + "days": { + "type": "LIST", + "values": [ + "1", + "7", + "14", + "L" + ] + }, + "hours": { + "type": "LIST", + "values": [ + "9" + ] + } + }, + "recipients": [ + { + "type": "IDENTITY", + "id": "2c9180867624cbd7017642d8c8c81f67" + } + ] + } + }, + "Calendar Search": { + "description": "A search that executes on specific calendar days", + "value": { + "savedSearchId": "9c620e13-cd33-4804-a13d-403bd7bcdbad", + "schedule": { + "type": "CALENDAR", + "days": { + "type": "LIST", + "values": [ + "2023-01-22", + "2023-02-22" + ] + }, + "hours": { + "type": "LIST", + "values": [ + "9" + ] + } + }, + "recipients": [ + { + "type": "IDENTITY", + "id": "2c9180867624cbd7017642d8c8c81f67" + } + ] + } + } + } + } + }, + "required": true + }, + "responses": { + "201": { + "description": "The persisted scheduled search.", + "content": { + "application/json": { + "schema": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The scheduled search ID.", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64", + "readOnly": true + }, + "owner": { + "description": "The owner of the scheduled search", + "readOnly": true, + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "description": "The ID of the scheduled search owner.\n\nPlease use the `id` in the `owner` object instead.\n", + "type": "string", + "example": "2c9180867624cbd7017642d8c8c81f67", + "readOnly": true, + "deprecated": true + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the scheduled search.\n", + "type": "string", + "example": "Daily disabled accounts", + "nullable": true + }, + "description": { + "description": "The description of the scheduled search.\n", + "type": "string", + "nullable": true, + "example": "Daily disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "savedSearchId": { + "description": "The ID of the saved search that will be executed.", + "type": "string", + "example": "554f1511-f0a1-4744-ab14-599514d3e57c" + }, + "created": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The date the scheduled search was initially created.", + "readOnly": true + }, + "modified": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The last date the scheduled search was modified.", + "readOnly": true + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "description": "A list of identities that should receive the scheduled search report via email.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + } + }, + "enabled": { + "description": "Indicates if the scheduled search is enabled.\n", + "type": "boolean", + "default": false, + "example": false + }, + "emailEmptyResults": { + "description": "Indicates if email generation should occur when search returns no results.\n", + "type": "boolean", + "default": false, + "example": false + }, + "displayQueryDetails": { + "description": "Indicates if the generated email should include the query and search results preview (which could include PII).\n", + "type": "boolean", + "default": false, + "example": false + } + }, + "required": [ + "savedSearchId", + "schedule", + "recipients" + ] + } + ], + "required": [ + "id", + "owner", + "ownerId" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "tags": [ + "Scheduled Search" + ], + "description": "Returns a list of scheduled searches.\n", + "summary": "List scheduled searches", + "operationId": "listScheduledSearch", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "filters", + "in": "query", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*\n\n**savedSearchId**: *eq*", + "example": "savedSearchId eq \"6cc0945d-9eeb-4948-9033-72d066e1153e\"" + } + ], + "responses": { + "200": { + "description": "The list of requested scheduled searches.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The scheduled search ID.", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64", + "readOnly": true + }, + "owner": { + "description": "The owner of the scheduled search", + "readOnly": true, + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "description": "The ID of the scheduled search owner.\n\nPlease use the `id` in the `owner` object instead.\n", + "type": "string", + "example": "2c9180867624cbd7017642d8c8c81f67", + "readOnly": true, + "deprecated": true + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the scheduled search.\n", + "type": "string", + "example": "Daily disabled accounts", + "nullable": true + }, + "description": { + "description": "The description of the scheduled search.\n", + "type": "string", + "nullable": true, + "example": "Daily disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "savedSearchId": { + "description": "The ID of the saved search that will be executed.", + "type": "string", + "example": "554f1511-f0a1-4744-ab14-599514d3e57c" + }, + "created": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The date the scheduled search was initially created.", + "readOnly": true + }, + "modified": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The last date the scheduled search was modified.", + "readOnly": true + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "description": "A list of identities that should receive the scheduled search report via email.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + } + }, + "enabled": { + "description": "Indicates if the scheduled search is enabled.\n", + "type": "boolean", + "default": false, + "example": false + }, + "emailEmptyResults": { + "description": "Indicates if email generation should occur when search returns no results.\n", + "type": "boolean", + "default": false, + "example": false + }, + "displayQueryDetails": { + "description": "Indicates if the generated email should include the query and search results preview (which could include PII).\n", + "type": "boolean", + "default": false, + "example": false + } + }, + "required": [ + "savedSearchId", + "schedule", + "recipients" + ] + } + ], + "required": [ + "id", + "owner", + "ownerId" + ] + } + } + } + }, + "headers": { + "X-Total-Count": { + "description": "The total result count (returned only if the *count* parameter is specified as *true*).", + "schema": { + "type": "integer" + }, + "example": 5 + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/scheduled-searches/{id}": { + "put": { + "tags": [ + "Scheduled Search" + ], + "description": "Updates an existing scheduled search.\n", + "summary": "Update an existing Scheduled Search", + "operationId": "updateScheduledSearch", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "ID of the requested document.", + "schema": { + "type": "string" + }, + "required": true, + "example": "2c91808568c529c60168cca6f90c1313" + } + ], + "requestBody": { + "description": "The scheduled search to persist.", + "content": { + "application/json": { + "schema": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The scheduled search ID.", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64", + "readOnly": true + }, + "owner": { + "description": "The owner of the scheduled search", + "readOnly": true, + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "description": "The ID of the scheduled search owner.\n\nPlease use the `id` in the `owner` object instead.\n", + "type": "string", + "example": "2c9180867624cbd7017642d8c8c81f67", + "readOnly": true, + "deprecated": true + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the scheduled search.\n", + "type": "string", + "example": "Daily disabled accounts", + "nullable": true + }, + "description": { + "description": "The description of the scheduled search.\n", + "type": "string", + "nullable": true, + "example": "Daily disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "savedSearchId": { + "description": "The ID of the saved search that will be executed.", + "type": "string", + "example": "554f1511-f0a1-4744-ab14-599514d3e57c" + }, + "created": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The date the scheduled search was initially created.", + "readOnly": true + }, + "modified": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The last date the scheduled search was modified.", + "readOnly": true + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "description": "A list of identities that should receive the scheduled search report via email.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + } + }, + "enabled": { + "description": "Indicates if the scheduled search is enabled.\n", + "type": "boolean", + "default": false, + "example": false + }, + "emailEmptyResults": { + "description": "Indicates if email generation should occur when search returns no results.\n", + "type": "boolean", + "default": false, + "example": false + }, + "displayQueryDetails": { + "description": "Indicates if the generated email should include the query and search results preview (which could include PII).\n", + "type": "boolean", + "default": false, + "example": false + } + }, + "required": [ + "savedSearchId", + "schedule", + "recipients" + ] + } + ], + "required": [ + "id", + "owner", + "ownerId" + ] + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "The persisted scheduled search.", + "content": { + "application/json": { + "schema": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The scheduled search ID.", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64", + "readOnly": true + }, + "owner": { + "description": "The owner of the scheduled search", + "readOnly": true, + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "description": "The ID of the scheduled search owner.\n\nPlease use the `id` in the `owner` object instead.\n", + "type": "string", + "example": "2c9180867624cbd7017642d8c8c81f67", + "readOnly": true, + "deprecated": true + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the scheduled search.\n", + "type": "string", + "example": "Daily disabled accounts", + "nullable": true + }, + "description": { + "description": "The description of the scheduled search.\n", + "type": "string", + "nullable": true, + "example": "Daily disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "savedSearchId": { + "description": "The ID of the saved search that will be executed.", + "type": "string", + "example": "554f1511-f0a1-4744-ab14-599514d3e57c" + }, + "created": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The date the scheduled search was initially created.", + "readOnly": true + }, + "modified": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The last date the scheduled search was modified.", + "readOnly": true + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "description": "A list of identities that should receive the scheduled search report via email.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + } + }, + "enabled": { + "description": "Indicates if the scheduled search is enabled.\n", + "type": "boolean", + "default": false, + "example": false + }, + "emailEmptyResults": { + "description": "Indicates if email generation should occur when search returns no results.\n", + "type": "boolean", + "default": false, + "example": false + }, + "displayQueryDetails": { + "description": "Indicates if the generated email should include the query and search results preview (which could include PII).\n", + "type": "boolean", + "default": false, + "example": false + } + }, + "required": [ + "savedSearchId", + "schedule", + "recipients" + ] + } + ], + "required": [ + "id", + "owner", + "ownerId" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "tags": [ + "Scheduled Search" + ], + "description": "Returns the specified scheduled search.", + "summary": "Get a Scheduled Search", + "operationId": "getScheduledSearch", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "ID of the requested document.", + "schema": { + "type": "string" + }, + "required": true, + "example": "2c91808568c529c60168cca6f90c1313" + } + ], + "responses": { + "200": { + "description": "The requested scheduled search.", + "content": { + "application/json": { + "schema": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The scheduled search ID.", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64", + "readOnly": true + }, + "owner": { + "description": "The owner of the scheduled search", + "readOnly": true, + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "description": "The ID of the scheduled search owner.\n\nPlease use the `id` in the `owner` object instead.\n", + "type": "string", + "example": "2c9180867624cbd7017642d8c8c81f67", + "readOnly": true, + "deprecated": true + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the scheduled search.\n", + "type": "string", + "example": "Daily disabled accounts", + "nullable": true + }, + "description": { + "description": "The description of the scheduled search.\n", + "type": "string", + "nullable": true, + "example": "Daily disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "savedSearchId": { + "description": "The ID of the saved search that will be executed.", + "type": "string", + "example": "554f1511-f0a1-4744-ab14-599514d3e57c" + }, + "created": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The date the scheduled search was initially created.", + "readOnly": true + }, + "modified": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The last date the scheduled search was modified.", + "readOnly": true + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "description": "A list of identities that should receive the scheduled search report via email.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + } + }, + "enabled": { + "description": "Indicates if the scheduled search is enabled.\n", + "type": "boolean", + "default": false, + "example": false + }, + "emailEmptyResults": { + "description": "Indicates if email generation should occur when search returns no results.\n", + "type": "boolean", + "default": false, + "example": false + }, + "displayQueryDetails": { + "description": "Indicates if the generated email should include the query and search results preview (which could include PII).\n", + "type": "boolean", + "default": false, + "example": false + } + }, + "required": [ + "savedSearchId", + "schedule", + "recipients" + ] + } + ], + "required": [ + "id", + "owner", + "ownerId" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "tags": [ + "Scheduled Search" + ], + "description": "Deletes the specified scheduled search.\n", + "operationId": "deleteScheduledSearch", + "summary": "Delete a Scheduled Search", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "ID of the requested document.", + "schema": { + "type": "string" + }, + "required": true, + "example": "2c91808568c529c60168cca6f90c1313" + } + ], + "responses": { + "204": { + "description": "No Content - Indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/scheduled-searches/{id}/unsubscribe": { + "post": { + "tags": [ + "Scheduled Search" + ], + "description": "Unsubscribes a recipient from the specified scheduled search.\n", + "operationId": "unsubscribeScheduledSearch", + "summary": "Unsubscribe a recipient from Scheduled Search", + "parameters": [ + { + "in": "path", + "name": "id", + "description": "ID of the requested document.", + "schema": { + "type": "string" + }, + "required": true, + "example": "2c91808568c529c60168cca6f90c1313" + } + ], + "requestBody": { + "description": "The recipient to be removed from the scheduled search.\n", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "A typed reference to the object.\n", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "description": "The id of the object.\n", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + } + }, + "required": [ + "type", + "id" + ] + } + } + }, + "required": true + }, + "responses": { + "204": { + "description": "No Content - Indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + } + } + } + }, + "/search": { + "post": { + "tags": [ + "Search" + ], + "description": "Performs a search with the provided query and returns a matching result collection. By default, you can page a maximum of 10,000 search result records. To page past 10,000 records, you can use searchAfter paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement searchAfter paging. ", + "externalDocs": { + "description": "Learn more about search.", + "url": "https://documentation.sailpoint.com/saas/help/search/index.html" + }, + "operationId": "searchPost", + "security": [ + { + "UserContextAuth": [ + "sp:search:read" + ] + } + ], + "summary": "Perform Search", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 10000, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 10000, + "default": 10000 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "indices": { + "description": "The names of the Elasticsearch indices in which to search. If none are provided, then all indices will be searched.", + "externalDocs": { + "description": "Learn more about search indices here.", + "url": "https://documentation.sailpoint.com/saas/help/search/searchable-fields.html" + }, + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "queryType": { + "description": "The type of query to use. By default, the `SAILPOINT` query type is used, which requires the `query` object to be defined in the request body.\nTo use the `queryDsl` or `typeAheadQuery` objects in the request, you must set the type to `DSL` or `TYPEAHEAD` accordingly.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "DSL", + "SAILPOINT", + "TEXT", + "TYPEAHEAD" + ], + "default": "SAILPOINT", + "example": "SAILPOINT" + }, + "queryVersion": { + "allOf": [ + { + "description": "The current Elasticserver version.", + "type": "string", + "default": "5.2", + "example": "5.2" + }, + { + "type": "string", + "description": "The version of the query object.\nThis version number will map to the version of Elasticsearch for the query strings and objects being used." + } + ] + }, + "query": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch query object.", + "properties": { + "query": { + "description": "The query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.", + "type": "string", + "example": "name:a*" + }, + "fields": { + "description": "The fields the query will be applied to. Fields provide you with a simple way to add additional fields to search, without making the query too complicated. For example, you can use the fields to specify that you want your query of \"a*\" to be applied to \"name\", \"firstName\", and the \"source.name\". The response will include all results matching the \"a*\" query found in those three fields. \nA field's availability depends on the indices being searched. For example, if you are searching \"identities\", you can apply your search to the \"firstName\" field, but you couldn't use \"firstName\" with a search on \"access profiles\". Refer to the response schema for the respective lists of available fields. ", + "type": "string", + "example": [ + "firstName,lastName,email" + ] + }, + "timeZone": { + "description": "The time zone to be applied to any range query related to dates.", + "type": "string", + "example": "America/Chicago" + }, + "innerHit": { + "description": "The innerHit query object returns a flattened list of results for the specified nested type.", + "type": "object", + "required": [ + "query", + "type" + ], + "properties": { + "query": { + "description": "The search query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.", + "type": "string", + "example": "source.name:\\\"Active Directory\\\"" + }, + "type": { + "description": "The nested type to use in the inner hits query. The nested type [Nested Type](https://www.elastic.co/guide/en/elasticsearch/reference/current/nested.html) refers to a document \"nested\" within another document. For example, an identity can have nested documents for access, accounts, and apps.", + "type": "string", + "example": "access" + } + } + } + } + }, + "queryDsl": { + "description": "The search query using the Elasticsearch [Query DSL](https://www.elastic.co/guide/en/elasticsearch/reference/7.10/query-dsl.html) syntax.", + "type": "object", + "example": { + "match": { + "name": "john.doe" + } + } + }, + "textQuery": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch text query object.", + "required": [ + "terms", + "fields" + ], + "properties": { + "terms": { + "description": "Words or characters that specify a particular thing to be searched for.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The quick brown fox", + "3141592", + "7" + ] + }, + "fields": { + "description": "The fields to be searched.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName", + "employeeNumber", + "roleCount" + ] + }, + "matchAny": { + "description": "Indicates that at least one of the terms must be found in the specified fields; otherwise, all terms must be found.", + "type": "boolean", + "default": false, + "example": false + }, + "contains": { + "description": "Indicates that the terms can be located anywhere in the specified fields; otherwise, the fields must begin with the terms.", + "type": "boolean", + "default": false, + "example": true + } + } + }, + "typeAheadQuery": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch type ahead query object. The typeAheadQuery performs a search for top values beginning with the typed values. For example, typing \"Jo\" results in top hits matching \"Jo.\" Typing \"Job\" results in top hits matching \"Job.\" ", + "required": [ + "query", + "field" + ], + "properties": { + "query": { + "description": "The type ahead query string used to construct a phrase prefix match query.", + "type": "string", + "example": "Work" + }, + "field": { + "description": "The field on which to perform the type ahead search.", + "type": "string", + "example": "source.name" + }, + "nestedType": { + "description": "The nested type.", + "type": "string", + "example": "access" + }, + "maxExpansions": { + "description": "The number of suffixes the last term will be expanded into.\nInfluences the performance of the query and the number results returned.\nValid values: 1 to 1000.", + "type": "integer", + "format": "int32", + "minimum": 1, + "maximum": 1000, + "default": 10, + "example": 10 + }, + "size": { + "description": "The max amount of records the search will return.", + "type": "integer", + "format": "int32", + "minimum": 1, + "default": 100, + "example": 100 + }, + "sort": { + "description": "The sort order of the returned records.", + "type": "string", + "default": "desc", + "example": "asc" + }, + "sortByValue": { + "description": "The flag that defines the sort type, by count or value.", + "type": "boolean", + "default": false, + "example": true + } + } + }, + "includeNested": { + "description": "Indicates whether nested objects from returned search results should be included.", + "type": "boolean", + "default": true, + "example": true + }, + "queryResultFilter": { + "type": "object", + "description": "Allows the query results to be filtered by specifying a list of fields to include and/or exclude from the result documents.", + "properties": { + "includes": { + "description": "The list of field names to include in the result documents.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "name", + "displayName" + ] + }, + "excludes": { + "description": "The list of field names to exclude from the result documents.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "stacktrace" + ] + } + } + }, + "aggregationType": { + "description": "Enum representing the currently available query languages for aggregations, which are used to perform calculations or groupings on search results.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DSL", + "SAILPOINT" + ], + "default": "DSL", + "example": "DSL" + }, + "aggregationsVersion": { + "allOf": [ + { + "description": "The current Elasticserver version.", + "type": "string", + "default": "5.2", + "example": "5.2" + }, + { + "type": "string", + "description": "The version of the language being used for aggregation queries.\nThis version number will map to the version of Elasticsearch for the aggregation query object." + } + ] + }, + "aggregationsDsl": { + "description": "The aggregation search query using Elasticsearch [Aggregations](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/search-aggregations.html) syntax.", + "type": "object", + "example": {} + }, + "aggregations": { + "description": "The aggregation’s specifications, such as the groupings and calculations to be performed.\n", + "allOf": [ + { + "type": "object", + "properties": { + "nested": { + "type": "object", + "description": "The nested aggregation object.", + "required": [ + "name", + "type" + ], + "properties": { + "name": { + "description": "The name of the nested aggregate to be included in the result.", + "type": "string", + "example": "id" + }, + "type": { + "description": "The type of the nested object.", + "type": "string", + "example": "access" + } + } + }, + "metric": { + "type": "object", + "description": "The calculation done on the results of the query", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the metric aggregate to be included in the result.\nIf the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results.", + "type": "string", + "example": "Access Name Count" + }, + "type": { + "description": "Enum representing the currently supported metric aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "COUNT", + "UNIQUE_COUNT", + "AVG", + "SUM", + "MEDIAN", + "MIN", + "MAX" + ], + "default": "UNIQUE_COUNT", + "example": "COUNT" + }, + "field": { + "description": "The field the calculation is performed on.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "@access.name" + } + } + }, + "filter": { + "type": "object", + "description": "An additional filter to constrain the results of the search query.", + "required": [ + "name", + "field", + "value" + ], + "properties": { + "name": { + "description": "The name of the filter aggregate to be included in the result.", + "type": "string", + "example": "Entitlements" + }, + "type": { + "description": "Enum representing the currently supported filter aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERM" + ], + "default": "TERM", + "example": "TERM" + }, + "field": { + "description": "The search field to apply the filter to.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "access.type" + }, + "value": { + "description": "The value to filter on.", + "type": "string", + "example": "ENTITLEMENT" + } + } + }, + "bucket": { + "type": "object", + "description": "The bucket to group the results of the aggregation query by.", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the bucket aggregate to be included in the result.", + "type": "string", + "example": "Identity Locations" + }, + "type": { + "description": "Enum representing the currently supported bucket aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERMS" + ], + "default": "TERMS", + "example": "TERMS" + }, + "field": { + "description": "The field to bucket on.\nPrefix the field name with '@' to reference a nested object.", + "type": "string", + "example": "attributes.city" + }, + "size": { + "description": "Maximum number of buckets to include.", + "type": "integer", + "format": "int32", + "example": 100 + }, + "minDocCount": { + "description": "Minimum number of documents a bucket should have.", + "type": "integer", + "format": "int32", + "example": 2 + } + } + } + } + }, + { + "type": "object", + "properties": { + "subAggregation": { + "description": "Aggregation to be performed on the result of the parent bucket aggregation.", + "allOf": [ + { + "type": "object", + "properties": { + "nested": { + "type": "object", + "description": "The nested aggregation object.", + "required": [ + "name", + "type" + ], + "properties": { + "name": { + "description": "The name of the nested aggregate to be included in the result.", + "type": "string", + "example": "id" + }, + "type": { + "description": "The type of the nested object.", + "type": "string", + "example": "access" + } + } + }, + "metric": { + "type": "object", + "description": "The calculation done on the results of the query", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the metric aggregate to be included in the result.\nIf the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results.", + "type": "string", + "example": "Access Name Count" + }, + "type": { + "description": "Enum representing the currently supported metric aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "COUNT", + "UNIQUE_COUNT", + "AVG", + "SUM", + "MEDIAN", + "MIN", + "MAX" + ], + "default": "UNIQUE_COUNT", + "example": "COUNT" + }, + "field": { + "description": "The field the calculation is performed on.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "@access.name" + } + } + }, + "filter": { + "type": "object", + "description": "An additional filter to constrain the results of the search query.", + "required": [ + "name", + "field", + "value" + ], + "properties": { + "name": { + "description": "The name of the filter aggregate to be included in the result.", + "type": "string", + "example": "Entitlements" + }, + "type": { + "description": "Enum representing the currently supported filter aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERM" + ], + "default": "TERM", + "example": "TERM" + }, + "field": { + "description": "The search field to apply the filter to.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "access.type" + }, + "value": { + "description": "The value to filter on.", + "type": "string", + "example": "ENTITLEMENT" + } + } + }, + "bucket": { + "type": "object", + "description": "The bucket to group the results of the aggregation query by.", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the bucket aggregate to be included in the result.", + "type": "string", + "example": "Identity Locations" + }, + "type": { + "description": "Enum representing the currently supported bucket aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERMS" + ], + "default": "TERMS", + "example": "TERMS" + }, + "field": { + "description": "The field to bucket on.\nPrefix the field name with '@' to reference a nested object.", + "type": "string", + "example": "attributes.city" + }, + "size": { + "description": "Maximum number of buckets to include.", + "type": "integer", + "format": "int32", + "example": 100 + }, + "minDocCount": { + "description": "Minimum number of documents a bucket should have.", + "type": "integer", + "format": "int32", + "example": 2 + } + } + } + } + }, + { + "type": "object", + "properties": { + "subAggregation": { + "description": "Aggregation to be performed on the result of the parent bucket aggregation.", + "type": "object", + "properties": { + "nested": { + "type": "object", + "description": "The nested aggregation object.", + "required": [ + "name", + "type" + ], + "properties": { + "name": { + "description": "The name of the nested aggregate to be included in the result.", + "type": "string", + "example": "id" + }, + "type": { + "description": "The type of the nested object.", + "type": "string", + "example": "access" + } + } + }, + "metric": { + "type": "object", + "description": "The calculation done on the results of the query", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the metric aggregate to be included in the result.\nIf the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results.", + "type": "string", + "example": "Access Name Count" + }, + "type": { + "description": "Enum representing the currently supported metric aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "COUNT", + "UNIQUE_COUNT", + "AVG", + "SUM", + "MEDIAN", + "MIN", + "MAX" + ], + "default": "UNIQUE_COUNT", + "example": "COUNT" + }, + "field": { + "description": "The field the calculation is performed on.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "@access.name" + } + } + }, + "filter": { + "type": "object", + "description": "An additional filter to constrain the results of the search query.", + "required": [ + "name", + "field", + "value" + ], + "properties": { + "name": { + "description": "The name of the filter aggregate to be included in the result.", + "type": "string", + "example": "Entitlements" + }, + "type": { + "description": "Enum representing the currently supported filter aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERM" + ], + "default": "TERM", + "example": "TERM" + }, + "field": { + "description": "The search field to apply the filter to.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "access.type" + }, + "value": { + "description": "The value to filter on.", + "type": "string", + "example": "ENTITLEMENT" + } + } + }, + "bucket": { + "type": "object", + "description": "The bucket to group the results of the aggregation query by.", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the bucket aggregate to be included in the result.", + "type": "string", + "example": "Identity Locations" + }, + "type": { + "description": "Enum representing the currently supported bucket aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERMS" + ], + "default": "TERMS", + "example": "TERMS" + }, + "field": { + "description": "The field to bucket on.\nPrefix the field name with '@' to reference a nested object.", + "type": "string", + "example": "attributes.city" + }, + "size": { + "description": "Maximum number of buckets to include.", + "type": "integer", + "format": "int32", + "example": 100 + }, + "minDocCount": { + "description": "Minimum number of documents a bucket should have.", + "type": "integer", + "format": "int32", + "example": 2 + } + } + } + } + } + } + } + ] + } + } + } + ] + }, + "sort": { + "description": "The fields to be used to sort the search results. Use + or - to specify the sort direction.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName", + "+id" + ] + }, + "searchAfter": { + "description": "Used to begin the search window at the values specified.\nThis parameter consists of the last values of the sorted fields in the current record set.\nThis is used to expand the Elasticsearch limit of 10K records by shifting the 10K window to begin at this value.\nIt is recommended that you always include the ID of the object in addition to any other fields on this parameter in order to ensure you don't get duplicate results while paging.\nFor example, when searching for identities, if you are sorting by displayName you will also want to include ID, for example [\"displayName\", \"id\"]. \nIf the last identity ID in the search result is 2c91808375d8e80a0175e1f88a575221 and the last displayName is \"John Doe\", then using that displayName and ID will start a new search after this identity.\nThe searchAfter value will look like [\"John Doe\",\"2c91808375d8e80a0175e1f88a575221\"]", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "John Doe", + "2c91808375d8e80a0175e1f88a575221" + ] + }, + "filters": { + "description": "The filters to be applied for each filtered field name.", + "type": "object", + "additionalProperties": { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "example": {} + } + } + }, + "examples": { + "query-fields": { + "summary": "Query with Fields", + "value": { + "indices": [ + "identities" + ], + "query": { + "query": "\"John Doe\"", + "fields": [ + "name" + ] + } + } + }, + "query-timeZone": { + "summary": "Query with TimeZone", + "value": { + "indices": [ + "identities" + ], + "query": { + "query": "created: [2022-05-19T19:26:03.351Z TO now]", + "timeZone": "America/Los_Angeles" + } + } + }, + "query-innerHit": { + "summary": "Query with InnerHit", + "value": { + "indices": [ + "identities" + ], + "query": { + "query": "\"John Doe\"", + "innerHit": { + "type": "access", + "query": "source.name:\\\"Active Directory\\\"" + } + } + } + }, + "typeAheadQuery": { + "summary": "TypeAheadQuery", + "value": { + "indices": [ + "identities" + ], + "queryType": "TYPEAHEAD", + "typeAheadQuery": { + "field": "name", + "query": "Jo", + "maxExpansions": 50, + "size": 100, + "sort": "desc", + "sortByValue": false + } + } + }, + "typeAheadQuery-nestedType": { + "summary": "TypeAheadQuery with NestedType", + "value": { + "indices": [ + "identities" + ], + "queryType": "TYPEAHEAD", + "typeAheadQuery": { + "field": "source.name", + "nestedType": "access", + "query": "Work", + "maxExpansions": 50, + "size": 100, + "sort": "desc", + "sortByValue": false + } + } + }, + "filter-exists": { + "summary": "Filter with Exists", + "value": { + "indices": [ + "identities" + ], + "query": { + "query": "attributes.city:London" + }, + "filters": { + "attributes.cloudAuthoritativeSource": { + "type": "EXISTS", + "exclude": true + } + } + } + }, + "filter-range": { + "summary": "Filter with Range", + "value": { + "indices": [ + "identities" + ], + "query": { + "query": "attributes.city:London", + "timeZone": "Europe/London" + }, + "filters": { + "accessCount": { + "type": "RANGE", + "range": { + "lower": { + "value": "3" + } + } + }, + "created": { + "type": "RANGE", + "range": { + "lower": { + "value": "2019-12-01", + "inclusive": true + }, + "upper": { + "value": "2020-01-01" + } + } + } + } + } + }, + "filter-terms": { + "summary": "Filter with Terms", + "value": { + "indices": [ + "identities" + ], + "query": { + "query": "attributes.city:London" + }, + "filters": { + "source.name": { + "type": "TERMS", + "terms": [ + "HR Employees", + "Corporate Active Directory" + ], + "exclude": true + }, + "protected": { + "type": "TERMS", + "terms": [ + "true" + ] + } + } + } + } + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "List of matching documents.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "discriminator": { + "propertyName": "_type", + "mapping": { + "accessprofile": "../model/access/profile/AccessProfileDocument.yaml", + "accountactivity": "../model/account/activity/AccountActivityDocument.yaml", + "entitlement": "../model/entitlement/EntitlementDocument.yaml", + "event": "../model/event/EventDocument.yaml", + "identity": "../model/identity/IdentityDocument.yaml", + "role": "../model/role/RoleDocument.yaml" + } + }, + "oneOf": [ + { + "description": "More complete representation of an access profile. ", + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "description": "Access profile's ID.", + "example": "2c9180825a6c1adc015a71c9023f0818" + }, + "name": { + "type": "string", + "description": "Access profile's name.", + "example": "Cloud Eng" + }, + "_type": { + "description": "Access profile's document type. \nThis enum represents the currently supported document types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "accessprofile" + }, + "source": { + "type": "object", + "description": "Access profile's source.", + "properties": { + "id": { + "type": "string", + "description": "Source's ID.", + "example": "ff8081815757d4fb0157588f3d9d008f" + }, + "name": { + "type": "string", + "description": "Source's name.", + "example": "Employees" + } + } + }, + "entitlements": { + "type": "array", + "description": "Entitlements the access profile has access to.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "AccountActivity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "action": { + "type": "string", + "description": "Type of action performed in the activity.", + "externalDocs": { + "description": "Learn more about account activity action types", + "url": "https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data" + }, + "example": "Identity Refresh." + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "stage": { + "type": "string", + "description": "Activity's current stage.", + "example": "Completed" + }, + "origin": { + "type": "string", + "description": "Activity's origin.", + "nullable": true, + "example": null + }, + "status": { + "type": "string", + "description": "Activity's current status.", + "example": "Complete" + }, + "requester": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "recipient": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "trackingNumber": { + "type": "string", + "description": "Account activity's tracking number.", + "example": "61aad0c9e8134eca89e76a35e0cabe3f" + }, + "errors": { + "type": "array", + "description": "Errors provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "warnings": { + "type": "array", + "description": "Warnings provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "approvals": { + "type": "array", + "description": "Approvals performed on an item during activity.", + "items": { + "type": "object", + "properties": { + "comments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "The comment text", + "example": "This request was autoapproved by our automated ETS subscriber." + }, + "commenter": { + "type": "string", + "description": "The name of the commenter", + "example": "Automated AR Approval" + }, + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + } + } + }, + "created": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "modified": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "string", + "description": "The result of the approval", + "example": "Finished" + }, + "type": { + "type": "string", + "nullable": true, + "example": null + } + } + } + }, + "originalRequests": { + "type": "array", + "description": "Original actions that triggered all individual source actions related to the account action.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + }, + "attributeRequests": { + "type": "array", + "description": "Attribute changes requested for account.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "description": "Operation used.", + "example": "add" + }, + "source": { + "description": "Account's source.", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "expansionItems": { + "type": "array", + "description": "Controls that translated the attribute requests into actual provisioning actions on the source.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The ID of the account", + "example": "2c91808981f58ea601821c3e93482e6f" + }, + "cause": { + "type": "string", + "example": "Role" + }, + "name": { + "type": "string", + "description": "The name of the item", + "example": "smartsheet-role" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "accountRequests": { + "type": "array", + "description": "Account data for each individual source action triggered by the original requests.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Unique ID of the account", + "example": "John.Doe" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "example": "Modify", + "description": "The operation that was performed" + }, + "provisioningTarget": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "object", + "properties": { + "errors": { + "type": "array", + "items": { + "type": "string", + "example": "[ConnectorError] [\n {\n \"code\": \"unrecognized_keys\",\n \"keys\": [\n \"groups\"\n ],\n \"path\": [],\n \"message\": \"Unrecognized key(s) in object: 'groups'\"\n }\n] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e)" + } + }, + "status": { + "type": "string", + "description": "The status of the account request", + "example": "failed" + }, + "ticketId": { + "type": "string", + "nullable": true, + "example": null + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "sources": { + "type": "string", + "description": "Sources involved in the account activity.", + "example": "smartsheet-test, airtable-v4, IdentityNow" + } + } + } + ] + }, + { + "description": "Entitlement", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "displayName": { + "type": "string", + "description": "Entitlement's display name.", + "example": "Admin" + }, + "source": { + "type": "object", + "description": "Entitlement's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of entitlement's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of entitlement's source.", + "example": "ODS-HR-Employees" + } + } + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the entitlement is requestable.", + "default": false, + "example": false + }, + "cloudGoverned": { + "type": "boolean", + "description": "Indicates whether the entitlement is cloud governed.", + "default": false, + "example": false + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "identityCount": { + "type": "integer", + "description": "Number of identities who have access to the entitlement.", + "format": "int32", + "example": 3 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "Event", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "action": { + "type": "string", + "description": "Name of the event as it's displayed in audit reports.", + "example": "update" + }, + "type": { + "type": "string", + "description": "Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.", + "example": "SYSTEM_CONFIG" + }, + "actor": { + "type": "string", + "description": "Name of the actor that generated the event.", + "example": "System" + }, + "target": { + "type": "string", + "description": "Name of the target, or recipient, of the event.", + "example": "Carol.Adams" + }, + "stack": { + "type": "string", + "description": "The event's stack.", + "example": "tpe" + }, + "trackingNumber": { + "type": "string", + "description": "ID of the group of events.", + "example": "63f891e0735f4cc8bf1968144a1e7440" + }, + "ipAddress": { + "type": "string", + "description": "Target system's IP address.", + "example": "52.52.97.85" + }, + "details": { + "type": "string", + "description": "ID of event's details.", + "example": "73b65dfbed1842548c207432a18c84b0" + }, + "attributes": { + "type": "object", + "description": "Attributes involved in the event.", + "additionalProperties": true, + "example": { + "pod": "stg03-useast1", + "org": "acme", + "sourceName": "SailPoint" + } + }, + "objects": { + "type": "array", + "description": "Objects the event is happening to.", + "items": { + "type": "string", + "example": "AUTHENTICATION" + } + }, + "operation": { + "type": "string", + "description": "Operation, or action, performed during the event.", + "example": "REQUEST" + }, + "status": { + "type": "string", + "description": "Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.", + "example": "PASSED" + }, + "technicalName": { + "type": "string", + "description": "Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'.", + "example": "AUTHENTICATION_REQUEST_PASSED" + } + } + } + ] + }, + { + "description": "Identity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "Carol.Adams", + "description": "Identity's display name." + }, + "firstName": { + "type": "string", + "description": "Identity's first name.", + "example": "Carol" + }, + "lastName": { + "type": "string", + "description": "Identity's last name.", + "example": "Adams" + }, + "email": { + "type": "string", + "description": "Identity's primary email address.", + "example": "Carol.Adams@sailpointdemo.com" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "phone": { + "type": "string", + "description": "Identity's phone number.", + "example": "+1 440-527-3672" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "inactive": { + "type": "boolean", + "description": "Indicates whether the identity is inactive.", + "default": false, + "example": false + }, + "protected": { + "type": "boolean", + "description": "Indicates whether the identity is protected.", + "default": false, + "example": false + }, + "status": { + "type": "string", + "description": "Identity's status in SailPoint.", + "example": "UNREGISTERED" + }, + "employeeNumber": { + "type": "string", + "description": "Identity's employee number.", + "example": "1a2a3d4e" + }, + "manager": { + "type": "object", + "description": "Identity's manager.", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of identity's manager.", + "example": "2c9180867dfe694b017e208e27c05799" + }, + "name": { + "type": "string", + "description": "Name of identity's manager.", + "example": "Amanda.Ross" + }, + "displayName": { + "type": "string", + "description": "Display name of identity's manager.", + "example": "Amanda.Ross" + } + } + }, + "isManager": { + "type": "boolean", + "description": "Indicates whether the identity is a manager of other identities.", + "example": false + }, + "identityProfile": { + "type": "object", + "description": "Identity's identity profile.", + "properties": { + "id": { + "type": "string", + "description": "Identity profile's ID.", + "example": "3bc8ad26b8664945866b31339d1ff7d2" + }, + "name": { + "type": "string", + "description": "Identity profile's name.", + "example": "HR Employees" + } + } + }, + "source": { + "type": "object", + "description": "Identity's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of identity's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of identity's source.", + "example": "ODS-HR-Employees" + } + } + }, + "attributes": { + "type": "object", + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "country": "US", + "firstname": "Carol", + "cloudStatus": "UNREGISTERED" + } + }, + "processingState": { + "type": "string", + "description": "Identity's processing state.", + "nullable": true, + "example": null + }, + "processingDetails": { + "description": "Identity's processing details.", + "nullable": true, + "type": "object", + "properties": { + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "stage": { + "type": "string", + "example": "In Process" + }, + "retryCount": { + "type": "integer", + "example": 0, + "format": "int32" + }, + "stackTrace": { + "type": "string", + "example": "" + }, + "message": { + "type": "string", + "example": "" + } + } + }, + "accounts": { + "type": "array", + "description": "List of accounts associated with the identity.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "John.Doe" + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "disabled": { + "type": "boolean", + "description": "Indicates whether the account is disabled.", + "default": false, + "example": false + }, + "locked": { + "type": "boolean", + "description": "Indicates whether the account is locked.", + "default": false, + "example": false + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the account is privileged.", + "default": false, + "example": false + }, + "manuallyCorrelated": { + "type": "boolean", + "description": "Indicates whether the account has been manually correlated to an identity.", + "default": false, + "example": false + }, + "passwordLastSet": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "entitlementAttributes": { + "type": "object", + "nullable": true, + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "moderator": true, + "admin": true, + "trust_level": "4" + } + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + } + } + } + ] + } + }, + "accountCount": { + "type": "integer", + "description": "Number of accounts associated with the identity.", + "format": "int32", + "example": 3 + }, + "apps": { + "type": "array", + "description": "List of applications the identity has access to.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "account": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The SailPoint generated unique ID", + "example": "2c9180837dfe6949017e21f3d8cd6d49" + }, + "accountId": { + "type": "string", + "description": "The account ID generated by the source", + "example": "CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + } + } + } + } + } + ] + } + }, + "appCount": { + "type": "integer", + "format": "int32", + "description": "Number of applications the identity has access to.", + "example": 2 + }, + "access": { + "type": "array", + "description": "List of access items assigned to the identity.", + "items": { + "discriminator": { + "propertyName": "type", + "mapping": { + "ACCESS_PROFILE": "../access/AccessProfileSummary.yaml", + "ENTITLEMENT": "../access/AccessProfileEntitlement.yaml", + "ROLE": "../access/AccessProfileRole.yaml" + } + }, + "oneOf": [ + { + "description": "This is a summary representation of an access profile.", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "revocable": { + "type": "boolean", + "example": true + } + } + } + ] + }, + { + "description": "EntitlementReference", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "privileged": { + "type": "boolean", + "example": false + }, + "attribute": { + "type": "string", + "example": "memberOf" + }, + "value": { + "type": "string", + "example": "CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + }, + "standalone": { + "type": "boolean", + "example": false + } + } + } + ] + }, + { + "description": "Role", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "disabled": { + "type": "boolean" + }, + "revocable": { + "type": "boolean" + } + } + } + ] + } + ] + } + }, + "accessCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items assigned to the identity.", + "example": 5 + }, + "entitlementCount": { + "type": "integer", + "format": "int32", + "description": "Number of entitlements assigned to the identity.", + "example": 10 + }, + "roleCount": { + "type": "integer", + "format": "int32", + "description": "Number of roles assigned to the identity.", + "example": 1 + }, + "accessProfileCount": { + "type": "integer", + "format": "int32", + "description": "Number of access profiles assigned to the identity.", + "example": 1 + }, + "owns": { + "type": "array", + "description": "Access items the identity owns.", + "items": { + "type": "object", + "properties": { + "sources": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "roles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "apps": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "governanceGroups": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "fallbackApprover": { + "type": "boolean", + "example": false + } + } + } + }, + "ownsCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items the identity owns.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "Role", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "properties": { + "accessProfiles": { + "type": "array", + "description": "Access profiles included with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91809c6faade77016fb4f0b63407ae", + "description": "Access profile's unique ID." + }, + "name": { + "type": "string", + "example": "Admin Access", + "description": "Access profile's display name." + } + } + } + }, + "accessProfileCount": { + "type": "integer", + "description": "Number of access profiles included with the role.", + "format": "int32", + "example": 1 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "entitlements": { + "type": "array", + "description": "Entitlements included with the role.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements included with the role.", + "format": "int32", + "example": 3 + } + } + } + ] + } + ] + } + }, + "examples": { + "accessProfiles": { + "summary": "A collection of AccessProfiles", + "value": [ + { + "id": "2c9180825a6c1adc015a71c9023f0818", + "name": "Cloud Eng", + "_type": "accessprofile", + "description": "Cloud Eng", + "created": "2017-02-24T20:21:23.145Z", + "modified": "2019-05-24T20:36:04.312Z", + "synced": "2020-02-18T05:30:20.414Z", + "enabled": true, + "requestable": true, + "requestCommentsRequired": false, + "owner": { + "id": "ff8081815757d36a015757d42e56031e", + "name": "SailPoint Support", + "type": "IDENTITY", + "email": "cloud-support@sailpoint.com" + }, + "source": { + "id": "ff8081815757d4fb0157588f3d9d008f", + "name": "Employees" + }, + "entitlements": [ + { + "id": "2c918084575812550157589064f33b89", + "name": "CN=Cloud Engineering,DC=sailpoint,DC=COM", + "description": "mull", + "attribute": "memberOf", + "value": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + ], + "entitlementCount": 1, + "tags": [ + "TAG_1", + "TAG_2" + ] + } + ] + }, + "entitlements": { + "summary": "A collection of Entitlements", + "value": [ + { + "id": "2c9180946ed0c43d016eec1a80892fbd", + "name": "entitlement.aa415ae7", + "_type": "entitlement", + "description": "null", + "attribute": "groups", + "value": "entitlement.aa415ae7", + "modified": "2019-12-09T19:19:50.154Z", + "synced": "2020-02-19T04:30:32.906Z", + "displayName": "entitlement.aa415ae7", + "source": { + "id": "2c91808b6e9e6fb8016eec1a2b6f7b5f", + "name": "ODS-HR-Employees" + }, + "privileged": false, + "identityCount": 68, + "tags": [ + "TAG_1", + "TAG_2" + ] + } + ] + }, + "events": { + "summary": "A collection of Events", + "value": [ + { + "id": "e092842f-c904-4b59-aac8-2544abeeef4b", + "name": "Update Task Schedule Passed", + "_type": "event", + "created": "2020-02-17T16:23:18.327Z", + "synced": "2020-02-17T16:23:18.388Z", + "action": "TASK_SCHEDULE_UPDATE_PASSED", + "type": "SYSTEM_CONFIG", + "actor": { + "name": "MantisTaskScheduler" + }, + "target": { + "name": "Perform provisioning activity search delete synchronization" + }, + "stack": "tpe", + "trackingNumber": "c6b98bc39ece48b080826d16c76b166c", + "ipAddress": "207.189.160.158", + "details": "null", + "attributes": { + "sourceName": "SailPoint" + }, + "objects": [ + "TASK", + "SCHEDULE" + ], + "operation": "UPDATE", + "status": "PASSED", + "technicalName": "TASK_SCHEDULE_UPDATE_PASSED" + } + ] + }, + "identities": { + "summary": "A collection of Identities", + "value": [ + { + "id": "2c9180865c45e7e3015c46c434a80622", + "name": "ad.admin", + "_type": "identity", + "firstName": "AD", + "lastName": "Admin", + "displayName": "AD Admin", + "email": "SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM", + "created": "2018-08-22T19:54:54.302Z", + "modified": "2018-08-22T19:54:54.302Z", + "synced": "2018-08-22T19:54:54.302Z", + "phone": "512-942-7578", + "inactive": false, + "protected": false, + "status": "UNREGISTERED", + "employeeNumber": "O349804", + "manager": null, + "isManager": false, + "identityProfile": { + "id": "2c918085605c8d0601606f357cb231e6", + "name": "E2E AD" + }, + "source": { + "id": "2c9180855c45b230015c46c19b9c0202", + "name": "EndToEnd-ADSource" + }, + "attributes": { + "uid": "ad.admin", + "firstname": "AD", + "cloudAuthoritativeSource": "2c9180855c45b230015c46c19b9c0202", + "cloudStatus": "UNREGISTERED", + "iplanet-am-user-alias-list": null, + "displayName": "AD Admin", + "internalCloudStatus": "UNREGISTERED", + "workPhone": "512-942-7578", + "email": "SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM", + "lastname": "Admin" + }, + "processingState": null, + "processingDetails": null, + "accounts": [ + { + "id": "2c9180865c45e7e3015c46c434a80623", + "name": "ad.admin", + "accountId": "CN=AD Admin,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "source": { + "id": "2c9180855c45b230015c46c19b9c0202", + "name": "EndToEnd-ADSource", + "type": "Active Directory - Direct" + }, + "disabled": false, + "locked": false, + "privileged": false, + "manuallyCorrelated": false, + "passwordLastSet": "2018-08-22T19:54:54.302Z", + "entitlementAttributes": { + "memberOf": [ + "CN=Group Policy Creator Owners,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Domain Guests,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Domain Admins,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Enterprise Admins,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Schema Admins,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Guests,CN=Builtin,DC=TestAutomationAD,DC=local", + "CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local" + ] + }, + "created": "2018-08-22T19:54:54.302Z" + }, + { + "id": "2c918083606d670c01606f35a30a0349", + "name": "ad.admin", + "accountId": "ad.admin", + "source": { + "id": "ff8081815c46b85b015c46b90c7c02a6", + "name": "IdentityNow", + "type": "IdentityNowConnector" + }, + "disabled": false, + "locked": false, + "privileged": false, + "manuallyCorrelated": false, + "passwordLastSet": null, + "entitlementAttributes": null, + "created": "2018-08-22T19:54:54.302Z" + } + ], + "accountCount": 2, + "apps": [ + { + "id": "22751", + "name": "ADP Workforce Now", + "source": { + "id": "2c9180855c45b230015c46e2f6a8026a", + "name": "Corporate Active Directory" + }, + "account": { + "id": "2c9180865c45efa4015c470be0de1606", + "accountId": "CN=Bob Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + } + } + ], + "appCount": 1, + "access": [ + { + "id": "2c918083634bc6cb01639808d40270ba", + "name": "test [AccessProfile-1527264105448]", + "displayName": "test", + "type": "ACCESS_PROFILE", + "description": "test", + "source": { + "id": "2c9180855c45b230015c46c19b9c0202", + "name": "EndToEnd-ADSource" + }, + "owner": { + "id": "2c9180865c45e7e3015c46c434a80622", + "name": "ad.admin", + "displayName": "AD Admin" + } + }, + { + "id": "2c9180865c45e7e3015c46c457c50755", + "name": "Administrators", + "displayName": "Administrators", + "type": "ENTITLEMENT", + "description": null, + "source": { + "id": "2c9180855c45b230015c46c19b9c0202", + "name": "EndToEnd-ADSource" + }, + "privileged": false, + "attribute": "memberOf", + "value": "CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local", + "standalone": false + }, + { + "id": "2c9180865decdaa5015e06598b293108", + "name": "test [cloudRole-1503345085223]", + "displayName": "test", + "type": "ROLE", + "description": "test", + "owner": { + "id": "2c9180865c45e7e3015c46c5030707a0", + "name": "will.albin", + "displayName": "Albin Will" + }, + "disabled": false + } + ], + "accessCount": 3, + "accessProfileCount": 1, + "entitlementCount": 1, + "roleCount": 1, + "tags": [ + "TAG_1", + "TAG_2" + ] + } + ] + }, + "roles": { + "summary": "A collection of Roles", + "value": [ + { + "id": "2c91808c6faadea6016fb4f2bc69077b", + "name": "IT Role", + "_type": "role", + "description": "IT role", + "created": "2020-01-17T19:20:15.040Z", + "modified": null, + "synced": "2020-02-18T05:30:20.145Z", + "enabled": true, + "requestable": false, + "requestCommentsRequired": false, + "owner": { + "id": "2c9180a46faadee4016fb4e018c20639", + "name": "Cloud Support", + "type": "IDENTITY", + "email": "thomas.edison@acme-solar.com" + }, + "accessProfiles": [ + { + "id": "2c91809c6faade77016fb4f0b63407ae", + "name": "Admin Access" + } + ], + "accessProfileCount": 1, + "tags": [ + "TAG_1", + "TAG_2" + ] + } + ] + } + } + } + }, + "headers": { + "X-Total-Count": { + "schema": { + "type": "integer" + }, + "description": "The total result count (returned only if the *count* parameter is specified as *true*).", + "example": 30 + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/search/count": { + "post": { + "tags": [ + "Search" + ], + "description": "Performs a search with a provided query and returns the count of results in the X-Total-Count header.", + "operationId": "searchCount", + "security": [ + { + "UserContextAuth": [ + "sp:search:read" + ] + } + ], + "summary": "Count Documents Satisfying a Query", + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "indices": { + "description": "The names of the Elasticsearch indices in which to search. If none are provided, then all indices will be searched.", + "externalDocs": { + "description": "Learn more about search indices here.", + "url": "https://documentation.sailpoint.com/saas/help/search/searchable-fields.html" + }, + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "queryType": { + "description": "The type of query to use. By default, the `SAILPOINT` query type is used, which requires the `query` object to be defined in the request body.\nTo use the `queryDsl` or `typeAheadQuery` objects in the request, you must set the type to `DSL` or `TYPEAHEAD` accordingly.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "DSL", + "SAILPOINT", + "TEXT", + "TYPEAHEAD" + ], + "default": "SAILPOINT", + "example": "SAILPOINT" + }, + "queryVersion": { + "allOf": [ + { + "description": "The current Elasticserver version.", + "type": "string", + "default": "5.2", + "example": "5.2" + }, + { + "type": "string", + "description": "The version of the query object.\nThis version number will map to the version of Elasticsearch for the query strings and objects being used." + } + ] + }, + "query": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch query object.", + "properties": { + "query": { + "description": "The query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.", + "type": "string", + "example": "name:a*" + }, + "fields": { + "description": "The fields the query will be applied to. Fields provide you with a simple way to add additional fields to search, without making the query too complicated. For example, you can use the fields to specify that you want your query of \"a*\" to be applied to \"name\", \"firstName\", and the \"source.name\". The response will include all results matching the \"a*\" query found in those three fields. \nA field's availability depends on the indices being searched. For example, if you are searching \"identities\", you can apply your search to the \"firstName\" field, but you couldn't use \"firstName\" with a search on \"access profiles\". Refer to the response schema for the respective lists of available fields. ", + "type": "string", + "example": [ + "firstName,lastName,email" + ] + }, + "timeZone": { + "description": "The time zone to be applied to any range query related to dates.", + "type": "string", + "example": "America/Chicago" + }, + "innerHit": { + "description": "The innerHit query object returns a flattened list of results for the specified nested type.", + "type": "object", + "required": [ + "query", + "type" + ], + "properties": { + "query": { + "description": "The search query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.", + "type": "string", + "example": "source.name:\\\"Active Directory\\\"" + }, + "type": { + "description": "The nested type to use in the inner hits query. The nested type [Nested Type](https://www.elastic.co/guide/en/elasticsearch/reference/current/nested.html) refers to a document \"nested\" within another document. For example, an identity can have nested documents for access, accounts, and apps.", + "type": "string", + "example": "access" + } + } + } + } + }, + "queryDsl": { + "description": "The search query using the Elasticsearch [Query DSL](https://www.elastic.co/guide/en/elasticsearch/reference/7.10/query-dsl.html) syntax.", + "type": "object", + "example": { + "match": { + "name": "john.doe" + } + } + }, + "textQuery": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch text query object.", + "required": [ + "terms", + "fields" + ], + "properties": { + "terms": { + "description": "Words or characters that specify a particular thing to be searched for.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The quick brown fox", + "3141592", + "7" + ] + }, + "fields": { + "description": "The fields to be searched.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName", + "employeeNumber", + "roleCount" + ] + }, + "matchAny": { + "description": "Indicates that at least one of the terms must be found in the specified fields; otherwise, all terms must be found.", + "type": "boolean", + "default": false, + "example": false + }, + "contains": { + "description": "Indicates that the terms can be located anywhere in the specified fields; otherwise, the fields must begin with the terms.", + "type": "boolean", + "default": false, + "example": true + } + } + }, + "typeAheadQuery": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch type ahead query object. The typeAheadQuery performs a search for top values beginning with the typed values. For example, typing \"Jo\" results in top hits matching \"Jo.\" Typing \"Job\" results in top hits matching \"Job.\" ", + "required": [ + "query", + "field" + ], + "properties": { + "query": { + "description": "The type ahead query string used to construct a phrase prefix match query.", + "type": "string", + "example": "Work" + }, + "field": { + "description": "The field on which to perform the type ahead search.", + "type": "string", + "example": "source.name" + }, + "nestedType": { + "description": "The nested type.", + "type": "string", + "example": "access" + }, + "maxExpansions": { + "description": "The number of suffixes the last term will be expanded into.\nInfluences the performance of the query and the number results returned.\nValid values: 1 to 1000.", + "type": "integer", + "format": "int32", + "minimum": 1, + "maximum": 1000, + "default": 10, + "example": 10 + }, + "size": { + "description": "The max amount of records the search will return.", + "type": "integer", + "format": "int32", + "minimum": 1, + "default": 100, + "example": 100 + }, + "sort": { + "description": "The sort order of the returned records.", + "type": "string", + "default": "desc", + "example": "asc" + }, + "sortByValue": { + "description": "The flag that defines the sort type, by count or value.", + "type": "boolean", + "default": false, + "example": true + } + } + }, + "includeNested": { + "description": "Indicates whether nested objects from returned search results should be included.", + "type": "boolean", + "default": true, + "example": true + }, + "queryResultFilter": { + "type": "object", + "description": "Allows the query results to be filtered by specifying a list of fields to include and/or exclude from the result documents.", + "properties": { + "includes": { + "description": "The list of field names to include in the result documents.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "name", + "displayName" + ] + }, + "excludes": { + "description": "The list of field names to exclude from the result documents.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "stacktrace" + ] + } + } + }, + "aggregationType": { + "description": "Enum representing the currently available query languages for aggregations, which are used to perform calculations or groupings on search results.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DSL", + "SAILPOINT" + ], + "default": "DSL", + "example": "DSL" + }, + "aggregationsVersion": { + "allOf": [ + { + "description": "The current Elasticserver version.", + "type": "string", + "default": "5.2", + "example": "5.2" + }, + { + "type": "string", + "description": "The version of the language being used for aggregation queries.\nThis version number will map to the version of Elasticsearch for the aggregation query object." + } + ] + }, + "aggregationsDsl": { + "description": "The aggregation search query using Elasticsearch [Aggregations](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/search-aggregations.html) syntax.", + "type": "object", + "example": {} + }, + "aggregations": { + "description": "The aggregation’s specifications, such as the groupings and calculations to be performed.\n", + "allOf": [ + { + "type": "object", + "properties": { + "nested": { + "type": "object", + "description": "The nested aggregation object.", + "required": [ + "name", + "type" + ], + "properties": { + "name": { + "description": "The name of the nested aggregate to be included in the result.", + "type": "string", + "example": "id" + }, + "type": { + "description": "The type of the nested object.", + "type": "string", + "example": "access" + } + } + }, + "metric": { + "type": "object", + "description": "The calculation done on the results of the query", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the metric aggregate to be included in the result.\nIf the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results.", + "type": "string", + "example": "Access Name Count" + }, + "type": { + "description": "Enum representing the currently supported metric aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "COUNT", + "UNIQUE_COUNT", + "AVG", + "SUM", + "MEDIAN", + "MIN", + "MAX" + ], + "default": "UNIQUE_COUNT", + "example": "COUNT" + }, + "field": { + "description": "The field the calculation is performed on.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "@access.name" + } + } + }, + "filter": { + "type": "object", + "description": "An additional filter to constrain the results of the search query.", + "required": [ + "name", + "field", + "value" + ], + "properties": { + "name": { + "description": "The name of the filter aggregate to be included in the result.", + "type": "string", + "example": "Entitlements" + }, + "type": { + "description": "Enum representing the currently supported filter aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERM" + ], + "default": "TERM", + "example": "TERM" + }, + "field": { + "description": "The search field to apply the filter to.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "access.type" + }, + "value": { + "description": "The value to filter on.", + "type": "string", + "example": "ENTITLEMENT" + } + } + }, + "bucket": { + "type": "object", + "description": "The bucket to group the results of the aggregation query by.", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the bucket aggregate to be included in the result.", + "type": "string", + "example": "Identity Locations" + }, + "type": { + "description": "Enum representing the currently supported bucket aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERMS" + ], + "default": "TERMS", + "example": "TERMS" + }, + "field": { + "description": "The field to bucket on.\nPrefix the field name with '@' to reference a nested object.", + "type": "string", + "example": "attributes.city" + }, + "size": { + "description": "Maximum number of buckets to include.", + "type": "integer", + "format": "int32", + "example": 100 + }, + "minDocCount": { + "description": "Minimum number of documents a bucket should have.", + "type": "integer", + "format": "int32", + "example": 2 + } + } + } + } + }, + { + "type": "object", + "properties": { + "subAggregation": { + "description": "Aggregation to be performed on the result of the parent bucket aggregation.", + "allOf": [ + { + "type": "object", + "properties": { + "nested": { + "type": "object", + "description": "The nested aggregation object.", + "required": [ + "name", + "type" + ], + "properties": { + "name": { + "description": "The name of the nested aggregate to be included in the result.", + "type": "string", + "example": "id" + }, + "type": { + "description": "The type of the nested object.", + "type": "string", + "example": "access" + } + } + }, + "metric": { + "type": "object", + "description": "The calculation done on the results of the query", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the metric aggregate to be included in the result.\nIf the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results.", + "type": "string", + "example": "Access Name Count" + }, + "type": { + "description": "Enum representing the currently supported metric aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "COUNT", + "UNIQUE_COUNT", + "AVG", + "SUM", + "MEDIAN", + "MIN", + "MAX" + ], + "default": "UNIQUE_COUNT", + "example": "COUNT" + }, + "field": { + "description": "The field the calculation is performed on.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "@access.name" + } + } + }, + "filter": { + "type": "object", + "description": "An additional filter to constrain the results of the search query.", + "required": [ + "name", + "field", + "value" + ], + "properties": { + "name": { + "description": "The name of the filter aggregate to be included in the result.", + "type": "string", + "example": "Entitlements" + }, + "type": { + "description": "Enum representing the currently supported filter aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERM" + ], + "default": "TERM", + "example": "TERM" + }, + "field": { + "description": "The search field to apply the filter to.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "access.type" + }, + "value": { + "description": "The value to filter on.", + "type": "string", + "example": "ENTITLEMENT" + } + } + }, + "bucket": { + "type": "object", + "description": "The bucket to group the results of the aggregation query by.", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the bucket aggregate to be included in the result.", + "type": "string", + "example": "Identity Locations" + }, + "type": { + "description": "Enum representing the currently supported bucket aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERMS" + ], + "default": "TERMS", + "example": "TERMS" + }, + "field": { + "description": "The field to bucket on.\nPrefix the field name with '@' to reference a nested object.", + "type": "string", + "example": "attributes.city" + }, + "size": { + "description": "Maximum number of buckets to include.", + "type": "integer", + "format": "int32", + "example": 100 + }, + "minDocCount": { + "description": "Minimum number of documents a bucket should have.", + "type": "integer", + "format": "int32", + "example": 2 + } + } + } + } + }, + { + "type": "object", + "properties": { + "subAggregation": { + "description": "Aggregation to be performed on the result of the parent bucket aggregation.", + "type": "object", + "properties": { + "nested": { + "type": "object", + "description": "The nested aggregation object.", + "required": [ + "name", + "type" + ], + "properties": { + "name": { + "description": "The name of the nested aggregate to be included in the result.", + "type": "string", + "example": "id" + }, + "type": { + "description": "The type of the nested object.", + "type": "string", + "example": "access" + } + } + }, + "metric": { + "type": "object", + "description": "The calculation done on the results of the query", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the metric aggregate to be included in the result.\nIf the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results.", + "type": "string", + "example": "Access Name Count" + }, + "type": { + "description": "Enum representing the currently supported metric aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "COUNT", + "UNIQUE_COUNT", + "AVG", + "SUM", + "MEDIAN", + "MIN", + "MAX" + ], + "default": "UNIQUE_COUNT", + "example": "COUNT" + }, + "field": { + "description": "The field the calculation is performed on.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "@access.name" + } + } + }, + "filter": { + "type": "object", + "description": "An additional filter to constrain the results of the search query.", + "required": [ + "name", + "field", + "value" + ], + "properties": { + "name": { + "description": "The name of the filter aggregate to be included in the result.", + "type": "string", + "example": "Entitlements" + }, + "type": { + "description": "Enum representing the currently supported filter aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERM" + ], + "default": "TERM", + "example": "TERM" + }, + "field": { + "description": "The search field to apply the filter to.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "access.type" + }, + "value": { + "description": "The value to filter on.", + "type": "string", + "example": "ENTITLEMENT" + } + } + }, + "bucket": { + "type": "object", + "description": "The bucket to group the results of the aggregation query by.", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the bucket aggregate to be included in the result.", + "type": "string", + "example": "Identity Locations" + }, + "type": { + "description": "Enum representing the currently supported bucket aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERMS" + ], + "default": "TERMS", + "example": "TERMS" + }, + "field": { + "description": "The field to bucket on.\nPrefix the field name with '@' to reference a nested object.", + "type": "string", + "example": "attributes.city" + }, + "size": { + "description": "Maximum number of buckets to include.", + "type": "integer", + "format": "int32", + "example": 100 + }, + "minDocCount": { + "description": "Minimum number of documents a bucket should have.", + "type": "integer", + "format": "int32", + "example": 2 + } + } + } + } + } + } + } + ] + } + } + } + ] + }, + "sort": { + "description": "The fields to be used to sort the search results. Use + or - to specify the sort direction.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName", + "+id" + ] + }, + "searchAfter": { + "description": "Used to begin the search window at the values specified.\nThis parameter consists of the last values of the sorted fields in the current record set.\nThis is used to expand the Elasticsearch limit of 10K records by shifting the 10K window to begin at this value.\nIt is recommended that you always include the ID of the object in addition to any other fields on this parameter in order to ensure you don't get duplicate results while paging.\nFor example, when searching for identities, if you are sorting by displayName you will also want to include ID, for example [\"displayName\", \"id\"]. \nIf the last identity ID in the search result is 2c91808375d8e80a0175e1f88a575221 and the last displayName is \"John Doe\", then using that displayName and ID will start a new search after this identity.\nThe searchAfter value will look like [\"John Doe\",\"2c91808375d8e80a0175e1f88a575221\"]", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "John Doe", + "2c91808375d8e80a0175e1f88a575221" + ] + }, + "filters": { + "description": "The filters to be applied for each filtered field name.", + "type": "object", + "additionalProperties": { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "example": {} + } + } + }, + "examples": { + "query-timeZone": { + "summary": "Query with TimeZone", + "value": { + "indices": [ + "identities" + ], + "query": { + "query": "created: [2022-05-19T19:26:03.351Z TO now]", + "timeZone": "America/Los_Angeles" + } + } + } + } + } + }, + "required": true + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response.", + "headers": { + "X-Total-Count": { + "description": "The total result count.", + "schema": { + "type": "integer" + }, + "example": 5 + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/search/aggregate": { + "post": { + "tags": [ + "Search" + ], + "description": "Performs a search query aggregation and returns the aggregation result. By default, you can page a maximum of 10,000 search result records. To page past 10,000 records, you can use searchAfter paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement searchAfter paging. ", + "operationId": "searchAggregate", + "security": [ + { + "UserContextAuth": [ + "sp:search:read" + ] + } + ], + "summary": "Perform a Search Query Aggregation", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "indices": { + "description": "The names of the Elasticsearch indices in which to search. If none are provided, then all indices will be searched.", + "externalDocs": { + "description": "Learn more about search indices here.", + "url": "https://documentation.sailpoint.com/saas/help/search/searchable-fields.html" + }, + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "queryType": { + "description": "The type of query to use. By default, the `SAILPOINT` query type is used, which requires the `query` object to be defined in the request body.\nTo use the `queryDsl` or `typeAheadQuery` objects in the request, you must set the type to `DSL` or `TYPEAHEAD` accordingly.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "DSL", + "SAILPOINT", + "TEXT", + "TYPEAHEAD" + ], + "default": "SAILPOINT", + "example": "SAILPOINT" + }, + "queryVersion": { + "allOf": [ + { + "description": "The current Elasticserver version.", + "type": "string", + "default": "5.2", + "example": "5.2" + }, + { + "type": "string", + "description": "The version of the query object.\nThis version number will map to the version of Elasticsearch for the query strings and objects being used." + } + ] + }, + "query": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch query object.", + "properties": { + "query": { + "description": "The query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.", + "type": "string", + "example": "name:a*" + }, + "fields": { + "description": "The fields the query will be applied to. Fields provide you with a simple way to add additional fields to search, without making the query too complicated. For example, you can use the fields to specify that you want your query of \"a*\" to be applied to \"name\", \"firstName\", and the \"source.name\". The response will include all results matching the \"a*\" query found in those three fields. \nA field's availability depends on the indices being searched. For example, if you are searching \"identities\", you can apply your search to the \"firstName\" field, but you couldn't use \"firstName\" with a search on \"access profiles\". Refer to the response schema for the respective lists of available fields. ", + "type": "string", + "example": [ + "firstName,lastName,email" + ] + }, + "timeZone": { + "description": "The time zone to be applied to any range query related to dates.", + "type": "string", + "example": "America/Chicago" + }, + "innerHit": { + "description": "The innerHit query object returns a flattened list of results for the specified nested type.", + "type": "object", + "required": [ + "query", + "type" + ], + "properties": { + "query": { + "description": "The search query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.", + "type": "string", + "example": "source.name:\\\"Active Directory\\\"" + }, + "type": { + "description": "The nested type to use in the inner hits query. The nested type [Nested Type](https://www.elastic.co/guide/en/elasticsearch/reference/current/nested.html) refers to a document \"nested\" within another document. For example, an identity can have nested documents for access, accounts, and apps.", + "type": "string", + "example": "access" + } + } + } + } + }, + "queryDsl": { + "description": "The search query using the Elasticsearch [Query DSL](https://www.elastic.co/guide/en/elasticsearch/reference/7.10/query-dsl.html) syntax.", + "type": "object", + "example": { + "match": { + "name": "john.doe" + } + } + }, + "textQuery": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch text query object.", + "required": [ + "terms", + "fields" + ], + "properties": { + "terms": { + "description": "Words or characters that specify a particular thing to be searched for.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The quick brown fox", + "3141592", + "7" + ] + }, + "fields": { + "description": "The fields to be searched.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName", + "employeeNumber", + "roleCount" + ] + }, + "matchAny": { + "description": "Indicates that at least one of the terms must be found in the specified fields; otherwise, all terms must be found.", + "type": "boolean", + "default": false, + "example": false + }, + "contains": { + "description": "Indicates that the terms can be located anywhere in the specified fields; otherwise, the fields must begin with the terms.", + "type": "boolean", + "default": false, + "example": true + } + } + }, + "typeAheadQuery": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch type ahead query object. The typeAheadQuery performs a search for top values beginning with the typed values. For example, typing \"Jo\" results in top hits matching \"Jo.\" Typing \"Job\" results in top hits matching \"Job.\" ", + "required": [ + "query", + "field" + ], + "properties": { + "query": { + "description": "The type ahead query string used to construct a phrase prefix match query.", + "type": "string", + "example": "Work" + }, + "field": { + "description": "The field on which to perform the type ahead search.", + "type": "string", + "example": "source.name" + }, + "nestedType": { + "description": "The nested type.", + "type": "string", + "example": "access" + }, + "maxExpansions": { + "description": "The number of suffixes the last term will be expanded into.\nInfluences the performance of the query and the number results returned.\nValid values: 1 to 1000.", + "type": "integer", + "format": "int32", + "minimum": 1, + "maximum": 1000, + "default": 10, + "example": 10 + }, + "size": { + "description": "The max amount of records the search will return.", + "type": "integer", + "format": "int32", + "minimum": 1, + "default": 100, + "example": 100 + }, + "sort": { + "description": "The sort order of the returned records.", + "type": "string", + "default": "desc", + "example": "asc" + }, + "sortByValue": { + "description": "The flag that defines the sort type, by count or value.", + "type": "boolean", + "default": false, + "example": true + } + } + }, + "includeNested": { + "description": "Indicates whether nested objects from returned search results should be included.", + "type": "boolean", + "default": true, + "example": true + }, + "queryResultFilter": { + "type": "object", + "description": "Allows the query results to be filtered by specifying a list of fields to include and/or exclude from the result documents.", + "properties": { + "includes": { + "description": "The list of field names to include in the result documents.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "name", + "displayName" + ] + }, + "excludes": { + "description": "The list of field names to exclude from the result documents.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "stacktrace" + ] + } + } + }, + "aggregationType": { + "description": "Enum representing the currently available query languages for aggregations, which are used to perform calculations or groupings on search results.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DSL", + "SAILPOINT" + ], + "default": "DSL", + "example": "DSL" + }, + "aggregationsVersion": { + "allOf": [ + { + "description": "The current Elasticserver version.", + "type": "string", + "default": "5.2", + "example": "5.2" + }, + { + "type": "string", + "description": "The version of the language being used for aggregation queries.\nThis version number will map to the version of Elasticsearch for the aggregation query object." + } + ] + }, + "aggregationsDsl": { + "description": "The aggregation search query using Elasticsearch [Aggregations](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/search-aggregations.html) syntax.", + "type": "object", + "example": {} + }, + "aggregations": { + "description": "The aggregation’s specifications, such as the groupings and calculations to be performed.\n", + "allOf": [ + { + "type": "object", + "properties": { + "nested": { + "type": "object", + "description": "The nested aggregation object.", + "required": [ + "name", + "type" + ], + "properties": { + "name": { + "description": "The name of the nested aggregate to be included in the result.", + "type": "string", + "example": "id" + }, + "type": { + "description": "The type of the nested object.", + "type": "string", + "example": "access" + } + } + }, + "metric": { + "type": "object", + "description": "The calculation done on the results of the query", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the metric aggregate to be included in the result.\nIf the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results.", + "type": "string", + "example": "Access Name Count" + }, + "type": { + "description": "Enum representing the currently supported metric aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "COUNT", + "UNIQUE_COUNT", + "AVG", + "SUM", + "MEDIAN", + "MIN", + "MAX" + ], + "default": "UNIQUE_COUNT", + "example": "COUNT" + }, + "field": { + "description": "The field the calculation is performed on.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "@access.name" + } + } + }, + "filter": { + "type": "object", + "description": "An additional filter to constrain the results of the search query.", + "required": [ + "name", + "field", + "value" + ], + "properties": { + "name": { + "description": "The name of the filter aggregate to be included in the result.", + "type": "string", + "example": "Entitlements" + }, + "type": { + "description": "Enum representing the currently supported filter aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERM" + ], + "default": "TERM", + "example": "TERM" + }, + "field": { + "description": "The search field to apply the filter to.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "access.type" + }, + "value": { + "description": "The value to filter on.", + "type": "string", + "example": "ENTITLEMENT" + } + } + }, + "bucket": { + "type": "object", + "description": "The bucket to group the results of the aggregation query by.", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the bucket aggregate to be included in the result.", + "type": "string", + "example": "Identity Locations" + }, + "type": { + "description": "Enum representing the currently supported bucket aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERMS" + ], + "default": "TERMS", + "example": "TERMS" + }, + "field": { + "description": "The field to bucket on.\nPrefix the field name with '@' to reference a nested object.", + "type": "string", + "example": "attributes.city" + }, + "size": { + "description": "Maximum number of buckets to include.", + "type": "integer", + "format": "int32", + "example": 100 + }, + "minDocCount": { + "description": "Minimum number of documents a bucket should have.", + "type": "integer", + "format": "int32", + "example": 2 + } + } + } + } + }, + { + "type": "object", + "properties": { + "subAggregation": { + "description": "Aggregation to be performed on the result of the parent bucket aggregation.", + "allOf": [ + { + "type": "object", + "properties": { + "nested": { + "type": "object", + "description": "The nested aggregation object.", + "required": [ + "name", + "type" + ], + "properties": { + "name": { + "description": "The name of the nested aggregate to be included in the result.", + "type": "string", + "example": "id" + }, + "type": { + "description": "The type of the nested object.", + "type": "string", + "example": "access" + } + } + }, + "metric": { + "type": "object", + "description": "The calculation done on the results of the query", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the metric aggregate to be included in the result.\nIf the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results.", + "type": "string", + "example": "Access Name Count" + }, + "type": { + "description": "Enum representing the currently supported metric aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "COUNT", + "UNIQUE_COUNT", + "AVG", + "SUM", + "MEDIAN", + "MIN", + "MAX" + ], + "default": "UNIQUE_COUNT", + "example": "COUNT" + }, + "field": { + "description": "The field the calculation is performed on.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "@access.name" + } + } + }, + "filter": { + "type": "object", + "description": "An additional filter to constrain the results of the search query.", + "required": [ + "name", + "field", + "value" + ], + "properties": { + "name": { + "description": "The name of the filter aggregate to be included in the result.", + "type": "string", + "example": "Entitlements" + }, + "type": { + "description": "Enum representing the currently supported filter aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERM" + ], + "default": "TERM", + "example": "TERM" + }, + "field": { + "description": "The search field to apply the filter to.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "access.type" + }, + "value": { + "description": "The value to filter on.", + "type": "string", + "example": "ENTITLEMENT" + } + } + }, + "bucket": { + "type": "object", + "description": "The bucket to group the results of the aggregation query by.", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the bucket aggregate to be included in the result.", + "type": "string", + "example": "Identity Locations" + }, + "type": { + "description": "Enum representing the currently supported bucket aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERMS" + ], + "default": "TERMS", + "example": "TERMS" + }, + "field": { + "description": "The field to bucket on.\nPrefix the field name with '@' to reference a nested object.", + "type": "string", + "example": "attributes.city" + }, + "size": { + "description": "Maximum number of buckets to include.", + "type": "integer", + "format": "int32", + "example": 100 + }, + "minDocCount": { + "description": "Minimum number of documents a bucket should have.", + "type": "integer", + "format": "int32", + "example": 2 + } + } + } + } + }, + { + "type": "object", + "properties": { + "subAggregation": { + "description": "Aggregation to be performed on the result of the parent bucket aggregation.", + "type": "object", + "properties": { + "nested": { + "type": "object", + "description": "The nested aggregation object.", + "required": [ + "name", + "type" + ], + "properties": { + "name": { + "description": "The name of the nested aggregate to be included in the result.", + "type": "string", + "example": "id" + }, + "type": { + "description": "The type of the nested object.", + "type": "string", + "example": "access" + } + } + }, + "metric": { + "type": "object", + "description": "The calculation done on the results of the query", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the metric aggregate to be included in the result.\nIf the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results.", + "type": "string", + "example": "Access Name Count" + }, + "type": { + "description": "Enum representing the currently supported metric aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "COUNT", + "UNIQUE_COUNT", + "AVG", + "SUM", + "MEDIAN", + "MIN", + "MAX" + ], + "default": "UNIQUE_COUNT", + "example": "COUNT" + }, + "field": { + "description": "The field the calculation is performed on.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "@access.name" + } + } + }, + "filter": { + "type": "object", + "description": "An additional filter to constrain the results of the search query.", + "required": [ + "name", + "field", + "value" + ], + "properties": { + "name": { + "description": "The name of the filter aggregate to be included in the result.", + "type": "string", + "example": "Entitlements" + }, + "type": { + "description": "Enum representing the currently supported filter aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERM" + ], + "default": "TERM", + "example": "TERM" + }, + "field": { + "description": "The search field to apply the filter to.\n\nPrefix the field name with '@' to reference a nested object.\n", + "type": "string", + "example": "access.type" + }, + "value": { + "description": "The value to filter on.", + "type": "string", + "example": "ENTITLEMENT" + } + } + }, + "bucket": { + "type": "object", + "description": "The bucket to group the results of the aggregation query by.", + "required": [ + "name", + "field" + ], + "properties": { + "name": { + "description": "The name of the bucket aggregate to be included in the result.", + "type": "string", + "example": "Identity Locations" + }, + "type": { + "description": "Enum representing the currently supported bucket aggregation types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "TERMS" + ], + "default": "TERMS", + "example": "TERMS" + }, + "field": { + "description": "The field to bucket on.\nPrefix the field name with '@' to reference a nested object.", + "type": "string", + "example": "attributes.city" + }, + "size": { + "description": "Maximum number of buckets to include.", + "type": "integer", + "format": "int32", + "example": 100 + }, + "minDocCount": { + "description": "Minimum number of documents a bucket should have.", + "type": "integer", + "format": "int32", + "example": 2 + } + } + } + } + } + } + } + ] + } + } + } + ] + }, + "sort": { + "description": "The fields to be used to sort the search results. Use + or - to specify the sort direction.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName", + "+id" + ] + }, + "searchAfter": { + "description": "Used to begin the search window at the values specified.\nThis parameter consists of the last values of the sorted fields in the current record set.\nThis is used to expand the Elasticsearch limit of 10K records by shifting the 10K window to begin at this value.\nIt is recommended that you always include the ID of the object in addition to any other fields on this parameter in order to ensure you don't get duplicate results while paging.\nFor example, when searching for identities, if you are sorting by displayName you will also want to include ID, for example [\"displayName\", \"id\"]. \nIf the last identity ID in the search result is 2c91808375d8e80a0175e1f88a575221 and the last displayName is \"John Doe\", then using that displayName and ID will start a new search after this identity.\nThe searchAfter value will look like [\"John Doe\",\"2c91808375d8e80a0175e1f88a575221\"]", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "John Doe", + "2c91808375d8e80a0175e1f88a575221" + ] + }, + "filters": { + "description": "The filters to be applied for each filtered field name.", + "type": "object", + "additionalProperties": { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "example": {} + } + } + }, + "examples": { + "metricAggregation": { + "summary": "MetricAggregation", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "SAILPOINT", + "aggregations": { + "metric": { + "name": "How Many Locations", + "type": "UNIQUE_COUNT", + "field": "attributes.city" + } + } + } + }, + "metricAggregation-dsl": { + "summary": "MetricAggregation using DSL", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "DSL", + "aggregationsDsl": { + "How Many Locations": { + "cardinality": { + "field": "attributes.city.exact" + } + } + } + } + }, + "bucketAggregation": { + "summary": "BucketAggregation", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "SAILPOINT", + "aggregations": { + "bucket": { + "name": "Identity Locations", + "type": "TERMS", + "field": "attributes.city" + } + } + } + }, + "bucketAggregation-dsl": { + "summary": "BucketAggregation using DSL", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "DSL", + "aggregationsDsl": { + "Identity Locations": { + "terms": { + "field": "attributes.city.exact" + } + } + } + } + }, + "nestedAggregation-bucketAggregation": { + "summary": "NestedAggregation with BucketAggregation", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "SAILPOINT", + "aggregations": { + "nested": { + "name": "Access", + "field": "access", + "type": "TERMS" + }, + "bucket": { + "name": "Access Source Name", + "type": "TERMS", + "field": "access.source.name" + } + } + } + }, + "nestedAggregation-bucketAggregation-dsl": { + "summary": "NestedAggregation with BucketAggregation using DSL", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "DSL", + "aggregationsDsl": { + "access": { + "nested": { + "path": "access" + }, + "aggs": { + "Access Source Name": { + "terms": { + "field": "access.source.name.exact" + } + } + } + } + } + } + }, + "nestedAggregation-filterAggregation-bucketAggregation": { + "summary": "NestedAggregation with FilterAggregation and BucketAggregation", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "SAILPOINT", + "aggregations": { + "nested": { + "name": "Access", + "field": "access", + "type": "TERMS" + }, + "filter": { + "name": "Entitlements", + "field": "access.type", + "value": "ENTITLEMENT" + }, + "bucket": { + "name": "Access Name", + "type": "TERMS", + "field": "access.name" + } + } + } + }, + "nestedAggregation-filterAggregation-bucketAggregation-dsl": { + "summary": "NestedAggregation with FilterAggregation and BucketAggregation using DSL", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "DSL", + "aggregationsDsl": { + "access": { + "nested": { + "path": "access" + }, + "aggs": { + "Entitlements": { + "filter": { + "term": { + "access.type": "ENTITLEMENT" + } + }, + "aggs": { + "Access Name": { + "terms": { + "field": "access.name.exact" + } + } + } + } + } + } + } + } + }, + "bucketAggregation-subAggregation": { + "summary": "BucketAggregation with SubAggregation", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "SAILPOINT", + "aggregations": { + "bucket": { + "name": "Identity Department", + "type": "TERMS", + "field": "attributes.department" + }, + "subAggregation": { + "bucket": { + "name": "Identity Locations", + "type": "TERMS", + "field": "attributes.city" + } + } + } + } + }, + "bucketAggregation-subAggregation-dsl": { + "summary": "BucketAggregation with SubAggregation using DSL", + "value": { + "indices": [ + "identities" + ], + "aggregationType": "DSL", + "aggregationsDsl": { + "Identity Department": { + "terms": { + "field": "attributes.department.exact" + }, + "aggs": { + "Identity Locations": { + "terms": { + "field": "attributes.city.exact" + } + } + } + } + } + } + } + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Aggregation results.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "aggregations": { + "type": "object", + "description": "The document containing the results of the aggregation. This document is controlled by Elasticsearch and depends on the type of aggregation query that is run.\n\nSee Elasticsearch [Aggregations](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/search-aggregations.html) documentation for information.\n", + "example": { + "Identity Locations": { + "buckets": [ + { + "key": "Austin", + "doc_count": 109 + }, + { + "key": "London", + "doc_count": 64 + }, + { + "key": "San Jose", + "doc_count": 27 + }, + { + "key": "Brussels", + "doc_count": 26 + }, + { + "key": "Sao Paulo", + "doc_count": 24 + }, + { + "key": "Munich", + "doc_count": 23 + }, + { + "key": "Singapore", + "doc_count": 22 + }, + { + "key": "Tokyo", + "doc_count": 20 + }, + { + "key": "Taipei", + "doc_count": 16 + } + ] + } + } + }, + "hits": { + "description": "The results of the aggregation search query.\n", + "type": "array", + "items": { + "discriminator": { + "propertyName": "_type", + "mapping": { + "accessprofile": "../model/access/profile/AccessProfileDocument.yaml", + "accountactivity": "../model/account/activity/AccountActivityDocument.yaml", + "entitlement": "../model/entitlement/EntitlementDocument.yaml", + "event": "../model/event/EventDocument.yaml", + "identity": "../model/identity/IdentityDocument.yaml", + "role": "../model/role/RoleDocument.yaml" + } + }, + "oneOf": [ + { + "description": "More complete representation of an access profile. ", + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "description": "Access profile's ID.", + "example": "2c9180825a6c1adc015a71c9023f0818" + }, + "name": { + "type": "string", + "description": "Access profile's name.", + "example": "Cloud Eng" + }, + "_type": { + "description": "Access profile's document type. \nThis enum represents the currently supported document types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "accessprofile" + }, + "source": { + "type": "object", + "description": "Access profile's source.", + "properties": { + "id": { + "type": "string", + "description": "Source's ID.", + "example": "ff8081815757d4fb0157588f3d9d008f" + }, + "name": { + "type": "string", + "description": "Source's name.", + "example": "Employees" + } + } + }, + "entitlements": { + "type": "array", + "description": "Entitlements the access profile has access to.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "AccountActivity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "action": { + "type": "string", + "description": "Type of action performed in the activity.", + "externalDocs": { + "description": "Learn more about account activity action types", + "url": "https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data" + }, + "example": "Identity Refresh." + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "stage": { + "type": "string", + "description": "Activity's current stage.", + "example": "Completed" + }, + "origin": { + "type": "string", + "description": "Activity's origin.", + "nullable": true, + "example": null + }, + "status": { + "type": "string", + "description": "Activity's current status.", + "example": "Complete" + }, + "requester": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "recipient": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "trackingNumber": { + "type": "string", + "description": "Account activity's tracking number.", + "example": "61aad0c9e8134eca89e76a35e0cabe3f" + }, + "errors": { + "type": "array", + "description": "Errors provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "warnings": { + "type": "array", + "description": "Warnings provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "approvals": { + "type": "array", + "description": "Approvals performed on an item during activity.", + "items": { + "type": "object", + "properties": { + "comments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "The comment text", + "example": "This request was autoapproved by our automated ETS subscriber." + }, + "commenter": { + "type": "string", + "description": "The name of the commenter", + "example": "Automated AR Approval" + }, + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + } + } + }, + "created": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "modified": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "string", + "description": "The result of the approval", + "example": "Finished" + }, + "type": { + "type": "string", + "nullable": true, + "example": null + } + } + } + }, + "originalRequests": { + "type": "array", + "description": "Original actions that triggered all individual source actions related to the account action.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + }, + "attributeRequests": { + "type": "array", + "description": "Attribute changes requested for account.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "description": "Operation used.", + "example": "add" + }, + "source": { + "description": "Account's source.", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "expansionItems": { + "type": "array", + "description": "Controls that translated the attribute requests into actual provisioning actions on the source.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The ID of the account", + "example": "2c91808981f58ea601821c3e93482e6f" + }, + "cause": { + "type": "string", + "example": "Role" + }, + "name": { + "type": "string", + "description": "The name of the item", + "example": "smartsheet-role" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "accountRequests": { + "type": "array", + "description": "Account data for each individual source action triggered by the original requests.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Unique ID of the account", + "example": "John.Doe" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "example": "Modify", + "description": "The operation that was performed" + }, + "provisioningTarget": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "object", + "properties": { + "errors": { + "type": "array", + "items": { + "type": "string", + "example": "[ConnectorError] [\n {\n \"code\": \"unrecognized_keys\",\n \"keys\": [\n \"groups\"\n ],\n \"path\": [],\n \"message\": \"Unrecognized key(s) in object: 'groups'\"\n }\n] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e)" + } + }, + "status": { + "type": "string", + "description": "The status of the account request", + "example": "failed" + }, + "ticketId": { + "type": "string", + "nullable": true, + "example": null + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "sources": { + "type": "string", + "description": "Sources involved in the account activity.", + "example": "smartsheet-test, airtable-v4, IdentityNow" + } + } + } + ] + }, + { + "description": "Entitlement", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "displayName": { + "type": "string", + "description": "Entitlement's display name.", + "example": "Admin" + }, + "source": { + "type": "object", + "description": "Entitlement's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of entitlement's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of entitlement's source.", + "example": "ODS-HR-Employees" + } + } + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the entitlement is requestable.", + "default": false, + "example": false + }, + "cloudGoverned": { + "type": "boolean", + "description": "Indicates whether the entitlement is cloud governed.", + "default": false, + "example": false + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "identityCount": { + "type": "integer", + "description": "Number of identities who have access to the entitlement.", + "format": "int32", + "example": 3 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "Event", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "action": { + "type": "string", + "description": "Name of the event as it's displayed in audit reports.", + "example": "update" + }, + "type": { + "type": "string", + "description": "Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.", + "example": "SYSTEM_CONFIG" + }, + "actor": { + "type": "string", + "description": "Name of the actor that generated the event.", + "example": "System" + }, + "target": { + "type": "string", + "description": "Name of the target, or recipient, of the event.", + "example": "Carol.Adams" + }, + "stack": { + "type": "string", + "description": "The event's stack.", + "example": "tpe" + }, + "trackingNumber": { + "type": "string", + "description": "ID of the group of events.", + "example": "63f891e0735f4cc8bf1968144a1e7440" + }, + "ipAddress": { + "type": "string", + "description": "Target system's IP address.", + "example": "52.52.97.85" + }, + "details": { + "type": "string", + "description": "ID of event's details.", + "example": "73b65dfbed1842548c207432a18c84b0" + }, + "attributes": { + "type": "object", + "description": "Attributes involved in the event.", + "additionalProperties": true, + "example": { + "pod": "stg03-useast1", + "org": "acme", + "sourceName": "SailPoint" + } + }, + "objects": { + "type": "array", + "description": "Objects the event is happening to.", + "items": { + "type": "string", + "example": "AUTHENTICATION" + } + }, + "operation": { + "type": "string", + "description": "Operation, or action, performed during the event.", + "example": "REQUEST" + }, + "status": { + "type": "string", + "description": "Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.", + "example": "PASSED" + }, + "technicalName": { + "type": "string", + "description": "Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'.", + "example": "AUTHENTICATION_REQUEST_PASSED" + } + } + } + ] + }, + { + "description": "Identity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "Carol.Adams", + "description": "Identity's display name." + }, + "firstName": { + "type": "string", + "description": "Identity's first name.", + "example": "Carol" + }, + "lastName": { + "type": "string", + "description": "Identity's last name.", + "example": "Adams" + }, + "email": { + "type": "string", + "description": "Identity's primary email address.", + "example": "Carol.Adams@sailpointdemo.com" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "phone": { + "type": "string", + "description": "Identity's phone number.", + "example": "+1 440-527-3672" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "inactive": { + "type": "boolean", + "description": "Indicates whether the identity is inactive.", + "default": false, + "example": false + }, + "protected": { + "type": "boolean", + "description": "Indicates whether the identity is protected.", + "default": false, + "example": false + }, + "status": { + "type": "string", + "description": "Identity's status in SailPoint.", + "example": "UNREGISTERED" + }, + "employeeNumber": { + "type": "string", + "description": "Identity's employee number.", + "example": "1a2a3d4e" + }, + "manager": { + "type": "object", + "description": "Identity's manager.", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of identity's manager.", + "example": "2c9180867dfe694b017e208e27c05799" + }, + "name": { + "type": "string", + "description": "Name of identity's manager.", + "example": "Amanda.Ross" + }, + "displayName": { + "type": "string", + "description": "Display name of identity's manager.", + "example": "Amanda.Ross" + } + } + }, + "isManager": { + "type": "boolean", + "description": "Indicates whether the identity is a manager of other identities.", + "example": false + }, + "identityProfile": { + "type": "object", + "description": "Identity's identity profile.", + "properties": { + "id": { + "type": "string", + "description": "Identity profile's ID.", + "example": "3bc8ad26b8664945866b31339d1ff7d2" + }, + "name": { + "type": "string", + "description": "Identity profile's name.", + "example": "HR Employees" + } + } + }, + "source": { + "type": "object", + "description": "Identity's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of identity's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of identity's source.", + "example": "ODS-HR-Employees" + } + } + }, + "attributes": { + "type": "object", + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "country": "US", + "firstname": "Carol", + "cloudStatus": "UNREGISTERED" + } + }, + "processingState": { + "type": "string", + "description": "Identity's processing state.", + "nullable": true, + "example": null + }, + "processingDetails": { + "description": "Identity's processing details.", + "nullable": true, + "type": "object", + "properties": { + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "stage": { + "type": "string", + "example": "In Process" + }, + "retryCount": { + "type": "integer", + "example": 0, + "format": "int32" + }, + "stackTrace": { + "type": "string", + "example": "" + }, + "message": { + "type": "string", + "example": "" + } + } + }, + "accounts": { + "type": "array", + "description": "List of accounts associated with the identity.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "John.Doe" + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "disabled": { + "type": "boolean", + "description": "Indicates whether the account is disabled.", + "default": false, + "example": false + }, + "locked": { + "type": "boolean", + "description": "Indicates whether the account is locked.", + "default": false, + "example": false + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the account is privileged.", + "default": false, + "example": false + }, + "manuallyCorrelated": { + "type": "boolean", + "description": "Indicates whether the account has been manually correlated to an identity.", + "default": false, + "example": false + }, + "passwordLastSet": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "entitlementAttributes": { + "type": "object", + "nullable": true, + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "moderator": true, + "admin": true, + "trust_level": "4" + } + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + } + } + } + ] + } + }, + "accountCount": { + "type": "integer", + "description": "Number of accounts associated with the identity.", + "format": "int32", + "example": 3 + }, + "apps": { + "type": "array", + "description": "List of applications the identity has access to.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "account": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The SailPoint generated unique ID", + "example": "2c9180837dfe6949017e21f3d8cd6d49" + }, + "accountId": { + "type": "string", + "description": "The account ID generated by the source", + "example": "CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + } + } + } + } + } + ] + } + }, + "appCount": { + "type": "integer", + "format": "int32", + "description": "Number of applications the identity has access to.", + "example": 2 + }, + "access": { + "type": "array", + "description": "List of access items assigned to the identity.", + "items": { + "discriminator": { + "propertyName": "type", + "mapping": { + "ACCESS_PROFILE": "../access/AccessProfileSummary.yaml", + "ENTITLEMENT": "../access/AccessProfileEntitlement.yaml", + "ROLE": "../access/AccessProfileRole.yaml" + } + }, + "oneOf": [ + { + "description": "This is a summary representation of an access profile.", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "revocable": { + "type": "boolean", + "example": true + } + } + } + ] + }, + { + "description": "EntitlementReference", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "privileged": { + "type": "boolean", + "example": false + }, + "attribute": { + "type": "string", + "example": "memberOf" + }, + "value": { + "type": "string", + "example": "CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + }, + "standalone": { + "type": "boolean", + "example": false + } + } + } + ] + }, + { + "description": "Role", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "disabled": { + "type": "boolean" + }, + "revocable": { + "type": "boolean" + } + } + } + ] + } + ] + } + }, + "accessCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items assigned to the identity.", + "example": 5 + }, + "entitlementCount": { + "type": "integer", + "format": "int32", + "description": "Number of entitlements assigned to the identity.", + "example": 10 + }, + "roleCount": { + "type": "integer", + "format": "int32", + "description": "Number of roles assigned to the identity.", + "example": 1 + }, + "accessProfileCount": { + "type": "integer", + "format": "int32", + "description": "Number of access profiles assigned to the identity.", + "example": 1 + }, + "owns": { + "type": "array", + "description": "Access items the identity owns.", + "items": { + "type": "object", + "properties": { + "sources": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "roles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "apps": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "governanceGroups": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "fallbackApprover": { + "type": "boolean", + "example": false + } + } + } + }, + "ownsCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items the identity owns.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "Role", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "properties": { + "accessProfiles": { + "type": "array", + "description": "Access profiles included with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91809c6faade77016fb4f0b63407ae", + "description": "Access profile's unique ID." + }, + "name": { + "type": "string", + "example": "Admin Access", + "description": "Access profile's display name." + } + } + } + }, + "accessProfileCount": { + "type": "integer", + "description": "Number of access profiles included with the role.", + "format": "int32", + "example": 1 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "entitlements": { + "type": "array", + "description": "Entitlements included with the role.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements included with the role.", + "format": "int32", + "example": 3 + } + } + } + ] + } + ] + } + } + } + } + }, + "text/csv": { + "schema": { + "description": "If the *Accept:text/csv* header is specified and the *aggregationType* parameter in the request body is *SAILPOINT*,\n\nthe aggregation result will be returned as a CSV document.\n", + "type": "string", + "example": [ + "Identity Locations,Count", + "Munich,23", + "Brussels,26", + "Singapore,22", + "Tokyo,20", + "Taipei,16", + "London,64", + "Austin,109", + "Sao Paulo,24", + "San Jose,27" + ] + } + } + }, + "headers": { + "X-Total-Count": { + "description": "The total result count (returned only if the *count* parameter is specified as *true*).", + "schema": { + "type": "integer" + }, + "example": 5 + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/search/{index}/{id}": { + "get": { + "tags": [ + "Search" + ], + "description": "Fetches a single document from the specified index, using the specified document ID.", + "operationId": "searchGet", + "security": [ + { + "UserContextAuth": [ + "sp:search:read" + ] + } + ], + "summary": "Get a Document by ID", + "parameters": [ + { + "in": "path", + "name": "index", + "description": "The index from which to fetch the specified document.\n\nThe currently supported index names are: *accessprofiles*, *accountactivities*, *entitlements*, *events*, *identities*, and *roles*.\n", + "schema": { + "type": "string" + }, + "required": true, + "example": "accounts" + }, + { + "in": "path", + "name": "id", + "description": "ID of the requested document.", + "schema": { + "type": "string" + }, + "required": true, + "example": "2c91808568c529c60168cca6f90c1313" + } + ], + "responses": { + "200": { + "description": "The requested document.", + "content": { + "application/json": { + "schema": { + "discriminator": { + "propertyName": "_type", + "mapping": { + "accessprofile": "../model/access/profile/AccessProfileDocument.yaml", + "accountactivity": "../model/account/activity/AccountActivityDocument.yaml", + "entitlement": "../model/entitlement/EntitlementDocument.yaml", + "event": "../model/event/EventDocument.yaml", + "identity": "../model/identity/IdentityDocument.yaml", + "role": "../model/role/RoleDocument.yaml" + } + }, + "oneOf": [ + { + "description": "More complete representation of an access profile. ", + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "description": "Access profile's ID.", + "example": "2c9180825a6c1adc015a71c9023f0818" + }, + "name": { + "type": "string", + "description": "Access profile's name.", + "example": "Cloud Eng" + }, + "_type": { + "description": "Access profile's document type. \nThis enum represents the currently supported document types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "accessprofile" + }, + "source": { + "type": "object", + "description": "Access profile's source.", + "properties": { + "id": { + "type": "string", + "description": "Source's ID.", + "example": "ff8081815757d4fb0157588f3d9d008f" + }, + "name": { + "type": "string", + "description": "Source's name.", + "example": "Employees" + } + } + }, + "entitlements": { + "type": "array", + "description": "Entitlements the access profile has access to.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "AccountActivity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "action": { + "type": "string", + "description": "Type of action performed in the activity.", + "externalDocs": { + "description": "Learn more about account activity action types", + "url": "https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data" + }, + "example": "Identity Refresh." + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "stage": { + "type": "string", + "description": "Activity's current stage.", + "example": "Completed" + }, + "origin": { + "type": "string", + "description": "Activity's origin.", + "nullable": true, + "example": null + }, + "status": { + "type": "string", + "description": "Activity's current status.", + "example": "Complete" + }, + "requester": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "recipient": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "trackingNumber": { + "type": "string", + "description": "Account activity's tracking number.", + "example": "61aad0c9e8134eca89e76a35e0cabe3f" + }, + "errors": { + "type": "array", + "description": "Errors provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "warnings": { + "type": "array", + "description": "Warnings provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "approvals": { + "type": "array", + "description": "Approvals performed on an item during activity.", + "items": { + "type": "object", + "properties": { + "comments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "The comment text", + "example": "This request was autoapproved by our automated ETS subscriber." + }, + "commenter": { + "type": "string", + "description": "The name of the commenter", + "example": "Automated AR Approval" + }, + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + } + } + }, + "created": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "modified": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "string", + "description": "The result of the approval", + "example": "Finished" + }, + "type": { + "type": "string", + "nullable": true, + "example": null + } + } + } + }, + "originalRequests": { + "type": "array", + "description": "Original actions that triggered all individual source actions related to the account action.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + }, + "attributeRequests": { + "type": "array", + "description": "Attribute changes requested for account.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "description": "Operation used.", + "example": "add" + }, + "source": { + "description": "Account's source.", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "expansionItems": { + "type": "array", + "description": "Controls that translated the attribute requests into actual provisioning actions on the source.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The ID of the account", + "example": "2c91808981f58ea601821c3e93482e6f" + }, + "cause": { + "type": "string", + "example": "Role" + }, + "name": { + "type": "string", + "description": "The name of the item", + "example": "smartsheet-role" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "accountRequests": { + "type": "array", + "description": "Account data for each individual source action triggered by the original requests.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Unique ID of the account", + "example": "John.Doe" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "example": "Modify", + "description": "The operation that was performed" + }, + "provisioningTarget": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "object", + "properties": { + "errors": { + "type": "array", + "items": { + "type": "string", + "example": "[ConnectorError] [\n {\n \"code\": \"unrecognized_keys\",\n \"keys\": [\n \"groups\"\n ],\n \"path\": [],\n \"message\": \"Unrecognized key(s) in object: 'groups'\"\n }\n] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e)" + } + }, + "status": { + "type": "string", + "description": "The status of the account request", + "example": "failed" + }, + "ticketId": { + "type": "string", + "nullable": true, + "example": null + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "sources": { + "type": "string", + "description": "Sources involved in the account activity.", + "example": "smartsheet-test, airtable-v4, IdentityNow" + } + } + } + ] + }, + { + "description": "Entitlement", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "displayName": { + "type": "string", + "description": "Entitlement's display name.", + "example": "Admin" + }, + "source": { + "type": "object", + "description": "Entitlement's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of entitlement's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of entitlement's source.", + "example": "ODS-HR-Employees" + } + } + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the entitlement is requestable.", + "default": false, + "example": false + }, + "cloudGoverned": { + "type": "boolean", + "description": "Indicates whether the entitlement is cloud governed.", + "default": false, + "example": false + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "identityCount": { + "type": "integer", + "description": "Number of identities who have access to the entitlement.", + "format": "int32", + "example": 3 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "Event", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "action": { + "type": "string", + "description": "Name of the event as it's displayed in audit reports.", + "example": "update" + }, + "type": { + "type": "string", + "description": "Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.", + "example": "SYSTEM_CONFIG" + }, + "actor": { + "type": "string", + "description": "Name of the actor that generated the event.", + "example": "System" + }, + "target": { + "type": "string", + "description": "Name of the target, or recipient, of the event.", + "example": "Carol.Adams" + }, + "stack": { + "type": "string", + "description": "The event's stack.", + "example": "tpe" + }, + "trackingNumber": { + "type": "string", + "description": "ID of the group of events.", + "example": "63f891e0735f4cc8bf1968144a1e7440" + }, + "ipAddress": { + "type": "string", + "description": "Target system's IP address.", + "example": "52.52.97.85" + }, + "details": { + "type": "string", + "description": "ID of event's details.", + "example": "73b65dfbed1842548c207432a18c84b0" + }, + "attributes": { + "type": "object", + "description": "Attributes involved in the event.", + "additionalProperties": true, + "example": { + "pod": "stg03-useast1", + "org": "acme", + "sourceName": "SailPoint" + } + }, + "objects": { + "type": "array", + "description": "Objects the event is happening to.", + "items": { + "type": "string", + "example": "AUTHENTICATION" + } + }, + "operation": { + "type": "string", + "description": "Operation, or action, performed during the event.", + "example": "REQUEST" + }, + "status": { + "type": "string", + "description": "Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.", + "example": "PASSED" + }, + "technicalName": { + "type": "string", + "description": "Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'.", + "example": "AUTHENTICATION_REQUEST_PASSED" + } + } + } + ] + }, + { + "description": "Identity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "Carol.Adams", + "description": "Identity's display name." + }, + "firstName": { + "type": "string", + "description": "Identity's first name.", + "example": "Carol" + }, + "lastName": { + "type": "string", + "description": "Identity's last name.", + "example": "Adams" + }, + "email": { + "type": "string", + "description": "Identity's primary email address.", + "example": "Carol.Adams@sailpointdemo.com" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "phone": { + "type": "string", + "description": "Identity's phone number.", + "example": "+1 440-527-3672" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "inactive": { + "type": "boolean", + "description": "Indicates whether the identity is inactive.", + "default": false, + "example": false + }, + "protected": { + "type": "boolean", + "description": "Indicates whether the identity is protected.", + "default": false, + "example": false + }, + "status": { + "type": "string", + "description": "Identity's status in SailPoint.", + "example": "UNREGISTERED" + }, + "employeeNumber": { + "type": "string", + "description": "Identity's employee number.", + "example": "1a2a3d4e" + }, + "manager": { + "type": "object", + "description": "Identity's manager.", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of identity's manager.", + "example": "2c9180867dfe694b017e208e27c05799" + }, + "name": { + "type": "string", + "description": "Name of identity's manager.", + "example": "Amanda.Ross" + }, + "displayName": { + "type": "string", + "description": "Display name of identity's manager.", + "example": "Amanda.Ross" + } + } + }, + "isManager": { + "type": "boolean", + "description": "Indicates whether the identity is a manager of other identities.", + "example": false + }, + "identityProfile": { + "type": "object", + "description": "Identity's identity profile.", + "properties": { + "id": { + "type": "string", + "description": "Identity profile's ID.", + "example": "3bc8ad26b8664945866b31339d1ff7d2" + }, + "name": { + "type": "string", + "description": "Identity profile's name.", + "example": "HR Employees" + } + } + }, + "source": { + "type": "object", + "description": "Identity's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of identity's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of identity's source.", + "example": "ODS-HR-Employees" + } + } + }, + "attributes": { + "type": "object", + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "country": "US", + "firstname": "Carol", + "cloudStatus": "UNREGISTERED" + } + }, + "processingState": { + "type": "string", + "description": "Identity's processing state.", + "nullable": true, + "example": null + }, + "processingDetails": { + "description": "Identity's processing details.", + "nullable": true, + "type": "object", + "properties": { + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "stage": { + "type": "string", + "example": "In Process" + }, + "retryCount": { + "type": "integer", + "example": 0, + "format": "int32" + }, + "stackTrace": { + "type": "string", + "example": "" + }, + "message": { + "type": "string", + "example": "" + } + } + }, + "accounts": { + "type": "array", + "description": "List of accounts associated with the identity.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "John.Doe" + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "disabled": { + "type": "boolean", + "description": "Indicates whether the account is disabled.", + "default": false, + "example": false + }, + "locked": { + "type": "boolean", + "description": "Indicates whether the account is locked.", + "default": false, + "example": false + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the account is privileged.", + "default": false, + "example": false + }, + "manuallyCorrelated": { + "type": "boolean", + "description": "Indicates whether the account has been manually correlated to an identity.", + "default": false, + "example": false + }, + "passwordLastSet": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "entitlementAttributes": { + "type": "object", + "nullable": true, + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "moderator": true, + "admin": true, + "trust_level": "4" + } + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + } + } + } + ] + } + }, + "accountCount": { + "type": "integer", + "description": "Number of accounts associated with the identity.", + "format": "int32", + "example": 3 + }, + "apps": { + "type": "array", + "description": "List of applications the identity has access to.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "account": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The SailPoint generated unique ID", + "example": "2c9180837dfe6949017e21f3d8cd6d49" + }, + "accountId": { + "type": "string", + "description": "The account ID generated by the source", + "example": "CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + } + } + } + } + } + ] + } + }, + "appCount": { + "type": "integer", + "format": "int32", + "description": "Number of applications the identity has access to.", + "example": 2 + }, + "access": { + "type": "array", + "description": "List of access items assigned to the identity.", + "items": { + "discriminator": { + "propertyName": "type", + "mapping": { + "ACCESS_PROFILE": "../access/AccessProfileSummary.yaml", + "ENTITLEMENT": "../access/AccessProfileEntitlement.yaml", + "ROLE": "../access/AccessProfileRole.yaml" + } + }, + "oneOf": [ + { + "description": "This is a summary representation of an access profile.", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "revocable": { + "type": "boolean", + "example": true + } + } + } + ] + }, + { + "description": "EntitlementReference", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "privileged": { + "type": "boolean", + "example": false + }, + "attribute": { + "type": "string", + "example": "memberOf" + }, + "value": { + "type": "string", + "example": "CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + }, + "standalone": { + "type": "boolean", + "example": false + } + } + } + ] + }, + { + "description": "Role", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "disabled": { + "type": "boolean" + }, + "revocable": { + "type": "boolean" + } + } + } + ] + } + ] + } + }, + "accessCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items assigned to the identity.", + "example": 5 + }, + "entitlementCount": { + "type": "integer", + "format": "int32", + "description": "Number of entitlements assigned to the identity.", + "example": 10 + }, + "roleCount": { + "type": "integer", + "format": "int32", + "description": "Number of roles assigned to the identity.", + "example": 1 + }, + "accessProfileCount": { + "type": "integer", + "format": "int32", + "description": "Number of access profiles assigned to the identity.", + "example": 1 + }, + "owns": { + "type": "array", + "description": "Access items the identity owns.", + "items": { + "type": "object", + "properties": { + "sources": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "roles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "apps": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "governanceGroups": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "fallbackApprover": { + "type": "boolean", + "example": false + } + } + } + }, + "ownsCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items the identity owns.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "Role", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "properties": { + "accessProfiles": { + "type": "array", + "description": "Access profiles included with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91809c6faade77016fb4f0b63407ae", + "description": "Access profile's unique ID." + }, + "name": { + "type": "string", + "example": "Admin Access", + "description": "Access profile's display name." + } + } + } + }, + "accessProfileCount": { + "type": "integer", + "description": "Number of access profiles included with the role.", + "format": "int32", + "example": 1 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "entitlements": { + "type": "array", + "description": "Entitlements included with the role.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements included with the role.", + "format": "int32", + "example": 3 + } + } + } + ] + } + ] + }, + "examples": { + "accessProfile": { + "summary": "AccessProfile", + "value": { + "id": "2c9180825a6c1adc015a71c9023f0818", + "name": "Cloud Eng", + "description": "Cloud Eng", + "created": "2017-02-24T20:21:23.145Z", + "modified": "2019-05-24T20:36:04.312Z", + "synced": "2020-02-18T05:30:20.414Z", + "enabled": true, + "requestable": true, + "requestCommentsRequired": false, + "owner": { + "id": "ff8081815757d36a015757d42e56031e", + "name": "SailPoint Support", + "type": "IDENTITY", + "email": "cloud-support@sailpoint.com" + }, + "source": { + "id": "ff8081815757d4fb0157588f3d9d008f", + "name": "Employees" + }, + "entitlements": [ + { + "id": "2c918084575812550157589064f33b89", + "name": "CN=Cloud Engineering,DC=sailpoint,DC=COM", + "description": "mull", + "attribute": "memberOf", + "value": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + ], + "entitlementCount": 1, + "tags": [ + "TAG_1", + "TAG_2" + ] + } + }, + "entitlement": { + "summary": "Entitlement", + "value": { + "id": "2c9180946ed0c43d016eec1a80892fbd", + "name": "entitlement.aa415ae7", + "description": "null", + "attribute": "groups", + "value": "entitlement.aa415ae7", + "modified": "2019-12-09T19:19:50.154Z", + "created": "2018-12-07T01:07:48Z", + "synced": "2020-02-19T04:30:32.906Z", + "displayName": "entitlement.aa415ae7", + "source": { + "id": "2c91808b6e9e6fb8016eec1a2b6f7b5f", + "name": "ODS-HR-Employees" + }, + "owner": { + "type": "IDENTITY", + "id": "2c9180858315595501831958427e5424", + "name": "Addie Lee" + }, + "privileged": false, + "identityCount": 68, + "tags": [ + "TAG_1", + "TAG_2" + ] + } + }, + "event": { + "summary": "Event", + "value": { + "id": "e092842f-c904-4b59-aac8-2544abeeef4b", + "name": "Update Task Schedule Passed", + "created": "2020-02-17T16:23:18.327Z", + "synced": "2020-02-17T16:23:18.388Z", + "action": "TASK_SCHEDULE_UPDATE_PASSED", + "type": "SYSTEM_CONFIG", + "actor": { + "name": "MantisTaskScheduler" + }, + "target": { + "name": "Perform provisioning activity search delete synchronization" + }, + "stack": "tpe", + "trackingNumber": "c6b98bc39ece48b080826d16c76b166c", + "ipAddress": "207.189.160.158", + "details": "null", + "attributes": { + "sourceName": "SailPoint" + }, + "objects": [ + "TASK", + "SCHEDULE" + ], + "operation": "UPDATE", + "status": "PASSED", + "technicalName": "TASK_SCHEDULE_UPDATE_PASSED" + } + }, + "identity": { + "summary": "Identity", + "value": { + "id": "2c9180865c45e7e3015c46c434a80622", + "name": "ad.admin", + "firstName": "AD", + "lastName": "Admin", + "displayName": "AD Admin", + "email": "SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM", + "created": "2018-08-22T19:54:54.302Z", + "modified": "2018-08-22T19:54:54.302Z", + "synced": "2018-08-22T19:54:54.302Z", + "phone": "512-942-7578", + "inactive": false, + "protected": false, + "status": "UNREGISTERED", + "employeeNumber": "O349804", + "manager": null, + "isManager": false, + "identityProfile": { + "id": "2c918085605c8d0601606f357cb231e6", + "name": "E2E AD" + }, + "source": { + "id": "2c9180855c45b230015c46c19b9c0202", + "name": "EndToEnd-ADSource" + }, + "attributes": { + "uid": "ad.admin", + "firstname": "AD", + "cloudAuthoritativeSource": "2c9180855c45b230015c46c19b9c0202", + "cloudStatus": "UNREGISTERED", + "iplanet-am-user-alias-list": null, + "displayName": "AD Admin", + "internalCloudStatus": "UNREGISTERED", + "workPhone": "512-942-7578", + "email": "SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM", + "lastname": "Admin" + }, + "processingState": null, + "processingDetails": null, + "accounts": [ + { + "id": "2c9180865c45e7e3015c46c434a80623", + "name": "ad.admin", + "accountId": "CN=AD Admin,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "source": { + "id": "2c9180855c45b230015c46c19b9c0202", + "name": "EndToEnd-ADSource", + "type": "Active Directory - Direct" + }, + "disabled": false, + "locked": false, + "privileged": false, + "manuallyCorrelated": false, + "passwordLastSet": "2018-08-22T19:54:54.302Z", + "entitlementAttributes": { + "memberOf": [ + "CN=Group Policy Creator Owners,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Domain Guests,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Domain Admins,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Enterprise Admins,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Schema Admins,CN=Users,DC=TestAutomationAD,DC=local", + "CN=Guests,CN=Builtin,DC=TestAutomationAD,DC=local", + "CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local" + ] + }, + "created": "2018-08-22T19:54:54.302Z" + }, + { + "id": "2c918083606d670c01606f35a30a0349", + "name": "ad.admin", + "accountId": "ad.admin", + "source": { + "id": "ff8081815c46b85b015c46b90c7c02a6", + "name": "IdentityNow", + "type": "IdentityNowConnector" + }, + "disabled": false, + "locked": false, + "privileged": false, + "manuallyCorrelated": false, + "passwordLastSet": null, + "entitlementAttributes": null, + "created": "2018-08-22T19:54:54.302Z" + } + ], + "accountCount": 2, + "apps": [ + { + "id": "22751", + "name": "ADP Workforce Now", + "source": { + "id": "2c9180855c45b230015c46e2f6a8026a", + "name": "Corporate Active Directory" + }, + "account": { + "id": "2c9180865c45efa4015c470be0de1606", + "accountId": "CN=Bob Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + } + } + ], + "appCount": 1, + "access": [ + { + "id": "2c918083634bc6cb01639808d40270ba", + "name": "test [AccessProfile-1527264105448]", + "displayName": "test", + "type": "ACCESS_PROFILE", + "description": "test", + "source": { + "id": "2c9180855c45b230015c46c19b9c0202", + "name": "EndToEnd-ADSource" + }, + "owner": { + "id": "2c9180865c45e7e3015c46c434a80622", + "name": "ad.admin", + "displayName": "AD Admin" + } + }, + { + "id": "2c9180865c45e7e3015c46c457c50755", + "name": "Administrators", + "displayName": "Administrators", + "type": "ENTITLEMENT", + "description": null, + "source": { + "id": "2c9180855c45b230015c46c19b9c0202", + "name": "EndToEnd-ADSource" + }, + "privileged": false, + "attribute": "memberOf", + "value": "CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local", + "standalone": false + }, + { + "id": "2c9180865decdaa5015e06598b293108", + "name": "test [cloudRole-1503345085223]", + "displayName": "test", + "type": "ROLE", + "description": "test", + "owner": { + "id": "2c9180865c45e7e3015c46c5030707a0", + "name": "will.albin", + "displayName": "Albin Will" + }, + "disabled": false + } + ], + "accessCount": 3, + "accessProfileCount": 1, + "entitlementCount": 1, + "roleCount": 1, + "tags": [ + "TAG_1", + "TAG_2" + ] + } + }, + "role": { + "summary": "Role", + "value": { + "id": "2c91808c6faadea6016fb4f2bc69077b", + "name": "IT Role", + "description": "IT role", + "created": "2020-01-17T19:20:15.040Z", + "modified": null, + "synced": "2020-02-18T05:30:20.145Z", + "enabled": true, + "requestable": false, + "requestCommentsRequired": false, + "owner": { + "id": "2c9180a46faadee4016fb4e018c20639", + "name": "Cloud Support", + "type": "IDENTITY", + "email": "thomas.edison@acme-solar.com" + }, + "accessProfiles": [ + { + "id": "2c91809c6faade77016fb4f0b63407ae", + "name": "Admin Access" + } + ], + "accessProfileCount": 1, + "segments": [ + { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "name": "segment-xyz", + "description": "This segment represents xyz" + } + ], + "segmentCount": 1, + "entitlements": [ + { + "id": "2c91809c6faade77016fb4f0b63407ae", + "name": "Admin Access", + "description": "Access to everything", + "privileged": true, + "hasPermissions": true + } + ], + "entitlementCount": 1, + "tags": [ + "TAG_1", + "TAG_2" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/segments": { + "post": { + "operationId": "createSegment", + "security": [ + { + "UserContextAuth": [ + "idn:segment:manage" + ] + } + ], + "tags": [ + "Segments" + ], + "summary": "Create Segment", + "description": "This API creates a segment. \n>**Note:** Segment definitions may take time to propagate to all identities.\nA token with ORG_ADMIN or API authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The segment's ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "The segment's business name.", + "example": "segment-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is created.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is modified.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "description": { + "type": "string", + "description": "The segment's optional description.", + "example": "This segment represents xyz" + }, + "owner": { + "type": "object", + "nullable": true, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "visibilityCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "expression": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "array", + "nullable": true, + "description": "List of expressions", + "items": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "string", + "nullable": true, + "description": "There cannot be anymore nested children. This will always be null.", + "example": null + } + } + }, + "example": [] + } + } + } + } + }, + { + "nullable": true + } + ] + }, + "active": { + "type": "boolean", + "description": "This boolean indicates whether the segment is currently active. Inactive segments have no effect.", + "default": false, + "example": true + } + } + } + } + } + }, + "responses": { + "201": { + "description": "Segment created", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The segment's ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "The segment's business name.", + "example": "segment-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is created.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is modified.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "description": { + "type": "string", + "description": "The segment's optional description.", + "example": "This segment represents xyz" + }, + "owner": { + "type": "object", + "nullable": true, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "visibilityCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "expression": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "array", + "nullable": true, + "description": "List of expressions", + "items": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "string", + "nullable": true, + "description": "There cannot be anymore nested children. This will always be null.", + "example": null + } + } + }, + "example": [] + } + } + } + } + }, + { + "nullable": true + } + ] + }, + "active": { + "type": "boolean", + "description": "This boolean indicates whether the segment is currently active. Inactive segments have no effect.", + "default": false, + "example": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "listSegments", + "security": [ + { + "UserContextAuth": [ + "idn:segment:read", + "idn:segment:manage" + ] + } + ], + "tags": [ + "Segments" + ], + "summary": "List Segments", + "description": "This API returns a list of all segments. \nA token with ORG_ADMIN or API authority is required to call this API.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + } + ], + "responses": { + "200": { + "description": "List of all segments", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The segment's ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "The segment's business name.", + "example": "segment-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is created.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is modified.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "description": { + "type": "string", + "description": "The segment's optional description.", + "example": "This segment represents xyz" + }, + "owner": { + "type": "object", + "nullable": true, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "visibilityCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "expression": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "array", + "nullable": true, + "description": "List of expressions", + "items": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "string", + "nullable": true, + "description": "There cannot be anymore nested children. This will always be null.", + "example": null + } + } + }, + "example": [] + } + } + } + } + }, + { + "nullable": true + } + ] + }, + "active": { + "type": "boolean", + "description": "This boolean indicates whether the segment is currently active. Inactive segments have no effect.", + "default": false, + "example": true + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/segments/{id}": { + "get": { + "operationId": "getSegment", + "security": [ + { + "UserContextAuth": [ + "idn:segment:read", + "idn:segment:manage" + ] + } + ], + "tags": [ + "Segments" + ], + "summary": "Get Segment by ID", + "description": "This API returns the segment specified by the given ID.\nA token with ORG_ADMIN or API authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The segment ID to retrieve.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "Segment", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The segment's ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "The segment's business name.", + "example": "segment-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is created.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is modified.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "description": { + "type": "string", + "description": "The segment's optional description.", + "example": "This segment represents xyz" + }, + "owner": { + "type": "object", + "nullable": true, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "visibilityCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "expression": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "array", + "nullable": true, + "description": "List of expressions", + "items": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "string", + "nullable": true, + "description": "There cannot be anymore nested children. This will always be null.", + "example": null + } + } + }, + "example": [] + } + } + } + } + }, + { + "nullable": true + } + ] + }, + "active": { + "type": "boolean", + "description": "This boolean indicates whether the segment is currently active. Inactive segments have no effect.", + "default": false, + "example": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteSegment", + "security": [ + { + "UserContextAuth": [ + "idn:segment:manage" + ] + } + ], + "tags": [ + "Segments" + ], + "summary": "Delete Segment by ID", + "description": "This API deletes the segment specified by the given ID.\n>**Note:** that segment deletion may take some time to become effective.\nA token with ORG_ADMIN or API authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The segment ID to delete.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "204": { + "description": "No content." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchSegment", + "security": [ + { + "UserContextAuth": [ + "idn:segment:manage" + ] + } + ], + "tags": [ + "Segments" + ], + "summary": "Update Segment", + "description": "Use this API to update segment fields by using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n>**Note:** Changes to a segment may take some time to propagate to all identities.\nA token with ORG_ADMIN or API authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The segment ID to modify.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "description": "A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nThe following fields are patchable:\n* name\n* description\n* owner\n* visibilityCriteria\n* active\n", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object" + } + }, + "examples": { + "Set Visibility Criteria": { + "description": "Set the visibility criteria", + "value": [ + { + "op": "replace", + "path": "/visibilityCriteria", + "value": { + "expression": { + "operator": "AND", + "children": [ + { + "operator": "EQUALS", + "attribute": "location", + "value": { + "type": "STRING", + "value": "Philadelphia" + } + }, + { + "operator": "EQUALS", + "attribute": "department", + "value": { + "type": "STRING", + "value": "HR" + } + } + ] + } + } + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "Indicates the PATCH operation succeeded, and returns the segment's new representation.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The segment's ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "The segment's business name.", + "example": "segment-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is created.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when the segment is modified.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "description": { + "type": "string", + "description": "The segment's optional description.", + "example": "This segment represents xyz" + }, + "owner": { + "type": "object", + "nullable": true, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.", + "example": "support" + } + } + }, + "visibilityCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "expression": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "array", + "nullable": true, + "description": "List of expressions", + "items": { + "type": "object", + "properties": { + "operator": { + "type": "string", + "description": "Operator for the expression", + "enum": [ + "AND", + "EQUALS" + ], + "example": "EQUALS" + }, + "attribute": { + "type": "string", + "description": "Name for the attribute", + "example": "location", + "nullable": true + }, + "value": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type of attribute value", + "example": "STRING" + }, + "value": { + "type": "string", + "description": "The attribute value", + "example": "Austin" + } + } + }, + "children": { + "type": "string", + "nullable": true, + "description": "There cannot be anymore nested children. This will always be null.", + "example": null + } + } + }, + "example": [] + } + } + } + } + }, + { + "nullable": true + } + ] + }, + "active": { + "type": "boolean", + "description": "This boolean indicates whether the segment is currently active. Inactive segments have no effect.", + "default": false, + "example": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/service-desk-integrations": { + "get": { + "tags": [ + "Service Desk Integration" + ], + "summary": "List existing Service Desk Integrations", + "description": "Get a list of ServiceDeskIntegrationDto for existing Service Desk Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "getServiceDeskIntegrations", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "name": "sorters", + "in": "query", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "example": "name" + }, + { + "name": "filters", + "in": "query", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq*\n\n**type**: *eq, in*\n\n**cluster**: *eq, in*", + "example": "name eq \"John Doe\"" + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + } + ], + "responses": { + "200": { + "description": "List of ServiceDeskIntegrationDto", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique identifier for the Service Desk integration", + "example": "62945a496ef440189b1f03e3623411c8" + }, + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was created", + "example": "2024-01-17T18:45:25.994Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was last modified", + "example": "2024-02-18T18:45:25.994Z" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true, + "nullable": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:read", + "idn:service-desk-integration:read" + ] + } + ] + }, + "post": { + "tags": [ + "Service Desk Integration" + ], + "summary": "Create new Service Desk integration", + "description": "Create a new Service Desk Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "createServiceDeskIntegration", + "requestBody": { + "description": "The specifics of a new integration to create", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique identifier for the Service Desk integration", + "example": "62945a496ef440189b1f03e3623411c8" + }, + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was created", + "example": "2024-01-17T18:45:25.994Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was last modified", + "example": "2024-02-18T18:45:25.994Z" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true, + "nullable": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "details of the created integration", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique identifier for the Service Desk integration", + "example": "62945a496ef440189b1f03e3623411c8" + }, + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was created", + "example": "2024-01-17T18:45:25.994Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was last modified", + "example": "2024-02-18T18:45:25.994Z" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true, + "nullable": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:manage", + "idn:service-desk-integration:manage" + ] + } + ] + } + }, + "/service-desk-integrations/{id}": { + "get": { + "tags": [ + "Service Desk Integration" + ], + "summary": "Get a Service Desk integration", + "description": "Get an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "getServiceDeskIntegration", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the Service Desk integration to get", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "anId" + } + } + ], + "responses": { + "200": { + "description": "ServiceDeskIntegrationDto with the given ID", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique identifier for the Service Desk integration", + "example": "62945a496ef440189b1f03e3623411c8" + }, + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was created", + "example": "2024-01-17T18:45:25.994Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was last modified", + "example": "2024-02-18T18:45:25.994Z" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true, + "nullable": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:read", + "idn:service-desk-integration:read" + ] + } + ] + }, + "put": { + "tags": [ + "Service Desk Integration" + ], + "summary": "Update a Service Desk integration", + "description": "Update an existing Service Desk integration by ID with updated value in JSON form as the request body. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "putServiceDeskIntegration", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the Service Desk integration to update", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "anId" + } + } + ], + "requestBody": { + "description": "The specifics of the integration to update", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique identifier for the Service Desk integration", + "example": "62945a496ef440189b1f03e3623411c8" + }, + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was created", + "example": "2024-01-17T18:45:25.994Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was last modified", + "example": "2024-02-18T18:45:25.994Z" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true, + "nullable": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "ServiceDeskIntegrationDto as updated", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique identifier for the Service Desk integration", + "example": "62945a496ef440189b1f03e3623411c8" + }, + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was created", + "example": "2024-01-17T18:45:25.994Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was last modified", + "example": "2024-02-18T18:45:25.994Z" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true, + "nullable": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:manage", + "idn:service-desk-integration:manage" + ] + } + ] + }, + "delete": { + "tags": [ + "Service Desk Integration" + ], + "summary": "Delete a Service Desk integration", + "description": "Delete an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "deleteServiceDeskIntegration", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of Service Desk integration to delete", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "anId" + } + } + ], + "responses": { + "204": { + "description": "Service Desk integration with the given ID successfully deleted" + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:manage", + "idn:service-desk-integration:manage" + ] + } + ] + }, + "patch": { + "operationId": "patchServiceDeskIntegration", + "tags": [ + "Service Desk Integration" + ], + "summary": "Service Desk Integration Update PATCH", + "description": "Update an existing ServiceDeskIntegration by ID with a PATCH request.", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the Service Desk integration to update", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "anId" + } + } + ], + "requestBody": { + "required": true, + "description": "A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nOnly `replace` operations are accepted by this endpoint.\n\nA 403 Forbidden Error indicates that you attempted to PATCH a operation that is not allowed.\n", + "content": { + "application/json-patch+json": { + "schema": { + "type": "object", + "description": "A JSONPatch document as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902). Only `replace` operations are accepted by this endpoint.", + "properties": { + "operations": { + "description": "Operations to be applied", + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + } + }, + "example": "[\n {\n \"op\": \"replace\",\n \"path\": \"/ownerRef\",\n \"value\": {\n \"id\": \"2c9180867d05b227017d09921a205b4d\",\n \"type\": \"IDENTITY\",\n \"name\": \"Angelo2 tester\"\n }\n }\n]" + } + } + } + }, + "responses": { + "200": { + "description": "ServiceDeskIntegrationDto as updated", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique identifier for the Service Desk integration", + "example": "62945a496ef440189b1f03e3623411c8" + }, + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was created", + "example": "2024-01-17T18:45:25.994Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was last modified", + "example": "2024-02-18T18:45:25.994Z" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true, + "nullable": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:manage", + "idn:service-desk-integration:manage" + ] + } + ] + } + }, + "/service-desk-integrations/types": { + "get": { + "tags": [ + "Service Desk Integration" + ], + "summary": "Service Desk Integration Types List.", + "description": "This API endpoint returns the current list of supported Service Desk integration types. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "getServiceDeskIntegrationTypes", + "responses": { + "200": { + "description": "Responds with an array of the currently supported Service Desk integration types.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "description": "This represents a Service Desk Integration template type.", + "required": [ + "type", + "scriptName" + ], + "type": "object", + "properties": { + "name": { + "description": "This is the name of the type.", + "example": "aName", + "type": "string" + }, + "type": { + "description": "This is the type value for the type.", + "example": "aType", + "type": "string" + }, + "scriptName": { + "description": "This is the scriptName attribute value for the type.", + "example": "aScriptName", + "type": "string" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:read", + "idn:service-desk-integration:read" + ] + } + ] + } + }, + "/service-desk-integrations/templates/{scriptName}": { + "get": { + "tags": [ + "Service Desk Integration" + ], + "summary": "Service Desk integration template by scriptName.", + "description": "This API endpoint returns an existing Service Desk integration template by scriptName. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "getServiceDeskIntegrationTemplate", + "parameters": [ + { + "name": "scriptName", + "in": "path", + "description": "The scriptName value of the Service Desk integration template to get", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "aScriptName" + } + } + ], + "responses": { + "200": { + "description": "Responds with the ServiceDeskIntegrationTemplateDto with the specified scriptName.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "description": "This is the model for a Service Desk integration template, used to create and edit Service Desk Integrations.", + "required": [ + "type", + "attributes", + "provisioningConfig" + ], + "properties": { + "type": { + "description": "The 'type' property specifies the type of the Service Desk integration template.", + "type": "string", + "example": "Web Service SDIM", + "default": "Web Service SDIM" + }, + "attributes": { + "description": "The 'attributes' property value is a map of attributes available for integrations using this Service Desk integration template.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations using the template.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:read", + "idn:service-desk-integration:read" + ] + } + ] + } + }, + "/service-desk-integrations/status-check-configuration": { + "get": { + "tags": [ + "Service Desk Integration" + ], + "summary": "Get the time check configuration", + "description": "Get the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "getStatusCheckDetails", + "responses": { + "200": { + "description": "QueuedCheckConfigDetails containing the configured values", + "content": { + "application/json": { + "schema": { + "description": "Configuration of maximum number days and interval for checking Service Desk integration queue status", + "required": [ + "provisioningStatusCheckIntervalMinutes", + "provisioningMaxStatusCheckDays" + ], + "type": "object", + "properties": { + "provisioningStatusCheckIntervalMinutes": { + "description": "interval in minutes between status checks", + "type": "string", + "example": "30" + }, + "provisioningMaxStatusCheckDays": { + "description": "maximum number of days to check", + "type": "string", + "example": "2" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:read", + "idn:service-desk-integration:read" + ] + } + ] + }, + "put": { + "tags": [ + "Service Desk Integration" + ], + "summary": "Update the time check configuration", + "description": "Update the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "updateStatusCheckDetails", + "requestBody": { + "description": "the modified time check configuration", + "content": { + "application/json": { + "schema": { + "description": "Configuration of maximum number days and interval for checking Service Desk integration queue status", + "required": [ + "provisioningStatusCheckIntervalMinutes", + "provisioningMaxStatusCheckDays" + ], + "type": "object", + "properties": { + "provisioningStatusCheckIntervalMinutes": { + "description": "interval in minutes between status checks", + "type": "string", + "example": "30" + }, + "provisioningMaxStatusCheckDays": { + "description": "maximum number of days to check", + "type": "string", + "example": "2" + } + } + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "QueuedCheckConfigDetails as updated", + "content": { + "application/json": { + "schema": { + "description": "Configuration of maximum number days and interval for checking Service Desk integration queue status", + "required": [ + "provisioningStatusCheckIntervalMinutes", + "provisioningMaxStatusCheckDays" + ], + "type": "object", + "properties": { + "provisioningStatusCheckIntervalMinutes": { + "description": "interval in minutes between status checks", + "type": "string", + "example": "30" + }, + "provisioningMaxStatusCheckDays": { + "description": "maximum number of days to check", + "type": "string", + "example": "2" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:manage", + "idn:service-desk-integration:manage" + ] + } + ] + } + }, + "/query-password-info": { + "post": { + "operationId": "queryPasswordInfo", + "tags": [ + "Password Management" + ], + "summary": "Query Password Info", + "description": "This API is used to query password related information. \n\nA token with [API authority](https://developer.sailpoint.com/idn/api/authentication#client-credentials-grant-flow) \nis required to call this API. \"API authority\" refers to a token that only has the \"client_credentials\" \ngrant type, and therefore no user context. A [personal access token](https://developer.sailpoint.com/idn/api/authentication#personal-access-tokens) \nor a token generated with the [authorization_code](https://developer.sailpoint.com/idn/api/authentication#authorization-code-grant-flow) \ngrant type will **NOT** work on this endpoint, and a `403 Forbidden` response \nwill be returned.\n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "userName": { + "type": "string", + "description": "The login name of the user", + "example": "Abby.Smith" + }, + "sourceName": { + "type": "string", + "description": "The display name of the source", + "example": "My-AD" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Reference to the password info.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "description": "Identity ID", + "example": "2c918085744fec4301746f9a5bce4605" + }, + "sourceId": { + "type": "string", + "description": "source ID", + "example": "2c918083746f642c01746f990884012a" + }, + "publicKeyId": { + "type": "string", + "description": "public key ID", + "example": "N2M1OTJiMGEtMDJlZS00ZWU3LTkyYTEtNjA5YmI5NWE3ZWVh" + }, + "publicKey": { + "type": "string", + "description": "User's public key with Base64 encoding", + "example": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGFkWi2J75TztpbaPKd36bJnIB3J8gZ6UcoS9oSDYsqBzPpTsfZXYaEf4Y4BKGgJIXmE/lwhwuj7mU1itdZ2qTSNFtnXA8Fn75c3UUkk+h+wdZbkuSmqlsJo3R1OnJkwkJggcAy9Jvk9jlcrNLWorpQ1w9raUvxtvfgkSdq153KxotenQ1HciSyZ0nA/Kw0UaucLnho8xdRowZs11afXGXA9IT9H6D8T6zUdtSxm0nAyH+mluma5LdTfaM50W3l/L8q56Vrqmx2pZIiwdx/0+g3Y++jV70zom0ZBkC1MmSoLMrQYG5OICNjr72f78B2PaGXfarQHqARLjKpMVt9YIQIDAQAB" + }, + "accounts": { + "type": "array", + "description": "Account info related to queried identity and source", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID of the account. This is specified per account schema in the source configuration. It is used to distinguish accounts. More info can be found here https://community.sailpoint.com/t5/IdentityNow-Connectors/How-do-I-designate-an-account-attribute-as-the-Account-ID-for-a/ta-p/80350", + "example": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + }, + "accountName": { + "type": "string", + "description": "Display name of the account. This is specified per account schema in the source configuration. It is used to display name of the account. More info can be found here https://community.sailpoint.com/t5/IdentityNow-Connectors/How-do-I-designate-an-account-attribute-as-the-Account-Name-for/ta-p/74008", + "example": "Abby.Smith" + } + } + } + }, + "policies": { + "type": "array", + "description": "Password constraints", + "items": { + "type": "string" + }, + "example": [ + "passwordRepeatedChar is 3", + "passwordMinAlpha is 1", + "passwordMinLength is 5", + "passwordMinNumeric is 1" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/set-password": { + "post": { + "operationId": "setPassword", + "tags": [ + "Password Management" + ], + "summary": "Set Identity's Password", + "description": "This API is used to set a password for an identity. \n\nAn identity can change their own password (as well as any of their accounts' passwords) if they use a token generated by their ISC user, such as a [personal access token](https://developer.sailpoint.com/idn/api/authentication#personal-access-tokens) or [\"authorization_code\" derived OAuth token](https://developer.sailpoint.com/idn/api/authentication#authorization-code-grant-flow).\n\nA token with [API authority](https://developer.sailpoint.com/idn/api/authentication#client-credentials-grant-flow) can be used to change **any** identity's password or the password of any of the identity's accounts. \n\"API authority\" refers to a token that only has the \"client_credentials\" grant type.\n\n>**Note: If you want to set an identity's source account password, you must enable `PASSWORD` as one of the source's features. You can use the [PATCH Source endpoint](https://developer.sailpoint.com/docs/api/v3/update-source) to add the `PASSWORD` feature.**\n\nYou can use this endpoint to generate an `encryptedPassword` (RSA encrypted using publicKey). \nTo do so, follow these steps:\n\n1. Use [Query Password Info](https://developer.sailpoint.com/idn/api/v3/query-password-info) to get the following information: `identityId`, `sourceId`, `publicKeyId`, `publicKey`, `accounts`, and `policies`. \n\n2. Choose an account from the previous response that you will provide as an `accountId` in your request to set an encrypted password. \n\n3. Use [Set Identity's Password](https://developer.sailpoint.com/idn/api/v3/set-password) and provide the information you got from your earlier query. Then add this code to your request to get the encrypted password:\n\n```java\nimport javax.crypto.Cipher;\nimport java.security.KeyFactory;\nimport java.security.PublicKey;\nimport java.security.spec.X509EncodedKeySpec;\nimport java util.Base64;\n\nString encrypt(String publicKey, String toEncrypt) throws Exception {\n byte[] publicKeyBytes = Base64.getDecoder().decode(publicKey);\n byte[] encryptedBytes = encryptRsa(publicKeyBytes, toEncrypt.getBytes(\"UTF-8\"));\n return Base64.getEncoder().encodeToString(encryptedBytes);\n}\n\nprivate byte[] encryptRsa(byte[] publicKeyBytes, byte[] toEncryptBytes) throws Exception {\n PublicKey key = KeyFactory.getInstance(\"RSA\").generatePublic(new X509EncodedKeySpec(publicKeyBytes));\n String transformation = \"RSA/ECB/PKCS1Padding\";\n Cipher cipher = Cipher.getInstance(transformation);\n cipher.init(1, key);\n return cipher.doFinal(toEncryptBytes);\n}\n``` \n\nIn this example, `toEncrypt` refers to the plain text password you are setting and then encrypting, and the `publicKey` refers to the publicKey you got from the first request you sent. \n\nYou can then use [Get Password Change Request Status](https://developer.sailpoint.com/idn/api/v3/get-password-change-status) to check the password change request status. To do so, you must provide the `requestId` from your earlier request to set the password. \n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "description": "The identity ID that requested the password change", + "example": "8a807d4c73c545510173c545f0a002ff" + }, + "encryptedPassword": { + "type": "string", + "description": "The RSA encrypted password", + "example": "XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A==" + }, + "publicKeyId": { + "type": "string", + "description": "The encryption key ID", + "example": "YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2" + }, + "accountId": { + "type": "string", + "description": "Account ID of the account This is specified per account schema in the source configuration. It is used to distinguish accounts. More info can be found here https://community.sailpoint.com/t5/IdentityNow-Connectors/How-do-I-designate-an-account-attribute-as-the-Account-ID-for-a/ta-p/80350", + "example": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source for which identity is requesting the password change", + "example": "8a807d4c73c545510173c545d4b60246" + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Reference to the password change.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "requestId": { + "type": "string", + "nullable": true, + "description": "The password change request ID", + "example": "089899f13a8f4da7824996191587bab9" + }, + "state": { + "type": "string", + "enum": [ + "IN_PROGRESS", + "FINISHED", + "FAILED" + ], + "description": "Password change state", + "example": "IN_PROGRESS" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/password-change-status/{id}": { + "get": { + "operationId": "getPasswordChangeStatus", + "tags": [ + "Password Management" + ], + "summary": "Get Password Change Request Status", + "description": "This API returns the status of a password change request. A token with identity owner or trusted API client application authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "example": "089899f13a8f4da7824996191587bab9", + "description": "Password change request ID" + } + ], + "responses": { + "200": { + "description": "Status of the password change request", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "requestId": { + "type": "string", + "nullable": true, + "description": "The password change request ID", + "example": "089899f13a8f4da7824996191587bab9" + }, + "state": { + "type": "string", + "enum": [ + "IN_PROGRESS", + "FINISHED", + "FAILED" + ], + "description": "Password change state", + "example": "IN_PROGRESS" + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The errors during the password change request", + "example": [ + "The password change payload is invalid" + ] + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of source IDs in the password change request", + "example": [ + "2c918083746f642c01746f990884012a" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/password-dictionary": { + "get": { + "operationId": "getPasswordDictionary", + "tags": [ + "Password Dictionary" + ], + "summary": "Get Password Dictionary", + "description": "This gets password dictionary for the organization.\nA token with ORG_ADMIN authority is required to call this API.\nThe password dictionary file can contain lines that are:\n1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing\n2. empty lines\n3. locale line - the first line that starts with \"locale=\" is considered to be locale line, the rest are treated as normal content lines\n4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed;\n maximum length of the line is 128 Unicode codepoints\n\n\nPassword dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line).\n Password dict file must contain UTF-8 characters only.\n\n# Sample password text file\n\n```\n\n# Password dictionary small test file\n\nlocale=en_US\n\n# Password dictionary prohibited words\n\nqwerty\nabcd\naaaaa\npassword\nqazxsws\n\n```", + "security": [ + { + "UserContextAuth": [ + "idn:password-dictionary-management:read" + ] + } + ], + "responses": { + "200": { + "description": "A password dictionary response", + "content": { + "text/plain": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putPasswordDictionary", + "tags": [ + "Password Dictionary" + ], + "summary": "Update Password Dictionary", + "description": "This updates password dictionary for the organization.\nA token with ORG_ADMIN authority is required to call this API.\nThe password dictionary file can contain lines that are:\n1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing\n2. empty lines\n3. locale line - the first line that starts with \"locale=\" is considered to be locale line, the rest are treated as normal content lines\n4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed;\n maximum length of the line is 128 Unicode codepoints\n\n\nPassword dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line).\n Password dict file must contain UTF-8 characters only.\n\n# Sample password text file\n\n```\n\n# Password dictionary small test file\n\nlocale=en_US\n\n# Password dictionary prohibited words\n\nqwerty\nabcd\naaaaa\npassword\nqazxsws\n\n```", + "security": [ + { + "UserContextAuth": [ + "idn:password-dictionary:manage" + ] + } + ], + "requestBody": { + "required": true, + "description": "The password dictionary file to be uploaded.", + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "file": { + "type": "string", + "format": "binary" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Successfully updated." + }, + "201": { + "description": "Created." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/password-org-config": { + "get": { + "operationId": "getPasswordOrgConfig", + "tags": [ + "Password Configuration" + ], + "summary": "Get Password Org Config", + "description": "This API returns the password org config . Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:read'", + "security": [ + { + "UserContextAuth": [ + "idn:password-org-config:read" + ] + } + ], + "responses": { + "200": { + "description": "Reference to the password org config.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "customInstructionsEnabled": { + "type": "boolean", + "description": "Indicator whether custom password instructions feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenEnabled": { + "type": "boolean", + "description": "Indicator whether \"digit token\" feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenDurationMinutes": { + "type": "integer", + "format": "int32", + "description": "The duration of \"digit token\" in minutes. The default value is 5.", + "minimum": 1, + "maximum": 60, + "default": 5, + "example": 10 + }, + "digitTokenLength": { + "type": "integer", + "format": "int32", + "description": "The length of \"digit token\". The default value is 6.", + "minimum": 6, + "maximum": 18, + "default": 6, + "example": 9 + } + } + }, + "example": { + "customInstructionsEnabled": true, + "digitTokenDurationMinutes": 9, + "digitTokenEnabled": false, + "digitTokenLength": 6 + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putPasswordOrgConfig", + "tags": [ + "Password Configuration" + ], + "summary": "Update Password Org Config", + "description": "This API updates the password org config for specified fields. Other fields will keep original value.\nYou must set the `customInstructionsEnabled` field to \"true\" to be able to use custom password instructions. \nRequires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write'", + "security": [ + { + "UserContextAuth": [ + "idn:password-org-config:write" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "customInstructionsEnabled": { + "type": "boolean", + "description": "Indicator whether custom password instructions feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenEnabled": { + "type": "boolean", + "description": "Indicator whether \"digit token\" feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenDurationMinutes": { + "type": "integer", + "format": "int32", + "description": "The duration of \"digit token\" in minutes. The default value is 5.", + "minimum": 1, + "maximum": 60, + "default": 5, + "example": 10 + }, + "digitTokenLength": { + "type": "integer", + "format": "int32", + "description": "The length of \"digit token\". The default value is 6.", + "minimum": 6, + "maximum": 18, + "default": 6, + "example": 9 + } + } + }, + "example": { + "digitTokenEnabled": true, + "digitTokenDurationMinutes": 12 + } + } + } + }, + "responses": { + "200": { + "description": "Reference to the password org config.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "customInstructionsEnabled": { + "type": "boolean", + "description": "Indicator whether custom password instructions feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenEnabled": { + "type": "boolean", + "description": "Indicator whether \"digit token\" feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenDurationMinutes": { + "type": "integer", + "format": "int32", + "description": "The duration of \"digit token\" in minutes. The default value is 5.", + "minimum": 1, + "maximum": 60, + "default": 5, + "example": 10 + }, + "digitTokenLength": { + "type": "integer", + "format": "int32", + "description": "The length of \"digit token\". The default value is 6.", + "minimum": 6, + "maximum": 18, + "default": 6, + "example": 9 + } + } + }, + "example": { + "customInstructionsEnabled": true, + "digitTokenDurationMinutes": 12, + "digitTokenEnabled": true, + "digitTokenLength": 6 + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createPasswordOrgConfig", + "tags": [ + "Password Configuration" + ], + "summary": "Create Password Org Config", + "description": "This API creates the password org config. Unspecified fields will use default value.\nTo be able to use the custom password instructions, you must set the `customInstructionsEnabled` field to \"true\".\nRequires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write'", + "security": [ + { + "UserContextAuth": [ + "idn:password-org-config:write" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "customInstructionsEnabled": { + "type": "boolean", + "description": "Indicator whether custom password instructions feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenEnabled": { + "type": "boolean", + "description": "Indicator whether \"digit token\" feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenDurationMinutes": { + "type": "integer", + "format": "int32", + "description": "The duration of \"digit token\" in minutes. The default value is 5.", + "minimum": 1, + "maximum": 60, + "default": 5, + "example": 10 + }, + "digitTokenLength": { + "type": "integer", + "format": "int32", + "description": "The length of \"digit token\". The default value is 6.", + "minimum": 6, + "maximum": 18, + "default": 6, + "example": 9 + } + } + }, + "example": { + "customInstructionsEnabled": true, + "digitTokenEnabled": true, + "digitTokenDurationMinutes": 12, + "digitTokenLength": 9 + } + } + } + }, + "responses": { + "200": { + "description": "Reference to the password org config.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "customInstructionsEnabled": { + "type": "boolean", + "description": "Indicator whether custom password instructions feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenEnabled": { + "type": "boolean", + "description": "Indicator whether \"digit token\" feature is enabled. The default value is false.", + "default": false, + "example": true + }, + "digitTokenDurationMinutes": { + "type": "integer", + "format": "int32", + "description": "The duration of \"digit token\" in minutes. The default value is 5.", + "minimum": 1, + "maximum": 60, + "default": 5, + "example": 10 + }, + "digitTokenLength": { + "type": "integer", + "format": "int32", + "description": "The length of \"digit token\". The default value is 6.", + "minimum": 6, + "maximum": 18, + "default": 6, + "example": 9 + } + } + }, + "example": { + "customInstructionsEnabled": true, + "digitTokenDurationMinutes": 9, + "digitTokenEnabled": true, + "digitTokenLength": 12 + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/reports/{taskResultId}/result": { + "get": { + "tags": [ + "Reports Data Extraction" + ], + "description": "Get the report results for a report that was run or is running. Returns empty report result in case there are no active task definitions with used in payload task definition name.", + "operationId": "getReportResult", + "summary": "Get Report Result", + "security": [ + { + "UserContextAuth": [ + "sp:report-result:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "taskResultId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Unique identifier of the task result which handled report", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "query", + "name": "completed", + "schema": { + "type": "boolean", + "default": false + }, + "required": false, + "description": "state of task result to apply ordering when results are fetching from the DB", + "example": true + } + ], + "responses": { + "200": { + "description": "Details about report that was run or is running.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Details about report result or current state.", + "properties": { + "reportType": { + "type": "string", + "enum": [ + "ACCOUNTS", + "IDENTITIES_DETAILS", + "IDENTITIES", + "IDENTITY_PROFILE_IDENTITY_ERROR", + "ORPHAN_IDENTITIES", + "SEARCH_EXPORT", + "UNCORRELATED_ACCOUNTS" + ], + "description": "Use this property to define what report should be processed in the RDE service.", + "example": "IDENTITIES_DETAILS" + }, + "taskDefName": { + "type": "string", + "description": "Name of the task definition which is started to process requesting report. Usually the same as report name", + "example": "Identities Details Report" + }, + "id": { + "type": "string", + "description": "Unique task definition identifier.", + "example": "a248c16fe22222b2bd49615481311111" + }, + "created": { + "type": "string", + "description": "Report processing start date", + "format": "date-time", + "example": "2020-09-07T42:14:00.364Z" + }, + "status": { + "type": "string", + "enum": [ + "SUCCESS", + "FAILURE", + "WARNING", + "TERMINATED" + ], + "description": "Report current state or result status.", + "example": "SUCCESS" + }, + "duration": { + "type": "integer", + "format": "int64", + "description": "Report processing time in ms.", + "example": 342 + }, + "rows": { + "type": "integer", + "format": "int64", + "description": "Report size in rows.", + "example": 37 + }, + "availableFormats": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "CSV", + "PDF" + ] + }, + "description": "Output report file formats. This are formats for calling get endpoint as a query parameter 'fileFormat'. In case report won't have this argument there will be ['CSV', 'PDF'] as default.", + "example": [ + "CSV" + ] + } + } + }, + "examples": { + "identityDetailsReport": { + "summary": "Identities Details Report result.", + "value": { + "reportType": "IDENTITIES_DETAILS", + "taskDefName": "Identities Details Report", + "id": "1e01d272b8084c4fa12fcf8fa898102d", + "created": "2023-09-07T42:14:05.122Z", + "status": "SUCCESS", + "duration": 3681, + "rows": 193, + "availableFormats": [ + "CSV" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/reports/run": { + "post": { + "tags": [ + "Reports Data Extraction" + ], + "description": "Runs a report according to input report details. If non-concurrent task is already running then it returns, otherwise new task creates and returns.", + "operationId": "startReport", + "summary": "Run Report", + "security": [ + { + "UserContextAuth": [ + "sp:report:create" + ] + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Details about report to be processed.", + "properties": { + "reportType": { + "type": "string", + "enum": [ + "ACCOUNTS", + "IDENTITIES_DETAILS", + "IDENTITIES", + "IDENTITY_PROFILE_IDENTITY_ERROR", + "ORPHAN_IDENTITIES", + "SEARCH_EXPORT", + "UNCORRELATED_ACCOUNTS" + ], + "description": "Use this property to define what report should be processed in the RDE service.", + "example": "IDENTITIES_DETAILS" + }, + "arguments": { + "oneOf": [ + { + "title": "ACCOUNTS", + "type": "object", + "description": "Arguments for Account Export (ACCOUNTS)", + "required": [ + "application", + "sourceName" + ], + "properties": { + "application": { + "type": "string", + "description": "Id of the authoritative source to export related accounts e.g. identities", + "example": "2c9180897eSourceIde781782f705b9" + }, + "sourceName": { + "type": "string", + "description": "Name of the authoritative source for accounts export", + "example": "DataScienceSourceName" + } + } + }, + { + "title": "IDENTITIES_DETAILS", + "type": "object", + "description": "Arguments for Identities details report (IDENTITIES_DETAILS)", + "required": [ + "correlatedOnly" + ], + "properties": { + "correlatedOnly": { + "type": "boolean", + "description": "Boolean FLAG to specify if only correlated identities should be used in report processing", + "default": false, + "example": true + } + } + }, + { + "title": "IDENTITIES", + "type": "object", + "description": "Arguments for Identities report (IDENTITIES)", + "properties": { + "correlatedOnly": { + "type": "boolean", + "description": "Boolean FLAG to specify if only correlated identities should be used in report processing", + "default": false, + "example": true + } + } + }, + { + "title": "IDENTITY_PROFILE_IDENTITY_ERROR", + "type": "object", + "description": "Arguments for Identity Profile Identity Error report (IDENTITY_PROFILE_IDENTITY_ERROR)", + "required": [ + "authoritativeSource" + ], + "properties": { + "authoritativeSource": { + "type": "string", + "description": "Source Id to be checked on errors of identity profiles aggregation", + "example": "1234sourceId5678902" + } + } + }, + { + "title": "ORPHAN_IDENTITIES & UNCORRELATED_ACCOUNTS", + "type": "object", + "description": "Arguments for Orphan Identities report (ORPHAN_IDENTITIES) and Uncorrelated Accounts report (UNCORRELATED_ACCOUNTS)", + "properties": { + "selectedFormats": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "CSV", + "PDF" + ] + }, + "description": "Output report file formats. This are formats for calling get endpoint as a query parameter 'fileFormat'. In case report won't have this argument there will be ['CSV', 'PDF'] as default.", + "example": [ + "CSV" + ] + } + } + }, + { + "title": "SEARCH_EXPORT", + "type": "object", + "description": "Arguments for Search Export report (SEARCH_EXPORT)", + "required": [ + "query" + ], + "properties": { + "indices": { + "description": "The names of the Elasticsearch indices in which to search. If none are provided, then all indices will be searched.", + "externalDocs": { + "description": "Learn more about search indices here.", + "url": "https://documentation.sailpoint.com/saas/help/search/searchable-fields.html" + }, + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "entitlements" + ] + }, + "filters": { + "description": "The filters to be applied for each filtered field name.", + "type": "object", + "additionalProperties": { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "example": { + "source.id": { + "type": "TERMS", + "terms": [ + "2c9180897termsId780bd2920576" + ] + }, + "source.name.exact": { + "type": "TERMS", + "terms": [ + "IdentityNow" + ], + "exclude": true + } + } + }, + "query": { + "type": "object", + "description": "Query parameters used to construct an Elasticsearch query object.", + "properties": { + "query": { + "description": "The query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.", + "type": "string", + "example": "name:a*" + }, + "fields": { + "description": "The fields the query will be applied to. Fields provide you with a simple way to add additional fields to search, without making the query too complicated. For example, you can use the fields to specify that you want your query of \"a*\" to be applied to \"name\", \"firstName\", and the \"source.name\". The response will include all results matching the \"a*\" query found in those three fields. \nA field's availability depends on the indices being searched. For example, if you are searching \"identities\", you can apply your search to the \"firstName\" field, but you couldn't use \"firstName\" with a search on \"access profiles\". Refer to the response schema for the respective lists of available fields. ", + "type": "string", + "example": [ + "firstName,lastName,email" + ] + }, + "timeZone": { + "description": "The time zone to be applied to any range query related to dates.", + "type": "string", + "example": "America/Chicago" + }, + "innerHit": { + "description": "The innerHit query object returns a flattened list of results for the specified nested type.", + "type": "object", + "required": [ + "query", + "type" + ], + "properties": { + "query": { + "description": "The search query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.", + "type": "string", + "example": "source.name:\\\"Active Directory\\\"" + }, + "type": { + "description": "The nested type to use in the inner hits query. The nested type [Nested Type](https://www.elastic.co/guide/en/elasticsearch/reference/current/nested.html) refers to a document \"nested\" within another document. For example, an identity can have nested documents for access, accounts, and apps.", + "type": "string", + "example": "access" + } + } + } + } + }, + "includeNested": { + "description": "Indicates whether nested objects from returned search results should be included.", + "type": "boolean", + "default": true, + "example": true + }, + "sort": { + "description": "The fields to be used to sort the search results. Use + or - to specify the sort direction.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName", + "+id" + ] + } + } + } + ], + "example": { + "application": "2c9180897e7742b2017e781782f705b9", + "sourceName": "DataScienceWorkday" + }, + "description": "The string-object map(dictionary) with the arguments needed for report processing." + } + } + }, + "examples": { + "Identities Details Report": { + "summary": "Identities Details report", + "value": { + "reportType": "IDENTITIES_DETAILS", + "arguments": { + "correlatedOnly": true + } + } + } + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Details about running report task.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Details about job or task type, state and lifecycle.", + "properties": { + "type": { + "type": "string", + "enum": [ + "QUARTZ", + "QPOC", + "MENTOS", + "QUEUED_TASK" + ], + "description": "Type of the job or task underlying in the report processing. It could be a quartz task, QPOC or MENTOS jobs or a refresh/sync task.", + "example": "MENTOS" + }, + "id": { + "type": "string", + "description": "Unique task definition identifier.", + "example": "a248c16fe22222b2bd49615481311111" + }, + "reportType": { + "enum": [ + "ACCOUNTS", + "IDENTITIES_DETAILS", + "IDENTITIES", + "IDENTITY_PROFILE_IDENTITY_ERROR", + "ORPHAN_IDENTITIES", + "SEARCH_EXPORT", + "UNCORRELATED_ACCOUNTS" + ], + "description": "Use this property to define what report should be processed in the RDE service.", + "example": "IDENTITIES_DETAILS" + }, + "description": { + "type": "string", + "description": "Description of the report purpose and/or contents.", + "example": "A detailed view of the identities in the system." + }, + "parentName": { + "type": "string", + "nullable": true, + "description": "Name of the parent task/report if exists.", + "example": "Audit Report" + }, + "launcher": { + "type": "string", + "description": "Name of the report processing initiator.", + "example": "cloudadmin" + }, + "created": { + "type": "string", + "description": "Report creation date", + "format": "date-time", + "example": "2020-09-07T42:14:00.364Z" + }, + "launched": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "Report start date", + "example": "2020-09-07T42:14:00.521Z" + }, + "completed": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "Report completion date", + "example": "2020-09-07T42:14:01.137Z" + }, + "completionStatus": { + "type": "string", + "nullable": true, + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR" + ], + "description": "Report completion status.", + "example": "Success" + }, + "messages": { + "type": "array", + "description": "List of the messages dedicated to the report. From task definition perspective here usually should be warnings or errors.", + "example": [], + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Type of the message.", + "enum": [ + "INFO", + "WARN", + "ERROR" + ], + "example": "WARN" + }, + "error": { + "type": "boolean", + "default": false, + "description": "Flag whether message is an error.", + "example": false + }, + "warning": { + "type": "boolean", + "default": false, + "description": "Flag whether message is a warning.", + "example": true + }, + "key": { + "type": "string", + "description": "Message string identifier.", + "example": "The following account(s) failed to correlate: A,B,C" + }, + "localizedText": { + "type": "string", + "description": "Message context with the locale based language.", + "example": "The following account(s) failed to correlate: A,B,C" + } + } + } + }, + "returns": { + "type": "array", + "description": "Task definition results, if necessary.", + "example": [], + "items": { + "type": "object", + "properties": { + "displayLabel": { + "type": "string", + "description": "Attribute description.", + "example": " " + }, + "attributeName": { + "type": "string", + "description": "System or database attribute name.", + "example": " " + } + } + } + }, + "attributes": { + "type": "object", + "description": "Extra attributes map(dictionary) needed for the report.", + "additionalProperties": { + "type": "object" + }, + "example": { + "org": "an-org" + } + }, + "progress": { + "type": "string", + "nullable": true, + "description": "Current report state.", + "example": "Initializing..." + } + } + }, + "examples": { + "identityDetailsReport": { + "summary": "Identities Details Report task result.", + "value": { + "reportType": "IDENTITIES_DETAILS", + "taskDefName": "Identities Details Report", + "type": "QUARTZ", + "id": "a248c16fe22222b2bd49615481311111", + "created": "2023-09-07T42:14:00.364Z", + "description": "A detailed view of the identities in the system.", + "parentName": "Audit Report", + "launcher": "9832285", + "launched": "2023-09-07T42:14:00.521Z", + "completed": "2023-09-07T42:14:01.137Z", + "messages": [], + "returns": [], + "attributes": { + "org": "an-org" + }, + "progress": "Initializing..." + } + }, + "searchExportReport": { + "summary": "Identities Details Report task result.", + "value": { + "reportType": "SEARCH_EXPORT", + "taskDefName": "Search Export", + "type": "QUARTZ", + "id": "a248c16fe22222b2bd49615481311111", + "created": "2023-09-07T42:14:11.137Z", + "description": "Extract query data from ElasticSearch to CSV", + "parentName": null, + "launcher": "T05293", + "launched": "2020-09-07T42:14:11.137Z", + "completed": "2020-09-07T42:14:13.451Z", + "messages": [], + "returns": [], + "attributes": { + "queryHash": "5e12cf79c67d92e23d4d8cb3e974f87d164e86d4a48d32ecf89645cacfd3f2", + "org": "an-org", + "queryParams": { + "columns": "displayName,firstName,lastName,email,created,attributes.cloudLifecycleState,tags,access.spread,apps.pread,accounts.spread", + "indices": "identities", + "ownerId": "95ecba5c5444439c999aec638ce2a777", + "query": 700007, + "sort": "displayName" + } + }, + "progress": "Initializing..." + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/reports/{id}/cancel": { + "post": { + "tags": [ + "Reports Data Extraction" + ], + "description": "Cancels a running report.", + "operationId": "cancelReport", + "summary": "Cancel Report", + "security": [ + { + "UserContextAuth": [ + "sp:report:delete" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the running Report to cancel", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "a1ed223247144cc29d23c632624b4767" + } + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/reports/{taskResultId}": { + "get": { + "tags": [ + "Reports Data Extraction" + ], + "description": "Gets a report in file format.", + "operationId": "getReport", + "summary": "Get Report File", + "security": [ + { + "UserContextAuth": [ + "sp:report:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "taskResultId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Unique identifier of the task result which handled report", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "query", + "name": "fileFormat", + "schema": { + "type": "string", + "enum": [ + "csv", + "pdf" + ] + }, + "required": true, + "description": "Output format of the requested report file", + "example": "csv" + }, + { + "in": "query", + "name": "name", + "required": false, + "schema": { + "type": "string" + }, + "example": "Identities Details Report", + "description": "preferred Report file name, by default will be used report name from task result." + }, + { + "in": "query", + "name": "auditable", + "required": false, + "schema": { + "type": "boolean", + "default": false + }, + "example": true, + "description": "Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId." + } + ], + "responses": { + "200": { + "description": "Report file in selected format. CSV by default.", + "content": { + "application/csv": { + "schema": { + "type": "string", + "format": "binary" + } + }, + "application/pdf": { + "schema": { + "type": "string", + "format": "binary" + } + } + }, + "headers": { + "Content-disposition": { + "description": "The requested report's filename", + "schema": { + "type": "string" + }, + "example": "attachment;filename=\\\"fileName\"" + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "

File Not Found - 404 Error

The requested file was not found." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-policies": { + "post": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-policy:write" + ] + } + ], + "operationId": "createSodPolicy", + "tags": [ + "SOD Policies" + ], + "summary": "Create SOD policy", + "description": "This creates both General and Conflicting Access Based policy, with a limit of 50 entitlements for each (left & right) criteria for Conflicting Access Based SOD policy.\nRequires role of ORG_ADMIN.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Policy id", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Policy Business Name", + "example": "policy-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "Optional description of the SOD policy", + "example": "This policy ensures compliance of xyz", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + "externalPolicyReference": { + "type": "string", + "description": "Optional External Policy Reference", + "example": "XYZ policy", + "nullable": true + }, + "policyQuery": { + "type": "string", + "description": "Search query of the SOD policy", + "example": "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)" + }, + "compensatingControls": { + "type": "string", + "description": "Optional compensating controls(Mitigating Controls)", + "example": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "nullable": true + }, + "correctionAdvice": { + "type": "string", + "description": "Optional correction advice", + "example": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "nullable": true + }, + "state": { + "type": "string", + "description": "whether the policy is enforced or not", + "enum": [ + "ENFORCED", + "NOT_ENFORCED" + ], + "example": "ENFORCED" + }, + "tags": { + "type": "array", + "description": "tags for this policy object", + "example": [ + "TAG1", + "TAG2" + ], + "items": { + "type": "string" + } + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "nullable": true, + "readOnly": true + }, + "violationOwnerAssignmentConfig": { + "nullable": true, + "type": "object", + "properties": { + "assignmentRule": { + "type": "string", + "enum": [ + "MANAGER", + "STATIC", + null + ], + "description": "Details about the violations owner.\nMANAGER - identity's manager\nSTATIC - Governance Group or Identity", + "example": "MANAGER", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the violation assignment config.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP", + "MANAGER", + null + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + } + }, + "scheduled": { + "type": "boolean", + "description": "defines whether a policy has been scheduled or not", + "example": true, + "default": false + }, + "type": { + "type": "string", + "description": "whether a policy is query based or conflicting access based", + "default": "GENERAL", + "enum": [ + "GENERAL", + "CONFLICTING_ACCESS_BASED" + ], + "example": "GENERAL" + }, + "conflictingAccessCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + } + } + }, + { + "nullable": true + } + ] + } + } + }, + "examples": { + "Conflicting Access Based Policy": { + "value": { + "name": "Conflicting-Policy-Name", + "description": "This policy ensures compliance of xyz", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Owner Name" + }, + "externalPolicyReference": "XYZ policy", + "compensatingControls": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "correctionAdvice": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "state": "ENFORCED", + "tags": [ + "string" + ], + "creatorId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "modifierId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "violationOwnerAssignmentConfig": { + "assignmentRule": "MANAGER", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Violation Owner Name" + } + }, + "scheduled": true, + "type": "CONFLICTING_ACCESS_BASED", + "conflictingAccessCriteria": { + "leftCriteria": { + "name": "money-in", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67" + } + ] + }, + "rightCriteria": { + "name": "money-out", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a68" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a69" + } + ] + } + } + } + }, + "General Policy": { + "value": { + "description": "Description", + "ownerRef": { + "type": "IDENTITY", + "id": "2c918087682f9a86016839c05e8f1aff", + "name": "Owner Name" + }, + "externalPolicyReference": "New policy", + "policyQuery": "policy query implementation", + "compensatingControls": "Compensating controls", + "correctionAdvice": "Correction advice", + "tags": [], + "state": "ENFORCED", + "scheduled": false, + "creatorId": "2c918087682f9a86016839c05e8f1aff", + "modifierId": null, + "violationOwnerAssignmentConfig": null, + "name": "General-Policy-Name" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "SOD policy created", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Policy id", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Policy Business Name", + "example": "policy-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "Optional description of the SOD policy", + "example": "This policy ensures compliance of xyz", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + "externalPolicyReference": { + "type": "string", + "description": "Optional External Policy Reference", + "example": "XYZ policy", + "nullable": true + }, + "policyQuery": { + "type": "string", + "description": "Search query of the SOD policy", + "example": "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)" + }, + "compensatingControls": { + "type": "string", + "description": "Optional compensating controls(Mitigating Controls)", + "example": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "nullable": true + }, + "correctionAdvice": { + "type": "string", + "description": "Optional correction advice", + "example": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "nullable": true + }, + "state": { + "type": "string", + "description": "whether the policy is enforced or not", + "enum": [ + "ENFORCED", + "NOT_ENFORCED" + ], + "example": "ENFORCED" + }, + "tags": { + "type": "array", + "description": "tags for this policy object", + "example": [ + "TAG1", + "TAG2" + ], + "items": { + "type": "string" + } + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "nullable": true, + "readOnly": true + }, + "violationOwnerAssignmentConfig": { + "nullable": true, + "type": "object", + "properties": { + "assignmentRule": { + "type": "string", + "enum": [ + "MANAGER", + "STATIC", + null + ], + "description": "Details about the violations owner.\nMANAGER - identity's manager\nSTATIC - Governance Group or Identity", + "example": "MANAGER", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the violation assignment config.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP", + "MANAGER", + null + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + } + }, + "scheduled": { + "type": "boolean", + "description": "defines whether a policy has been scheduled or not", + "example": true, + "default": false + }, + "type": { + "type": "string", + "description": "whether a policy is query based or conflicting access based", + "default": "GENERAL", + "enum": [ + "GENERAL", + "CONFLICTING_ACCESS_BASED" + ], + "example": "GENERAL" + }, + "conflictingAccessCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + } + } + }, + { + "nullable": true + } + ] + } + } + }, + "examples": { + "Conflicting Access Based Policy": { + "value": { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "name": "Conflicting-Policy-Name", + "created": "2020-01-01T00:00:00.000000Z", + "modified": "2020-01-01T00:00:00.000000Z", + "description": "This policy ensures compliance of xyz", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Owner Name" + }, + "externalPolicyReference": "XYZ policy", + "policyQuery": "@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)", + "compensatingControls": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "correctionAdvice": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "state": "ENFORCED", + "tags": [ + "string" + ], + "creatorId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "modifierId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "violationOwnerAssignmentConfig": { + "assignmentRule": "MANAGER", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Violation Owner Name" + } + }, + "scheduled": true, + "type": "CONFLICTING_ACCESS_BASED", + "conflictingAccessCriteria": { + "leftCriteria": { + "name": "money-in", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67" + } + ] + }, + "rightCriteria": { + "name": "money-out", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a68" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a69" + } + ] + } + } + } + }, + "General Policy": { + "value": { + "description": "Description", + "ownerRef": { + "type": "IDENTITY", + "id": "2c918087682f9a86016839c05e8f1aff", + "name": "Owner Name" + }, + "externalPolicyReference": "New policy", + "policyQuery": "policy query implementation", + "compensatingControls": "Compensating controls", + "correctionAdvice": "Correction advice", + "tags": [], + "state": "ENFORCED", + "scheduled": false, + "creatorId": "2c918087682f9a86016839c05e8f1aff", + "modifierId": null, + "violationOwnerAssignmentConfig": null, + "type": "GENERAL", + "conflictingAccessCriteria": null, + "id": "52c11db4-733e-4c31-949a-766c95ec95f1", + "name": "General-Policy-Name", + "created": "2020-05-12T19:47:38Z", + "modified": "2020-05-12T19:47:38Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-policy:read" + ] + } + ], + "operationId": "listSodPolicies", + "tags": [ + "SOD Policies" + ], + "summary": "List SOD policies", + "description": "This gets list of all SOD policies.\nRequires role of ORG_ADMIN", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in*\n\n**state**: *eq, in*", + "example": "id eq \"bc693f07e7b645539626c25954c58554\"", + "required": false + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "id,name", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, description**" + } + ], + "responses": { + "200": { + "description": "List of all SOD policies.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Policy id", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Policy Business Name", + "example": "policy-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "Optional description of the SOD policy", + "example": "This policy ensures compliance of xyz", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + "externalPolicyReference": { + "type": "string", + "description": "Optional External Policy Reference", + "example": "XYZ policy", + "nullable": true + }, + "policyQuery": { + "type": "string", + "description": "Search query of the SOD policy", + "example": "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)" + }, + "compensatingControls": { + "type": "string", + "description": "Optional compensating controls(Mitigating Controls)", + "example": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "nullable": true + }, + "correctionAdvice": { + "type": "string", + "description": "Optional correction advice", + "example": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "nullable": true + }, + "state": { + "type": "string", + "description": "whether the policy is enforced or not", + "enum": [ + "ENFORCED", + "NOT_ENFORCED" + ], + "example": "ENFORCED" + }, + "tags": { + "type": "array", + "description": "tags for this policy object", + "example": [ + "TAG1", + "TAG2" + ], + "items": { + "type": "string" + } + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "nullable": true, + "readOnly": true + }, + "violationOwnerAssignmentConfig": { + "nullable": true, + "type": "object", + "properties": { + "assignmentRule": { + "type": "string", + "enum": [ + "MANAGER", + "STATIC", + null + ], + "description": "Details about the violations owner.\nMANAGER - identity's manager\nSTATIC - Governance Group or Identity", + "example": "MANAGER", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the violation assignment config.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP", + "MANAGER", + null + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + } + }, + "scheduled": { + "type": "boolean", + "description": "defines whether a policy has been scheduled or not", + "example": true, + "default": false + }, + "type": { + "type": "string", + "description": "whether a policy is query based or conflicting access based", + "default": "GENERAL", + "enum": [ + "GENERAL", + "CONFLICTING_ACCESS_BASED" + ], + "example": "GENERAL" + }, + "conflictingAccessCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + } + } + }, + { + "nullable": true + } + ] + } + } + } + }, + "example": [ + { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "name": "Conflicting-Policy-Name", + "created": "2020-01-01T00:00:00.000000Z", + "modified": "2020-01-01T00:00:00.000000Z", + "description": "This policy ensures compliance of xyz", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Owner Name" + }, + "externalPolicyReference": "XYZ policy", + "policyQuery": "@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)", + "compensatingControls": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "correctionAdvice": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "state": "ENFORCED", + "tags": [ + "string" + ], + "creatorId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "modifierId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "violationOwnerAssignmentConfig": { + "assignmentRule": "MANAGER", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Violation Owner Name" + } + }, + "scheduled": true, + "type": "CONFLICTING_ACCESS_BASED", + "conflictingAccessCriteria": { + "leftCriteria": { + "name": "money-in", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67" + } + ] + }, + "rightCriteria": { + "name": "money-out", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a68" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a69" + } + ] + } + } + }, + { + "description": "Description", + "ownerRef": { + "type": "IDENTITY", + "id": "2c918087682f9a86016839c05e8f1aff", + "name": "Owner Name" + }, + "externalPolicyReference": "New policy", + "policyQuery": "policy query implementation", + "compensatingControls": "Compensating controls", + "correctionAdvice": "Correction advice", + "tags": [], + "state": "ENFORCED", + "scheduled": false, + "creatorId": "2c918087682f9a86016839c05e8f1aff", + "modifierId": null, + "violationOwnerAssignmentConfig": null, + "type": "GENERAL", + "conflictingAccessCriteria": null, + "id": "52c11db4-733e-4c31-949a-766c95ec95f1", + "name": "General-Policy-Name", + "created": "2020-05-12T19:47:38Z", + "modified": "2020-05-12T19:47:38Z" + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-policies/{id}": { + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-policy:read" + ] + } + ], + "operationId": "getSodPolicy", + "tags": [ + "SOD Policies" + ], + "summary": "Get SOD policy by ID", + "description": "This gets specified SOD policy.\nRequires role of ORG_ADMIN.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the SOD Policy to retrieve.", + "example": "ef38f943-47e9-4562-b5bb-8424a56397d8" + } + ], + "responses": { + "200": { + "description": "SOD policy ID.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Policy id", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Policy Business Name", + "example": "policy-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "Optional description of the SOD policy", + "example": "This policy ensures compliance of xyz", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + "externalPolicyReference": { + "type": "string", + "description": "Optional External Policy Reference", + "example": "XYZ policy", + "nullable": true + }, + "policyQuery": { + "type": "string", + "description": "Search query of the SOD policy", + "example": "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)" + }, + "compensatingControls": { + "type": "string", + "description": "Optional compensating controls(Mitigating Controls)", + "example": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "nullable": true + }, + "correctionAdvice": { + "type": "string", + "description": "Optional correction advice", + "example": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "nullable": true + }, + "state": { + "type": "string", + "description": "whether the policy is enforced or not", + "enum": [ + "ENFORCED", + "NOT_ENFORCED" + ], + "example": "ENFORCED" + }, + "tags": { + "type": "array", + "description": "tags for this policy object", + "example": [ + "TAG1", + "TAG2" + ], + "items": { + "type": "string" + } + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "nullable": true, + "readOnly": true + }, + "violationOwnerAssignmentConfig": { + "nullable": true, + "type": "object", + "properties": { + "assignmentRule": { + "type": "string", + "enum": [ + "MANAGER", + "STATIC", + null + ], + "description": "Details about the violations owner.\nMANAGER - identity's manager\nSTATIC - Governance Group or Identity", + "example": "MANAGER", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the violation assignment config.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP", + "MANAGER", + null + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + } + }, + "scheduled": { + "type": "boolean", + "description": "defines whether a policy has been scheduled or not", + "example": true, + "default": false + }, + "type": { + "type": "string", + "description": "whether a policy is query based or conflicting access based", + "default": "GENERAL", + "enum": [ + "GENERAL", + "CONFLICTING_ACCESS_BASED" + ], + "example": "GENERAL" + }, + "conflictingAccessCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + } + } + }, + { + "nullable": true + } + ] + } + } + }, + "examples": { + "Conflicting Access Based Policy": { + "value": { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "name": "Conflicting-Policy-Name", + "created": "2020-01-01T00:00:00.000000Z", + "modified": "2020-01-01T00:00:00.000000Z", + "description": "This policy ensures compliance of xyz", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Owner Name" + }, + "externalPolicyReference": "XYZ policy", + "policyQuery": "@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)", + "compensatingControls": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "correctionAdvice": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "state": "ENFORCED", + "tags": [ + "string" + ], + "creatorId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "modifierId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "violationOwnerAssignmentConfig": { + "assignmentRule": "MANAGER", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Violation Owner Name" + } + }, + "scheduled": true, + "type": "CONFLICTING_ACCESS_BASED", + "conflictingAccessCriteria": { + "leftCriteria": { + "name": "money-in", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67" + } + ] + }, + "rightCriteria": { + "name": "money-out", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a68" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a69" + } + ] + } + } + } + }, + "General Policy": { + "value": { + "description": "Description", + "ownerRef": { + "type": "IDENTITY", + "id": "2c918087682f9a86016839c05e8f1aff", + "name": "Owner Name" + }, + "externalPolicyReference": "New policy", + "policyQuery": "policy query implementation", + "compensatingControls": "Compensating controls", + "correctionAdvice": "Correction advice", + "tags": [], + "state": "ENFORCED", + "scheduled": false, + "creatorId": "2c918087682f9a86016839c05e8f1aff", + "modifierId": null, + "violationOwnerAssignmentConfig": null, + "type": "GENERAL", + "conflictingAccessCriteria": null, + "id": "52c11db4-733e-4c31-949a-766c95ec95f1", + "name": "General-Policy-Name", + "created": "2020-05-12T19:47:38Z", + "modified": "2020-05-12T19:47:38Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-policy:write" + ] + } + ], + "operationId": "putSodPolicy", + "tags": [ + "SOD Policies" + ], + "summary": "Update SOD policy by ID", + "description": "This updates a specified SOD policy.\nRequires role of ORG_ADMIN.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the SOD policy to update.", + "example": "ef38f943-47e9-4562-b5bb-8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Policy id", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Policy Business Name", + "example": "policy-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "Optional description of the SOD policy", + "example": "This policy ensures compliance of xyz", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + "externalPolicyReference": { + "type": "string", + "description": "Optional External Policy Reference", + "example": "XYZ policy", + "nullable": true + }, + "policyQuery": { + "type": "string", + "description": "Search query of the SOD policy", + "example": "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)" + }, + "compensatingControls": { + "type": "string", + "description": "Optional compensating controls(Mitigating Controls)", + "example": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "nullable": true + }, + "correctionAdvice": { + "type": "string", + "description": "Optional correction advice", + "example": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "nullable": true + }, + "state": { + "type": "string", + "description": "whether the policy is enforced or not", + "enum": [ + "ENFORCED", + "NOT_ENFORCED" + ], + "example": "ENFORCED" + }, + "tags": { + "type": "array", + "description": "tags for this policy object", + "example": [ + "TAG1", + "TAG2" + ], + "items": { + "type": "string" + } + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "nullable": true, + "readOnly": true + }, + "violationOwnerAssignmentConfig": { + "nullable": true, + "type": "object", + "properties": { + "assignmentRule": { + "type": "string", + "enum": [ + "MANAGER", + "STATIC", + null + ], + "description": "Details about the violations owner.\nMANAGER - identity's manager\nSTATIC - Governance Group or Identity", + "example": "MANAGER", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the violation assignment config.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP", + "MANAGER", + null + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + } + }, + "scheduled": { + "type": "boolean", + "description": "defines whether a policy has been scheduled or not", + "example": true, + "default": false + }, + "type": { + "type": "string", + "description": "whether a policy is query based or conflicting access based", + "default": "GENERAL", + "enum": [ + "GENERAL", + "CONFLICTING_ACCESS_BASED" + ], + "example": "GENERAL" + }, + "conflictingAccessCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + } + } + }, + { + "nullable": true + } + ] + } + } + }, + "examples": { + "Conflicting Access Based Policy": { + "value": { + "name": "Conflicting-Policy-Name", + "description": "Modified Description", + "externalPolicyReference": "XYZ policy", + "compensatingControls": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "correctionAdvice": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "state": "ENFORCED", + "tags": [ + "string" + ], + "violationOwnerAssignmentConfig": { + "assignmentRule": "MANAGER", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Violation Owner Name" + } + }, + "scheduled": true, + "type": "CONFLICTING_ACCESS_BASED", + "conflictingAccessCriteria": { + "leftCriteria": { + "name": "money-in", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67" + } + ] + }, + "rightCriteria": { + "name": "money-out", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a68" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a69" + } + ] + } + } + } + }, + "General Policy": { + "value": { + "description": "Modified Description", + "ownerRef": { + "type": "IDENTITY", + "id": "2c918087682f9a86016839c05e8f1aff", + "name": "Owner Name" + }, + "externalPolicyReference": "New policy", + "policyQuery": "policy query implementation", + "compensatingControls": "Compensating controls", + "correctionAdvice": "Correction advice", + "tags": [], + "state": "ENFORCED", + "scheduled": false, + "creatorId": "2c918087682f9a86016839c05e8f1aff", + "modifierId": null, + "violationOwnerAssignmentConfig": null, + "type": "GENERAL", + "conflictingAccessCriteria": null, + "id": "52c11db4-733e-4c31-949a-766c95ec95f1", + "name": "General-Policy-Name", + "created": "2020-05-12T19:47:38Z", + "modified": "2020-05-12T19:47:38Z" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "SOD Policy by ID", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Policy id", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Policy Business Name", + "example": "policy-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "Optional description of the SOD policy", + "example": "This policy ensures compliance of xyz", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + "externalPolicyReference": { + "type": "string", + "description": "Optional External Policy Reference", + "example": "XYZ policy", + "nullable": true + }, + "policyQuery": { + "type": "string", + "description": "Search query of the SOD policy", + "example": "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)" + }, + "compensatingControls": { + "type": "string", + "description": "Optional compensating controls(Mitigating Controls)", + "example": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "nullable": true + }, + "correctionAdvice": { + "type": "string", + "description": "Optional correction advice", + "example": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "nullable": true + }, + "state": { + "type": "string", + "description": "whether the policy is enforced or not", + "enum": [ + "ENFORCED", + "NOT_ENFORCED" + ], + "example": "ENFORCED" + }, + "tags": { + "type": "array", + "description": "tags for this policy object", + "example": [ + "TAG1", + "TAG2" + ], + "items": { + "type": "string" + } + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "nullable": true, + "readOnly": true + }, + "violationOwnerAssignmentConfig": { + "nullable": true, + "type": "object", + "properties": { + "assignmentRule": { + "type": "string", + "enum": [ + "MANAGER", + "STATIC", + null + ], + "description": "Details about the violations owner.\nMANAGER - identity's manager\nSTATIC - Governance Group or Identity", + "example": "MANAGER", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the violation assignment config.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP", + "MANAGER", + null + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + } + }, + "scheduled": { + "type": "boolean", + "description": "defines whether a policy has been scheduled or not", + "example": true, + "default": false + }, + "type": { + "type": "string", + "description": "whether a policy is query based or conflicting access based", + "default": "GENERAL", + "enum": [ + "GENERAL", + "CONFLICTING_ACCESS_BASED" + ], + "example": "GENERAL" + }, + "conflictingAccessCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + } + } + }, + { + "nullable": true + } + ] + } + } + }, + "examples": { + "Conflicting Access Based Policy": { + "value": { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "name": "Conflicting-Policy-Name", + "created": "2020-01-01T00:00:00.000000Z", + "modified": "2020-01-01T00:00:00.000000Z", + "description": "Modified description", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Owner Name" + }, + "externalPolicyReference": "XYZ policy", + "policyQuery": "@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)", + "compensatingControls": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "correctionAdvice": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "state": "ENFORCED", + "tags": [ + "string" + ], + "creatorId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "modifierId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "violationOwnerAssignmentConfig": { + "assignmentRule": "MANAGER", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Violation Owner Name" + } + }, + "scheduled": true, + "type": "CONFLICTING_ACCESS_BASED", + "conflictingAccessCriteria": { + "leftCriteria": { + "name": "money-in", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67" + } + ] + }, + "rightCriteria": { + "name": "money-out", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a68" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a69" + } + ] + } + } + } + }, + "General Policy": { + "value": { + "description": "Modified Description", + "ownerRef": { + "type": "IDENTITY", + "id": "2c918087682f9a86016839c05e8f1aff", + "name": "Owner Name" + }, + "externalPolicyReference": "New policy", + "policyQuery": "policy query implementation", + "compensatingControls": "Compensating controls", + "correctionAdvice": "Correction advice", + "tags": [], + "state": "ENFORCED", + "scheduled": false, + "creatorId": "2c918087682f9a86016839c05e8f1aff", + "modifierId": null, + "violationOwnerAssignmentConfig": null, + "type": "GENERAL", + "conflictingAccessCriteria": null, + "id": "52c11db4-733e-4c31-949a-766c95ec95f1", + "name": "General-Policy-Name", + "created": "2020-05-12T19:47:38Z", + "modified": "2020-05-12T19:47:38Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-policy:write" + ] + } + ], + "operationId": "deleteSodPolicy", + "tags": [ + "SOD Policies" + ], + "summary": "Delete SOD policy by ID", + "description": "This deletes a specified SOD policy.\nRequires role of ORG_ADMIN.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the SOD Policy to delete.", + "example": "ef38f943-47e9-4562-b5bb-8424a56397d8" + }, + { + "in": "query", + "name": "logical", + "schema": { + "type": "boolean", + "default": true + }, + "description": "Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.", + "example": true, + "required": false + } + ], + "responses": { + "204": { + "description": "No content." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-policy:write" + ] + } + ], + "operationId": "patchSodPolicy", + "tags": [ + "SOD Policies" + ], + "summary": "Patch SOD policy by ID", + "description": "Allows updating SOD Policy fields other than [\"id\",\"created\",\"creatorId\",\"policyQuery\",\"type\"] using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\nRequires role of ORG_ADMIN.\nThis endpoint can only patch CONFLICTING_ACCESS_BASED type policies. Do not use this endpoint to patch general policies - doing so will build an API exception. ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the SOD policy being modified.", + "example": "2c918083-5d19-1a86-015d-28455b4a2329" + } + ], + "requestBody": { + "required": true, + "description": "A list of SOD Policy update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nThe following fields are patchable:\n* name\n* description\n* ownerRef\n* externalPolicyReference\n* compensatingControls\n* correctionAdvice\n* state\n* tags\n* violationOwnerAssignmentConfig\n* scheduled\n* conflictingAccessCriteria\n", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "examples": { + "Conflicting Access Based Policy": { + "value": [ + { + "op": "replace", + "path": "/description", + "value": "Modified description" + }, + { + "op": "replace", + "path": "/conflictingAccessCriteria/leftCriteria/name", + "value": "money-in-modified" + }, + { + "op": "replace", + "path": "/conflictingAccessCriteria/rightCriteria", + "value": { + "name": "money-out-modified", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c918087682f9a86016839c0509c1ab2" + } + ] + } + } + ] + }, + "General Policy": { + "value": [ + { + "op": "replace", + "path": "/description", + "value": "Modified description" + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "Indicates the PATCH operation succeeded, and returns the SOD policy's new representation.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Policy id", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Policy Business Name", + "example": "policy-xyz" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "Optional description of the SOD policy", + "example": "This policy ensures compliance of xyz", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + "externalPolicyReference": { + "type": "string", + "description": "Optional External Policy Reference", + "example": "XYZ policy", + "nullable": true + }, + "policyQuery": { + "type": "string", + "description": "Search query of the SOD policy", + "example": "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)" + }, + "compensatingControls": { + "type": "string", + "description": "Optional compensating controls(Mitigating Controls)", + "example": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "nullable": true + }, + "correctionAdvice": { + "type": "string", + "description": "Optional correction advice", + "example": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "nullable": true + }, + "state": { + "type": "string", + "description": "whether the policy is enforced or not", + "enum": [ + "ENFORCED", + "NOT_ENFORCED" + ], + "example": "ENFORCED" + }, + "tags": { + "type": "array", + "description": "tags for this policy object", + "example": [ + "TAG1", + "TAG2" + ], + "items": { + "type": "string" + } + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "nullable": true, + "readOnly": true + }, + "violationOwnerAssignmentConfig": { + "nullable": true, + "type": "object", + "properties": { + "assignmentRule": { + "type": "string", + "enum": [ + "MANAGER", + "STATIC", + null + ], + "description": "Details about the violations owner.\nMANAGER - identity's manager\nSTATIC - Governance Group or Identity", + "example": "MANAGER", + "nullable": true + }, + "ownerRef": { + "type": "object", + "description": "The owner of the violation assignment config.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "Owner type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP", + "MANAGER", + null + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + } + }, + "scheduled": { + "type": "boolean", + "description": "defines whether a policy has been scheduled or not", + "example": true, + "default": false + }, + "type": { + "type": "string", + "description": "whether a policy is query based or conflicting access based", + "default": "GENERAL", + "enum": [ + "GENERAL", + "CONFLICTING_ACCESS_BASED" + ], + "example": "GENERAL" + }, + "conflictingAccessCriteria": { + "allOf": [ + { + "type": "object", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Business name for the access construct list", + "example": "money-in" + }, + "criteriaList": { + "type": "array", + "description": "List of criteria. There is a min of 1 and max of 50 items in the list.", + "minItems": 1, + "maxItems": 50, + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ENTITLEMENT" + ], + "description": "Type of the propery to which this reference applies to", + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies to", + "example": "Administrator" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "name": "Administrator" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "name": "Administrator" + } + ] + } + } + } + } + }, + { + "nullable": true + } + ] + } + } + }, + "examples": { + "Conflicting Access Based Policy": { + "value": { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "name": "Conflicting-Policy-Name", + "created": "2020-01-01T00:00:00.000000Z", + "modified": "2020-01-01T00:00:00.000000Z", + "description": "Modified description", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Owner Name" + }, + "externalPolicyReference": "XYZ policy", + "policyQuery": "@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c918087682f9a86016839c0509c1ab2)", + "compensatingControls": "Have a manager review the transaction decisions for their \"out of compliance\" employee", + "correctionAdvice": "Based on the role of the employee, managers should remove access that is not required for their job function.", + "state": "ENFORCED", + "tags": [ + "string" + ], + "creatorId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "modifierId": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "violationOwnerAssignmentConfig": { + "assignmentRule": "MANAGER", + "ownerRef": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "Violation Owner Name" + } + }, + "scheduled": true, + "type": "CONFLICTING_ACCESS_BASED", + "conflictingAccessCriteria": { + "leftCriteria": { + "name": "money-in-modified", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66" + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67" + } + ] + }, + "rightCriteria": { + "name": "money-out-modified", + "criteriaList": [ + { + "type": "ENTITLEMENT", + "id": "2c918087682f9a86016839c0509c1ab2" + } + ] + } + } + } + }, + "General Policy": { + "value": { + "description": "Modified description", + "ownerRef": { + "type": "IDENTITY", + "id": "2c918087682f9a86016839c05e8f1aff", + "name": "Owner Name" + }, + "externalPolicyReference": "New policy", + "policyQuery": "policy query implementation", + "compensatingControls": "Compensating controls", + "correctionAdvice": "Correction advice", + "tags": [], + "state": "ENFORCED", + "scheduled": false, + "creatorId": "2c918087682f9a86016839c05e8f1aff", + "modifierId": null, + "violationOwnerAssignmentConfig": null, + "type": "GENERAL", + "conflictingAccessCriteria": null, + "id": "52c11db4-733e-4c31-949a-766c95ec95f1", + "name": "General-Policy-Name", + "created": "2020-05-12T19:47:38Z", + "modified": "2020-05-12T19:47:38Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-policies/{id}/evaluate": { + "post": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:write" + ] + } + ], + "operationId": "startEvaluateSodPolicy", + "tags": [ + "SOD Policies" + ], + "summary": "Evaluate one policy by ID", + "description": "Runs the scheduled report for the policy retrieved by passed policy ID. The report schedule is fetched from the policy retrieved by ID.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The SOD policy ID to run.", + "example": "ef38f943-47e9-4562-b5bb-8424a56397d8" + } + ], + "responses": { + "200": { + "description": "Reference to the violation report run task.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "SOD policy violation report result.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy violation report result DTO type.", + "enum": [ + "REPORT_RESULT" + ], + "example": "REPORT_RESULT" + }, + "id": { + "type": "string", + "description": "SOD policy violation report result ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of the SOD policy violation report result.", + "example": "SOD Policy 1 Violation" + } + } + }, + { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Status of a SOD policy violation report.", + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR", + "PENDING" + ], + "example": "PENDING" + } + } + } + ] + }, + "example": { + "status": "PENDING", + "type": "REPORT_RESULT", + "id": "37b3b32a-f394-46f8-acad-b5223969fa68", + "name": "Multi Query Report" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-policies/{id}/schedule": { + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-policy:read" + ] + } + ], + "operationId": "getSodPolicySchedule", + "tags": [ + "SOD Policies" + ], + "summary": "Get SOD policy schedule", + "description": "This endpoint gets a specified SOD policy's schedule.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the SOD policy schedule to retrieve.", + "example": "ef38f943-47e9-4562-b5bb-8424a56397d8" + } + ], + "responses": { + "200": { + "description": "SOD policy schedule.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "SOD Policy schedule name", + "example": "SCH-1584312283015" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy schedule is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy schedule is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "SOD Policy schedule description", + "example": "Schedule for policy xyz" + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "type": "array", + "items": { + "type": "object", + "description": "SOD policy recipient.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy recipient DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "SOD policy recipient's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "SOD policy recipient's display name.", + "example": "Michael Michaels" + } + } + } + }, + "emailEmptyResults": { + "type": "boolean", + "description": "Indicates if empty results need to be emailed", + "example": false, + "default": false + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a47c944bf3a2bd742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a47c944bf3a2bd742580fe3bde", + "readOnly": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-policy:write" + ] + } + ], + "operationId": "putPolicySchedule", + "tags": [ + "SOD Policies" + ], + "summary": "Update SOD Policy schedule", + "description": "This updates schedule for a specified SOD policy.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the SOD policy to update its schedule.", + "example": "ef38f943-47e9-4562-b5bb-8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "SOD Policy schedule name", + "example": "SCH-1584312283015" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy schedule is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy schedule is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "SOD Policy schedule description", + "example": "Schedule for policy xyz" + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "type": "array", + "items": { + "type": "object", + "description": "SOD policy recipient.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy recipient DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "SOD policy recipient's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "SOD policy recipient's display name.", + "example": "Michael Michaels" + } + } + } + }, + "emailEmptyResults": { + "type": "boolean", + "description": "Indicates if empty results need to be emailed", + "example": false, + "default": false + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a47c944bf3a2bd742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a47c944bf3a2bd742580fe3bde", + "readOnly": true + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Created or updated SOD policy schedule.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "SOD Policy schedule name", + "example": "SCH-1584312283015" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy schedule is created.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this SOD policy schedule is modified.", + "example": "2020-01-01T00:00:00.000000Z", + "readOnly": true + }, + "description": { + "type": "string", + "description": "SOD Policy schedule description", + "example": "Schedule for policy xyz" + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "type": "array", + "items": { + "type": "object", + "description": "SOD policy recipient.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy recipient DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "SOD policy recipient's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "SOD policy recipient's display name.", + "example": "Michael Michaels" + } + } + } + }, + "emailEmptyResults": { + "type": "boolean", + "description": "Indicates if empty results need to be emailed", + "example": false, + "default": false + }, + "creatorId": { + "type": "string", + "description": "Policy's creator ID", + "example": "0f11f2a47c944bf3a2bd742580fe3bde", + "readOnly": true + }, + "modifierId": { + "type": "string", + "description": "Policy's modifier ID", + "example": "0f11f2a47c944bf3a2bd742580fe3bde", + "readOnly": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-policy:write" + ] + } + ], + "operationId": "deleteSodPolicySchedule", + "tags": [ + "SOD Policies" + ], + "summary": "Delete SOD policy schedule", + "description": "This deletes schedule for a specified SOD policy by ID.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the SOD policy the schedule must be deleted for.", + "example": "ef38f943-47e9-4562-b5bb-8424a56397d8" + } + ], + "responses": { + "204": { + "description": "No content response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-policies/{id}/violation-report/run": { + "post": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:write" + ] + } + ], + "operationId": "startSodPolicy", + "tags": [ + "SOD Policies" + ], + "summary": "Runs SOD policy violation report", + "description": "This invokes processing of violation report for given SOD policy. If the policy reports more than 5000 violations, the report returns with violation limit exceeded message.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The SOD policy ID to run.", + "example": "ef38f943-47e9-4562-b5bb-8424a56397d8" + } + ], + "responses": { + "200": { + "description": "Reference to the violation report run task.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "SOD policy violation report result.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy violation report result DTO type.", + "enum": [ + "REPORT_RESULT" + ], + "example": "REPORT_RESULT" + }, + "id": { + "type": "string", + "description": "SOD policy violation report result ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of the SOD policy violation report result.", + "example": "SOD Policy 1 Violation" + } + } + }, + { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Status of a SOD policy violation report.", + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR", + "PENDING" + ], + "example": "PENDING" + } + } + } + ] + }, + "example": { + "status": "PENDING", + "type": "REPORT_RESULT", + "id": "2e8d8180-24bc-4d21-91c6-7affdb473b0d", + "name": "policy-xyz" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-policies/{id}/violation-report": { + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:read" + ] + } + ], + "operationId": "getSodViolationReportStatus", + "tags": [ + "SOD Policies" + ], + "summary": "Get SOD violation report status", + "description": "This gets the status for a violation report run task that has already been invoked.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the violation report to retrieve status for.", + "example": "ef38f943-47e9-4562-b5bb-8424a56397d8" + } + ], + "responses": { + "200": { + "description": "Status of the violation report run task.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "SOD policy violation report result.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy violation report result DTO type.", + "enum": [ + "REPORT_RESULT" + ], + "example": "REPORT_RESULT" + }, + "id": { + "type": "string", + "description": "SOD policy violation report result ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of the SOD policy violation report result.", + "example": "SOD Policy 1 Violation" + } + } + }, + { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Status of a SOD policy violation report.", + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR", + "PENDING" + ], + "example": "PENDING" + } + } + } + ] + }, + "example": { + "status": "SUCCESS", + "type": "REPORT_RESULT", + "id": "2e8d8180-24bc-4d21-91c6-7affdb473b0d", + "name": "policy-xyz" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-policies/sod-violation-report-status/{reportResultId}": { + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:read" + ] + } + ], + "operationId": "getSodViolationReportRunStatus", + "tags": [ + "SOD Policies" + ], + "summary": "Get violation report run status", + "description": "This gets the status for a violation report run task that has already been invoked.", + "parameters": [ + { + "in": "path", + "name": "reportResultId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the report reference to retrieve.", + "example": "2e8d8180-24bc-4d21-91c6-7affdb473b0d" + } + ], + "responses": { + "200": { + "description": "Status of the violation report run task.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "SOD policy violation report result.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy violation report result DTO type.", + "enum": [ + "REPORT_RESULT" + ], + "example": "REPORT_RESULT" + }, + "id": { + "type": "string", + "description": "SOD policy violation report result ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of the SOD policy violation report result.", + "example": "SOD Policy 1 Violation" + } + } + }, + { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Status of a SOD policy violation report.", + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR", + "PENDING" + ], + "example": "PENDING" + } + } + } + ] + }, + "example": { + "status": "SUCCESS", + "type": "REPORT_RESULT", + "id": "2e8d8180-24bc-4d21-91c6-7affdb473b0d", + "name": "policy-xyz" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-violations/predict": { + "post": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:read" + ] + } + ], + "operationId": "startPredictSodViolations", + "tags": [ + "SOD Violations" + ], + "summary": "Predict SOD violations for identity.", + "description": "This API is used to check if granting some additional accesses would cause the subject to be in violation of any SOD policies. Returns the violations that would be caused.\n\nA token with ORG_ADMIN or API authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "description": "An identity with a set of access to be added", + "required": [ + "identityId", + "accessRefs" + ], + "type": "object", + "properties": { + "identityId": { + "description": "Identity id to be checked.", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "accessRefs": { + "description": "The list of entitlements to consider for possible violations in a preventive check.", + "type": "array", + "items": { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c918087682f9a86016839c050861ab1", + "name": "CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local" + }, + { + "type": "ENTITLEMENT", + "id": "2c918087682f9a86016839c0509c1ab2", + "name": "CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local" + } + ] + } + } + }, + "example": { + "identityId": "2c91808568c529c60168cca6f90c1313", + "accessRefs": [ + { + "type": "ENTITLEMENT", + "id": "2c918087682f9a86016839c050861ab1", + "name": "CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local" + }, + { + "type": "ENTITLEMENT", + "id": "2c918087682f9a86016839c0509c1ab2", + "name": "CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local" + } + ] + } + } + } + }, + "responses": { + "200": { + "description": "Violation Contexts", + "content": { + "application/json": { + "schema": { + "description": "An object containing a listing of the SOD violation reasons detected by this check.", + "required": [ + "requestId" + ], + "type": "object", + "properties": { + "violationContexts": { + "type": "array", + "description": "List of Violation Contexts", + "items": { + "type": "object", + "properties": { + "policy": { + "allOf": [ + { + "type": "object", + "description": "SOD policy.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy DTO type.", + "enum": [ + "SOD_POLICY" + ], + "example": "SOD_POLICY" + }, + "id": { + "type": "string", + "description": "SOD policy ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "SOD policy display name.", + "example": "Business SOD Policy" + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "SOD_POLICY" + }, + "name": { + "type": "string", + "example": "A very cool policy name" + } + } + } + ], + "description": "The types of objects supported for SOD violations", + "properties": { + "type": { + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT", + "description": "The type of object that is referenced" + } + } + }, + "conflictingAccessCriteria": { + "nullable": false, + "description": "The object which contains the left and right hand side of the entitlements that got violated according to the policy.", + "type": "object", + "properties": { + "leftCriteria": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "description": "List of exception criteria. There is a min of 1 and max of 50 items in the list.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "DTO type", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "CN=HelpDesk,OU=test,OU=test-service,DC=TestAD,DC=local" + }, + "existing": { + "type": "boolean", + "description": "Whether the subject identity already had that access or not", + "default": false, + "example": true + } + }, + "description": "Access reference with addition of boolean existing flag to indicate whether the access was extant" + } + ], + "description": "The types of objects supported for SOD violations", + "properties": { + "type": { + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT", + "description": "The type of object that is referenced" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "existing": true + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "existing": false + } + ] + } + } + }, + "rightCriteria": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "description": "List of exception criteria. There is a min of 1 and max of 50 items in the list.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "DTO type", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "CN=HelpDesk,OU=test,OU=test-service,DC=TestAD,DC=local" + }, + "existing": { + "type": "boolean", + "description": "Whether the subject identity already had that access or not", + "default": false, + "example": true + } + }, + "description": "Access reference with addition of boolean existing flag to indicate whether the access was extant" + } + ], + "description": "The types of objects supported for SOD violations", + "properties": { + "type": { + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT", + "description": "The type of object that is referenced" + } + } + }, + "example": [ + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a66", + "existing": true + }, + { + "type": "ENTITLEMENT", + "id": "2c9180866166b5b0016167c32ef31a67", + "existing": false + } + ] + } + } + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-violations/check": { + "post": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:read" + ] + } + ], + "operationId": "startViolationCheck", + "tags": [ + "SOD Violations" + ], + "summary": "Check SOD violations", + "description": "This API initiates a SOD policy verification asynchronously.\n\nA token with ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "description": "An identity with a set of access to be added", + "required": [ + "identityId", + "accessRefs" + ], + "type": "object", + "properties": { + "identityId": { + "description": "Set of identity IDs to be checked.", + "type": "string", + "example": "2c91809050db617d0150e0bf3215385e" + }, + "accessRefs": { + "description": "The bundle of access profiles to be added to the identities specified. All references must be ENTITLEMENT type.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Entitlement including a specific set of access.", + "properties": { + "type": { + "type": "string", + "description": "Entitlement's DTO type.", + "enum": [ + "ENTITLEMENT" + ], + "example": "ENTITLEMENT" + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c91809773dee32014e13e122092014e" + }, + "name": { + "type": "string", + "description": "Entitlement's display name.", + "example": "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local" + } + } + } + ] + } + }, + "clientMetadata": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check.", + "example": { + "clientName": "client1", + "clientId": "2c91808f7892918f0178b78da4a305a1" + } + } + } + }, + "example": { + "identityId": "2c91808568c529c60168cca6f90c1313", + "accessRefs": [ + { + "type": "ENTITLEMENT", + "id": "2c918087682f9a86016839c050861ab1", + "name": "CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local" + }, + { + "type": "ENTITLEMENT", + "id": "2c918087682f9a86016839c0509c1ab2", + "name": "CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local" + } + ], + "clientMetadata": { + "additionalProp1": "string", + "additionalProp2": "string", + "additionalProp3": "string" + } + } + } + } + }, + "responses": { + "202": { + "description": "Request ID with a timestamp.", + "content": { + "application/json": { + "schema": { + "description": "An object referencing an SOD violation check", + "required": [ + "requestId" + ], + "type": "object", + "properties": { + "requestId": { + "description": "The id of the original request", + "example": "089899f13a8f4da7824996191587bab9", + "type": "string" + }, + "created": { + "type": "string", + "format": "date-time", + "readOnly": true, + "description": "The date-time when this request was created.", + "example": "2020-01-01T00:00:00.000000Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-violation-report/run": { + "post": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:write" + ] + } + ], + "operationId": "startSodAllPoliciesForOrg", + "tags": [ + "SOD Policies" + ], + "summary": "Runs all policies for org", + "description": "Runs multi-policy report for the org. If a policy reports more than 5000 violations, the report mentions that the violation limit was exceeded for that policy. If the request is empty, the report runs for all policies. Otherwise, the report runs for only the filtered policy list provided.", + "requestBody": { + "required": false, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "filteredPolicyList": { + "type": "array", + "description": "Multi-policy report will be run for this list of ids", + "items": { + "type": "string", + "example": [ + "b868cd40-ffa4-4337-9c07-1a51846cfa94", + "63a07a7b-39a4-48aa-956d-50c827deba2a" + ] + } + } + } + }, + "example": { + "filteredPolicyList": [ + "b868cd40-ffa4-4337-9c07-1a51846cfa94", + "63a07a7b-39a4-48aa-956d-50c827deba2a" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Reference to the violation report run task.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "SOD policy violation report result.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy violation report result DTO type.", + "enum": [ + "REPORT_RESULT" + ], + "example": "REPORT_RESULT" + }, + "id": { + "type": "string", + "description": "SOD policy violation report result ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of the SOD policy violation report result.", + "example": "SOD Policy 1 Violation" + } + } + }, + { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Status of a SOD policy violation report.", + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR", + "PENDING" + ], + "example": "PENDING" + } + } + } + ] + }, + "example": { + "status": "PENDING", + "type": "REPORT_RESULT", + "id": "37b3b32a-f394-46f8-acad-b5223969fa68", + "name": "Multi Query Report" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-violation-report": { + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:read" + ] + } + ], + "operationId": "getSodAllReportRunStatus", + "tags": [ + "SOD Policies" + ], + "summary": "Get multi-report run task status", + "description": "This endpoint gets the status for a violation report for all policy run.", + "responses": { + "200": { + "description": "Status of the violation report run task for all policy run.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "SOD policy violation report result.", + "properties": { + "type": { + "type": "string", + "description": "SOD policy violation report result DTO type.", + "enum": [ + "REPORT_RESULT" + ], + "example": "REPORT_RESULT" + }, + "id": { + "type": "string", + "description": "SOD policy violation report result ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of the SOD policy violation report result.", + "example": "SOD Policy 1 Violation" + } + } + }, + { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Status of a SOD policy violation report.", + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR", + "PENDING" + ], + "example": "PENDING" + } + } + } + ] + }, + "example": { + "status": "SUCCESS", + "type": "REPORT_RESULT", + "id": "37b3b32a-f394-46f8-acad-b5223969fa68", + "name": "Multi Query Report" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-violation-report/{reportResultId}/download": { + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:read" + ] + } + ], + "operationId": "getDefaultViolationReport", + "tags": [ + "SOD Policies" + ], + "summary": "Download violation report", + "description": "This allows to download a violation report for a given report reference.", + "parameters": [ + { + "in": "path", + "name": "reportResultId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the report reference to download.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "Returns the PolicyReport.zip that contains the violation report file.", + "content": { + "application/zip": { + "schema": { + "type": "string", + "format": "binary" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sod-violation-report/{reportResultId}/download/{fileName}": { + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:sod-violation:read" + ] + } + ], + "operationId": "getCustomViolationReport", + "tags": [ + "SOD Policies" + ], + "summary": "Download custom violation report", + "description": "This allows to download a specified named violation report for a given report reference.", + "parameters": [ + { + "in": "path", + "name": "reportResultId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the report reference to download.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "path", + "name": "fileName", + "schema": { + "type": "string" + }, + "required": true, + "description": "Custom Name for the file.", + "example": "custom-name" + } + ], + "responses": { + "200": { + "description": "Returns the zip file with given custom name that contains the violation report file.", + "content": { + "application/zip": { + "schema": { + "type": "string", + "format": "binary" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources": { + "get": { + "operationId": "listSources", + "security": [ + { + "UserContextAuth": [ + "idn:sources:read" + ] + } + ], + "tags": [ + "Sources" + ], + "summary": "Lists all sources in IdentityNow.", + "description": "This end-point lists all the sources in IdentityNow.\nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or ROLE_SUBADMIN authority is required to call this API.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "example": "name eq \"Employees\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**name**: *co, eq, in, sw, ge, gt, ne, isnull*\n\n**type**: *eq, in, ge, gt, ne, isnull, sw*\n\n**owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**features**: *ca, co*\n\n**created**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**description**: *eq, sw*\n\n**authoritative**: *eq, ne, isnull*\n\n**healthy**: *isnull*\n\n**status**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**connectorName**: *eq, ge, gt, in, ne, isnull, sw*\n\n**category**: *co, eq, ge, gt, in, le, lt, ne, sw*" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "name", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType**" + }, + { + "in": "query", + "name": "for-subadmin", + "schema": { + "type": "string" + }, + "example": "name", + "description": "Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user.\nSubadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned." + } + ], + "responses": { + "200": { + "description": "List of Source objects", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Source ID.", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Source's human-readable name.", + "example": "My Source" + }, + "description": { + "type": "string", + "description": "Source's human-readable description.", + "example": "This is the corporate directory." + }, + "owner": { + "description": "Reference to identity object who owns the source.", + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner identity's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Owner identity's human-readable display name.", + "example": "MyName" + } + } + }, + "cluster": { + "description": "Reference to the source's associated cluster.", + "type": "object", + "nullable": true, + "required": [ + "name", + "id", + "type" + ], + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Cluster ID.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Cluster's human-readable display name.", + "example": "Corporate Cluster" + } + } + }, + "accountCorrelationConfig": { + "description": "Reference to account correlation config object.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG" + ], + "example": "ACCOUNT_CORRELATION_CONFIG" + }, + "id": { + "type": "string", + "description": "Account correlation config ID.", + "example": "2c9180855d191c59015d28583727245a" + }, + "name": { + "type": "string", + "description": "Account correlation config's human-readable display name.", + "example": "Directory [source-62867] Account Correlation" + } + } + }, + "accountCorrelationRule": { + "description": "Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "managerCorrelationMapping": { + "allOf": [ + { + "type": "object", + "properties": { + "accountAttributeName": { + "type": "string", + "description": "Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity.", + "example": "manager" + }, + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute.", + "example": "manager" + } + } + }, + { + "nullable": true, + "description": "Filter object used during manager correlation to match incoming manager values to an existing manager's\naccount/identity.\n" + } + ] + }, + "managerCorrelationRule": { + "description": "Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "beforeProvisioningRule": { + "description": "Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "schemas": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "Schema ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Schema's human-readable display name.", + "example": "MySchema" + } + } + }, + "description": "List of references to schema objects.", + "example": [ + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232a", + "name": "account" + }, + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232b", + "name": "group" + } + ] + }, + "passwordPolicies": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "PASSWORD_POLICY" + ], + "example": "PASSWORD_POLICY" + }, + "id": { + "type": "string", + "description": "Policy ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Policy's human-readable display name.", + "example": "My Password Policy" + } + } + }, + "description": "List of references to the associated PasswordPolicy objects.", + "example": [ + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb053980", + "name": "Corporate Password Policy" + }, + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb057777", + "name": "Vendor Password Policy" + } + ] + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "connector": { + "type": "string", + "description": "Connector script name.", + "example": "active-directory" + }, + "connectorClass": { + "type": "string", + "description": "Fully qualified name of the Java class that implements the connector interface.", + "example": "sailpoint.connector.LDAPConnector" + }, + "connectorAttributes": { + "type": "object", + "description": "Connector specific configuration. This configuration will differ from type to type.", + "example": { + "healthCheckTimeout": 30, + "authSearchAttributes": [ + "cn", + "uid", + "mail" + ] + } + }, + "deleteThreshold": { + "type": "integer", + "format": "int32", + "description": "Number from 0 to 100 that specifies when to skip the delete phase.", + "example": 10 + }, + "authoritative": { + "type": "boolean", + "description": "When this is true, it indicates that the source is referenced by an identity profile.", + "default": false, + "example": false + }, + "managementWorkgroup": { + "description": "Reference to management workgroup for the source.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "Management workgroup ID.", + "example": "2c91808568c529c60168cca6f90c2222" + }, + "name": { + "type": "string", + "description": "Management workgroup's human-readable display name.", + "example": "My Management Workgroup" + } + } + }, + "healthy": { + "type": "boolean", + "description": "When this is true, it indicates that the source is healthy.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT", + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "Status identifier that gives specific information about why a source is or isn't healthy. ", + "example": "SOURCE_STATE_HEALTHY" + }, + "since": { + "type": "string", + "description": "Timestamp that shows when a source health check was last performed.", + "example": "2021-09-28T15:48:29.380Z" + }, + "connectorId": { + "type": "string", + "description": "Connector ID", + "example": "active-directory" + }, + "connectorName": { + "type": "string", + "description": "Name of the connector that was chosen during source creation.", + "example": "Active Directory" + }, + "connectionType": { + "type": "string", + "description": "Type of connection (direct or file).", + "example": "file" + }, + "connectorImplementationId": { + "type": "string", + "description": "Connector implementation ID.", + "example": "delimited-file" + }, + "created": { + "type": "string", + "description": "Date-time when the source was created", + "format": "date-time", + "example": "2022-02-08T14:50:03.827Z" + }, + "modified": { + "type": "string", + "description": "Date-time when the source was last modified.", + "format": "date-time", + "example": "2024-01-23T18:08:50.897Z" + }, + "credentialProviderEnabled": { + "type": "boolean", + "description": "If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.", + "default": false, + "example": false + }, + "category": { + "type": "string", + "nullable": true, + "default": null, + "description": "Source category (e.g. null, CredentialProvider).", + "example": "CredentialProvider" + } + }, + "required": [ + "name", + "owner", + "connector" + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createSource", + "security": [ + { + "UserContextAuth": [ + "idn:sources:manage" + ] + } + ], + "tags": [ + "Sources" + ], + "summary": "Creates a source in IdentityNow.", + "description": "This creates a specific source with a full source JSON representation. Any passwords are submitted as plain-text and encrypted upon receipt in IdentityNow.\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "parameters": [ + { + "in": "query", + "name": "provisionAsCsv", + "description": "If this parameter is `true`, it configures the source as a Delimited File (CSV) source. Setting this to `true` will automatically set the `type` of the source to `DelimitedFile`. You must use this query parameter to create a Delimited File source as you would in the UI. If you don't set this query parameter and you attempt to set the `type` attribute directly, the request won't correctly generate the source. ", + "schema": { + "type": "boolean" + }, + "required": false, + "example": false + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Source ID.", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Source's human-readable name.", + "example": "My Source" + }, + "description": { + "type": "string", + "description": "Source's human-readable description.", + "example": "This is the corporate directory." + }, + "owner": { + "description": "Reference to identity object who owns the source.", + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner identity's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Owner identity's human-readable display name.", + "example": "MyName" + } + } + }, + "cluster": { + "description": "Reference to the source's associated cluster.", + "type": "object", + "nullable": true, + "required": [ + "name", + "id", + "type" + ], + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Cluster ID.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Cluster's human-readable display name.", + "example": "Corporate Cluster" + } + } + }, + "accountCorrelationConfig": { + "description": "Reference to account correlation config object.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG" + ], + "example": "ACCOUNT_CORRELATION_CONFIG" + }, + "id": { + "type": "string", + "description": "Account correlation config ID.", + "example": "2c9180855d191c59015d28583727245a" + }, + "name": { + "type": "string", + "description": "Account correlation config's human-readable display name.", + "example": "Directory [source-62867] Account Correlation" + } + } + }, + "accountCorrelationRule": { + "description": "Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "managerCorrelationMapping": { + "allOf": [ + { + "type": "object", + "properties": { + "accountAttributeName": { + "type": "string", + "description": "Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity.", + "example": "manager" + }, + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute.", + "example": "manager" + } + } + }, + { + "nullable": true, + "description": "Filter object used during manager correlation to match incoming manager values to an existing manager's\naccount/identity.\n" + } + ] + }, + "managerCorrelationRule": { + "description": "Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "beforeProvisioningRule": { + "description": "Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "schemas": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "Schema ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Schema's human-readable display name.", + "example": "MySchema" + } + } + }, + "description": "List of references to schema objects.", + "example": [ + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232a", + "name": "account" + }, + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232b", + "name": "group" + } + ] + }, + "passwordPolicies": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "PASSWORD_POLICY" + ], + "example": "PASSWORD_POLICY" + }, + "id": { + "type": "string", + "description": "Policy ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Policy's human-readable display name.", + "example": "My Password Policy" + } + } + }, + "description": "List of references to the associated PasswordPolicy objects.", + "example": [ + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb053980", + "name": "Corporate Password Policy" + }, + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb057777", + "name": "Vendor Password Policy" + } + ] + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "connector": { + "type": "string", + "description": "Connector script name.", + "example": "active-directory" + }, + "connectorClass": { + "type": "string", + "description": "Fully qualified name of the Java class that implements the connector interface.", + "example": "sailpoint.connector.LDAPConnector" + }, + "connectorAttributes": { + "type": "object", + "description": "Connector specific configuration. This configuration will differ from type to type.", + "example": { + "healthCheckTimeout": 30, + "authSearchAttributes": [ + "cn", + "uid", + "mail" + ] + } + }, + "deleteThreshold": { + "type": "integer", + "format": "int32", + "description": "Number from 0 to 100 that specifies when to skip the delete phase.", + "example": 10 + }, + "authoritative": { + "type": "boolean", + "description": "When this is true, it indicates that the source is referenced by an identity profile.", + "default": false, + "example": false + }, + "managementWorkgroup": { + "description": "Reference to management workgroup for the source.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "Management workgroup ID.", + "example": "2c91808568c529c60168cca6f90c2222" + }, + "name": { + "type": "string", + "description": "Management workgroup's human-readable display name.", + "example": "My Management Workgroup" + } + } + }, + "healthy": { + "type": "boolean", + "description": "When this is true, it indicates that the source is healthy.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT", + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "Status identifier that gives specific information about why a source is or isn't healthy. ", + "example": "SOURCE_STATE_HEALTHY" + }, + "since": { + "type": "string", + "description": "Timestamp that shows when a source health check was last performed.", + "example": "2021-09-28T15:48:29.380Z" + }, + "connectorId": { + "type": "string", + "description": "Connector ID", + "example": "active-directory" + }, + "connectorName": { + "type": "string", + "description": "Name of the connector that was chosen during source creation.", + "example": "Active Directory" + }, + "connectionType": { + "type": "string", + "description": "Type of connection (direct or file).", + "example": "file" + }, + "connectorImplementationId": { + "type": "string", + "description": "Connector implementation ID.", + "example": "delimited-file" + }, + "created": { + "type": "string", + "description": "Date-time when the source was created", + "format": "date-time", + "example": "2022-02-08T14:50:03.827Z" + }, + "modified": { + "type": "string", + "description": "Date-time when the source was last modified.", + "format": "date-time", + "example": "2024-01-23T18:08:50.897Z" + }, + "credentialProviderEnabled": { + "type": "boolean", + "description": "If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.", + "default": false, + "example": false + }, + "category": { + "type": "string", + "nullable": true, + "default": null, + "description": "Source category (e.g. null, CredentialProvider).", + "example": "CredentialProvider" + } + }, + "required": [ + "name", + "owner", + "connector" + ] + } + } + } + }, + "responses": { + "201": { + "description": "Created Source object. Any passwords will only show the the encrypted cipher-text, as they are not decrypt-able in IdentityNow cloud-based services, per IdentityNow security design.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Source ID.", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Source's human-readable name.", + "example": "My Source" + }, + "description": { + "type": "string", + "description": "Source's human-readable description.", + "example": "This is the corporate directory." + }, + "owner": { + "description": "Reference to identity object who owns the source.", + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner identity's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Owner identity's human-readable display name.", + "example": "MyName" + } + } + }, + "cluster": { + "description": "Reference to the source's associated cluster.", + "type": "object", + "nullable": true, + "required": [ + "name", + "id", + "type" + ], + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Cluster ID.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Cluster's human-readable display name.", + "example": "Corporate Cluster" + } + } + }, + "accountCorrelationConfig": { + "description": "Reference to account correlation config object.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG" + ], + "example": "ACCOUNT_CORRELATION_CONFIG" + }, + "id": { + "type": "string", + "description": "Account correlation config ID.", + "example": "2c9180855d191c59015d28583727245a" + }, + "name": { + "type": "string", + "description": "Account correlation config's human-readable display name.", + "example": "Directory [source-62867] Account Correlation" + } + } + }, + "accountCorrelationRule": { + "description": "Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "managerCorrelationMapping": { + "allOf": [ + { + "type": "object", + "properties": { + "accountAttributeName": { + "type": "string", + "description": "Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity.", + "example": "manager" + }, + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute.", + "example": "manager" + } + } + }, + { + "nullable": true, + "description": "Filter object used during manager correlation to match incoming manager values to an existing manager's\naccount/identity.\n" + } + ] + }, + "managerCorrelationRule": { + "description": "Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "beforeProvisioningRule": { + "description": "Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "schemas": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "Schema ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Schema's human-readable display name.", + "example": "MySchema" + } + } + }, + "description": "List of references to schema objects.", + "example": [ + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232a", + "name": "account" + }, + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232b", + "name": "group" + } + ] + }, + "passwordPolicies": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "PASSWORD_POLICY" + ], + "example": "PASSWORD_POLICY" + }, + "id": { + "type": "string", + "description": "Policy ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Policy's human-readable display name.", + "example": "My Password Policy" + } + } + }, + "description": "List of references to the associated PasswordPolicy objects.", + "example": [ + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb053980", + "name": "Corporate Password Policy" + }, + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb057777", + "name": "Vendor Password Policy" + } + ] + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "connector": { + "type": "string", + "description": "Connector script name.", + "example": "active-directory" + }, + "connectorClass": { + "type": "string", + "description": "Fully qualified name of the Java class that implements the connector interface.", + "example": "sailpoint.connector.LDAPConnector" + }, + "connectorAttributes": { + "type": "object", + "description": "Connector specific configuration. This configuration will differ from type to type.", + "example": { + "healthCheckTimeout": 30, + "authSearchAttributes": [ + "cn", + "uid", + "mail" + ] + } + }, + "deleteThreshold": { + "type": "integer", + "format": "int32", + "description": "Number from 0 to 100 that specifies when to skip the delete phase.", + "example": 10 + }, + "authoritative": { + "type": "boolean", + "description": "When this is true, it indicates that the source is referenced by an identity profile.", + "default": false, + "example": false + }, + "managementWorkgroup": { + "description": "Reference to management workgroup for the source.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "Management workgroup ID.", + "example": "2c91808568c529c60168cca6f90c2222" + }, + "name": { + "type": "string", + "description": "Management workgroup's human-readable display name.", + "example": "My Management Workgroup" + } + } + }, + "healthy": { + "type": "boolean", + "description": "When this is true, it indicates that the source is healthy.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT", + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "Status identifier that gives specific information about why a source is or isn't healthy. ", + "example": "SOURCE_STATE_HEALTHY" + }, + "since": { + "type": "string", + "description": "Timestamp that shows when a source health check was last performed.", + "example": "2021-09-28T15:48:29.380Z" + }, + "connectorId": { + "type": "string", + "description": "Connector ID", + "example": "active-directory" + }, + "connectorName": { + "type": "string", + "description": "Name of the connector that was chosen during source creation.", + "example": "Active Directory" + }, + "connectionType": { + "type": "string", + "description": "Type of connection (direct or file).", + "example": "file" + }, + "connectorImplementationId": { + "type": "string", + "description": "Connector implementation ID.", + "example": "delimited-file" + }, + "created": { + "type": "string", + "description": "Date-time when the source was created", + "format": "date-time", + "example": "2022-02-08T14:50:03.827Z" + }, + "modified": { + "type": "string", + "description": "Date-time when the source was last modified.", + "format": "date-time", + "example": "2024-01-23T18:08:50.897Z" + }, + "credentialProviderEnabled": { + "type": "boolean", + "description": "If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.", + "default": false, + "example": false + }, + "category": { + "type": "string", + "nullable": true, + "default": null, + "description": "Source category (e.g. null, CredentialProvider).", + "example": "CredentialProvider" + } + }, + "required": [ + "name", + "owner", + "connector" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{id}": { + "get": { + "operationId": "getSource", + "security": [ + { + "UserContextAuth": [ + "idn:sources:read" + ] + } + ], + "tags": [ + "Sources" + ], + "summary": "Get Source by ID", + "description": "Use this API to get a source by a specified ID in Identity Security Cloud (ISC).\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Source ID.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "200": { + "description": "Source object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Source ID.", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Source's human-readable name.", + "example": "My Source" + }, + "description": { + "type": "string", + "description": "Source's human-readable description.", + "example": "This is the corporate directory." + }, + "owner": { + "description": "Reference to identity object who owns the source.", + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner identity's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Owner identity's human-readable display name.", + "example": "MyName" + } + } + }, + "cluster": { + "description": "Reference to the source's associated cluster.", + "type": "object", + "nullable": true, + "required": [ + "name", + "id", + "type" + ], + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Cluster ID.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Cluster's human-readable display name.", + "example": "Corporate Cluster" + } + } + }, + "accountCorrelationConfig": { + "description": "Reference to account correlation config object.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG" + ], + "example": "ACCOUNT_CORRELATION_CONFIG" + }, + "id": { + "type": "string", + "description": "Account correlation config ID.", + "example": "2c9180855d191c59015d28583727245a" + }, + "name": { + "type": "string", + "description": "Account correlation config's human-readable display name.", + "example": "Directory [source-62867] Account Correlation" + } + } + }, + "accountCorrelationRule": { + "description": "Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "managerCorrelationMapping": { + "allOf": [ + { + "type": "object", + "properties": { + "accountAttributeName": { + "type": "string", + "description": "Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity.", + "example": "manager" + }, + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute.", + "example": "manager" + } + } + }, + { + "nullable": true, + "description": "Filter object used during manager correlation to match incoming manager values to an existing manager's\naccount/identity.\n" + } + ] + }, + "managerCorrelationRule": { + "description": "Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "beforeProvisioningRule": { + "description": "Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "schemas": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "Schema ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Schema's human-readable display name.", + "example": "MySchema" + } + } + }, + "description": "List of references to schema objects.", + "example": [ + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232a", + "name": "account" + }, + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232b", + "name": "group" + } + ] + }, + "passwordPolicies": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "PASSWORD_POLICY" + ], + "example": "PASSWORD_POLICY" + }, + "id": { + "type": "string", + "description": "Policy ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Policy's human-readable display name.", + "example": "My Password Policy" + } + } + }, + "description": "List of references to the associated PasswordPolicy objects.", + "example": [ + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb053980", + "name": "Corporate Password Policy" + }, + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb057777", + "name": "Vendor Password Policy" + } + ] + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "connector": { + "type": "string", + "description": "Connector script name.", + "example": "active-directory" + }, + "connectorClass": { + "type": "string", + "description": "Fully qualified name of the Java class that implements the connector interface.", + "example": "sailpoint.connector.LDAPConnector" + }, + "connectorAttributes": { + "type": "object", + "description": "Connector specific configuration. This configuration will differ from type to type.", + "example": { + "healthCheckTimeout": 30, + "authSearchAttributes": [ + "cn", + "uid", + "mail" + ] + } + }, + "deleteThreshold": { + "type": "integer", + "format": "int32", + "description": "Number from 0 to 100 that specifies when to skip the delete phase.", + "example": 10 + }, + "authoritative": { + "type": "boolean", + "description": "When this is true, it indicates that the source is referenced by an identity profile.", + "default": false, + "example": false + }, + "managementWorkgroup": { + "description": "Reference to management workgroup for the source.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "Management workgroup ID.", + "example": "2c91808568c529c60168cca6f90c2222" + }, + "name": { + "type": "string", + "description": "Management workgroup's human-readable display name.", + "example": "My Management Workgroup" + } + } + }, + "healthy": { + "type": "boolean", + "description": "When this is true, it indicates that the source is healthy.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT", + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "Status identifier that gives specific information about why a source is or isn't healthy. ", + "example": "SOURCE_STATE_HEALTHY" + }, + "since": { + "type": "string", + "description": "Timestamp that shows when a source health check was last performed.", + "example": "2021-09-28T15:48:29.380Z" + }, + "connectorId": { + "type": "string", + "description": "Connector ID", + "example": "active-directory" + }, + "connectorName": { + "type": "string", + "description": "Name of the connector that was chosen during source creation.", + "example": "Active Directory" + }, + "connectionType": { + "type": "string", + "description": "Type of connection (direct or file).", + "example": "file" + }, + "connectorImplementationId": { + "type": "string", + "description": "Connector implementation ID.", + "example": "delimited-file" + }, + "created": { + "type": "string", + "description": "Date-time when the source was created", + "format": "date-time", + "example": "2022-02-08T14:50:03.827Z" + }, + "modified": { + "type": "string", + "description": "Date-time when the source was last modified.", + "format": "date-time", + "example": "2024-01-23T18:08:50.897Z" + }, + "credentialProviderEnabled": { + "type": "boolean", + "description": "If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.", + "default": false, + "example": false + }, + "category": { + "type": "string", + "nullable": true, + "default": null, + "description": "Source category (e.g. null, CredentialProvider).", + "example": "CredentialProvider" + } + }, + "required": [ + "name", + "owner", + "connector" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putSource", + "security": [ + { + "UserContextAuth": [ + "idn:sources:manage" + ] + } + ], + "tags": [ + "Sources" + ], + "summary": "Update Source (Full)", + "description": "Use this API to update a source in Identity Security Cloud (ISC), using a full object representation. This means that when you use this API, it completely replaces the existing source configuration.\n\nThese fields are immutable, so they cannot be changed:\n\n* id\n* type\n* authoritative\n* connector\n* connectorClass\n* passwordPolicies\n\nAttempts to modify these fields will result in a 400 error.\n\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Source ID.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Source ID.", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Source's human-readable name.", + "example": "My Source" + }, + "description": { + "type": "string", + "description": "Source's human-readable description.", + "example": "This is the corporate directory." + }, + "owner": { + "description": "Reference to identity object who owns the source.", + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner identity's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Owner identity's human-readable display name.", + "example": "MyName" + } + } + }, + "cluster": { + "description": "Reference to the source's associated cluster.", + "type": "object", + "nullable": true, + "required": [ + "name", + "id", + "type" + ], + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Cluster ID.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Cluster's human-readable display name.", + "example": "Corporate Cluster" + } + } + }, + "accountCorrelationConfig": { + "description": "Reference to account correlation config object.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG" + ], + "example": "ACCOUNT_CORRELATION_CONFIG" + }, + "id": { + "type": "string", + "description": "Account correlation config ID.", + "example": "2c9180855d191c59015d28583727245a" + }, + "name": { + "type": "string", + "description": "Account correlation config's human-readable display name.", + "example": "Directory [source-62867] Account Correlation" + } + } + }, + "accountCorrelationRule": { + "description": "Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "managerCorrelationMapping": { + "allOf": [ + { + "type": "object", + "properties": { + "accountAttributeName": { + "type": "string", + "description": "Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity.", + "example": "manager" + }, + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute.", + "example": "manager" + } + } + }, + { + "nullable": true, + "description": "Filter object used during manager correlation to match incoming manager values to an existing manager's\naccount/identity.\n" + } + ] + }, + "managerCorrelationRule": { + "description": "Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "beforeProvisioningRule": { + "description": "Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "schemas": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "Schema ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Schema's human-readable display name.", + "example": "MySchema" + } + } + }, + "description": "List of references to schema objects.", + "example": [ + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232a", + "name": "account" + }, + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232b", + "name": "group" + } + ] + }, + "passwordPolicies": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "PASSWORD_POLICY" + ], + "example": "PASSWORD_POLICY" + }, + "id": { + "type": "string", + "description": "Policy ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Policy's human-readable display name.", + "example": "My Password Policy" + } + } + }, + "description": "List of references to the associated PasswordPolicy objects.", + "example": [ + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb053980", + "name": "Corporate Password Policy" + }, + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb057777", + "name": "Vendor Password Policy" + } + ] + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "connector": { + "type": "string", + "description": "Connector script name.", + "example": "active-directory" + }, + "connectorClass": { + "type": "string", + "description": "Fully qualified name of the Java class that implements the connector interface.", + "example": "sailpoint.connector.LDAPConnector" + }, + "connectorAttributes": { + "type": "object", + "description": "Connector specific configuration. This configuration will differ from type to type.", + "example": { + "healthCheckTimeout": 30, + "authSearchAttributes": [ + "cn", + "uid", + "mail" + ] + } + }, + "deleteThreshold": { + "type": "integer", + "format": "int32", + "description": "Number from 0 to 100 that specifies when to skip the delete phase.", + "example": 10 + }, + "authoritative": { + "type": "boolean", + "description": "When this is true, it indicates that the source is referenced by an identity profile.", + "default": false, + "example": false + }, + "managementWorkgroup": { + "description": "Reference to management workgroup for the source.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "Management workgroup ID.", + "example": "2c91808568c529c60168cca6f90c2222" + }, + "name": { + "type": "string", + "description": "Management workgroup's human-readable display name.", + "example": "My Management Workgroup" + } + } + }, + "healthy": { + "type": "boolean", + "description": "When this is true, it indicates that the source is healthy.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT", + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "Status identifier that gives specific information about why a source is or isn't healthy. ", + "example": "SOURCE_STATE_HEALTHY" + }, + "since": { + "type": "string", + "description": "Timestamp that shows when a source health check was last performed.", + "example": "2021-09-28T15:48:29.380Z" + }, + "connectorId": { + "type": "string", + "description": "Connector ID", + "example": "active-directory" + }, + "connectorName": { + "type": "string", + "description": "Name of the connector that was chosen during source creation.", + "example": "Active Directory" + }, + "connectionType": { + "type": "string", + "description": "Type of connection (direct or file).", + "example": "file" + }, + "connectorImplementationId": { + "type": "string", + "description": "Connector implementation ID.", + "example": "delimited-file" + }, + "created": { + "type": "string", + "description": "Date-time when the source was created", + "format": "date-time", + "example": "2022-02-08T14:50:03.827Z" + }, + "modified": { + "type": "string", + "description": "Date-time when the source was last modified.", + "format": "date-time", + "example": "2024-01-23T18:08:50.897Z" + }, + "credentialProviderEnabled": { + "type": "boolean", + "description": "If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.", + "default": false, + "example": false + }, + "category": { + "type": "string", + "nullable": true, + "default": null, + "description": "Source category (e.g. null, CredentialProvider).", + "example": "CredentialProvider" + } + }, + "required": [ + "name", + "owner", + "connector" + ] + } + } + } + }, + "responses": { + "200": { + "description": "Updated Source object. Any passwords will only show the the encrypted cipher-text so that they aren't decryptable in Identity Security Cloud (ISC) cloud-based services, per ISC security design.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Source ID.", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Source's human-readable name.", + "example": "My Source" + }, + "description": { + "type": "string", + "description": "Source's human-readable description.", + "example": "This is the corporate directory." + }, + "owner": { + "description": "Reference to identity object who owns the source.", + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner identity's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Owner identity's human-readable display name.", + "example": "MyName" + } + } + }, + "cluster": { + "description": "Reference to the source's associated cluster.", + "type": "object", + "nullable": true, + "required": [ + "name", + "id", + "type" + ], + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Cluster ID.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Cluster's human-readable display name.", + "example": "Corporate Cluster" + } + } + }, + "accountCorrelationConfig": { + "description": "Reference to account correlation config object.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG" + ], + "example": "ACCOUNT_CORRELATION_CONFIG" + }, + "id": { + "type": "string", + "description": "Account correlation config ID.", + "example": "2c9180855d191c59015d28583727245a" + }, + "name": { + "type": "string", + "description": "Account correlation config's human-readable display name.", + "example": "Directory [source-62867] Account Correlation" + } + } + }, + "accountCorrelationRule": { + "description": "Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "managerCorrelationMapping": { + "allOf": [ + { + "type": "object", + "properties": { + "accountAttributeName": { + "type": "string", + "description": "Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity.", + "example": "manager" + }, + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute.", + "example": "manager" + } + } + }, + { + "nullable": true, + "description": "Filter object used during manager correlation to match incoming manager values to an existing manager's\naccount/identity.\n" + } + ] + }, + "managerCorrelationRule": { + "description": "Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "beforeProvisioningRule": { + "description": "Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "schemas": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "Schema ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Schema's human-readable display name.", + "example": "MySchema" + } + } + }, + "description": "List of references to schema objects.", + "example": [ + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232a", + "name": "account" + }, + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232b", + "name": "group" + } + ] + }, + "passwordPolicies": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "PASSWORD_POLICY" + ], + "example": "PASSWORD_POLICY" + }, + "id": { + "type": "string", + "description": "Policy ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Policy's human-readable display name.", + "example": "My Password Policy" + } + } + }, + "description": "List of references to the associated PasswordPolicy objects.", + "example": [ + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb053980", + "name": "Corporate Password Policy" + }, + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb057777", + "name": "Vendor Password Policy" + } + ] + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "connector": { + "type": "string", + "description": "Connector script name.", + "example": "active-directory" + }, + "connectorClass": { + "type": "string", + "description": "Fully qualified name of the Java class that implements the connector interface.", + "example": "sailpoint.connector.LDAPConnector" + }, + "connectorAttributes": { + "type": "object", + "description": "Connector specific configuration. This configuration will differ from type to type.", + "example": { + "healthCheckTimeout": 30, + "authSearchAttributes": [ + "cn", + "uid", + "mail" + ] + } + }, + "deleteThreshold": { + "type": "integer", + "format": "int32", + "description": "Number from 0 to 100 that specifies when to skip the delete phase.", + "example": 10 + }, + "authoritative": { + "type": "boolean", + "description": "When this is true, it indicates that the source is referenced by an identity profile.", + "default": false, + "example": false + }, + "managementWorkgroup": { + "description": "Reference to management workgroup for the source.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "Management workgroup ID.", + "example": "2c91808568c529c60168cca6f90c2222" + }, + "name": { + "type": "string", + "description": "Management workgroup's human-readable display name.", + "example": "My Management Workgroup" + } + } + }, + "healthy": { + "type": "boolean", + "description": "When this is true, it indicates that the source is healthy.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT", + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "Status identifier that gives specific information about why a source is or isn't healthy. ", + "example": "SOURCE_STATE_HEALTHY" + }, + "since": { + "type": "string", + "description": "Timestamp that shows when a source health check was last performed.", + "example": "2021-09-28T15:48:29.380Z" + }, + "connectorId": { + "type": "string", + "description": "Connector ID", + "example": "active-directory" + }, + "connectorName": { + "type": "string", + "description": "Name of the connector that was chosen during source creation.", + "example": "Active Directory" + }, + "connectionType": { + "type": "string", + "description": "Type of connection (direct or file).", + "example": "file" + }, + "connectorImplementationId": { + "type": "string", + "description": "Connector implementation ID.", + "example": "delimited-file" + }, + "created": { + "type": "string", + "description": "Date-time when the source was created", + "format": "date-time", + "example": "2022-02-08T14:50:03.827Z" + }, + "modified": { + "type": "string", + "description": "Date-time when the source was last modified.", + "format": "date-time", + "example": "2024-01-23T18:08:50.897Z" + }, + "credentialProviderEnabled": { + "type": "boolean", + "description": "If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.", + "default": false, + "example": false + }, + "category": { + "type": "string", + "nullable": true, + "default": null, + "description": "Source category (e.g. null, CredentialProvider).", + "example": "CredentialProvider" + } + }, + "required": [ + "name", + "owner", + "connector" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "updateSource", + "security": [ + { + "UserContextAuth": [ + "idn:sources:manage" + ] + } + ], + "tags": [ + "Sources" + ], + "summary": "Update Source (Partial)", + "description": "Use this API to partially update a source in Identity Security Cloud (ISC), using a list of patch operations according to the\n[JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nThese fields are immutable, so they cannot be changed:\n\n* id\n* type\n* authoritative\n* created\n* modified\n* connector\n* connectorClass\n* passwordPolicies\n\nAttempts to modify these fields will result in a 400 error.\n\nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or API authority is required to call this API.\n", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Source ID.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "requestBody": { + "required": true, + "description": "A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Any password changes are submitted as plain-text and encrypted upon receipt in Identity Security Cloud (ISC).", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "examples": { + "Edit the source description": { + "description": "This example shows how to edit a source description.", + "value": [ + { + "op": "replace", + "path": "/description", + "value": "new description" + } + ] + }, + "Edit the source cluster": { + "description": "This example shows how to edit a source cluster by ID.", + "value": [ + { + "op": "replace", + "path": "/cluster/id", + "value": "2c918087813a902001813f3f85736b45" + } + ] + }, + "Edit source features": { + "description": "This example illustrates how you can update source supported features.", + "value": [ + { + "op": "replace", + "path": "/features", + "value": [ + "PASSWORD", + "PROVISIONING", + "ENABLE", + "AUTHENTICATE" + ] + } + ] + }, + "Change a source description and cluster in one call": { + "description": "This example shows how multiple fields may be updated with a single PATCH call.", + "value": [ + { + "op": "replace", + "path": "/description", + "value": "new description" + }, + { + "op": "replace", + "path": "/cluster/id", + "value": "2c918087813a902001813f3f85736b45" + } + ] + }, + "Add a filter string to the connector": { + "description": "This example shows how you can add a filter to incoming accounts during the account aggregation process. In the example, any account that does not have an \"m\" or \"d\" in the ID will be aggregated.", + "value": [ + { + "op": "add", + "path": "/connectorAttributes/filterString", + "value": "!( id.contains( \"m\" ) ) || !( id.contains( \"d\" ) )" + } + ] + }, + "Update connector attribute for specific operation type": { + "description": "This example shows how you can update the 3rd object in the connection parameter's `operationType`. This changes it from a standard group aggregation to a group aggregation on the \"test\" entitlement type.", + "value": [ + { + "op": "replace", + "path": "/connectorAttributes/connectionParameters/2/operationType", + "value": "Group Aggregation-test" + } + ] + }, + "Enable notifications for new account provisioning on a source": { + "description": "This example shows how you can configure and enable email notifications that will send when new accounts are provisioned on a source.", + "value": [ + { + "op": "replace", + "path": "/connectorAttributes/accountCreateNotification", + "value": { + "notifyList": [ + "Distribution.list@demo.com" + ], + "notifyAccountOwner": true, + "enabled": true, + "notifyAccountOwnerAltEmail": false + } + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "Updated Source object. Any passwords will only show the the encrypted cipher-text so that they aren't decryptable in Identity Security Cloud (ISC) cloud-based services, per ISC security design.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Source ID.", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Source's human-readable name.", + "example": "My Source" + }, + "description": { + "type": "string", + "description": "Source's human-readable description.", + "example": "This is the corporate directory." + }, + "owner": { + "description": "Reference to identity object who owns the source.", + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner identity's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Owner identity's human-readable display name.", + "example": "MyName" + } + } + }, + "cluster": { + "description": "Reference to the source's associated cluster.", + "type": "object", + "nullable": true, + "required": [ + "name", + "id", + "type" + ], + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Cluster ID.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Cluster's human-readable display name.", + "example": "Corporate Cluster" + } + } + }, + "accountCorrelationConfig": { + "description": "Reference to account correlation config object.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG" + ], + "example": "ACCOUNT_CORRELATION_CONFIG" + }, + "id": { + "type": "string", + "description": "Account correlation config ID.", + "example": "2c9180855d191c59015d28583727245a" + }, + "name": { + "type": "string", + "description": "Account correlation config's human-readable display name.", + "example": "Directory [source-62867] Account Correlation" + } + } + }, + "accountCorrelationRule": { + "description": "Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "managerCorrelationMapping": { + "allOf": [ + { + "type": "object", + "properties": { + "accountAttributeName": { + "type": "string", + "description": "Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity.", + "example": "manager" + }, + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute.", + "example": "manager" + } + } + }, + { + "nullable": true, + "description": "Filter object used during manager correlation to match incoming manager values to an existing manager's\naccount/identity.\n" + } + ] + }, + "managerCorrelationRule": { + "description": "Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "beforeProvisioningRule": { + "description": "Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "schemas": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "Schema ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Schema's human-readable display name.", + "example": "MySchema" + } + } + }, + "description": "List of references to schema objects.", + "example": [ + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232a", + "name": "account" + }, + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232b", + "name": "group" + } + ] + }, + "passwordPolicies": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "PASSWORD_POLICY" + ], + "example": "PASSWORD_POLICY" + }, + "id": { + "type": "string", + "description": "Policy ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Policy's human-readable display name.", + "example": "My Password Policy" + } + } + }, + "description": "List of references to the associated PasswordPolicy objects.", + "example": [ + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb053980", + "name": "Corporate Password Policy" + }, + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb057777", + "name": "Vendor Password Policy" + } + ] + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "connector": { + "type": "string", + "description": "Connector script name.", + "example": "active-directory" + }, + "connectorClass": { + "type": "string", + "description": "Fully qualified name of the Java class that implements the connector interface.", + "example": "sailpoint.connector.LDAPConnector" + }, + "connectorAttributes": { + "type": "object", + "description": "Connector specific configuration. This configuration will differ from type to type.", + "example": { + "healthCheckTimeout": 30, + "authSearchAttributes": [ + "cn", + "uid", + "mail" + ] + } + }, + "deleteThreshold": { + "type": "integer", + "format": "int32", + "description": "Number from 0 to 100 that specifies when to skip the delete phase.", + "example": 10 + }, + "authoritative": { + "type": "boolean", + "description": "When this is true, it indicates that the source is referenced by an identity profile.", + "default": false, + "example": false + }, + "managementWorkgroup": { + "description": "Reference to management workgroup for the source.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "Management workgroup ID.", + "example": "2c91808568c529c60168cca6f90c2222" + }, + "name": { + "type": "string", + "description": "Management workgroup's human-readable display name.", + "example": "My Management Workgroup" + } + } + }, + "healthy": { + "type": "boolean", + "description": "When this is true, it indicates that the source is healthy.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT", + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "Status identifier that gives specific information about why a source is or isn't healthy. ", + "example": "SOURCE_STATE_HEALTHY" + }, + "since": { + "type": "string", + "description": "Timestamp that shows when a source health check was last performed.", + "example": "2021-09-28T15:48:29.380Z" + }, + "connectorId": { + "type": "string", + "description": "Connector ID", + "example": "active-directory" + }, + "connectorName": { + "type": "string", + "description": "Name of the connector that was chosen during source creation.", + "example": "Active Directory" + }, + "connectionType": { + "type": "string", + "description": "Type of connection (direct or file).", + "example": "file" + }, + "connectorImplementationId": { + "type": "string", + "description": "Connector implementation ID.", + "example": "delimited-file" + }, + "created": { + "type": "string", + "description": "Date-time when the source was created", + "format": "date-time", + "example": "2022-02-08T14:50:03.827Z" + }, + "modified": { + "type": "string", + "description": "Date-time when the source was last modified.", + "format": "date-time", + "example": "2024-01-23T18:08:50.897Z" + }, + "credentialProviderEnabled": { + "type": "boolean", + "description": "If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.", + "default": false, + "example": false + }, + "category": { + "type": "string", + "nullable": true, + "default": null, + "description": "Source category (e.g. null, CredentialProvider).", + "example": "CredentialProvider" + } + }, + "required": [ + "name", + "owner", + "connector" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteSource", + "security": [ + { + "UserContextAuth": [ + "idn:sources:manage" + ] + } + ], + "tags": [ + "Sources" + ], + "summary": "Delete Source by ID", + "description": "Use this API to delete a specific source in Identity Security Cloud (ISC).\nThe API removes all the accounts on the source first, and then it deletes the source. You can retrieve the actual task execution status with this method: GET `/task-status/{id}`\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Source ID.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "TASK_RESULT" + ], + "example": "TASK_RESULT" + }, + "id": { + "type": "string", + "description": "Task result ID.", + "example": "2c91808779ecf55b0179f720942f181a" + }, + "name": { + "type": "string", + "description": "Task result's human-readable display name (this should be null/empty).", + "example": null + } + } + }, + "examples": { + "deleteSource": { + "summary": "Response returned when a source is being deleted.", + "value": { + "type": "TASK_RESULT", + "id": "2c91808779ecf55b0179f720942f181a", + "name": null + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/provisioning-policies": { + "get": { + "operationId": "listProvisioningPolicies", + "tags": [ + "Sources" + ], + "summary": "Lists ProvisioningPolicies", + "description": "This end-point lists all the ProvisioningPolicies in IdentityNow.\nA token with API, or ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:provisioning-policy:read", + "idn:provisioning-policy:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "200": { + "description": "List of ProvisioningPolicyDto objects", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createProvisioningPolicy", + "tags": [ + "Sources" + ], + "summary": "Create Provisioning Policy", + "description": "This API generates a create policy/template based on field value transforms. This API is intended for use when setting up JDBC Provisioning type sources, but it will also work on other source types.\nTransforms can be used in the provisioning policy to create a new attribute that you only need during provisioning.\nRefer to [Transforms in Provisioning Policies](https://developer.sailpoint.com/idn/docs/transforms/guides/transforms-in-provisioning-policies) for more information.\nA token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:provisioning-policy:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + }, + "examples": { + "Create Account Provisioning Policy": { + "value": { + "name": "Account", + "description": "Account Provisioning Policy", + "usageType": "CREATE", + "fields": [ + { + "name": "displayName", + "transform": { + "type": "identityAttribute", + "attributes": { + "name": "displayName" + } + }, + "attributes": {}, + "isRequired": false, + "type": "string", + "isMultiValued": false + }, + { + "name": "distinguishedName", + "transform": { + "type": "usernameGenerator", + "attributes": { + "sourceCheck": true, + "patterns": [ + "CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com", + "CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com", + "CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com", + "CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + ], + "fn": { + "type": "identityAttribute", + "attributes": { + "name": "firstname" + } + }, + "ln": { + "type": "identityAttribute", + "attributes": { + "name": "lastname" + } + }, + "fi": { + "type": "substring", + "attributes": { + "input": { + "type": "identityAttribute", + "attributes": { + "name": "firstname" + } + }, + "begin": 0, + "end": 1 + } + }, + "fti": { + "type": "substring", + "attributes": { + "input": { + "type": "identityAttribute", + "attributes": { + "name": "firstname" + } + }, + "begin": 0, + "end": 2 + } + } + } + }, + "attributes": { + "cloudMaxUniqueChecks": "5", + "cloudMaxSize": "100", + "cloudRequired": "true" + }, + "isRequired": false, + "type": "", + "isMultiValued": false + }, + { + "name": "description", + "transform": { + "type": "static", + "attributes": { + "value": "" + } + }, + "attributes": {}, + "isRequired": false, + "type": "string", + "isMultiValued": false + } + ] + } + } + } + } + } + }, + "responses": { + "201": { + "description": "Created ProvisioningPolicyDto object", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/provisioning-policies/{usageType}": { + "get": { + "operationId": "getProvisioningPolicy", + "tags": [ + "Sources" + ], + "summary": "Get Provisioning Policy by UsageType", + "description": "This end-point retrieves the ProvisioningPolicy with the specified usage on the specified Source in IdentityNow.\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:provisioning-policy:read", + "idn:provisioning-policy-source:read", + "idn:provisioning-policy:manage", + "idn:provisioning-policy-source-admin-operations:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source ID.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "path", + "name": "usageType", + "required": true, + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. ", + "example": "CREATE", + "schema": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + } + } + ], + "responses": { + "200": { + "description": "The requested ProvisioningPolicyDto was successfully retrieved.", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putProvisioningPolicy", + "tags": [ + "Sources" + ], + "summary": "Update Provisioning Policy by UsageType", + "description": "This end-point updates the provisioning policy with the specified usage on the specified source in IdentityNow.\nTransforms can be used in the provisioning policy to create a new attribute that you only need during provisioning.\nRefer to [Transforms in Provisioning Policies](https://developer.sailpoint.com/idn/docs/transforms/guides/transforms-in-provisioning-policies) for more information.\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:provisioning-policy:manage", + "idn:provisioning-policy-source-admin-operations:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source ID.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "path", + "name": "usageType", + "required": true, + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. ", + "example": "CREATE", + "schema": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The ProvisioningPolicyDto was successfully replaced.", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "updateProvisioningPolicy", + "tags": [ + "Sources" + ], + "summary": "Partial update of Provisioning Policy", + "description": "This API selectively updates an existing Provisioning Policy using a JSONPatch payload.\nTransforms can be used in the provisioning policy to create a new attribute that you only need during provisioning.\nRefer to [Transforms in Provisioning Policies](https://developer.sailpoint.com/idn/docs/transforms/guides/transforms-in-provisioning-policies) for more information.\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:provisioning-policy:update" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "path", + "name": "usageType", + "required": true, + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. ", + "example": "CREATE", + "schema": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + } + } + ], + "requestBody": { + "required": true, + "description": "The JSONPatch payload used to update the schema.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "examples": { + "add-field": { + "summary": "Add a field to the beginning of the list", + "value": [ + { + "op": "add", + "path": "/fields/0", + "value": { + "name": "email", + "transform": { + "type": "identityAttribute", + "attributes": { + "name": "email" + } + }, + "attributes": {}, + "isRequired": false, + "type": "string", + "isMultiValued": false + } + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "The ProvisioningPolicyDto was successfully updated.", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteProvisioningPolicy", + "tags": [ + "Sources" + ], + "summary": "Delete Provisioning Policy by UsageType", + "description": "Deletes the provisioning policy with the specified usage on an application.\nA token with API, or ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:provisioning-policy:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source ID.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "path", + "name": "usageType", + "required": true, + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. ", + "example": "CREATE", + "schema": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + } + } + ], + "responses": { + "204": { + "description": "The ProvisioningPolicyDto was successfully deleted." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/provisioning-policies/bulk-update": { + "post": { + "operationId": "updateProvisioningPoliciesInBulk", + "tags": [ + "Sources" + ], + "summary": "Bulk Update Provisioning Policies", + "description": "This end-point updates a list of provisioning policies on the specified source in IdentityNow.\nA token with API, or ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:provisioning-policy:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "A list of the ProvisioningPolicyDto was successfully replaced.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/schemas": { + "get": { + "operationId": "getSourceSchemas", + "tags": [ + "Sources" + ], + "summary": "List Schemas on Source", + "description": "Use this API to list the schemas that exist on the specified source in Identity Security Cloud (ISC).\n", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "Source ID.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "query", + "name": "include-types", + "required": false, + "schema": { + "type": "string", + "enum": [ + "group", + "user" + ] + }, + "description": "If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ", + "example": "group" + } + ], + "responses": { + "200": { + "description": "The schemas were successfully retrieved.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Schema.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + "name": { + "type": "string", + "description": "The name of the Schema.", + "example": "account" + }, + "nativeObjectType": { + "type": "string", + "description": "The name of the object type on the native system that the schema represents.", + "example": "User" + }, + "identityAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the unique identifier for an object in the schema.", + "example": "sAMAccountName" + }, + "displayAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the display value for an object in the schema.", + "example": "distinguishedName" + }, + "hierarchyAttribute": { + "type": "string", + "description": "The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.", + "example": "memberOf" + }, + "includePermissions": { + "type": "boolean", + "description": "Flag indicating whether or not the include permissions with the object data when aggregating the schema.", + "example": false + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "configuration": { + "type": "object", + "description": "Holds any extra configuration data that the schema may require.", + "example": { + "groupMemberAttribute": "member" + } + }, + "attributes": { + "type": "array", + "description": "The attribute definitions which form the schema.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "sAMAccountName" + }, + "type": { + "description": "The type of the attribute.", + "example": "STRING", + "type": "string", + "enum": [ + "STRING", + "LONG", + "INT", + "BOOLEAN" + ] + }, + "schema": { + "description": "A reference to the schema on the source to the attribute values map to.", + "type": "object", + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "The object ID this reference applies to.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the object.", + "example": "group" + } + } + }, + "description": { + "type": "string", + "description": "A human-readable description of the attribute.", + "example": "SAM Account Name" + }, + "isMulti": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "example": false, + "default": false + }, + "isEntitlement": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is an entitlement.", + "example": false, + "default": false + }, + "isGroup": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute represents a group.\nThis can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute..\n", + "example": false, + "default": false + } + } + }, + "example": [ + { + "name": "sAMAccountName", + "type": "STRING", + "isMultiValued": false, + "isEntitlement": false, + "isGroup": false + }, + { + "name": "memberOf", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "Group membership", + "isMultiValued": true, + "isEntitlement": true, + "isGroup": true + } + ] + }, + "created": { + "type": "string", + "description": "The date the Schema was created.", + "format": "date-time", + "example": "2019-12-24T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "The date the Schema was last modified.", + "format": "date-time", + "example": "2019-12-31T20:22:28.104Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createSourceSchema", + "tags": [ + "Sources" + ], + "summary": "Create Schema on Source", + "description": "Use this API to create a new schema on the specified source in Identity Security Cloud (ISC).\n", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "Source ID.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Schema.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + "name": { + "type": "string", + "description": "The name of the Schema.", + "example": "account" + }, + "nativeObjectType": { + "type": "string", + "description": "The name of the object type on the native system that the schema represents.", + "example": "User" + }, + "identityAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the unique identifier for an object in the schema.", + "example": "sAMAccountName" + }, + "displayAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the display value for an object in the schema.", + "example": "distinguishedName" + }, + "hierarchyAttribute": { + "type": "string", + "description": "The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.", + "example": "memberOf" + }, + "includePermissions": { + "type": "boolean", + "description": "Flag indicating whether or not the include permissions with the object data when aggregating the schema.", + "example": false + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "configuration": { + "type": "object", + "description": "Holds any extra configuration data that the schema may require.", + "example": { + "groupMemberAttribute": "member" + } + }, + "attributes": { + "type": "array", + "description": "The attribute definitions which form the schema.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "sAMAccountName" + }, + "type": { + "description": "The type of the attribute.", + "example": "STRING", + "type": "string", + "enum": [ + "STRING", + "LONG", + "INT", + "BOOLEAN" + ] + }, + "schema": { + "description": "A reference to the schema on the source to the attribute values map to.", + "type": "object", + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "The object ID this reference applies to.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the object.", + "example": "group" + } + } + }, + "description": { + "type": "string", + "description": "A human-readable description of the attribute.", + "example": "SAM Account Name" + }, + "isMulti": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "example": false, + "default": false + }, + "isEntitlement": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is an entitlement.", + "example": false, + "default": false + }, + "isGroup": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute represents a group.\nThis can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute..\n", + "example": false, + "default": false + } + } + }, + "example": [ + { + "name": "sAMAccountName", + "type": "STRING", + "isMultiValued": false, + "isEntitlement": false, + "isGroup": false + }, + { + "name": "memberOf", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "Group membership", + "isMultiValued": true, + "isEntitlement": true, + "isGroup": true + } + ] + }, + "created": { + "type": "string", + "description": "The date the Schema was created.", + "format": "date-time", + "example": "2019-12-24T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "The date the Schema was last modified.", + "format": "date-time", + "example": "2019-12-31T20:22:28.104Z" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "The schema was successfully created on the specified source.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Schema.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + "name": { + "type": "string", + "description": "The name of the Schema.", + "example": "account" + }, + "nativeObjectType": { + "type": "string", + "description": "The name of the object type on the native system that the schema represents.", + "example": "User" + }, + "identityAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the unique identifier for an object in the schema.", + "example": "sAMAccountName" + }, + "displayAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the display value for an object in the schema.", + "example": "distinguishedName" + }, + "hierarchyAttribute": { + "type": "string", + "description": "The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.", + "example": "memberOf" + }, + "includePermissions": { + "type": "boolean", + "description": "Flag indicating whether or not the include permissions with the object data when aggregating the schema.", + "example": false + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "configuration": { + "type": "object", + "description": "Holds any extra configuration data that the schema may require.", + "example": { + "groupMemberAttribute": "member" + } + }, + "attributes": { + "type": "array", + "description": "The attribute definitions which form the schema.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "sAMAccountName" + }, + "type": { + "description": "The type of the attribute.", + "example": "STRING", + "type": "string", + "enum": [ + "STRING", + "LONG", + "INT", + "BOOLEAN" + ] + }, + "schema": { + "description": "A reference to the schema on the source to the attribute values map to.", + "type": "object", + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "The object ID this reference applies to.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the object.", + "example": "group" + } + } + }, + "description": { + "type": "string", + "description": "A human-readable description of the attribute.", + "example": "SAM Account Name" + }, + "isMulti": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "example": false, + "default": false + }, + "isEntitlement": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is an entitlement.", + "example": false, + "default": false + }, + "isGroup": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute represents a group.\nThis can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute..\n", + "example": false, + "default": false + } + } + }, + "example": [ + { + "name": "sAMAccountName", + "type": "STRING", + "isMultiValued": false, + "isEntitlement": false, + "isGroup": false + }, + { + "name": "memberOf", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "Group membership", + "isMultiValued": true, + "isEntitlement": true, + "isGroup": true + } + ] + }, + "created": { + "type": "string", + "description": "The date the Schema was created.", + "format": "date-time", + "example": "2019-12-24T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "The date the Schema was last modified.", + "format": "date-time", + "example": "2019-12-31T20:22:28.104Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/schemas/{schemaId}": { + "get": { + "operationId": "getSourceSchema", + "tags": [ + "Sources" + ], + "summary": "Get Source Schema by ID", + "description": "Get the Source Schema by ID in IdentityNow.\n", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "path", + "name": "schemaId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Schema id.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "200": { + "description": "The requested Schema was successfully retrieved.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Schema.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + "name": { + "type": "string", + "description": "The name of the Schema.", + "example": "account" + }, + "nativeObjectType": { + "type": "string", + "description": "The name of the object type on the native system that the schema represents.", + "example": "User" + }, + "identityAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the unique identifier for an object in the schema.", + "example": "sAMAccountName" + }, + "displayAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the display value for an object in the schema.", + "example": "distinguishedName" + }, + "hierarchyAttribute": { + "type": "string", + "description": "The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.", + "example": "memberOf" + }, + "includePermissions": { + "type": "boolean", + "description": "Flag indicating whether or not the include permissions with the object data when aggregating the schema.", + "example": false + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "configuration": { + "type": "object", + "description": "Holds any extra configuration data that the schema may require.", + "example": { + "groupMemberAttribute": "member" + } + }, + "attributes": { + "type": "array", + "description": "The attribute definitions which form the schema.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "sAMAccountName" + }, + "type": { + "description": "The type of the attribute.", + "example": "STRING", + "type": "string", + "enum": [ + "STRING", + "LONG", + "INT", + "BOOLEAN" + ] + }, + "schema": { + "description": "A reference to the schema on the source to the attribute values map to.", + "type": "object", + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "The object ID this reference applies to.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the object.", + "example": "group" + } + } + }, + "description": { + "type": "string", + "description": "A human-readable description of the attribute.", + "example": "SAM Account Name" + }, + "isMulti": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "example": false, + "default": false + }, + "isEntitlement": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is an entitlement.", + "example": false, + "default": false + }, + "isGroup": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute represents a group.\nThis can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute..\n", + "example": false, + "default": false + } + } + }, + "example": [ + { + "name": "sAMAccountName", + "type": "STRING", + "isMultiValued": false, + "isEntitlement": false, + "isGroup": false + }, + { + "name": "memberOf", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "Group membership", + "isMultiValued": true, + "isEntitlement": true, + "isGroup": true + } + ] + }, + "created": { + "type": "string", + "description": "The date the Schema was created.", + "format": "date-time", + "example": "2019-12-24T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "The date the Schema was last modified.", + "format": "date-time", + "example": "2019-12-31T20:22:28.104Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putSourceSchema", + "tags": [ + "Sources" + ], + "summary": "Update Source Schema (Full)", + "description": "This API will completely replace an existing Schema with the submitted payload. Some fields of the Schema cannot be updated. These fields are listed below.\n\n* id\n* name\n* created\n* modified\n\nAny attempt to modify these fields will result in an error response with a status code of 400.\n\n> `id` must remain in the request body, but it cannot be changed. If `id` is omitted from the request body, the result will be a 400 error.\n", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "path", + "name": "schemaId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Schema id.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Schema.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + "name": { + "type": "string", + "description": "The name of the Schema.", + "example": "account" + }, + "nativeObjectType": { + "type": "string", + "description": "The name of the object type on the native system that the schema represents.", + "example": "User" + }, + "identityAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the unique identifier for an object in the schema.", + "example": "sAMAccountName" + }, + "displayAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the display value for an object in the schema.", + "example": "distinguishedName" + }, + "hierarchyAttribute": { + "type": "string", + "description": "The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.", + "example": "memberOf" + }, + "includePermissions": { + "type": "boolean", + "description": "Flag indicating whether or not the include permissions with the object data when aggregating the schema.", + "example": false + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "configuration": { + "type": "object", + "description": "Holds any extra configuration data that the schema may require.", + "example": { + "groupMemberAttribute": "member" + } + }, + "attributes": { + "type": "array", + "description": "The attribute definitions which form the schema.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "sAMAccountName" + }, + "type": { + "description": "The type of the attribute.", + "example": "STRING", + "type": "string", + "enum": [ + "STRING", + "LONG", + "INT", + "BOOLEAN" + ] + }, + "schema": { + "description": "A reference to the schema on the source to the attribute values map to.", + "type": "object", + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "The object ID this reference applies to.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the object.", + "example": "group" + } + } + }, + "description": { + "type": "string", + "description": "A human-readable description of the attribute.", + "example": "SAM Account Name" + }, + "isMulti": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "example": false, + "default": false + }, + "isEntitlement": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is an entitlement.", + "example": false, + "default": false + }, + "isGroup": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute represents a group.\nThis can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute..\n", + "example": false, + "default": false + } + } + }, + "example": [ + { + "name": "sAMAccountName", + "type": "STRING", + "isMultiValued": false, + "isEntitlement": false, + "isGroup": false + }, + { + "name": "memberOf", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "Group membership", + "isMultiValued": true, + "isEntitlement": true, + "isGroup": true + } + ] + }, + "created": { + "type": "string", + "description": "The date the Schema was created.", + "format": "date-time", + "example": "2019-12-24T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "The date the Schema was last modified.", + "format": "date-time", + "example": "2019-12-31T20:22:28.104Z" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The Schema was successfully replaced.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Schema.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + "name": { + "type": "string", + "description": "The name of the Schema.", + "example": "account" + }, + "nativeObjectType": { + "type": "string", + "description": "The name of the object type on the native system that the schema represents.", + "example": "User" + }, + "identityAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the unique identifier for an object in the schema.", + "example": "sAMAccountName" + }, + "displayAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the display value for an object in the schema.", + "example": "distinguishedName" + }, + "hierarchyAttribute": { + "type": "string", + "description": "The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.", + "example": "memberOf" + }, + "includePermissions": { + "type": "boolean", + "description": "Flag indicating whether or not the include permissions with the object data when aggregating the schema.", + "example": false + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "configuration": { + "type": "object", + "description": "Holds any extra configuration data that the schema may require.", + "example": { + "groupMemberAttribute": "member" + } + }, + "attributes": { + "type": "array", + "description": "The attribute definitions which form the schema.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "sAMAccountName" + }, + "type": { + "description": "The type of the attribute.", + "example": "STRING", + "type": "string", + "enum": [ + "STRING", + "LONG", + "INT", + "BOOLEAN" + ] + }, + "schema": { + "description": "A reference to the schema on the source to the attribute values map to.", + "type": "object", + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "The object ID this reference applies to.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the object.", + "example": "group" + } + } + }, + "description": { + "type": "string", + "description": "A human-readable description of the attribute.", + "example": "SAM Account Name" + }, + "isMulti": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "example": false, + "default": false + }, + "isEntitlement": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is an entitlement.", + "example": false, + "default": false + }, + "isGroup": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute represents a group.\nThis can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute..\n", + "example": false, + "default": false + } + } + }, + "example": [ + { + "name": "sAMAccountName", + "type": "STRING", + "isMultiValued": false, + "isEntitlement": false, + "isGroup": false + }, + { + "name": "memberOf", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "Group membership", + "isMultiValued": true, + "isEntitlement": true, + "isGroup": true + } + ] + }, + "created": { + "type": "string", + "description": "The date the Schema was created.", + "format": "date-time", + "example": "2019-12-24T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "The date the Schema was last modified.", + "format": "date-time", + "example": "2019-12-31T20:22:28.104Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "updateSourceSchema", + "tags": [ + "Sources" + ], + "summary": "Update Source Schema (Partial)", + "description": "Use this API to selectively update an existing Schema using a JSONPatch payload. \n\nThe following schema fields are immutable and cannot be updated:\n\n- id\n- name\n- created\n- modified\n\n\nTo switch an account attribute to a group entitlement, you need to have the following in place:\n\n- `isEntitlement: true`\n- Must define a schema for the group and [add it to the source](https://developer.sailpoint.com/idn/api/v3/create-source-schema) before updating the `isGroup` flag. For example, here is the `group` account attribute referencing a schema that defines the group:\n```json\n{\n \"name\": \"groups\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"id\": \"2c9180887671ff8c01767b4671fc7d60\",\n \"name\": \"group\"\n },\n \"description\": \"The groups, roles etc. that reference account group objects\",\n \"isMulti\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n}\n```\n", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "path", + "name": "schemaId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Schema id.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "requestBody": { + "required": true, + "description": "The JSONPatch payload used to update the schema.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "examples": { + "add-attribute": { + "summary": "Add an attribute to the end of the list", + "value": [ + { + "op": "add", + "path": "/attributes/-", + "value": { + "name": "location", + "type": "STRING", + "schema": null, + "description": "Employee location", + "isMulti": false, + "isEntitlement": false, + "isGroup": false + } + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "The Schema was successfully updated.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Schema.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + "name": { + "type": "string", + "description": "The name of the Schema.", + "example": "account" + }, + "nativeObjectType": { + "type": "string", + "description": "The name of the object type on the native system that the schema represents.", + "example": "User" + }, + "identityAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the unique identifier for an object in the schema.", + "example": "sAMAccountName" + }, + "displayAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the display value for an object in the schema.", + "example": "distinguishedName" + }, + "hierarchyAttribute": { + "type": "string", + "description": "The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.", + "example": "memberOf" + }, + "includePermissions": { + "type": "boolean", + "description": "Flag indicating whether or not the include permissions with the object data when aggregating the schema.", + "example": false + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "configuration": { + "type": "object", + "description": "Holds any extra configuration data that the schema may require.", + "example": { + "groupMemberAttribute": "member" + } + }, + "attributes": { + "type": "array", + "description": "The attribute definitions which form the schema.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "sAMAccountName" + }, + "type": { + "description": "The type of the attribute.", + "example": "STRING", + "type": "string", + "enum": [ + "STRING", + "LONG", + "INT", + "BOOLEAN" + ] + }, + "schema": { + "description": "A reference to the schema on the source to the attribute values map to.", + "type": "object", + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "The object ID this reference applies to.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the object.", + "example": "group" + } + } + }, + "description": { + "type": "string", + "description": "A human-readable description of the attribute.", + "example": "SAM Account Name" + }, + "isMulti": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "example": false, + "default": false + }, + "isEntitlement": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is an entitlement.", + "example": false, + "default": false + }, + "isGroup": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute represents a group.\nThis can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute..\n", + "example": false, + "default": false + } + } + }, + "example": [ + { + "name": "sAMAccountName", + "type": "STRING", + "isMultiValued": false, + "isEntitlement": false, + "isGroup": false + }, + { + "name": "memberOf", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "Group membership", + "isMultiValued": true, + "isEntitlement": true, + "isGroup": true + } + ] + }, + "created": { + "type": "string", + "description": "The date the Schema was created.", + "format": "date-time", + "example": "2019-12-24T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "The date the Schema was last modified.", + "format": "date-time", + "example": "2019-12-31T20:22:28.104Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteSourceSchema", + "tags": [ + "Sources" + ], + "summary": "Delete Source Schema by ID", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "path", + "name": "schemaId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Schema id.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "204": { + "description": "The Schema was successfully deleted." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/source-health": { + "get": { + "operationId": "getSourceHealth", + "security": [ + { + "UserContextAuth": [ + "idn:sources:read" + ] + } + ], + "tags": [ + "Sources" + ], + "summary": "Fetches source health by id", + "description": "This endpoint fetches source health by source's id", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "200": { + "description": "Fetched source health successfully", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Dto for source health data", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "the id of the Source", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a Delimited File source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "name": { + "type": "string", + "description": "the name of the source", + "example": "Source1234" + }, + "org": { + "type": "string", + "description": "source's org", + "example": "denali-cjh" + }, + "isAuthoritative": { + "type": "boolean", + "example": false, + "description": "Is the source authoritative" + }, + "isCluster": { + "type": "boolean", + "example": false, + "description": "Is the source in a cluster" + }, + "hostname": { + "type": "string", + "example": "megapod-useast1-secret-hostname.sailpoint.com", + "description": "source's hostname" + }, + "pod": { + "type": "string", + "description": "source's pod", + "example": "megapod-useast1" + }, + "iqServiceVersion": { + "type": "string", + "description": "The version of the iqService", + "example": "iqVersion123" + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "connection test result", + "example": "SOURCE_STATE_UNCHECKED_SOURCE" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{id}/schemas/accounts": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Downloads source accounts schema template", + "description": "This API downloads the CSV schema that defines the account attributes on a source.\n>**NOTE: This API is designated only for Delimited File sources.**", + "operationId": "getAccountsSchema", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + } + ], + "responses": { + "200": { + "description": "Successfully downloaded the file", + "content": { + "text/csv": { + "example": "id,name,givenName,familyName,e-mail,location,manager,groups,startDate,endDate" + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:source-schema:read" + ] + } + ] + }, + "post": { + "tags": [ + "Sources" + ], + "summary": "Uploads source accounts schema template", + "description": "This API uploads a source schema template file to configure a source's account attributes.\n\nTo retrieve the file to modify and upload, log into Identity Now. \n\nClick **Admin** -> **Connections** -> **Sources** -> **`{SourceName}`** -> **Import Data** -> **Account Schema** -> **Options** -> **Download Schema**\n\n>**NOTE: This API is designated only for Delimited File sources.**", + "operationId": "importAccountsSchema", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "file": { + "type": "string", + "format": "binary" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Successfully uploaded the file", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Schema.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + "name": { + "type": "string", + "description": "The name of the Schema.", + "example": "account" + }, + "nativeObjectType": { + "type": "string", + "description": "The name of the object type on the native system that the schema represents.", + "example": "User" + }, + "identityAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the unique identifier for an object in the schema.", + "example": "sAMAccountName" + }, + "displayAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the display value for an object in the schema.", + "example": "distinguishedName" + }, + "hierarchyAttribute": { + "type": "string", + "description": "The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.", + "example": "memberOf" + }, + "includePermissions": { + "type": "boolean", + "description": "Flag indicating whether or not the include permissions with the object data when aggregating the schema.", + "example": false + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "configuration": { + "type": "object", + "description": "Holds any extra configuration data that the schema may require.", + "example": { + "groupMemberAttribute": "member" + } + }, + "attributes": { + "type": "array", + "description": "The attribute definitions which form the schema.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "sAMAccountName" + }, + "type": { + "description": "The type of the attribute.", + "example": "STRING", + "type": "string", + "enum": [ + "STRING", + "LONG", + "INT", + "BOOLEAN" + ] + }, + "schema": { + "description": "A reference to the schema on the source to the attribute values map to.", + "type": "object", + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "The object ID this reference applies to.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the object.", + "example": "group" + } + } + }, + "description": { + "type": "string", + "description": "A human-readable description of the attribute.", + "example": "SAM Account Name" + }, + "isMulti": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "example": false, + "default": false + }, + "isEntitlement": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is an entitlement.", + "example": false, + "default": false + }, + "isGroup": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute represents a group.\nThis can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute..\n", + "example": false, + "default": false + } + } + }, + "example": [ + { + "name": "sAMAccountName", + "type": "STRING", + "isMultiValued": false, + "isEntitlement": false, + "isGroup": false + }, + { + "name": "memberOf", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "Group membership", + "isMultiValued": true, + "isEntitlement": true, + "isGroup": true + } + ] + }, + "created": { + "type": "string", + "description": "The date the Schema was created.", + "format": "date-time", + "example": "2019-12-24T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "The date the Schema was last modified.", + "format": "date-time", + "example": "2019-12-31T20:22:28.104Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:source-schema:manage" + ] + } + ] + } + }, + "/sources/{id}/schemas/entitlements": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Downloads source entitlements schema template", + "description": "This API downloads the CSV schema that defines the entitlement attributes on a source.\n\n>**NOTE: This API is designated only for Delimited File sources.**", + "operationId": "getEntitlementsSchema", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "query", + "name": "schemaName", + "schema": { + "type": "string" + }, + "description": "Name of entitlement schema", + "example": "?schemaName=group" + } + ], + "responses": { + "200": { + "description": "Successfully downloaded the file", + "content": { + "text/csv": { + "example": "id,name,displayName,created,description,modified,entitlements,groups,permissions" + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:source-schema:read" + ] + } + ] + }, + "post": { + "tags": [ + "Sources" + ], + "summary": "Uploads source entitlements schema template", + "description": "This API uploads a source schema template file to configure a source's entitlement attributes.\n\nTo retrieve the file to modify and upload, log into Identity Now. \n\nClick **Admin** -> **Connections** -> **Sources** -> **`{SourceName}`** -> **Import Data** -> **Import Entitlements** -> **Download**\n\n>**NOTE: This API is designated only for Delimited File sources.**", + "operationId": "importEntitlementsSchema", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "query", + "name": "schemaName", + "schema": { + "type": "string" + }, + "description": "Name of entitlement schema", + "example": "?schemaName=group" + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "file": { + "type": "string", + "format": "binary" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Successfully uploaded the file", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the Schema.", + "example": "2c9180835d191a86015d28455b4a2329" + }, + "name": { + "type": "string", + "description": "The name of the Schema.", + "example": "account" + }, + "nativeObjectType": { + "type": "string", + "description": "The name of the object type on the native system that the schema represents.", + "example": "User" + }, + "identityAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the unique identifier for an object in the schema.", + "example": "sAMAccountName" + }, + "displayAttribute": { + "type": "string", + "description": "The name of the attribute used to calculate the display value for an object in the schema.", + "example": "distinguishedName" + }, + "hierarchyAttribute": { + "type": "string", + "description": "The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.", + "example": "memberOf" + }, + "includePermissions": { + "type": "boolean", + "description": "Flag indicating whether or not the include permissions with the object data when aggregating the schema.", + "example": false + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "configuration": { + "type": "object", + "description": "Holds any extra configuration data that the schema may require.", + "example": { + "groupMemberAttribute": "member" + } + }, + "attributes": { + "type": "array", + "description": "The attribute definitions which form the schema.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "sAMAccountName" + }, + "type": { + "description": "The type of the attribute.", + "example": "STRING", + "type": "string", + "enum": [ + "STRING", + "LONG", + "INT", + "BOOLEAN" + ] + }, + "schema": { + "description": "A reference to the schema on the source to the attribute values map to.", + "type": "object", + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "The object ID this reference applies to.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The human-readable display name of the object.", + "example": "group" + } + } + }, + "description": { + "type": "string", + "description": "A human-readable description of the attribute.", + "example": "SAM Account Name" + }, + "isMulti": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "example": false, + "default": false + }, + "isEntitlement": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is an entitlement.", + "example": false, + "default": false + }, + "isGroup": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute represents a group.\nThis can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute..\n", + "example": false, + "default": false + } + } + }, + "example": [ + { + "name": "sAMAccountName", + "type": "STRING", + "isMultiValued": false, + "isEntitlement": false, + "isGroup": false + }, + { + "name": "memberOf", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "Group membership", + "isMultiValued": true, + "isEntitlement": true, + "isGroup": true + } + ] + }, + "created": { + "type": "string", + "description": "The date the Schema was created.", + "format": "date-time", + "example": "2019-12-24T22:32:58.104Z" + }, + "modified": { + "type": "string", + "description": "The date the Schema was last modified.", + "format": "date-time", + "example": "2019-12-31T20:22:28.104Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:source-schema:manage" + ] + } + ] + } + }, + "/sources/{sourceId}/upload-connector-file": { + "post": { + "operationId": "importConnectorFile", + "security": [ + { + "UserContextAuth": [ + "idn:sources-admin:manage" + ] + } + ], + "tags": [ + "Sources" + ], + "summary": "Upload connector file to source", + "parameters": [ + { + "in": "path", + "name": "sourceId", + "required": true, + "schema": { + "type": "string" + }, + "description": "The Source id.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "description": "This uploads a supplemental source connector file (like jdbc driver jars) to a source's S3 bucket. This also sends ETS and Audit events.\nA token with ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "file": { + "type": "string", + "format": "binary" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Uploaded the file successfully and sent all post-upload events", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Source ID.", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Source's human-readable name.", + "example": "My Source" + }, + "description": { + "type": "string", + "description": "Source's human-readable description.", + "example": "This is the corporate directory." + }, + "owner": { + "description": "Reference to identity object who owns the source.", + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner identity's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Owner identity's human-readable display name.", + "example": "MyName" + } + } + }, + "cluster": { + "description": "Reference to the source's associated cluster.", + "type": "object", + "nullable": true, + "required": [ + "name", + "id", + "type" + ], + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Cluster ID.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Cluster's human-readable display name.", + "example": "Corporate Cluster" + } + } + }, + "accountCorrelationConfig": { + "description": "Reference to account correlation config object.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG" + ], + "example": "ACCOUNT_CORRELATION_CONFIG" + }, + "id": { + "type": "string", + "description": "Account correlation config ID.", + "example": "2c9180855d191c59015d28583727245a" + }, + "name": { + "type": "string", + "description": "Account correlation config's human-readable display name.", + "example": "Directory [source-62867] Account Correlation" + } + } + }, + "accountCorrelationRule": { + "description": "Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "managerCorrelationMapping": { + "allOf": [ + { + "type": "object", + "properties": { + "accountAttributeName": { + "type": "string", + "description": "Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity.", + "example": "manager" + }, + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute.", + "example": "manager" + } + } + }, + { + "nullable": true, + "description": "Filter object used during manager correlation to match incoming manager values to an existing manager's\naccount/identity.\n" + } + ] + }, + "managerCorrelationRule": { + "description": "Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "beforeProvisioningRule": { + "description": "Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "schemas": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "Schema ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Schema's human-readable display name.", + "example": "MySchema" + } + } + }, + "description": "List of references to schema objects.", + "example": [ + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232a", + "name": "account" + }, + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232b", + "name": "group" + } + ] + }, + "passwordPolicies": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "PASSWORD_POLICY" + ], + "example": "PASSWORD_POLICY" + }, + "id": { + "type": "string", + "description": "Policy ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Policy's human-readable display name.", + "example": "My Password Policy" + } + } + }, + "description": "List of references to the associated PasswordPolicy objects.", + "example": [ + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb053980", + "name": "Corporate Password Policy" + }, + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb057777", + "name": "Vendor Password Policy" + } + ] + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "connector": { + "type": "string", + "description": "Connector script name.", + "example": "active-directory" + }, + "connectorClass": { + "type": "string", + "description": "Fully qualified name of the Java class that implements the connector interface.", + "example": "sailpoint.connector.LDAPConnector" + }, + "connectorAttributes": { + "type": "object", + "description": "Connector specific configuration. This configuration will differ from type to type.", + "example": { + "healthCheckTimeout": 30, + "authSearchAttributes": [ + "cn", + "uid", + "mail" + ] + } + }, + "deleteThreshold": { + "type": "integer", + "format": "int32", + "description": "Number from 0 to 100 that specifies when to skip the delete phase.", + "example": 10 + }, + "authoritative": { + "type": "boolean", + "description": "When this is true, it indicates that the source is referenced by an identity profile.", + "default": false, + "example": false + }, + "managementWorkgroup": { + "description": "Reference to management workgroup for the source.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "Management workgroup ID.", + "example": "2c91808568c529c60168cca6f90c2222" + }, + "name": { + "type": "string", + "description": "Management workgroup's human-readable display name.", + "example": "My Management Workgroup" + } + } + }, + "healthy": { + "type": "boolean", + "description": "When this is true, it indicates that the source is healthy.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT", + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "Status identifier that gives specific information about why a source is or isn't healthy. ", + "example": "SOURCE_STATE_HEALTHY" + }, + "since": { + "type": "string", + "description": "Timestamp that shows when a source health check was last performed.", + "example": "2021-09-28T15:48:29.380Z" + }, + "connectorId": { + "type": "string", + "description": "Connector ID", + "example": "active-directory" + }, + "connectorName": { + "type": "string", + "description": "Name of the connector that was chosen during source creation.", + "example": "Active Directory" + }, + "connectionType": { + "type": "string", + "description": "Type of connection (direct or file).", + "example": "file" + }, + "connectorImplementationId": { + "type": "string", + "description": "Connector implementation ID.", + "example": "delimited-file" + }, + "created": { + "type": "string", + "description": "Date-time when the source was created", + "format": "date-time", + "example": "2022-02-08T14:50:03.827Z" + }, + "modified": { + "type": "string", + "description": "Date-time when the source was last modified.", + "format": "date-time", + "example": "2024-01-23T18:08:50.897Z" + }, + "credentialProviderEnabled": { + "type": "boolean", + "description": "If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.", + "default": false, + "example": false + }, + "category": { + "type": "string", + "nullable": true, + "default": null, + "description": "Source category (e.g. null, CredentialProvider).", + "example": "CredentialProvider" + } + }, + "required": [ + "name", + "owner", + "connector" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/tagged-objects": { + "get": { + "operationId": "listTaggedObjects", + "security": [ + { + "UserContextAuth": [ + "idn:tag:read", + "idn:tag:manage" + ] + } + ], + "tags": [ + "Tagged Objects" + ], + "summary": "List Tagged Objects", + "description": "This API returns a list of all tagged objects.\n\nAny authenticated token may be used to call this API.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq, in*\n\n**objectRef.type**: *eq, in*\n\n**tagName**: *eq, in*", + "example": "tagName eq \"BU_FINANCE\"", + "required": false + } + ], + "responses": { + "200": { + "description": "List of all tagged objects.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Tagged object.", + "properties": { + "objectRef": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "IDENTITY", + "description": "DTO type" + }, + "id": { + "type": "string", + "description": "ID of the object this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the object this reference applies to", + "example": "William Wilson" + } + } + }, + "tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Labels to be applied to an Object", + "example": [ + "BU_FINANCE", + "PCI" + ] + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "setTagToObject", + "security": [ + { + "UserContextAuth": [ + "idn:tag:manage" + ] + } + ], + "tags": [ + "Tagged Objects" + ], + "summary": "Add Tag to Object", + "description": "This adds a tag to an object.\n\nAny authenticated token may be used to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Tagged object.", + "properties": { + "objectRef": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "IDENTITY", + "description": "DTO type" + }, + "id": { + "type": "string", + "description": "ID of the object this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the object this reference applies to", + "example": "William Wilson" + } + } + }, + "tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Labels to be applied to an Object", + "example": [ + "BU_FINANCE", + "PCI" + ] + } + } + } + } + } + }, + "responses": { + "201": { + "description": "Created." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/tagged-objects/{type}": { + "get": { + "operationId": "listTaggedObjectsByType", + "security": [ + { + "UserContextAuth": [ + "idn:tag:read", + "idn:tag:manage" + ] + } + ], + "tags": [ + "Tagged Objects" + ], + "summary": "List Tagged Objects by Type", + "description": "This API returns a list of all tagged objects by type.\n\nAny authenticated token may be used to call this API.", + "parameters": [ + { + "in": "path", + "name": "type", + "schema": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ] + }, + "required": true, + "description": "The type of tagged object to retrieve.", + "example": "ROLE" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq*\n\n**objectRef.type**: *eq*", + "example": "objectRef.id eq \"2c91808568c529c60168cca6f90c1313\"", + "required": false + } + ], + "responses": { + "200": { + "description": "List of all tagged objects for specified type.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Tagged object.", + "properties": { + "objectRef": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "IDENTITY", + "description": "DTO type" + }, + "id": { + "type": "string", + "description": "ID of the object this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the object this reference applies to", + "example": "William Wilson" + } + } + }, + "tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Labels to be applied to an Object", + "example": [ + "BU_FINANCE", + "PCI" + ] + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/tagged-objects/{type}/{id}": { + "get": { + "operationId": "getTaggedObject", + "security": [ + { + "UserContextAuth": [ + "idn:tag:read", + "idn:tag:manage" + ] + } + ], + "tags": [ + "Tagged Objects" + ], + "summary": "Get Tagged Object", + "description": "This gets a tagged object for the specified type.", + "parameters": [ + { + "in": "path", + "name": "type", + "schema": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ] + }, + "required": true, + "description": "The type of tagged object to retrieve.", + "example": "ROLE" + }, + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the object reference to retrieve.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "Tagged object by type and ID.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Tagged object.", + "properties": { + "objectRef": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "IDENTITY", + "description": "DTO type" + }, + "id": { + "type": "string", + "description": "ID of the object this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the object this reference applies to", + "example": "William Wilson" + } + } + }, + "tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Labels to be applied to an Object", + "example": [ + "BU_FINANCE", + "PCI" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putTaggedObject", + "security": [ + { + "UserContextAuth": [ + "idn:tag:manage" + ] + } + ], + "tags": [ + "Tagged Objects" + ], + "summary": "Update Tagged Object", + "description": "This updates a tagged object for the specified type.", + "parameters": [ + { + "in": "path", + "name": "type", + "schema": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ] + }, + "required": true, + "description": "The type of tagged object to update.", + "example": "ROLE" + }, + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the object reference to update.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Tagged object.", + "properties": { + "objectRef": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "IDENTITY", + "description": "DTO type" + }, + "id": { + "type": "string", + "description": "ID of the object this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the object this reference applies to", + "example": "William Wilson" + } + } + }, + "tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Labels to be applied to an Object", + "example": [ + "BU_FINANCE", + "PCI" + ] + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Tagged object by type and ID.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Tagged object.", + "properties": { + "objectRef": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "IDENTITY", + "description": "DTO type" + }, + "id": { + "type": "string", + "description": "ID of the object this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the object this reference applies to", + "example": "William Wilson" + } + } + }, + "tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Labels to be applied to an Object", + "example": [ + "BU_FINANCE", + "PCI" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteTaggedObject", + "security": [ + { + "UserContextAuth": [ + "idn:tag:manage" + ] + } + ], + "tags": [ + "Tagged Objects" + ], + "summary": "Delete Tagged Object", + "description": "This deletes a tagged object for the specified type.", + "parameters": [ + { + "in": "path", + "name": "type", + "schema": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ] + }, + "required": true, + "description": "The type of tagged object to delete.", + "example": "ROLE" + }, + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the object reference to delete.", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "204": { + "description": "No content." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/tagged-objects/bulk-add": { + "post": { + "operationId": "setTagsToManyObjects", + "security": [ + { + "UserContextAuth": [ + "idn:tag:manage" + ] + } + ], + "tags": [ + "Tagged Objects" + ], + "summary": "Tag Multiple Objects", + "description": "This API adds tags to multiple objects.\n\nA token with API, CERT_ADMIN, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "description": "Supported object types are ACCESS_PROFILE, APPLICATION, CAMPAIGN, ENTITLEMENT, IDENTITY, ROLE, SOD_POLICY, SOURCE.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "objectRefs": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "IDENTITY", + "description": "DTO type" + }, + "id": { + "type": "string", + "description": "ID of the object this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the object this reference applies to", + "example": "William Wilson" + } + } + } + }, + "tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Label to be applied to an Object", + "example": [ + "BU_FINANCE", + "PCI" + ] + }, + "operation": { + "type": "string", + "enum": [ + "APPEND", + "MERGE" + ], + "default": "APPEND", + "description": "If APPEND, tags are appended to the list of tags for the object. A 400 error is returned if this would add duplicate tags to the object.\n\nIf MERGE, tags are merged with the existing tags. Duplicate tags are silently ignored.", + "example": "MERGE" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Request succeeded.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "objectRefs": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "IDENTITY", + "description": "DTO type" + }, + "id": { + "type": "string", + "description": "ID of the object this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the object this reference applies to", + "example": "William Wilson" + } + } + } + }, + "tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Label to be applied to an Object", + "example": [ + "BU_FINANCE", + "PCI" + ] + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/tagged-objects/bulk-remove": { + "post": { + "operationId": "deleteTagsToManyObject", + "security": [ + { + "UserContextAuth": [ + "idn:tag:manage" + ] + } + ], + "tags": [ + "Tagged Objects" + ], + "summary": "Remove Tags from Multiple Objects", + "description": "This API removes tags from multiple objects.\n\nA token with API, CERT_ADMIN, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "requestBody": { + "description": "Supported object types are ACCESS_PROFILE, APPLICATION, CAMPAIGN, ENTITLEMENT, IDENTITY, ROLE, SOD_POLICY, SOURCE.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "objectRefs": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "APPLICATION", + "CAMPAIGN", + "ENTITLEMENT", + "IDENTITY", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "IDENTITY", + "description": "DTO type" + }, + "id": { + "type": "string", + "description": "ID of the object this reference applies to", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "nullable": true, + "description": "Human-readable display name of the object this reference applies to", + "example": "William Wilson" + } + } + } + }, + "tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Label to be applied to an Object", + "example": [ + "BU_FINANCE", + "PCI" + ] + } + } + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/transforms": { + "get": { + "tags": [ + "Transforms" + ], + "summary": "List transforms", + "description": "Gets a list of all saved transform objects.\nA token with transforms-list read authority is required to call this API.", + "operationId": "listTransforms", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "name", + "in": "query", + "description": "Name of the transform to retrieve from the list.", + "required": false, + "style": "form", + "schema": { + "type": "string", + "example": "ExampleTransformName123" + } + }, + { + "name": "filters", + "in": "query", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**internal**: *eq*\n\n**name**: *eq, sw*", + "required": false, + "style": "form", + "explode": true, + "example": "name eq \"Uppercase\"", + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "A list of transforms matching the given criteria.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "The representation of an internally- or customer-defined transform.", + "required": [ + "name", + "type", + "attributes" + ], + "properties": { + "name": { + "type": "string", + "description": "Unique name of this transform", + "example": "Timestamp To Date", + "minLength": 1, + "maxLength": 50 + }, + "type": { + "type": "string", + "description": "The type of transform operation", + "enum": [ + "accountAttribute", + "base64Decode", + "base64Encode", + "concat", + "conditional", + "dateCompare", + "dateFormat", + "dateMath", + "decomposeDiacriticalMarks", + "e164phone", + "firstValid", + "rule", + "identityAttribute", + "indexOf", + "iso3166", + "lastIndexOf", + "leftPad", + "lookup", + "lower", + "normalizeNames", + "randomAlphaNumeric", + "randomNumeric", + "reference", + "replaceAll", + "replace", + "rightPad", + "split", + "static", + "substring", + "trim", + "upper", + "usernameGenerator", + "uuid", + "displayName", + "rfc5646" + ], + "example": "dateFormat", + "externalDocs": { + "description": "Transform Operations", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations" + } + }, + "attributes": { + "nullable": true, + "description": "Meta-data about the transform. Values in this list are specific to the type of transform to be executed.", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Decode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Encode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "concat", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of items to join together", + "example": [ + "John", + " ", + "Smith" + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "conditional", + "type": "object", + "required": [ + "expression", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "expression": { + "type": "string", + "description": "A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. \n\nThe `eq` operator is the only valid comparison", + "example": "ValueA eq ValueB" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": "false" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateCompare", + "type": "object", + "required": [ + "firstDate", + "secondDate", + "operator", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "firstDate": { + "description": "This is the first date to consider (The date that would be on the left hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "secondDate": { + "description": "This is the second date to consider (The date that would be on the right hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "operator": { + "type": "string", + "description": "This is the comparison to perform.\n| Operation | Description |\n| --------- | ------- |\n| LT | Strictly less than: firstDate < secondDate |\n| LTE | Less than or equal to: firstDate <= secondDate |\n| GT | Strictly greater than: firstDate > secondDate |\n| GTE | Greater than or equal to: firstDate >= secondDate |\n", + "enum": [ + "LT", + "LTE", + "GT", + "GTE" + ], + "example": "LT" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateMath", + "type": "object", + "required": [ + "expression" + ], + "properties": { + "expression": { + "type": "string", + "description": "A string value of the date and time components to operation on, along with the math operations to execute.\n", + "externalDocs": { + "description": "Date Math Expressions", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure" + }, + "example": "now+1w" + }, + "roundUp": { + "type": "boolean", + "description": "A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. \n\n\nIf not provided, the transform will default to `false`\n\n\n`true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component)\n\n\n`false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated)\n", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "decomposeDiacriticalMarks", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "e164phone", + "type": "object", + "properties": { + "defaultRegion": { + "type": "string", + "description": "This is an optional attribute that can be used to define the region of the phone number to format into.\n\n\nIf defaultRegion is not provided, it will take US as the default country.\n\n\nThe format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)\n", + "example": "US" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "firstValid", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of attributes to evaluate for existence.", + "example": [ + { + "attributes": { + "sourceName": "Active Directory", + "attributeName": "sAMAccountName" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "Okta", + "attributeName": "login" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "HR Source", + "attributeName": "employeeID" + }, + "type": "accountAttribute" + } + ] + }, + "ignoreErrors": { + "type": "boolean", + "description": "a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur.", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "rule", + "oneOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "This is the name of the Transform rule that needs to be invoked by the transform", + "example": "Transform Calculation Rule" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "includeNumbers", + "includeSpecialChars", + "length" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `generateRandomString`", + "example": "generateRandomString" + }, + "includeNumbers": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include numbers", + "example": true + }, + "includeSpecialChars": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include special characters", + "example": true + }, + "length": { + "type": "string", + "description": "This specifies how long the randomly generated string needs to be\n\n\n>NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "uid" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `getReferenceIdentityAttribute`", + "example": "getReferenceIdentityAttribute" + }, + "uid": { + "type": "string", + "description": "This is the SailPoint User Name (uid) value of the identity whose attribute is desired\n\nAs a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute.\n", + "example": "2c91808570313110017040b06f344ec9" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + } + ] + }, + { + "title": "identityAttribute", + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "The system (camel-cased) name of the identity attribute to bring in", + "example": "email" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "indexOf", + "type": "object", + "required": [ + "substring" + ], + "properties": { + "substring": { + "type": "string", + "description": "A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.", + "example": "admin_" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "iso3166", + "type": "object", + "properties": { + "format": { + "type": "string", + "description": "An optional value to denote which ISO 3166 format to return. Valid values are:\n\n\n`alpha2` - Two-character country code (e.g., \"US\"); this is the default value if no format is supplied\n\n\n`alpha3` - Three-character country code (e.g., \"USA\")\n\n\n`numeric` - The numeric country code (e.g., \"840\")\n", + "example": "alpha2" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "leftPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lookup", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched\n\n\n>**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return \"Unknown Region\" for the attribute that is mapped to this transform.\n", + "example": { + "USA": "Americas", + "FRA": "EMEA", + "AUS": "APAC", + "default": "Unknown Region" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lower", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "nameNormalizer", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomAlphaNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "reference", + "type": "object", + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "This ID specifies the name of the pre-existing transform which you want to use within your current transform", + "example": "Existing Transform" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replaceAll", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.", + "example": { + "-": " ", + "\"": "'", + "ñ": "n" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replace", + "type": "object", + "required": [ + "regex", + "replacement" + ], + "properties": { + "regex": { + "type": "string", + "description": "This can be a string or a regex pattern in which you want to replace.", + "example": "[^a-zA-Z]", + "externalDocs": { + "description": "Regex Builder", + "url": "https://regex101.com/" + } + }, + "replacement": { + "type": "string", + "description": "This is the replacement string that should be substituded wherever the string or pattern is found.", + "example": " " + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "rightPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "split", + "type": "object", + "required": [ + "delimiter", + "index" + ], + "properties": { + "delimiter": { + "type": "string", + "description": "This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data", + "example": "," + }, + "index": { + "type": "string", + "description": "An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.", + "example": "5" + }, + "throws": { + "type": "boolean", + "description": "A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array)\n\n\n`true` - The transform should return \"IndexOutOfBoundsException\"\n\n\n`false` - The transform should return null\n\n\nIf not provided, the transform will default to false and return a null\n", + "example": true, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "static", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "string", + "description": "This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.", + "example": "string$variable", + "externalDocs": { + "description": "Static Transform Documentation", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/static" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "substring", + "type": "object", + "required": [ + "begin" + ], + "properties": { + "begin": { + "type": "integer", + "description": "The index of the first character to include in the returned substring.\n\n\nIf `begin` is set to -1, the transform will begin at character 0 of the input data\n", + "example": 1, + "format": "int32" + }, + "beginOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the begin attribute when returning a substring. \n\nThis attribute is only used if begin is not -1.\n", + "example": 3, + "format": "int32" + }, + "end": { + "type": "integer", + "description": "The index of the first character to exclude from the returned substring.\n\nIf end is -1 or not provided at all, the substring transform will return everything up to the end of the input string.\n", + "example": 6, + "format": "int32" + }, + "endOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the end attribute when returning a substring. \n\nThis attribute is only used if end is provided and is not -1.\n", + "example": 1, + "format": "int32" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "trim", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "upper", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "uuid", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + } + ] + } + } + }, + { + "type": "object", + "required": [ + "id", + "internal" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique ID of this transform", + "example": "2cd78adghjkja34jh2b1hkjhasuecd" + }, + "internal": { + "type": "boolean", + "description": "Indicates whether this is an internal SailPoint-created transform or a customer-created transform", + "example": false, + "default": false + } + } + } + ] + } + }, + "example": [ + { + "id": "2cd78adghjkja34jh2b1hkjhasuecd", + "name": "Timestamp To Date", + "type": "dateFormat", + "attributes": { + "inputFormat": "MMM-dd-yyyy, HH:mm:ss.SSS", + "outputFormat": "yyyy/dd/MM" + }, + "internal": false + }, + { + "id": "2lkas8dhj4bkuakja77giih7l4ashh", + "name": "PrefixSubstring", + "type": "substring", + "attributes": { + "begin": 0, + "end": 3 + }, + "internal": true + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:transform:read", + "idn:transform:manage" + ] + } + ] + }, + "post": { + "tags": [ + "Transforms" + ], + "summary": "Create transform", + "description": "Creates a new transform object immediately. By default, the internal flag is set to false to indicate that this is a custom transform. Only SailPoint employees have the ability to create a transform with internal set to true. Newly created Transforms can be used in the Identity Profile mappings within the UI. A token with transform write authority is required to call this API.", + "operationId": "createTransform", + "requestBody": { + "required": true, + "description": "The transform to be created.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "The representation of an internally- or customer-defined transform.", + "required": [ + "name", + "type", + "attributes" + ], + "properties": { + "name": { + "type": "string", + "description": "Unique name of this transform", + "example": "Timestamp To Date", + "minLength": 1, + "maxLength": 50 + }, + "type": { + "type": "string", + "description": "The type of transform operation", + "enum": [ + "accountAttribute", + "base64Decode", + "base64Encode", + "concat", + "conditional", + "dateCompare", + "dateFormat", + "dateMath", + "decomposeDiacriticalMarks", + "e164phone", + "firstValid", + "rule", + "identityAttribute", + "indexOf", + "iso3166", + "lastIndexOf", + "leftPad", + "lookup", + "lower", + "normalizeNames", + "randomAlphaNumeric", + "randomNumeric", + "reference", + "replaceAll", + "replace", + "rightPad", + "split", + "static", + "substring", + "trim", + "upper", + "usernameGenerator", + "uuid", + "displayName", + "rfc5646" + ], + "example": "dateFormat", + "externalDocs": { + "description": "Transform Operations", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations" + } + }, + "attributes": { + "nullable": true, + "description": "Meta-data about the transform. Values in this list are specific to the type of transform to be executed.", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Decode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Encode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "concat", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of items to join together", + "example": [ + "John", + " ", + "Smith" + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "conditional", + "type": "object", + "required": [ + "expression", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "expression": { + "type": "string", + "description": "A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. \n\nThe `eq` operator is the only valid comparison", + "example": "ValueA eq ValueB" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": "false" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateCompare", + "type": "object", + "required": [ + "firstDate", + "secondDate", + "operator", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "firstDate": { + "description": "This is the first date to consider (The date that would be on the left hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "secondDate": { + "description": "This is the second date to consider (The date that would be on the right hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "operator": { + "type": "string", + "description": "This is the comparison to perform.\n| Operation | Description |\n| --------- | ------- |\n| LT | Strictly less than: firstDate < secondDate |\n| LTE | Less than or equal to: firstDate <= secondDate |\n| GT | Strictly greater than: firstDate > secondDate |\n| GTE | Greater than or equal to: firstDate >= secondDate |\n", + "enum": [ + "LT", + "LTE", + "GT", + "GTE" + ], + "example": "LT" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateMath", + "type": "object", + "required": [ + "expression" + ], + "properties": { + "expression": { + "type": "string", + "description": "A string value of the date and time components to operation on, along with the math operations to execute.\n", + "externalDocs": { + "description": "Date Math Expressions", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure" + }, + "example": "now+1w" + }, + "roundUp": { + "type": "boolean", + "description": "A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. \n\n\nIf not provided, the transform will default to `false`\n\n\n`true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component)\n\n\n`false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated)\n", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "decomposeDiacriticalMarks", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "e164phone", + "type": "object", + "properties": { + "defaultRegion": { + "type": "string", + "description": "This is an optional attribute that can be used to define the region of the phone number to format into.\n\n\nIf defaultRegion is not provided, it will take US as the default country.\n\n\nThe format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)\n", + "example": "US" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "firstValid", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of attributes to evaluate for existence.", + "example": [ + { + "attributes": { + "sourceName": "Active Directory", + "attributeName": "sAMAccountName" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "Okta", + "attributeName": "login" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "HR Source", + "attributeName": "employeeID" + }, + "type": "accountAttribute" + } + ] + }, + "ignoreErrors": { + "type": "boolean", + "description": "a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur.", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "rule", + "oneOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "This is the name of the Transform rule that needs to be invoked by the transform", + "example": "Transform Calculation Rule" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "includeNumbers", + "includeSpecialChars", + "length" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `generateRandomString`", + "example": "generateRandomString" + }, + "includeNumbers": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include numbers", + "example": true + }, + "includeSpecialChars": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include special characters", + "example": true + }, + "length": { + "type": "string", + "description": "This specifies how long the randomly generated string needs to be\n\n\n>NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "uid" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `getReferenceIdentityAttribute`", + "example": "getReferenceIdentityAttribute" + }, + "uid": { + "type": "string", + "description": "This is the SailPoint User Name (uid) value of the identity whose attribute is desired\n\nAs a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute.\n", + "example": "2c91808570313110017040b06f344ec9" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + } + ] + }, + { + "title": "identityAttribute", + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "The system (camel-cased) name of the identity attribute to bring in", + "example": "email" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "indexOf", + "type": "object", + "required": [ + "substring" + ], + "properties": { + "substring": { + "type": "string", + "description": "A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.", + "example": "admin_" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "iso3166", + "type": "object", + "properties": { + "format": { + "type": "string", + "description": "An optional value to denote which ISO 3166 format to return. Valid values are:\n\n\n`alpha2` - Two-character country code (e.g., \"US\"); this is the default value if no format is supplied\n\n\n`alpha3` - Three-character country code (e.g., \"USA\")\n\n\n`numeric` - The numeric country code (e.g., \"840\")\n", + "example": "alpha2" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "leftPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lookup", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched\n\n\n>**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return \"Unknown Region\" for the attribute that is mapped to this transform.\n", + "example": { + "USA": "Americas", + "FRA": "EMEA", + "AUS": "APAC", + "default": "Unknown Region" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lower", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "nameNormalizer", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomAlphaNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "reference", + "type": "object", + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "This ID specifies the name of the pre-existing transform which you want to use within your current transform", + "example": "Existing Transform" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replaceAll", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.", + "example": { + "-": " ", + "\"": "'", + "ñ": "n" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replace", + "type": "object", + "required": [ + "regex", + "replacement" + ], + "properties": { + "regex": { + "type": "string", + "description": "This can be a string or a regex pattern in which you want to replace.", + "example": "[^a-zA-Z]", + "externalDocs": { + "description": "Regex Builder", + "url": "https://regex101.com/" + } + }, + "replacement": { + "type": "string", + "description": "This is the replacement string that should be substituded wherever the string or pattern is found.", + "example": " " + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "rightPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "split", + "type": "object", + "required": [ + "delimiter", + "index" + ], + "properties": { + "delimiter": { + "type": "string", + "description": "This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data", + "example": "," + }, + "index": { + "type": "string", + "description": "An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.", + "example": "5" + }, + "throws": { + "type": "boolean", + "description": "A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array)\n\n\n`true` - The transform should return \"IndexOutOfBoundsException\"\n\n\n`false` - The transform should return null\n\n\nIf not provided, the transform will default to false and return a null\n", + "example": true, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "static", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "string", + "description": "This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.", + "example": "string$variable", + "externalDocs": { + "description": "Static Transform Documentation", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/static" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "substring", + "type": "object", + "required": [ + "begin" + ], + "properties": { + "begin": { + "type": "integer", + "description": "The index of the first character to include in the returned substring.\n\n\nIf `begin` is set to -1, the transform will begin at character 0 of the input data\n", + "example": 1, + "format": "int32" + }, + "beginOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the begin attribute when returning a substring. \n\nThis attribute is only used if begin is not -1.\n", + "example": 3, + "format": "int32" + }, + "end": { + "type": "integer", + "description": "The index of the first character to exclude from the returned substring.\n\nIf end is -1 or not provided at all, the substring transform will return everything up to the end of the input string.\n", + "example": 6, + "format": "int32" + }, + "endOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the end attribute when returning a substring. \n\nThis attribute is only used if end is provided and is not -1.\n", + "example": 1, + "format": "int32" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "trim", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "upper", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "uuid", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + } + ] + } + } + }, + "example": { + "name": "Timestamp To Date", + "type": "dateFormat", + "attributes": { + "inputFormat": "MMM dd yyyy, HH:mm:ss.SSS", + "outputFormat": "yyyy/dd/MM" + } + } + } + } + }, + "responses": { + "201": { + "description": "Indicates the transform was successfully created and returns its representation.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "The representation of an internally- or customer-defined transform.", + "required": [ + "name", + "type", + "attributes" + ], + "properties": { + "name": { + "type": "string", + "description": "Unique name of this transform", + "example": "Timestamp To Date", + "minLength": 1, + "maxLength": 50 + }, + "type": { + "type": "string", + "description": "The type of transform operation", + "enum": [ + "accountAttribute", + "base64Decode", + "base64Encode", + "concat", + "conditional", + "dateCompare", + "dateFormat", + "dateMath", + "decomposeDiacriticalMarks", + "e164phone", + "firstValid", + "rule", + "identityAttribute", + "indexOf", + "iso3166", + "lastIndexOf", + "leftPad", + "lookup", + "lower", + "normalizeNames", + "randomAlphaNumeric", + "randomNumeric", + "reference", + "replaceAll", + "replace", + "rightPad", + "split", + "static", + "substring", + "trim", + "upper", + "usernameGenerator", + "uuid", + "displayName", + "rfc5646" + ], + "example": "dateFormat", + "externalDocs": { + "description": "Transform Operations", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations" + } + }, + "attributes": { + "nullable": true, + "description": "Meta-data about the transform. Values in this list are specific to the type of transform to be executed.", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Decode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Encode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "concat", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of items to join together", + "example": [ + "John", + " ", + "Smith" + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "conditional", + "type": "object", + "required": [ + "expression", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "expression": { + "type": "string", + "description": "A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. \n\nThe `eq` operator is the only valid comparison", + "example": "ValueA eq ValueB" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": "false" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateCompare", + "type": "object", + "required": [ + "firstDate", + "secondDate", + "operator", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "firstDate": { + "description": "This is the first date to consider (The date that would be on the left hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "secondDate": { + "description": "This is the second date to consider (The date that would be on the right hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "operator": { + "type": "string", + "description": "This is the comparison to perform.\n| Operation | Description |\n| --------- | ------- |\n| LT | Strictly less than: firstDate < secondDate |\n| LTE | Less than or equal to: firstDate <= secondDate |\n| GT | Strictly greater than: firstDate > secondDate |\n| GTE | Greater than or equal to: firstDate >= secondDate |\n", + "enum": [ + "LT", + "LTE", + "GT", + "GTE" + ], + "example": "LT" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateMath", + "type": "object", + "required": [ + "expression" + ], + "properties": { + "expression": { + "type": "string", + "description": "A string value of the date and time components to operation on, along with the math operations to execute.\n", + "externalDocs": { + "description": "Date Math Expressions", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure" + }, + "example": "now+1w" + }, + "roundUp": { + "type": "boolean", + "description": "A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. \n\n\nIf not provided, the transform will default to `false`\n\n\n`true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component)\n\n\n`false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated)\n", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "decomposeDiacriticalMarks", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "e164phone", + "type": "object", + "properties": { + "defaultRegion": { + "type": "string", + "description": "This is an optional attribute that can be used to define the region of the phone number to format into.\n\n\nIf defaultRegion is not provided, it will take US as the default country.\n\n\nThe format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)\n", + "example": "US" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "firstValid", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of attributes to evaluate for existence.", + "example": [ + { + "attributes": { + "sourceName": "Active Directory", + "attributeName": "sAMAccountName" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "Okta", + "attributeName": "login" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "HR Source", + "attributeName": "employeeID" + }, + "type": "accountAttribute" + } + ] + }, + "ignoreErrors": { + "type": "boolean", + "description": "a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur.", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "rule", + "oneOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "This is the name of the Transform rule that needs to be invoked by the transform", + "example": "Transform Calculation Rule" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "includeNumbers", + "includeSpecialChars", + "length" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `generateRandomString`", + "example": "generateRandomString" + }, + "includeNumbers": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include numbers", + "example": true + }, + "includeSpecialChars": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include special characters", + "example": true + }, + "length": { + "type": "string", + "description": "This specifies how long the randomly generated string needs to be\n\n\n>NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "uid" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `getReferenceIdentityAttribute`", + "example": "getReferenceIdentityAttribute" + }, + "uid": { + "type": "string", + "description": "This is the SailPoint User Name (uid) value of the identity whose attribute is desired\n\nAs a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute.\n", + "example": "2c91808570313110017040b06f344ec9" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + } + ] + }, + { + "title": "identityAttribute", + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "The system (camel-cased) name of the identity attribute to bring in", + "example": "email" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "indexOf", + "type": "object", + "required": [ + "substring" + ], + "properties": { + "substring": { + "type": "string", + "description": "A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.", + "example": "admin_" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "iso3166", + "type": "object", + "properties": { + "format": { + "type": "string", + "description": "An optional value to denote which ISO 3166 format to return. Valid values are:\n\n\n`alpha2` - Two-character country code (e.g., \"US\"); this is the default value if no format is supplied\n\n\n`alpha3` - Three-character country code (e.g., \"USA\")\n\n\n`numeric` - The numeric country code (e.g., \"840\")\n", + "example": "alpha2" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "leftPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lookup", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched\n\n\n>**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return \"Unknown Region\" for the attribute that is mapped to this transform.\n", + "example": { + "USA": "Americas", + "FRA": "EMEA", + "AUS": "APAC", + "default": "Unknown Region" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lower", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "nameNormalizer", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomAlphaNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "reference", + "type": "object", + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "This ID specifies the name of the pre-existing transform which you want to use within your current transform", + "example": "Existing Transform" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replaceAll", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.", + "example": { + "-": " ", + "\"": "'", + "ñ": "n" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replace", + "type": "object", + "required": [ + "regex", + "replacement" + ], + "properties": { + "regex": { + "type": "string", + "description": "This can be a string or a regex pattern in which you want to replace.", + "example": "[^a-zA-Z]", + "externalDocs": { + "description": "Regex Builder", + "url": "https://regex101.com/" + } + }, + "replacement": { + "type": "string", + "description": "This is the replacement string that should be substituded wherever the string or pattern is found.", + "example": " " + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "rightPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "split", + "type": "object", + "required": [ + "delimiter", + "index" + ], + "properties": { + "delimiter": { + "type": "string", + "description": "This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data", + "example": "," + }, + "index": { + "type": "string", + "description": "An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.", + "example": "5" + }, + "throws": { + "type": "boolean", + "description": "A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array)\n\n\n`true` - The transform should return \"IndexOutOfBoundsException\"\n\n\n`false` - The transform should return null\n\n\nIf not provided, the transform will default to false and return a null\n", + "example": true, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "static", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "string", + "description": "This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.", + "example": "string$variable", + "externalDocs": { + "description": "Static Transform Documentation", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/static" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "substring", + "type": "object", + "required": [ + "begin" + ], + "properties": { + "begin": { + "type": "integer", + "description": "The index of the first character to include in the returned substring.\n\n\nIf `begin` is set to -1, the transform will begin at character 0 of the input data\n", + "example": 1, + "format": "int32" + }, + "beginOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the begin attribute when returning a substring. \n\nThis attribute is only used if begin is not -1.\n", + "example": 3, + "format": "int32" + }, + "end": { + "type": "integer", + "description": "The index of the first character to exclude from the returned substring.\n\nIf end is -1 or not provided at all, the substring transform will return everything up to the end of the input string.\n", + "example": 6, + "format": "int32" + }, + "endOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the end attribute when returning a substring. \n\nThis attribute is only used if end is provided and is not -1.\n", + "example": 1, + "format": "int32" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "trim", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "upper", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "uuid", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + } + ] + } + } + }, + { + "type": "object", + "required": [ + "id", + "internal" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique ID of this transform", + "example": "2cd78adghjkja34jh2b1hkjhasuecd" + }, + "internal": { + "type": "boolean", + "description": "Indicates whether this is an internal SailPoint-created transform or a customer-created transform", + "example": false, + "default": false + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:transform:manage" + ] + } + ] + } + }, + "/transforms/{id}": { + "get": { + "tags": [ + "Transforms" + ], + "summary": "Transform by ID", + "description": "This API returns the transform specified by the given ID.\nA token with transform read authority is required to call this API.", + "operationId": "getTransform", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the transform to retrieve", + "required": true, + "style": "simple", + "explode": false, + "example": "2cd78adghjkja34jh2b1hkjhasuecd", + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Transform with the given ID", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "The representation of an internally- or customer-defined transform.", + "required": [ + "name", + "type", + "attributes" + ], + "properties": { + "name": { + "type": "string", + "description": "Unique name of this transform", + "example": "Timestamp To Date", + "minLength": 1, + "maxLength": 50 + }, + "type": { + "type": "string", + "description": "The type of transform operation", + "enum": [ + "accountAttribute", + "base64Decode", + "base64Encode", + "concat", + "conditional", + "dateCompare", + "dateFormat", + "dateMath", + "decomposeDiacriticalMarks", + "e164phone", + "firstValid", + "rule", + "identityAttribute", + "indexOf", + "iso3166", + "lastIndexOf", + "leftPad", + "lookup", + "lower", + "normalizeNames", + "randomAlphaNumeric", + "randomNumeric", + "reference", + "replaceAll", + "replace", + "rightPad", + "split", + "static", + "substring", + "trim", + "upper", + "usernameGenerator", + "uuid", + "displayName", + "rfc5646" + ], + "example": "dateFormat", + "externalDocs": { + "description": "Transform Operations", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations" + } + }, + "attributes": { + "nullable": true, + "description": "Meta-data about the transform. Values in this list are specific to the type of transform to be executed.", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Decode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Encode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "concat", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of items to join together", + "example": [ + "John", + " ", + "Smith" + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "conditional", + "type": "object", + "required": [ + "expression", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "expression": { + "type": "string", + "description": "A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. \n\nThe `eq` operator is the only valid comparison", + "example": "ValueA eq ValueB" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": "false" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateCompare", + "type": "object", + "required": [ + "firstDate", + "secondDate", + "operator", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "firstDate": { + "description": "This is the first date to consider (The date that would be on the left hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "secondDate": { + "description": "This is the second date to consider (The date that would be on the right hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "operator": { + "type": "string", + "description": "This is the comparison to perform.\n| Operation | Description |\n| --------- | ------- |\n| LT | Strictly less than: firstDate < secondDate |\n| LTE | Less than or equal to: firstDate <= secondDate |\n| GT | Strictly greater than: firstDate > secondDate |\n| GTE | Greater than or equal to: firstDate >= secondDate |\n", + "enum": [ + "LT", + "LTE", + "GT", + "GTE" + ], + "example": "LT" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateMath", + "type": "object", + "required": [ + "expression" + ], + "properties": { + "expression": { + "type": "string", + "description": "A string value of the date and time components to operation on, along with the math operations to execute.\n", + "externalDocs": { + "description": "Date Math Expressions", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure" + }, + "example": "now+1w" + }, + "roundUp": { + "type": "boolean", + "description": "A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. \n\n\nIf not provided, the transform will default to `false`\n\n\n`true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component)\n\n\n`false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated)\n", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "decomposeDiacriticalMarks", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "e164phone", + "type": "object", + "properties": { + "defaultRegion": { + "type": "string", + "description": "This is an optional attribute that can be used to define the region of the phone number to format into.\n\n\nIf defaultRegion is not provided, it will take US as the default country.\n\n\nThe format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)\n", + "example": "US" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "firstValid", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of attributes to evaluate for existence.", + "example": [ + { + "attributes": { + "sourceName": "Active Directory", + "attributeName": "sAMAccountName" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "Okta", + "attributeName": "login" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "HR Source", + "attributeName": "employeeID" + }, + "type": "accountAttribute" + } + ] + }, + "ignoreErrors": { + "type": "boolean", + "description": "a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur.", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "rule", + "oneOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "This is the name of the Transform rule that needs to be invoked by the transform", + "example": "Transform Calculation Rule" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "includeNumbers", + "includeSpecialChars", + "length" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `generateRandomString`", + "example": "generateRandomString" + }, + "includeNumbers": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include numbers", + "example": true + }, + "includeSpecialChars": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include special characters", + "example": true + }, + "length": { + "type": "string", + "description": "This specifies how long the randomly generated string needs to be\n\n\n>NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "uid" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `getReferenceIdentityAttribute`", + "example": "getReferenceIdentityAttribute" + }, + "uid": { + "type": "string", + "description": "This is the SailPoint User Name (uid) value of the identity whose attribute is desired\n\nAs a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute.\n", + "example": "2c91808570313110017040b06f344ec9" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + } + ] + }, + { + "title": "identityAttribute", + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "The system (camel-cased) name of the identity attribute to bring in", + "example": "email" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "indexOf", + "type": "object", + "required": [ + "substring" + ], + "properties": { + "substring": { + "type": "string", + "description": "A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.", + "example": "admin_" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "iso3166", + "type": "object", + "properties": { + "format": { + "type": "string", + "description": "An optional value to denote which ISO 3166 format to return. Valid values are:\n\n\n`alpha2` - Two-character country code (e.g., \"US\"); this is the default value if no format is supplied\n\n\n`alpha3` - Three-character country code (e.g., \"USA\")\n\n\n`numeric` - The numeric country code (e.g., \"840\")\n", + "example": "alpha2" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "leftPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lookup", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched\n\n\n>**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return \"Unknown Region\" for the attribute that is mapped to this transform.\n", + "example": { + "USA": "Americas", + "FRA": "EMEA", + "AUS": "APAC", + "default": "Unknown Region" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lower", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "nameNormalizer", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomAlphaNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "reference", + "type": "object", + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "This ID specifies the name of the pre-existing transform which you want to use within your current transform", + "example": "Existing Transform" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replaceAll", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.", + "example": { + "-": " ", + "\"": "'", + "ñ": "n" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replace", + "type": "object", + "required": [ + "regex", + "replacement" + ], + "properties": { + "regex": { + "type": "string", + "description": "This can be a string or a regex pattern in which you want to replace.", + "example": "[^a-zA-Z]", + "externalDocs": { + "description": "Regex Builder", + "url": "https://regex101.com/" + } + }, + "replacement": { + "type": "string", + "description": "This is the replacement string that should be substituded wherever the string or pattern is found.", + "example": " " + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "rightPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "split", + "type": "object", + "required": [ + "delimiter", + "index" + ], + "properties": { + "delimiter": { + "type": "string", + "description": "This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data", + "example": "," + }, + "index": { + "type": "string", + "description": "An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.", + "example": "5" + }, + "throws": { + "type": "boolean", + "description": "A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array)\n\n\n`true` - The transform should return \"IndexOutOfBoundsException\"\n\n\n`false` - The transform should return null\n\n\nIf not provided, the transform will default to false and return a null\n", + "example": true, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "static", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "string", + "description": "This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.", + "example": "string$variable", + "externalDocs": { + "description": "Static Transform Documentation", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/static" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "substring", + "type": "object", + "required": [ + "begin" + ], + "properties": { + "begin": { + "type": "integer", + "description": "The index of the first character to include in the returned substring.\n\n\nIf `begin` is set to -1, the transform will begin at character 0 of the input data\n", + "example": 1, + "format": "int32" + }, + "beginOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the begin attribute when returning a substring. \n\nThis attribute is only used if begin is not -1.\n", + "example": 3, + "format": "int32" + }, + "end": { + "type": "integer", + "description": "The index of the first character to exclude from the returned substring.\n\nIf end is -1 or not provided at all, the substring transform will return everything up to the end of the input string.\n", + "example": 6, + "format": "int32" + }, + "endOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the end attribute when returning a substring. \n\nThis attribute is only used if end is provided and is not -1.\n", + "example": 1, + "format": "int32" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "trim", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "upper", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "uuid", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + } + ] + } + } + }, + { + "type": "object", + "required": [ + "id", + "internal" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique ID of this transform", + "example": "2cd78adghjkja34jh2b1hkjhasuecd" + }, + "internal": { + "type": "boolean", + "description": "Indicates whether this is an internal SailPoint-created transform or a customer-created transform", + "example": false, + "default": false + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:transform:read", + "idn:transform:manage" + ] + } + ] + }, + "put": { + "tags": [ + "Transforms" + ], + "summary": "Update a transform", + "description": "Replaces the transform specified by the given ID with the transform provided in the request body. Only the \"attributes\" field is mutable. Attempting to change other properties (ex. \"name\" and \"type\") will result in an error.\nA token with transform write authority is required to call this API.", + "operationId": "updateTransform", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the transform to update", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string" + }, + "example": "2cd78adghjkja34jh2b1hkjhasuecd" + } + ], + "requestBody": { + "description": "The updated transform object. Must include \"name\", \"type\", and \"attributes\" fields, but \"name\" and \"type\" must not be modified.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "The representation of an internally- or customer-defined transform.", + "required": [ + "name", + "type", + "attributes" + ], + "properties": { + "name": { + "type": "string", + "description": "Unique name of this transform", + "example": "Timestamp To Date", + "minLength": 1, + "maxLength": 50 + }, + "type": { + "type": "string", + "description": "The type of transform operation", + "enum": [ + "accountAttribute", + "base64Decode", + "base64Encode", + "concat", + "conditional", + "dateCompare", + "dateFormat", + "dateMath", + "decomposeDiacriticalMarks", + "e164phone", + "firstValid", + "rule", + "identityAttribute", + "indexOf", + "iso3166", + "lastIndexOf", + "leftPad", + "lookup", + "lower", + "normalizeNames", + "randomAlphaNumeric", + "randomNumeric", + "reference", + "replaceAll", + "replace", + "rightPad", + "split", + "static", + "substring", + "trim", + "upper", + "usernameGenerator", + "uuid", + "displayName", + "rfc5646" + ], + "example": "dateFormat", + "externalDocs": { + "description": "Transform Operations", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations" + } + }, + "attributes": { + "nullable": true, + "description": "Meta-data about the transform. Values in this list are specific to the type of transform to be executed.", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Decode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Encode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "concat", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of items to join together", + "example": [ + "John", + " ", + "Smith" + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "conditional", + "type": "object", + "required": [ + "expression", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "expression": { + "type": "string", + "description": "A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. \n\nThe `eq` operator is the only valid comparison", + "example": "ValueA eq ValueB" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": "false" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateCompare", + "type": "object", + "required": [ + "firstDate", + "secondDate", + "operator", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "firstDate": { + "description": "This is the first date to consider (The date that would be on the left hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "secondDate": { + "description": "This is the second date to consider (The date that would be on the right hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "operator": { + "type": "string", + "description": "This is the comparison to perform.\n| Operation | Description |\n| --------- | ------- |\n| LT | Strictly less than: firstDate < secondDate |\n| LTE | Less than or equal to: firstDate <= secondDate |\n| GT | Strictly greater than: firstDate > secondDate |\n| GTE | Greater than or equal to: firstDate >= secondDate |\n", + "enum": [ + "LT", + "LTE", + "GT", + "GTE" + ], + "example": "LT" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateMath", + "type": "object", + "required": [ + "expression" + ], + "properties": { + "expression": { + "type": "string", + "description": "A string value of the date and time components to operation on, along with the math operations to execute.\n", + "externalDocs": { + "description": "Date Math Expressions", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure" + }, + "example": "now+1w" + }, + "roundUp": { + "type": "boolean", + "description": "A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. \n\n\nIf not provided, the transform will default to `false`\n\n\n`true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component)\n\n\n`false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated)\n", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "decomposeDiacriticalMarks", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "e164phone", + "type": "object", + "properties": { + "defaultRegion": { + "type": "string", + "description": "This is an optional attribute that can be used to define the region of the phone number to format into.\n\n\nIf defaultRegion is not provided, it will take US as the default country.\n\n\nThe format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)\n", + "example": "US" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "firstValid", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of attributes to evaluate for existence.", + "example": [ + { + "attributes": { + "sourceName": "Active Directory", + "attributeName": "sAMAccountName" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "Okta", + "attributeName": "login" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "HR Source", + "attributeName": "employeeID" + }, + "type": "accountAttribute" + } + ] + }, + "ignoreErrors": { + "type": "boolean", + "description": "a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur.", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "rule", + "oneOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "This is the name of the Transform rule that needs to be invoked by the transform", + "example": "Transform Calculation Rule" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "includeNumbers", + "includeSpecialChars", + "length" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `generateRandomString`", + "example": "generateRandomString" + }, + "includeNumbers": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include numbers", + "example": true + }, + "includeSpecialChars": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include special characters", + "example": true + }, + "length": { + "type": "string", + "description": "This specifies how long the randomly generated string needs to be\n\n\n>NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "uid" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `getReferenceIdentityAttribute`", + "example": "getReferenceIdentityAttribute" + }, + "uid": { + "type": "string", + "description": "This is the SailPoint User Name (uid) value of the identity whose attribute is desired\n\nAs a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute.\n", + "example": "2c91808570313110017040b06f344ec9" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + } + ] + }, + { + "title": "identityAttribute", + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "The system (camel-cased) name of the identity attribute to bring in", + "example": "email" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "indexOf", + "type": "object", + "required": [ + "substring" + ], + "properties": { + "substring": { + "type": "string", + "description": "A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.", + "example": "admin_" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "iso3166", + "type": "object", + "properties": { + "format": { + "type": "string", + "description": "An optional value to denote which ISO 3166 format to return. Valid values are:\n\n\n`alpha2` - Two-character country code (e.g., \"US\"); this is the default value if no format is supplied\n\n\n`alpha3` - Three-character country code (e.g., \"USA\")\n\n\n`numeric` - The numeric country code (e.g., \"840\")\n", + "example": "alpha2" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "leftPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lookup", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched\n\n\n>**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return \"Unknown Region\" for the attribute that is mapped to this transform.\n", + "example": { + "USA": "Americas", + "FRA": "EMEA", + "AUS": "APAC", + "default": "Unknown Region" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lower", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "nameNormalizer", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomAlphaNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "reference", + "type": "object", + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "This ID specifies the name of the pre-existing transform which you want to use within your current transform", + "example": "Existing Transform" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replaceAll", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.", + "example": { + "-": " ", + "\"": "'", + "ñ": "n" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replace", + "type": "object", + "required": [ + "regex", + "replacement" + ], + "properties": { + "regex": { + "type": "string", + "description": "This can be a string or a regex pattern in which you want to replace.", + "example": "[^a-zA-Z]", + "externalDocs": { + "description": "Regex Builder", + "url": "https://regex101.com/" + } + }, + "replacement": { + "type": "string", + "description": "This is the replacement string that should be substituded wherever the string or pattern is found.", + "example": " " + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "rightPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "split", + "type": "object", + "required": [ + "delimiter", + "index" + ], + "properties": { + "delimiter": { + "type": "string", + "description": "This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data", + "example": "," + }, + "index": { + "type": "string", + "description": "An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.", + "example": "5" + }, + "throws": { + "type": "boolean", + "description": "A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array)\n\n\n`true` - The transform should return \"IndexOutOfBoundsException\"\n\n\n`false` - The transform should return null\n\n\nIf not provided, the transform will default to false and return a null\n", + "example": true, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "static", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "string", + "description": "This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.", + "example": "string$variable", + "externalDocs": { + "description": "Static Transform Documentation", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/static" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "substring", + "type": "object", + "required": [ + "begin" + ], + "properties": { + "begin": { + "type": "integer", + "description": "The index of the first character to include in the returned substring.\n\n\nIf `begin` is set to -1, the transform will begin at character 0 of the input data\n", + "example": 1, + "format": "int32" + }, + "beginOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the begin attribute when returning a substring. \n\nThis attribute is only used if begin is not -1.\n", + "example": 3, + "format": "int32" + }, + "end": { + "type": "integer", + "description": "The index of the first character to exclude from the returned substring.\n\nIf end is -1 or not provided at all, the substring transform will return everything up to the end of the input string.\n", + "example": 6, + "format": "int32" + }, + "endOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the end attribute when returning a substring. \n\nThis attribute is only used if end is provided and is not -1.\n", + "example": 1, + "format": "int32" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "trim", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "upper", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "uuid", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + } + ] + } + } + }, + "example": { + "name": "Timestamp To Date", + "type": "dateFormat", + "attributes": { + "inputFormat": "MMM-dd-yyyy, HH:mm:ss.SSS", + "outputFormat": "yyyy/dd/MM" + } + } + } + } + }, + "responses": { + "200": { + "description": "Indicates the transform was successfully updated and returns its new representation.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "The representation of an internally- or customer-defined transform.", + "required": [ + "name", + "type", + "attributes" + ], + "properties": { + "name": { + "type": "string", + "description": "Unique name of this transform", + "example": "Timestamp To Date", + "minLength": 1, + "maxLength": 50 + }, + "type": { + "type": "string", + "description": "The type of transform operation", + "enum": [ + "accountAttribute", + "base64Decode", + "base64Encode", + "concat", + "conditional", + "dateCompare", + "dateFormat", + "dateMath", + "decomposeDiacriticalMarks", + "e164phone", + "firstValid", + "rule", + "identityAttribute", + "indexOf", + "iso3166", + "lastIndexOf", + "leftPad", + "lookup", + "lower", + "normalizeNames", + "randomAlphaNumeric", + "randomNumeric", + "reference", + "replaceAll", + "replace", + "rightPad", + "split", + "static", + "substring", + "trim", + "upper", + "usernameGenerator", + "uuid", + "displayName", + "rfc5646" + ], + "example": "dateFormat", + "externalDocs": { + "description": "Transform Operations", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations" + } + }, + "attributes": { + "nullable": true, + "description": "Meta-data about the transform. Values in this list are specific to the type of transform to be executed.", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Decode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Encode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "concat", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of items to join together", + "example": [ + "John", + " ", + "Smith" + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "conditional", + "type": "object", + "required": [ + "expression", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "expression": { + "type": "string", + "description": "A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. \n\nThe `eq` operator is the only valid comparison", + "example": "ValueA eq ValueB" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": "false" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateCompare", + "type": "object", + "required": [ + "firstDate", + "secondDate", + "operator", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "firstDate": { + "description": "This is the first date to consider (The date that would be on the left hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "secondDate": { + "description": "This is the second date to consider (The date that would be on the right hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "operator": { + "type": "string", + "description": "This is the comparison to perform.\n| Operation | Description |\n| --------- | ------- |\n| LT | Strictly less than: firstDate < secondDate |\n| LTE | Less than or equal to: firstDate <= secondDate |\n| GT | Strictly greater than: firstDate > secondDate |\n| GTE | Greater than or equal to: firstDate >= secondDate |\n", + "enum": [ + "LT", + "LTE", + "GT", + "GTE" + ], + "example": "LT" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateMath", + "type": "object", + "required": [ + "expression" + ], + "properties": { + "expression": { + "type": "string", + "description": "A string value of the date and time components to operation on, along with the math operations to execute.\n", + "externalDocs": { + "description": "Date Math Expressions", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure" + }, + "example": "now+1w" + }, + "roundUp": { + "type": "boolean", + "description": "A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. \n\n\nIf not provided, the transform will default to `false`\n\n\n`true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component)\n\n\n`false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated)\n", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "decomposeDiacriticalMarks", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "e164phone", + "type": "object", + "properties": { + "defaultRegion": { + "type": "string", + "description": "This is an optional attribute that can be used to define the region of the phone number to format into.\n\n\nIf defaultRegion is not provided, it will take US as the default country.\n\n\nThe format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)\n", + "example": "US" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "firstValid", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of attributes to evaluate for existence.", + "example": [ + { + "attributes": { + "sourceName": "Active Directory", + "attributeName": "sAMAccountName" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "Okta", + "attributeName": "login" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "HR Source", + "attributeName": "employeeID" + }, + "type": "accountAttribute" + } + ] + }, + "ignoreErrors": { + "type": "boolean", + "description": "a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur.", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "rule", + "oneOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "This is the name of the Transform rule that needs to be invoked by the transform", + "example": "Transform Calculation Rule" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "includeNumbers", + "includeSpecialChars", + "length" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `generateRandomString`", + "example": "generateRandomString" + }, + "includeNumbers": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include numbers", + "example": true + }, + "includeSpecialChars": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include special characters", + "example": true + }, + "length": { + "type": "string", + "description": "This specifies how long the randomly generated string needs to be\n\n\n>NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "uid" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `getReferenceIdentityAttribute`", + "example": "getReferenceIdentityAttribute" + }, + "uid": { + "type": "string", + "description": "This is the SailPoint User Name (uid) value of the identity whose attribute is desired\n\nAs a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute.\n", + "example": "2c91808570313110017040b06f344ec9" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + } + ] + }, + { + "title": "identityAttribute", + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "The system (camel-cased) name of the identity attribute to bring in", + "example": "email" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "indexOf", + "type": "object", + "required": [ + "substring" + ], + "properties": { + "substring": { + "type": "string", + "description": "A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.", + "example": "admin_" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "iso3166", + "type": "object", + "properties": { + "format": { + "type": "string", + "description": "An optional value to denote which ISO 3166 format to return. Valid values are:\n\n\n`alpha2` - Two-character country code (e.g., \"US\"); this is the default value if no format is supplied\n\n\n`alpha3` - Three-character country code (e.g., \"USA\")\n\n\n`numeric` - The numeric country code (e.g., \"840\")\n", + "example": "alpha2" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "leftPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lookup", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched\n\n\n>**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return \"Unknown Region\" for the attribute that is mapped to this transform.\n", + "example": { + "USA": "Americas", + "FRA": "EMEA", + "AUS": "APAC", + "default": "Unknown Region" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lower", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "nameNormalizer", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomAlphaNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "reference", + "type": "object", + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "This ID specifies the name of the pre-existing transform which you want to use within your current transform", + "example": "Existing Transform" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replaceAll", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.", + "example": { + "-": " ", + "\"": "'", + "ñ": "n" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replace", + "type": "object", + "required": [ + "regex", + "replacement" + ], + "properties": { + "regex": { + "type": "string", + "description": "This can be a string or a regex pattern in which you want to replace.", + "example": "[^a-zA-Z]", + "externalDocs": { + "description": "Regex Builder", + "url": "https://regex101.com/" + } + }, + "replacement": { + "type": "string", + "description": "This is the replacement string that should be substituded wherever the string or pattern is found.", + "example": " " + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "rightPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "split", + "type": "object", + "required": [ + "delimiter", + "index" + ], + "properties": { + "delimiter": { + "type": "string", + "description": "This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data", + "example": "," + }, + "index": { + "type": "string", + "description": "An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.", + "example": "5" + }, + "throws": { + "type": "boolean", + "description": "A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array)\n\n\n`true` - The transform should return \"IndexOutOfBoundsException\"\n\n\n`false` - The transform should return null\n\n\nIf not provided, the transform will default to false and return a null\n", + "example": true, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "static", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "string", + "description": "This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.", + "example": "string$variable", + "externalDocs": { + "description": "Static Transform Documentation", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/static" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "substring", + "type": "object", + "required": [ + "begin" + ], + "properties": { + "begin": { + "type": "integer", + "description": "The index of the first character to include in the returned substring.\n\n\nIf `begin` is set to -1, the transform will begin at character 0 of the input data\n", + "example": 1, + "format": "int32" + }, + "beginOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the begin attribute when returning a substring. \n\nThis attribute is only used if begin is not -1.\n", + "example": 3, + "format": "int32" + }, + "end": { + "type": "integer", + "description": "The index of the first character to exclude from the returned substring.\n\nIf end is -1 or not provided at all, the substring transform will return everything up to the end of the input string.\n", + "example": 6, + "format": "int32" + }, + "endOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the end attribute when returning a substring. \n\nThis attribute is only used if end is provided and is not -1.\n", + "example": 1, + "format": "int32" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "trim", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "upper", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "uuid", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + } + ] + } + } + }, + { + "type": "object", + "required": [ + "id", + "internal" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique ID of this transform", + "example": "2cd78adghjkja34jh2b1hkjhasuecd" + }, + "internal": { + "type": "boolean", + "description": "Indicates whether this is an internal SailPoint-created transform or a customer-created transform", + "example": false, + "default": false + } + } + } + ] + }, + "example": { + "id": "2cd78adghjkja34jh2b1hkjhasuecd", + "name": "Timestamp To Date", + "type": "dateFormat", + "attributes": { + "inputFormat": "MMM-dd-yyyy, HH:mm:ss.SSS", + "outputFormat": "yyyy/dd/MM" + }, + "internal": false + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:transform:manage" + ] + } + ] + }, + "delete": { + "tags": [ + "Transforms" + ], + "summary": "Delete a transform", + "description": "Deletes the transform specified by the given ID. Attempting to delete a transform that is used in one or more Identity Profile mappings will result in an error. If this occurs, you must first remove the transform from all mappings before deleting the transform.\nA token with transform delete authority is required to call this API.", + "operationId": "deleteTransform", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the transform to delete", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string" + }, + "example": "2cd78adghjkja34jh2b1hkjhasuecd" + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:transform:manage" + ] + } + ] + } + }, + "/work-items": { + "get": { + "operationId": "listWorkItems", + "tags": [ + "Work Items" + ], + "summary": "List Work Items", + "description": "This gets a collection of work items belonging to either the specified user(admin required), or the current user.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "ownerId", + "schema": { + "type": "string" + }, + "description": "ID of the work item owner.", + "required": false, + "example": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "responses": { + "200": { + "description": "List of work items", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/completed": { + "get": { + "operationId": "getCompletedWorkItems", + "tags": [ + "Work Items" + ], + "summary": "Completed Work Items", + "description": "This gets a collection of completed work items belonging to either the specified user(admin required), or the current user.", + "parameters": [ + { + "in": "query", + "name": "ownerId", + "schema": { + "type": "string" + }, + "description": "The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.", + "required": false, + "example": "1211bcaa32112bcef6122adb21cef1ac" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + } + ], + "responses": { + "200": { + "description": "List of completed work items.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/count": { + "get": { + "operationId": "getCountWorkItems", + "tags": [ + "Work Items" + ], + "summary": "Count Work Items", + "description": "This gets a count of work items belonging to either the specified user(admin required), or the current user.", + "parameters": [ + { + "in": "query", + "name": "ownerId", + "schema": { + "type": "string" + }, + "description": "ID of the work item owner.", + "required": false, + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "List of work items", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "count": { + "type": "integer", + "description": "The count of work items", + "example": 29 + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/completed/count": { + "get": { + "operationId": "getCountCompletedWorkItems", + "tags": [ + "Work Items" + ], + "summary": "Count Completed Work Items", + "description": "This gets a count of completed work items belonging to either the specified user(admin required), or the current user.", + "parameters": [ + { + "in": "query", + "name": "ownerId", + "schema": { + "type": "string" + }, + "description": "ID of the work item owner.", + "required": false, + "example": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "responses": { + "200": { + "description": "List of work items", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "count": { + "type": "integer", + "description": "The count of work items", + "example": 29 + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/summary": { + "get": { + "operationId": "getWorkItemsSummary", + "tags": [ + "Work Items" + ], + "summary": "Work Items Summary", + "description": "This gets a summary of work items belonging to either the specified user(admin required), or the current user.", + "parameters": [ + { + "in": "query", + "name": "ownerId", + "schema": { + "type": "string" + }, + "description": "ID of the work item owner.", + "required": false, + "example": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "responses": { + "200": { + "description": "List of work items", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "open": { + "type": "integer", + "description": "The count of open work items", + "example": 29 + }, + "completed": { + "type": "integer", + "description": "The count of completed work items", + "example": 1 + }, + "total": { + "type": "integer", + "description": "The count of total work items", + "example": 30 + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/{id}": { + "get": { + "operationId": "getWorkItem", + "tags": [ + "Work Items" + ], + "summary": "Get a Work Item", + "description": "This gets the details of a Work Item belonging to either the specified user(admin required), or the current user.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the work item.", + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "responses": { + "200": { + "description": "The work item with the given ID.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "completeWorkItem", + "tags": [ + "Work Items" + ], + "summary": "Complete a Work Item", + "description": "This API completes a work item. Either an admin, or the owning/current user must make this request.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the work item", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "A WorkItems object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/{id}/approve/{approvalItemId}": { + "post": { + "operationId": "approveApprovalItem", + "tags": [ + "Work Items" + ], + "summary": "Approve an Approval Item", + "description": "This API approves an Approval Item. Either an admin, or the owning/current user must make this request.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the work item", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "path", + "name": "approvalItemId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the approval item.", + "example": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "responses": { + "200": { + "description": "A work items details object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/{id}/reject/{approvalItemId}": { + "post": { + "operationId": "rejectApprovalItem", + "tags": [ + "Work Items" + ], + "summary": "Reject an Approval Item", + "description": "This API rejects an Approval Item. Either an admin, or the owning/current user must make this request.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the work item", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "path", + "name": "approvalItemId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the approval item.", + "example": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "responses": { + "200": { + "description": "A work items details object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/bulk-approve/{id}": { + "post": { + "operationId": "approveApprovalItemsInBulk", + "tags": [ + "Work Items" + ], + "summary": "Bulk approve Approval Items", + "description": "This API bulk approves Approval Items. Either an admin, or the owning/current user must make this request.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the work item", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "A work items details object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/bulk-reject/{id}": { + "post": { + "operationId": "rejectApprovalItemsInBulk", + "tags": [ + "Work Items" + ], + "summary": "Bulk reject Approval Items", + "description": "This API bulk rejects Approval Items. Either an admin, or the owning/current user must make this request.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the work item", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "responses": { + "200": { + "description": "A work items details object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/work-items/{id}/submit-account-selection": { + "post": { + "operationId": "submitAccountSelection", + "tags": [ + "Work Items" + ], + "summary": "Submit Account Selections", + "description": "This API submits account selections. Either an admin, or the owning/current user must make this request.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the work item", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": true + }, + "example": { + "fieldName": "fieldValue" + } + } + }, + "description": "Account Selection Data map, keyed on fieldName" + }, + "responses": { + "200": { + "description": "A work items details object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflows": { + "get": { + "operationId": "listWorkflows", + "tags": [ + "Workflows" + ], + "summary": "List Workflows", + "description": "List all workflows in the tenant.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:read" + ] + } + ], + "responses": { + "200": { + "description": "List of workflows", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Workflow ID. This is a UUID generated upon creation.", + "example": "d201c5e9-d37b-4aff-af14-66414f39d569" + }, + "executionCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has been executed.", + "example": 2 + }, + "failureCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has failed during execution.", + "example": 0 + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was created.", + "example": "2022-01-10T16:06:16.636381447Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was modified.", + "example": "2023-12-05T15:18:27.699Z" + }, + "modifiedBy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Thomas Edison" + } + } + }, + "creator": { + "type": "object", + "description": "Workflow creator's identity.", + "properties": { + "type": { + "type": "string", + "description": "Workflow creator's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Workflow creator's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Workflow creator's display name.", + "example": "Michael Michaels" + } + } + } + } + }, + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the workflow", + "example": "Send Email" + }, + "owner": { + "type": "object", + "description": "The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object that is referenced" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The name of the object", + "example": "William Wilson" + } + } + }, + "description": { + "type": "string", + "description": "Description of what the workflow accomplishes", + "example": "Send an email to the identity who's attributes changed." + }, + "definition": { + "type": "object", + "description": "The map of steps that the workflow will execute.", + "properties": { + "start": { + "type": "string", + "description": "The name of the starting step.", + "example": "Send Email Test" + }, + "steps": { + "type": "object", + "description": "One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type.", + "additionalProperties": true, + "example": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "ACTION" + }, + "success": { + "type": "success" + } + } + } + } + }, + "enabled": { + "type": "boolean", + "description": "Enable or disable the workflow. Workflows cannot be created in an enabled state.", + "default": false, + "example": false + }, + "trigger": { + "type": "object", + "description": "The trigger that starts the workflow", + "required": [ + "type", + "attributes" + ], + "properties": { + "type": { + "type": "string", + "enum": [ + "EVENT", + "EXTERNAL", + "SCHEDULED" + ], + "example": "EVENT", + "description": "The trigger type" + }, + "displayName": { + "type": "string", + "nullable": true + }, + "attributes": { + "oneOf": [ + { + "title": "Event Trigger Attributes", + "type": "object", + "description": "Attributes related to an IdentityNow ETS event", + "additionalProperties": false, + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the trigger", + "example": "idn:identity-attributes-changed" + }, + "filter.$": { + "type": "string", + "description": "JSON path expression that will limit which events the trigger will fire on", + "example": "$.changes[?(@.attribute == 'manager')]" + }, + "description": { + "type": "string", + "description": "Description of the event trigger" + } + } + }, + { + "title": "External Trigger Attributes", + "type": "object", + "description": "Attributes related to an external trigger", + "additionalProperties": false, + "properties": { + "name": { + "type": "string", + "description": "A unique name for the external trigger", + "example": "search-and-notify" + }, + "description": { + "type": "string", + "description": "Additonal context about the external trigger", + "example": "Run a search and notify the results" + }, + "clientId": { + "type": "string", + "description": "OAuth Client ID to authenticate with this trigger", + "example": "87e239b2-b85b-4bde-b9a7-55bf304ddcdc" + }, + "url": { + "type": "string", + "description": "URL to invoke this workflow", + "example": "https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d" + } + } + }, + { + "title": "Scheduled Trigger Attributes", + "type": "object", + "description": "Attributes related to a scheduled trigger", + "additionalProperties": false, + "required": [ + "frequency" + ], + "properties": { + "cronString": { + "type": "string", + "description": "A valid CRON expression", + "externalDocs": { + "description": "CRON expression editor", + "url": "https://crontab.guru/" + }, + "example": "0 9 * * 1" + }, + "frequency": { + "type": "string", + "description": "Frequency of execution", + "enum": [ + "daily", + "weekly", + "monthly", + "yearly", + "cronSchedule" + ] + }, + "timeZone": { + "type": "string", + "description": "Time zone identifier", + "example": "America/Chicago" + }, + "weeklyDays": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled days of the week for execution" + }, + "weeklyTimes": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled execution times" + } + } + } + ], + "description": "Workflow Trigger Attributes." + } + } + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflows/{id}": { + "get": { + "operationId": "getWorkflow", + "tags": [ + "Workflows" + ], + "summary": "Get Workflow By Id", + "description": "Get a single workflow by id.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:read" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the workflow", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "responses": { + "200": { + "description": "The workflow object", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Workflow ID. This is a UUID generated upon creation.", + "example": "d201c5e9-d37b-4aff-af14-66414f39d569" + }, + "executionCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has been executed.", + "example": 2 + }, + "failureCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has failed during execution.", + "example": 0 + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was created.", + "example": "2022-01-10T16:06:16.636381447Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was modified.", + "example": "2023-12-05T15:18:27.699Z" + }, + "modifiedBy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Thomas Edison" + } + } + }, + "creator": { + "type": "object", + "description": "Workflow creator's identity.", + "properties": { + "type": { + "type": "string", + "description": "Workflow creator's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Workflow creator's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Workflow creator's display name.", + "example": "Michael Michaels" + } + } + } + } + }, + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the workflow", + "example": "Send Email" + }, + "owner": { + "type": "object", + "description": "The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object that is referenced" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The name of the object", + "example": "William Wilson" + } + } + }, + "description": { + "type": "string", + "description": "Description of what the workflow accomplishes", + "example": "Send an email to the identity who's attributes changed." + }, + "definition": { + "type": "object", + "description": "The map of steps that the workflow will execute.", + "properties": { + "start": { + "type": "string", + "description": "The name of the starting step.", + "example": "Send Email Test" + }, + "steps": { + "type": "object", + "description": "One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type.", + "additionalProperties": true, + "example": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "ACTION" + }, + "success": { + "type": "success" + } + } + } + } + }, + "enabled": { + "type": "boolean", + "description": "Enable or disable the workflow. Workflows cannot be created in an enabled state.", + "default": false, + "example": false + }, + "trigger": { + "type": "object", + "description": "The trigger that starts the workflow", + "required": [ + "type", + "attributes" + ], + "properties": { + "type": { + "type": "string", + "enum": [ + "EVENT", + "EXTERNAL", + "SCHEDULED" + ], + "example": "EVENT", + "description": "The trigger type" + }, + "displayName": { + "type": "string", + "nullable": true + }, + "attributes": { + "oneOf": [ + { + "title": "Event Trigger Attributes", + "type": "object", + "description": "Attributes related to an IdentityNow ETS event", + "additionalProperties": false, + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the trigger", + "example": "idn:identity-attributes-changed" + }, + "filter.$": { + "type": "string", + "description": "JSON path expression that will limit which events the trigger will fire on", + "example": "$.changes[?(@.attribute == 'manager')]" + }, + "description": { + "type": "string", + "description": "Description of the event trigger" + } + } + }, + { + "title": "External Trigger Attributes", + "type": "object", + "description": "Attributes related to an external trigger", + "additionalProperties": false, + "properties": { + "name": { + "type": "string", + "description": "A unique name for the external trigger", + "example": "search-and-notify" + }, + "description": { + "type": "string", + "description": "Additonal context about the external trigger", + "example": "Run a search and notify the results" + }, + "clientId": { + "type": "string", + "description": "OAuth Client ID to authenticate with this trigger", + "example": "87e239b2-b85b-4bde-b9a7-55bf304ddcdc" + }, + "url": { + "type": "string", + "description": "URL to invoke this workflow", + "example": "https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d" + } + } + }, + { + "title": "Scheduled Trigger Attributes", + "type": "object", + "description": "Attributes related to a scheduled trigger", + "additionalProperties": false, + "required": [ + "frequency" + ], + "properties": { + "cronString": { + "type": "string", + "description": "A valid CRON expression", + "externalDocs": { + "description": "CRON expression editor", + "url": "https://crontab.guru/" + }, + "example": "0 9 * * 1" + }, + "frequency": { + "type": "string", + "description": "Frequency of execution", + "enum": [ + "daily", + "weekly", + "monthly", + "yearly", + "cronSchedule" + ] + }, + "timeZone": { + "type": "string", + "description": "Time zone identifier", + "example": "America/Chicago" + }, + "weeklyDays": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled days of the week for execution" + }, + "weeklyTimes": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled execution times" + } + } + } + ], + "description": "Workflow Trigger Attributes." + } + } + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putWorkflow", + "tags": [ + "Workflows" + ], + "summary": "Update Workflow", + "description": "Perform a full update of a workflow. The updated workflow object is returned in the response.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:manage" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the Workflow", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the workflow", + "example": "Send Email" + }, + "owner": { + "type": "object", + "description": "The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object that is referenced" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The name of the object", + "example": "William Wilson" + } + } + }, + "description": { + "type": "string", + "description": "Description of what the workflow accomplishes", + "example": "Send an email to the identity who's attributes changed." + }, + "definition": { + "type": "object", + "description": "The map of steps that the workflow will execute.", + "properties": { + "start": { + "type": "string", + "description": "The name of the starting step.", + "example": "Send Email Test" + }, + "steps": { + "type": "object", + "description": "One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type.", + "additionalProperties": true, + "example": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "ACTION" + }, + "success": { + "type": "success" + } + } + } + } + }, + "enabled": { + "type": "boolean", + "description": "Enable or disable the workflow. Workflows cannot be created in an enabled state.", + "default": false, + "example": false + }, + "trigger": { + "type": "object", + "description": "The trigger that starts the workflow", + "required": [ + "type", + "attributes" + ], + "properties": { + "type": { + "type": "string", + "enum": [ + "EVENT", + "EXTERNAL", + "SCHEDULED" + ], + "example": "EVENT", + "description": "The trigger type" + }, + "displayName": { + "type": "string", + "nullable": true + }, + "attributes": { + "oneOf": [ + { + "title": "Event Trigger Attributes", + "type": "object", + "description": "Attributes related to an IdentityNow ETS event", + "additionalProperties": false, + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the trigger", + "example": "idn:identity-attributes-changed" + }, + "filter.$": { + "type": "string", + "description": "JSON path expression that will limit which events the trigger will fire on", + "example": "$.changes[?(@.attribute == 'manager')]" + }, + "description": { + "type": "string", + "description": "Description of the event trigger" + } + } + }, + { + "title": "External Trigger Attributes", + "type": "object", + "description": "Attributes related to an external trigger", + "additionalProperties": false, + "properties": { + "name": { + "type": "string", + "description": "A unique name for the external trigger", + "example": "search-and-notify" + }, + "description": { + "type": "string", + "description": "Additonal context about the external trigger", + "example": "Run a search and notify the results" + }, + "clientId": { + "type": "string", + "description": "OAuth Client ID to authenticate with this trigger", + "example": "87e239b2-b85b-4bde-b9a7-55bf304ddcdc" + }, + "url": { + "type": "string", + "description": "URL to invoke this workflow", + "example": "https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d" + } + } + }, + { + "title": "Scheduled Trigger Attributes", + "type": "object", + "description": "Attributes related to a scheduled trigger", + "additionalProperties": false, + "required": [ + "frequency" + ], + "properties": { + "cronString": { + "type": "string", + "description": "A valid CRON expression", + "externalDocs": { + "description": "CRON expression editor", + "url": "https://crontab.guru/" + }, + "example": "0 9 * * 1" + }, + "frequency": { + "type": "string", + "description": "Frequency of execution", + "enum": [ + "daily", + "weekly", + "monthly", + "yearly", + "cronSchedule" + ] + }, + "timeZone": { + "type": "string", + "description": "Time zone identifier", + "example": "America/Chicago" + }, + "weeklyDays": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled days of the week for execution" + }, + "weeklyTimes": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled execution times" + } + } + } + ], + "description": "Workflow Trigger Attributes." + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The Workflow object", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Workflow ID. This is a UUID generated upon creation.", + "example": "d201c5e9-d37b-4aff-af14-66414f39d569" + }, + "executionCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has been executed.", + "example": 2 + }, + "failureCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has failed during execution.", + "example": 0 + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was created.", + "example": "2022-01-10T16:06:16.636381447Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was modified.", + "example": "2023-12-05T15:18:27.699Z" + }, + "modifiedBy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Thomas Edison" + } + } + }, + "creator": { + "type": "object", + "description": "Workflow creator's identity.", + "properties": { + "type": { + "type": "string", + "description": "Workflow creator's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Workflow creator's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Workflow creator's display name.", + "example": "Michael Michaels" + } + } + } + } + }, + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the workflow", + "example": "Send Email" + }, + "owner": { + "type": "object", + "description": "The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object that is referenced" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The name of the object", + "example": "William Wilson" + } + } + }, + "description": { + "type": "string", + "description": "Description of what the workflow accomplishes", + "example": "Send an email to the identity who's attributes changed." + }, + "definition": { + "type": "object", + "description": "The map of steps that the workflow will execute.", + "properties": { + "start": { + "type": "string", + "description": "The name of the starting step.", + "example": "Send Email Test" + }, + "steps": { + "type": "object", + "description": "One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type.", + "additionalProperties": true, + "example": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "ACTION" + }, + "success": { + "type": "success" + } + } + } + } + }, + "enabled": { + "type": "boolean", + "description": "Enable or disable the workflow. Workflows cannot be created in an enabled state.", + "default": false, + "example": false + }, + "trigger": { + "type": "object", + "description": "The trigger that starts the workflow", + "required": [ + "type", + "attributes" + ], + "properties": { + "type": { + "type": "string", + "enum": [ + "EVENT", + "EXTERNAL", + "SCHEDULED" + ], + "example": "EVENT", + "description": "The trigger type" + }, + "displayName": { + "type": "string", + "nullable": true + }, + "attributes": { + "oneOf": [ + { + "title": "Event Trigger Attributes", + "type": "object", + "description": "Attributes related to an IdentityNow ETS event", + "additionalProperties": false, + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the trigger", + "example": "idn:identity-attributes-changed" + }, + "filter.$": { + "type": "string", + "description": "JSON path expression that will limit which events the trigger will fire on", + "example": "$.changes[?(@.attribute == 'manager')]" + }, + "description": { + "type": "string", + "description": "Description of the event trigger" + } + } + }, + { + "title": "External Trigger Attributes", + "type": "object", + "description": "Attributes related to an external trigger", + "additionalProperties": false, + "properties": { + "name": { + "type": "string", + "description": "A unique name for the external trigger", + "example": "search-and-notify" + }, + "description": { + "type": "string", + "description": "Additonal context about the external trigger", + "example": "Run a search and notify the results" + }, + "clientId": { + "type": "string", + "description": "OAuth Client ID to authenticate with this trigger", + "example": "87e239b2-b85b-4bde-b9a7-55bf304ddcdc" + }, + "url": { + "type": "string", + "description": "URL to invoke this workflow", + "example": "https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d" + } + } + }, + { + "title": "Scheduled Trigger Attributes", + "type": "object", + "description": "Attributes related to a scheduled trigger", + "additionalProperties": false, + "required": [ + "frequency" + ], + "properties": { + "cronString": { + "type": "string", + "description": "A valid CRON expression", + "externalDocs": { + "description": "CRON expression editor", + "url": "https://crontab.guru/" + }, + "example": "0 9 * * 1" + }, + "frequency": { + "type": "string", + "description": "Frequency of execution", + "enum": [ + "daily", + "weekly", + "monthly", + "yearly", + "cronSchedule" + ] + }, + "timeZone": { + "type": "string", + "description": "Time zone identifier", + "example": "America/Chicago" + }, + "weeklyDays": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled days of the week for execution" + }, + "weeklyTimes": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled execution times" + } + } + } + ], + "description": "Workflow Trigger Attributes." + } + } + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchWorkflow", + "tags": [ + "Workflows" + ], + "summary": "Patch Workflow", + "description": "Partially update an existing Workflow using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:manage" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the Workflow", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "examples": { + "Update all patchable fields": { + "description": "Demonstrate how to update each patchable field in one PATCH request.", + "value": [ + { + "op": "replace", + "path": "/name", + "value": "Send Email" + }, + { + "op": "replace", + "path": "/owner", + "value": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "William Wilson" + } + }, + { + "op": "replace", + "path": "/description", + "value": "Send an email to the identity who's attributes changed." + }, + { + "op": "replace", + "path": "/enabled", + "value": false + }, + { + "op": "replace", + "path": "/definition", + "value": { + "start": "Send Email Test", + "steps": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "action" + }, + "success": { + "type": "success" + } + } + } + }, + { + "op": "replace", + "path": "/trigger", + "value": { + "type": "EVENT", + "attributes": { + "id": "idn:identity-attributes-changed" + } + } + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "The Workflow object", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Workflow ID. This is a UUID generated upon creation.", + "example": "d201c5e9-d37b-4aff-af14-66414f39d569" + }, + "executionCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has been executed.", + "example": 2 + }, + "failureCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has failed during execution.", + "example": 0 + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was created.", + "example": "2022-01-10T16:06:16.636381447Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was modified.", + "example": "2023-12-05T15:18:27.699Z" + }, + "modifiedBy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Thomas Edison" + } + } + }, + "creator": { + "type": "object", + "description": "Workflow creator's identity.", + "properties": { + "type": { + "type": "string", + "description": "Workflow creator's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Workflow creator's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Workflow creator's display name.", + "example": "Michael Michaels" + } + } + } + } + }, + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the workflow", + "example": "Send Email" + }, + "owner": { + "type": "object", + "description": "The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object that is referenced" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The name of the object", + "example": "William Wilson" + } + } + }, + "description": { + "type": "string", + "description": "Description of what the workflow accomplishes", + "example": "Send an email to the identity who's attributes changed." + }, + "definition": { + "type": "object", + "description": "The map of steps that the workflow will execute.", + "properties": { + "start": { + "type": "string", + "description": "The name of the starting step.", + "example": "Send Email Test" + }, + "steps": { + "type": "object", + "description": "One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type.", + "additionalProperties": true, + "example": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "ACTION" + }, + "success": { + "type": "success" + } + } + } + } + }, + "enabled": { + "type": "boolean", + "description": "Enable or disable the workflow. Workflows cannot be created in an enabled state.", + "default": false, + "example": false + }, + "trigger": { + "type": "object", + "description": "The trigger that starts the workflow", + "required": [ + "type", + "attributes" + ], + "properties": { + "type": { + "type": "string", + "enum": [ + "EVENT", + "EXTERNAL", + "SCHEDULED" + ], + "example": "EVENT", + "description": "The trigger type" + }, + "displayName": { + "type": "string", + "nullable": true + }, + "attributes": { + "oneOf": [ + { + "title": "Event Trigger Attributes", + "type": "object", + "description": "Attributes related to an IdentityNow ETS event", + "additionalProperties": false, + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the trigger", + "example": "idn:identity-attributes-changed" + }, + "filter.$": { + "type": "string", + "description": "JSON path expression that will limit which events the trigger will fire on", + "example": "$.changes[?(@.attribute == 'manager')]" + }, + "description": { + "type": "string", + "description": "Description of the event trigger" + } + } + }, + { + "title": "External Trigger Attributes", + "type": "object", + "description": "Attributes related to an external trigger", + "additionalProperties": false, + "properties": { + "name": { + "type": "string", + "description": "A unique name for the external trigger", + "example": "search-and-notify" + }, + "description": { + "type": "string", + "description": "Additonal context about the external trigger", + "example": "Run a search and notify the results" + }, + "clientId": { + "type": "string", + "description": "OAuth Client ID to authenticate with this trigger", + "example": "87e239b2-b85b-4bde-b9a7-55bf304ddcdc" + }, + "url": { + "type": "string", + "description": "URL to invoke this workflow", + "example": "https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d" + } + } + }, + { + "title": "Scheduled Trigger Attributes", + "type": "object", + "description": "Attributes related to a scheduled trigger", + "additionalProperties": false, + "required": [ + "frequency" + ], + "properties": { + "cronString": { + "type": "string", + "description": "A valid CRON expression", + "externalDocs": { + "description": "CRON expression editor", + "url": "https://crontab.guru/" + }, + "example": "0 9 * * 1" + }, + "frequency": { + "type": "string", + "description": "Frequency of execution", + "enum": [ + "daily", + "weekly", + "monthly", + "yearly", + "cronSchedule" + ] + }, + "timeZone": { + "type": "string", + "description": "Time zone identifier", + "example": "America/Chicago" + }, + "weeklyDays": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled days of the week for execution" + }, + "weeklyTimes": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled execution times" + } + } + } + ], + "description": "Workflow Trigger Attributes." + } + } + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteWorkflow", + "tags": [ + "Workflows" + ], + "summary": "Delete Workflow By Id", + "description": "Delete a workflow. **Enabled workflows cannot be deleted**. They must first be disabled.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:manage" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the Workflow", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createWorkflow", + "tags": [ + "Workflows" + ], + "summary": "Create Workflow", + "description": "Create a new workflow with the desired trigger and steps specified in the request body.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:manage" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "required": [ + "name", + "owner" + ] + }, + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the workflow", + "example": "Send Email" + }, + "owner": { + "type": "object", + "description": "The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object that is referenced" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The name of the object", + "example": "William Wilson" + } + } + }, + "description": { + "type": "string", + "description": "Description of what the workflow accomplishes", + "example": "Send an email to the identity who's attributes changed." + }, + "definition": { + "type": "object", + "description": "The map of steps that the workflow will execute.", + "properties": { + "start": { + "type": "string", + "description": "The name of the starting step.", + "example": "Send Email Test" + }, + "steps": { + "type": "object", + "description": "One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type.", + "additionalProperties": true, + "example": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "ACTION" + }, + "success": { + "type": "success" + } + } + } + } + }, + "enabled": { + "type": "boolean", + "description": "Enable or disable the workflow. Workflows cannot be created in an enabled state.", + "default": false, + "example": false + }, + "trigger": { + "type": "object", + "description": "The trigger that starts the workflow", + "required": [ + "type", + "attributes" + ], + "properties": { + "type": { + "type": "string", + "enum": [ + "EVENT", + "EXTERNAL", + "SCHEDULED" + ], + "example": "EVENT", + "description": "The trigger type" + }, + "displayName": { + "type": "string", + "nullable": true + }, + "attributes": { + "oneOf": [ + { + "title": "Event Trigger Attributes", + "type": "object", + "description": "Attributes related to an IdentityNow ETS event", + "additionalProperties": false, + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the trigger", + "example": "idn:identity-attributes-changed" + }, + "filter.$": { + "type": "string", + "description": "JSON path expression that will limit which events the trigger will fire on", + "example": "$.changes[?(@.attribute == 'manager')]" + }, + "description": { + "type": "string", + "description": "Description of the event trigger" + } + } + }, + { + "title": "External Trigger Attributes", + "type": "object", + "description": "Attributes related to an external trigger", + "additionalProperties": false, + "properties": { + "name": { + "type": "string", + "description": "A unique name for the external trigger", + "example": "search-and-notify" + }, + "description": { + "type": "string", + "description": "Additonal context about the external trigger", + "example": "Run a search and notify the results" + }, + "clientId": { + "type": "string", + "description": "OAuth Client ID to authenticate with this trigger", + "example": "87e239b2-b85b-4bde-b9a7-55bf304ddcdc" + }, + "url": { + "type": "string", + "description": "URL to invoke this workflow", + "example": "https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d" + } + } + }, + { + "title": "Scheduled Trigger Attributes", + "type": "object", + "description": "Attributes related to a scheduled trigger", + "additionalProperties": false, + "required": [ + "frequency" + ], + "properties": { + "cronString": { + "type": "string", + "description": "A valid CRON expression", + "externalDocs": { + "description": "CRON expression editor", + "url": "https://crontab.guru/" + }, + "example": "0 9 * * 1" + }, + "frequency": { + "type": "string", + "description": "Frequency of execution", + "enum": [ + "daily", + "weekly", + "monthly", + "yearly", + "cronSchedule" + ] + }, + "timeZone": { + "type": "string", + "description": "Time zone identifier", + "example": "America/Chicago" + }, + "weeklyDays": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled days of the week for execution" + }, + "weeklyTimes": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled execution times" + } + } + } + ], + "description": "Workflow Trigger Attributes." + } + } + } + } + } + ] + }, + "examples": { + "Event Trigger": { + "description": "Workflow initiated by an event trigger", + "value": { + "name": "Send Email", + "owner": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "William Wilson" + }, + "description": "Send an email to the identity who's attributes changed.", + "definition": { + "start": "Send Email Test", + "steps": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "action" + }, + "success": { + "type": "success" + } + } + }, + "enabled": false, + "trigger": { + "type": "EVENT", + "attributes": { + "id": "idn:identity-attributes-changed", + "filter": "$.changes[?(@.attribute == 'manager')]" + } + } + } + }, + "Scheduled Trigger": { + "description": "Workflow initiated by a scheduled trigger", + "value": { + "name": "Send Email", + "owner": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "William Wilson" + }, + "description": "Send an email to the identity who's attributes changed.", + "definition": { + "start": "Send Email Test", + "steps": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "action" + }, + "success": { + "type": "success" + } + } + }, + "enabled": false, + "trigger": { + "type": "SCHEDULED", + "attributes": { + "cronString": "0 * */3 */5 *" + } + } + } + }, + "External Trigger": { + "description": "Workflow initiated by an external trigger", + "value": { + "name": "Send Email", + "owner": { + "type": "IDENTITY", + "id": "2c91808568c529c60168cca6f90c1313", + "name": "William Wilson" + }, + "description": "Send an email to the identity whose attributes changed.", + "definition": { + "start": "Send Email Test", + "steps": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "action" + }, + "success": { + "type": "success" + } + } + }, + "enabled": false, + "trigger": { + "type": "EXTERNAL", + "attributes": { + "name": "search-and-notify", + "description": "Run a search and notify the results" + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The Workflow object", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Workflow ID. This is a UUID generated upon creation.", + "example": "d201c5e9-d37b-4aff-af14-66414f39d569" + }, + "executionCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has been executed.", + "example": 2 + }, + "failureCount": { + "type": "integer", + "format": "int32", + "description": "The number of times this workflow has failed during execution.", + "example": 0 + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was created.", + "example": "2022-01-10T16:06:16.636381447Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the workflow was modified.", + "example": "2023-12-05T15:18:27.699Z" + }, + "modifiedBy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity.", + "example": "Thomas Edison" + } + } + }, + "creator": { + "type": "object", + "description": "Workflow creator's identity.", + "properties": { + "type": { + "type": "string", + "description": "Workflow creator's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Workflow creator's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Workflow creator's display name.", + "example": "Michael Michaels" + } + } + } + } + }, + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the workflow", + "example": "Send Email" + }, + "owner": { + "type": "object", + "description": "The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object that is referenced" + }, + "id": { + "type": "string", + "description": "The unique ID of the object", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "The name of the object", + "example": "William Wilson" + } + } + }, + "description": { + "type": "string", + "description": "Description of what the workflow accomplishes", + "example": "Send an email to the identity who's attributes changed." + }, + "definition": { + "type": "object", + "description": "The map of steps that the workflow will execute.", + "properties": { + "start": { + "type": "string", + "description": "The name of the starting step.", + "example": "Send Email Test" + }, + "steps": { + "type": "object", + "description": "One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type.", + "additionalProperties": true, + "example": { + "Send Email": { + "actionId": "sp:send-email", + "attributes": { + "body": "This is a test", + "from": "sailpoint@sailpoint.com", + "recipientId.$": "$.identity.id", + "subject": "test" + }, + "nextStep": "success", + "selectResult": null, + "type": "ACTION" + }, + "success": { + "type": "success" + } + } + } + } + }, + "enabled": { + "type": "boolean", + "description": "Enable or disable the workflow. Workflows cannot be created in an enabled state.", + "default": false, + "example": false + }, + "trigger": { + "type": "object", + "description": "The trigger that starts the workflow", + "required": [ + "type", + "attributes" + ], + "properties": { + "type": { + "type": "string", + "enum": [ + "EVENT", + "EXTERNAL", + "SCHEDULED" + ], + "example": "EVENT", + "description": "The trigger type" + }, + "displayName": { + "type": "string", + "nullable": true + }, + "attributes": { + "oneOf": [ + { + "title": "Event Trigger Attributes", + "type": "object", + "description": "Attributes related to an IdentityNow ETS event", + "additionalProperties": false, + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the trigger", + "example": "idn:identity-attributes-changed" + }, + "filter.$": { + "type": "string", + "description": "JSON path expression that will limit which events the trigger will fire on", + "example": "$.changes[?(@.attribute == 'manager')]" + }, + "description": { + "type": "string", + "description": "Description of the event trigger" + } + } + }, + { + "title": "External Trigger Attributes", + "type": "object", + "description": "Attributes related to an external trigger", + "additionalProperties": false, + "properties": { + "name": { + "type": "string", + "description": "A unique name for the external trigger", + "example": "search-and-notify" + }, + "description": { + "type": "string", + "description": "Additonal context about the external trigger", + "example": "Run a search and notify the results" + }, + "clientId": { + "type": "string", + "description": "OAuth Client ID to authenticate with this trigger", + "example": "87e239b2-b85b-4bde-b9a7-55bf304ddcdc" + }, + "url": { + "type": "string", + "description": "URL to invoke this workflow", + "example": "https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d" + } + } + }, + { + "title": "Scheduled Trigger Attributes", + "type": "object", + "description": "Attributes related to a scheduled trigger", + "additionalProperties": false, + "required": [ + "frequency" + ], + "properties": { + "cronString": { + "type": "string", + "description": "A valid CRON expression", + "externalDocs": { + "description": "CRON expression editor", + "url": "https://crontab.guru/" + }, + "example": "0 9 * * 1" + }, + "frequency": { + "type": "string", + "description": "Frequency of execution", + "enum": [ + "daily", + "weekly", + "monthly", + "yearly", + "cronSchedule" + ] + }, + "timeZone": { + "type": "string", + "description": "Time zone identifier", + "example": "America/Chicago" + }, + "weeklyDays": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled days of the week for execution" + }, + "weeklyTimes": { + "type": "array", + "items": { + "type": "string" + }, + "example": "Monday", + "description": "Scheduled execution times" + } + } + } + ], + "description": "Workflow Trigger Attributes." + } + } + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflows/{id}/test": { + "post": { + "operationId": "testWorkflow", + "tags": [ + "Workflows" + ], + "summary": "Test Workflow By Id", + "description": "Test a workflow with the provided input data. The input data should resemble the input that the trigger will send the workflow. See the [event trigger documentation](https://developer.sailpoint.com/idn/docs/event-triggers/available) for an example input for the trigger that initiates this workflow.\nThis endpoint will return an execution ID, which can be used to lookup more information about the execution using the `Get a Workflow Execution` endpoint.\n**This will cause a live run of the workflow, which could result in unintended modifications to your IDN tenant.**", + "security": [ + { + "UserContextAuth": [ + "sp:workflow-execute:external" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the workflow", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "input" + ], + "properties": { + "input": { + "type": "object", + "description": "The test input for the workflow." + } + } + }, + "examples": { + "Identity Attributes Changed": { + "description": "Identity Attributes Changed Trigger Input", + "value": { + "input": { + "identity": { + "id": "ee769173319b41d19ccec6cea52f237b", + "name": "john.doe", + "type": "IDENTITY" + }, + "changes": [ + { + "attribute": "department", + "oldValue": "sales", + "newValue": "marketing" + }, + { + "attribute": "manager", + "oldValue": { + "id": "ee769173319b41d19ccec6c235423237b", + "name": "nice.guy", + "type": "IDENTITY" + }, + "newValue": { + "id": "ee769173319b41d19ccec6c235423236c", + "name": "mean.guy", + "type": "IDENTITY" + } + }, + { + "attribute": "email", + "oldValue": "john.doe@hotmail.com", + "newValue": "john.doe@gmail.com" + } + ] + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The Workflow object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "workflowExecutionId": { + "type": "string", + "description": "The workflow execution id", + "example": "0e11cefa-96e7-4b67-90d0-065bc1da5753" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflows/{id}/executions": { + "get": { + "operationId": "getWorkflowExecutions", + "tags": [ + "Workflows" + ], + "summary": "List Workflow Executions", + "description": "Use this API to list a specified workflow's executions. Workflow executions are available for up to 90 days before being archived. By default, you can get a maximum of 250 executions. To get executions past the first 250 records, you can do the following:\n1. Use the [Get Workflows](https://developer.sailpoint.com/idn/api/beta/list-workflows) endpoint to get your workflows.\n2. Get your workflow ID from the response.\n3. You can then do either of the following:\n\n - Filter to find relevant workflow executions.\n For example, you can filter for failed workflow executions: `GET /workflows/:workflowID/executions?filters=status eq \"Failed\"`\n\n - Paginate through results with the `offset` parameter.\n For example, you can page through 50 executions per page and use that as a way to get to the records past the first 250.\n Refer to [Paginating Results](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results) for more information about the query parameters you can use to achieve pagination.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:read" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Workflow ID.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "example": "status eq \"Failed\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**startTime**: *eq, lt, le, gt, ge*\n\n**status**: *eq*", + "required": false + } + ], + "responses": { + "200": { + "description": "List of workflow executions for the specified workflow.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Workflow execution ID.", + "example": "b393f4e2-4785-4d7f-ab27-3a6b8ded4c81" + }, + "workflowId": { + "type": "string", + "description": "Workflow ID.", + "example": "d201c5d9-d37b-4a2f-af14-66414f39d568" + }, + "requestId": { + "type": "string", + "description": "Backend ID that tracks a workflow request in the system. Provide this ID in a customer support ticket for debugging purposes.", + "example": "41e12a74fa7b4a6a98ae47887b64acdb" + }, + "startTime": { + "type": "string", + "format": "date-time", + "description": "Date/time when the workflow started.", + "example": "2022-02-07T20:13:29.356648026Z" + }, + "closeTime": { + "type": "string", + "format": "date-time", + "description": "Date/time when the workflow ended.", + "example": "2022-02-07T20:13:31.682410165Z" + }, + "status": { + "description": "Workflow execution status.", + "type": "string", + "enum": [ + "Completed", + "Failed", + "Canceled", + "Executing" + ], + "example": "Completed" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflow-executions/{id}": { + "get": { + "operationId": "getWorkflowExecution", + "tags": [ + "Workflows" + ], + "summary": "Get Workflow Execution", + "description": "Use this API to get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:read" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Workflow execution ID.", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "responses": { + "200": { + "description": "Workflow execution.", + "content": { + "application/json": { + "schema": { + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Workflow execution ID.", + "example": "b393f4e2-4785-4d7f-ab27-3a6b8ded4c81" + }, + "workflowId": { + "type": "string", + "description": "Workflow ID.", + "example": "d201c5d9-d37b-4a2f-af14-66414f39d568" + }, + "requestId": { + "type": "string", + "description": "Backend ID that tracks a workflow request in the system. Provide this ID in a customer support ticket for debugging purposes.", + "example": "41e12a74fa7b4a6a98ae47887b64acdb" + }, + "startTime": { + "type": "string", + "format": "date-time", + "description": "Date/time when the workflow started.", + "example": "2022-02-07T20:13:29.356648026Z" + }, + "closeTime": { + "type": "string", + "format": "date-time", + "description": "Date/time when the workflow ended.", + "example": "2022-02-07T20:13:31.682410165Z" + }, + "status": { + "description": "Workflow execution status.", + "type": "string", + "enum": [ + "Completed", + "Failed", + "Canceled", + "Executing" + ], + "example": "Completed" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflow-executions/{id}/history": { + "get": { + "operationId": "getWorkflowExecutionHistory", + "tags": [ + "Workflows" + ], + "summary": "Get Workflow Execution History", + "description": "Get a detailed history of a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a 404 Not Found.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:read" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the workflow execution", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "responses": { + "200": { + "description": "List of workflow execution events for the given workflow execution", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "The type of event", + "enum": [ + "WorkflowExecutionScheduled", + "WorkflowExecutionStarted", + "WorkflowExecutionCompleted", + "WorkflowExecutionFailed", + "WorkflowTaskScheduled", + "WorkflowTaskStarted", + "WorkflowTaskCompleted", + "WorkflowTaskFailed", + "ActivityTaskScheduled", + "ActivityTaskStarted", + "ActivityTaskCompleted", + "ActivityTaskFailed" + ], + "example": "WorkflowTaskScheduled" + }, + "timestamp": { + "type": "string", + "format": "date-time", + "description": "The date-time when the event occurred", + "example": "2022-02-07T20:13:31.640618296Z" + }, + "attributes": { + "type": "object", + "description": "Additional attributes associated with the event", + "example": {} + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflow-executions/{id}/cancel": { + "post": { + "operationId": "cancelWorkflowExecution", + "tags": [ + "Workflows" + ], + "summary": "Cancel Workflow Execution by ID", + "description": "Use this API to cancel a running workflow execution.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow-execute:external" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "The workflow execution ID", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflow-library": { + "get": { + "operationId": "listCompleteWorkflowLibrary", + "tags": [ + "Workflows" + ], + "summary": "List Complete Workflow Library", + "description": "This lists all triggers, actions, and operators in the library", + "externalDocs": { + "description": "Additional documentation for workflows", + "url": "https://documentation.sailpoint.com/saas/help/workflows/workflow-steps.html" + }, + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + } + ], + "security": [ + { + "UserContextAuth": [ + "sp:workflow:read" + ] + } + ], + "responses": { + "200": { + "description": "List of workflow steps", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "anyOf": [ + { + "title": "Workflow Action", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Action ID. This is a static namespaced ID for the action", + "example": "sp:create-campaign" + }, + "name": { + "type": "string", + "description": "Action Name", + "example": "Create Certification Campaign" + }, + "type": { + "type": "string", + "description": "Action type", + "example": "ACTION" + }, + "description": { + "type": "string", + "description": "Action Description", + "example": "Generates a certification campaign." + }, + "formFields": { + "nullable": true, + "type": "array", + "description": "One or more inputs that the action accepts", + "items": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of the form field", + "example": "First value to compare" + }, + "helpText": { + "type": "string", + "description": "Describes the form field in the UI", + "example": "The name to give to this certification campaign." + }, + "label": { + "type": "string", + "description": "A human readable name for this form field in the UI", + "example": "Campaign Name" + }, + "name": { + "type": "string", + "description": "The name of the input attribute", + "example": "name" + }, + "required": { + "type": "boolean", + "description": "Denotes if this field is a required attribute", + "example": false, + "default": false + }, + "type": { + "description": "The type of the form field", + "type": "string", + "nullable": true, + "enum": [ + "text", + "textarea", + "boolean", + "email", + "url", + "number", + "json", + "checkbox", + "jsonpath", + "select", + "multiType", + "duration", + "toggle", + "formPicker", + "identityPicker", + "governanceGroupPicker", + "string", + "object", + "array", + "secret", + "keyValuePairs", + "emailPicker", + "advancedToggle", + "variableCreator", + "htmlEditor" + ], + "example": "text" + } + } + } + }, + "exampleOutput": { + "oneOf": [ + { + "type": "object", + "description": "Example output" + }, + { + "type": "array", + "items": { + "type": "object" + } + } + ] + }, + "deprecated": { + "type": "boolean" + }, + "deprecatedBy": { + "type": "string", + "format": "date-time" + }, + "versionNumber": { + "type": "integer", + "description": "Version number" + }, + "isSimulationEnabled": { + "type": "boolean" + }, + "isDynamicSchema": { + "type": "boolean", + "description": "Determines whether the dynamic output schema is returned in place of the action's output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.", + "example": false, + "default": false + }, + "outputSchema": { + "type": "object", + "description": "Defines the output schema, if any, that this action produces.", + "example": { + "definitions": {}, + "properties": { + "autoRevokeAllowed": { + "$id": "#sp:create-campaign/autoRevokeAllowed", + "default": true, + "examples": [ + false + ], + "title": "autoRevokeAllowed", + "type": "boolean" + }, + "deadline": { + "$id": "#sp:create-campaign/deadline", + "default": "", + "examples": [ + "2020-12-25T06:00:00.468Z" + ], + "format": "date-time", + "pattern": "^.*$", + "title": "deadline", + "type": "string" + }, + "description": { + "$id": "#sp:create-campaign/description", + "default": "", + "examples": [ + "A review of everyone's access by their manager." + ], + "pattern": "^.*$", + "title": "description", + "type": "string" + }, + "emailNotificationEnabled": { + "$id": "#sp:create-campaign/emailNotificationEnabled", + "default": true, + "examples": [ + false + ], + "title": "emailNotificationEnabled", + "type": "boolean" + }, + "filter": { + "$id": "#sp:create-campaign/filter", + "properties": { + "id": { + "$id": "#sp:create-campaign/filter/id", + "default": "", + "examples": [ + "e0adaae69852e8fe8b8a3d48e5ce757c" + ], + "pattern": "^.*$", + "title": "id", + "type": "string" + }, + "type": { + "$id": "#sp:create-campaign/filter/type", + "default": "", + "examples": [ + "CAMPAIGN_FILTER" + ], + "pattern": "^.*$", + "title": "type", + "type": "string" + } + }, + "title": "filter", + "type": "object" + }, + "id": { + "$id": "#sp:create-campaign/id", + "default": "", + "examples": [ + "2c918086719eec070171a7e3355a360a" + ], + "pattern": "^.*$", + "title": "id", + "type": "string" + }, + "name": { + "$id": "#sp:create-campaign/name", + "default": "", + "examples": [ + "Manager Review" + ], + "pattern": "^.*$", + "title": "name", + "type": "string" + }, + "recommendationsEnabled": { + "$id": "#sp:create-campaign/recommendationsEnabled", + "default": true, + "examples": [ + false + ], + "title": "recommendationEnabled", + "type": "boolean" + }, + "type": { + "$id": "#sp:create-campaign/type", + "default": "", + "examples": [ + "MANAGER" + ], + "pattern": "^.*$", + "title": "type", + "type": "string" + } + }, + "title": "sp:create-campaign", + "type": "object" + } + } + } + }, + { + "title": "Workflow Trigger", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Trigger ID. This is a static namespaced ID for the trigger.", + "example": "idn:identity-attributes-changed" + }, + "type": { + "description": "Trigger type", + "type": "string", + "enum": [ + "EVENT", + "SCHEDULED", + "EXTERNAL" + ], + "example": "EVENT" + }, + "deprecated": { + "type": "boolean" + }, + "deprecatedBy": { + "type": "string", + "format": "date-time" + }, + "isSimulationEnabled": { + "type": "boolean" + }, + "outputSchema": { + "type": "object", + "description": "Example output schema" + }, + "name": { + "type": "string", + "description": "Trigger Name", + "example": "Identity Attributes Changed" + }, + "description": { + "type": "string", + "description": "Trigger Description", + "example": "One or more identity attributes changed." + }, + "isDynamicSchema": { + "type": "boolean", + "description": "Determines whether the dynamic output schema is returned in place of the action's output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.", + "example": false, + "default": false + }, + "inputExample": { + "type": "object", + "description": "Example trigger payload if applicable", + "nullable": true, + "externalDocs": { + "description": "List of triggers and their input schemas", + "url": "https://developer.sailpoint.com/idn/docs/event-triggers/available" + }, + "example": { + "changes": [ + { + "attribute": "department", + "newValue": "marketing", + "oldValue": "sales" + }, + { + "attribute": "manager", + "newValue": { + "id": "ee769173319b41d19ccec6c235423236c", + "name": "mean.guy", + "type": "IDENTITY" + }, + "oldValue": { + "id": "ee769173319b41d19ccec6c235423237b", + "name": "nice.guy", + "type": "IDENTITY" + } + }, + { + "attribute": "email", + "newValue": "john.doe@gmail.com", + "oldValue": "john.doe@hotmail.com" + } + ], + "identity": { + "id": "ee769173319b41d19ccec6cea52f237b", + "name": "john.doe", + "type": "IDENTITY" + } + } + }, + "formFields": { + "type": "array", + "nullable": true, + "description": "One or more inputs that the trigger accepts", + "example": [], + "items": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of the form field", + "example": "First value to compare" + }, + "helpText": { + "type": "string", + "description": "Describes the form field in the UI", + "example": "The name to give to this certification campaign." + }, + "label": { + "type": "string", + "description": "A human readable name for this form field in the UI", + "example": "Campaign Name" + }, + "name": { + "type": "string", + "description": "The name of the input attribute", + "example": "name" + }, + "required": { + "type": "boolean", + "description": "Denotes if this field is a required attribute", + "example": false, + "default": false + }, + "type": { + "description": "The type of the form field", + "type": "string", + "nullable": true, + "enum": [ + "text", + "textarea", + "boolean", + "email", + "url", + "number", + "json", + "checkbox", + "jsonpath", + "select", + "multiType", + "duration", + "toggle", + "formPicker", + "identityPicker", + "governanceGroupPicker", + "string", + "object", + "array", + "secret", + "keyValuePairs", + "emailPicker", + "advancedToggle", + "variableCreator", + "htmlEditor" + ], + "example": "text" + } + } + } + } + } + }, + { + "title": "Workflow Operator", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Operator ID.", + "example": "sp:compare-boolean" + }, + "name": { + "type": "string", + "description": "Operator friendly name", + "example": "Compare Boolean Values" + }, + "type": { + "description": "Operator type", + "type": "string", + "example": "OPERATOR" + }, + "description": { + "type": "string", + "description": "Description of the operator", + "example": "Compare two boolean values and decide what happens based on the result." + }, + "isDynamicSchema": { + "type": "boolean", + "description": "Determines whether the dynamic output schema is returned in place of the action's output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.", + "example": false + }, + "deprecated": { + "type": "boolean" + }, + "deprecatedBy": { + "type": "string", + "format": "date-time" + }, + "isSimulationEnabled": { + "type": "boolean" + }, + "formFields": { + "type": "array", + "nullable": true, + "description": "One or more inputs that the operator accepts", + "items": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of the form field", + "example": "First value to compare" + }, + "helpText": { + "type": "string", + "description": "Describes the form field in the UI", + "example": "The name to give to this certification campaign." + }, + "label": { + "type": "string", + "description": "A human readable name for this form field in the UI", + "example": "Campaign Name" + }, + "name": { + "type": "string", + "description": "The name of the input attribute", + "example": "name" + }, + "required": { + "type": "boolean", + "description": "Denotes if this field is a required attribute", + "example": false, + "default": false + }, + "type": { + "description": "The type of the form field", + "type": "string", + "nullable": true, + "enum": [ + "text", + "textarea", + "boolean", + "email", + "url", + "number", + "json", + "checkbox", + "jsonpath", + "select", + "multiType", + "duration", + "toggle", + "formPicker", + "identityPicker", + "governanceGroupPicker", + "string", + "object", + "array", + "secret", + "keyValuePairs", + "emailPicker", + "advancedToggle", + "variableCreator", + "htmlEditor" + ], + "example": "text" + } + } + }, + "example": [ + { + "description": "Enter the JSONPath to a value from the input to compare to Variable B.", + "helpText": "", + "label": "Variable A", + "name": "variableA.$", + "required": true, + "type": "text" + }, + { + "helpText": "Select an operation.", + "label": "Operation", + "name": "operator", + "options": [ + { + "label": "Equals", + "value": "BooleanEquals" + } + ], + "required": true, + "type": "select" + }, + { + "description": "Enter the JSONPath to a value from the input to compare to Variable A.", + "helpText": "", + "label": "Variable B", + "name": "variableB.$", + "required": false, + "type": "text" + }, + { + "description": "Enter True or False.", + "helpText": "", + "label": "Variable B", + "name": "variableB", + "required": false, + "type": "text" + } + ] + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflow-library/actions": { + "get": { + "operationId": "listWorkflowLibraryActions", + "tags": [ + "Workflows" + ], + "summary": "List Workflow Library Actions", + "description": "This lists the workflow actions available to you.", + "externalDocs": { + "description": "Additional documentation for each action", + "url": "https://documentation.sailpoint.com/saas/help/workflows/workflow-steps.html#actions" + }, + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "example": "id eq \"sp:create-campaign\"" + } + ], + "security": [ + { + "UserContextAuth": [ + "sp:workflow:read" + ] + } + ], + "responses": { + "200": { + "description": "List of workflow actions", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "title": "Workflow Action", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Action ID. This is a static namespaced ID for the action", + "example": "sp:create-campaign" + }, + "name": { + "type": "string", + "description": "Action Name", + "example": "Create Certification Campaign" + }, + "type": { + "type": "string", + "description": "Action type", + "example": "ACTION" + }, + "description": { + "type": "string", + "description": "Action Description", + "example": "Generates a certification campaign." + }, + "formFields": { + "nullable": true, + "type": "array", + "description": "One or more inputs that the action accepts", + "items": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of the form field", + "example": "First value to compare" + }, + "helpText": { + "type": "string", + "description": "Describes the form field in the UI", + "example": "The name to give to this certification campaign." + }, + "label": { + "type": "string", + "description": "A human readable name for this form field in the UI", + "example": "Campaign Name" + }, + "name": { + "type": "string", + "description": "The name of the input attribute", + "example": "name" + }, + "required": { + "type": "boolean", + "description": "Denotes if this field is a required attribute", + "example": false, + "default": false + }, + "type": { + "description": "The type of the form field", + "type": "string", + "nullable": true, + "enum": [ + "text", + "textarea", + "boolean", + "email", + "url", + "number", + "json", + "checkbox", + "jsonpath", + "select", + "multiType", + "duration", + "toggle", + "formPicker", + "identityPicker", + "governanceGroupPicker", + "string", + "object", + "array", + "secret", + "keyValuePairs", + "emailPicker", + "advancedToggle", + "variableCreator", + "htmlEditor" + ], + "example": "text" + } + } + } + }, + "exampleOutput": { + "oneOf": [ + { + "type": "object", + "description": "Example output" + }, + { + "type": "array", + "items": { + "type": "object" + } + } + ] + }, + "deprecated": { + "type": "boolean" + }, + "deprecatedBy": { + "type": "string", + "format": "date-time" + }, + "versionNumber": { + "type": "integer", + "description": "Version number" + }, + "isSimulationEnabled": { + "type": "boolean" + }, + "isDynamicSchema": { + "type": "boolean", + "description": "Determines whether the dynamic output schema is returned in place of the action's output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.", + "example": false, + "default": false + }, + "outputSchema": { + "type": "object", + "description": "Defines the output schema, if any, that this action produces.", + "example": { + "definitions": {}, + "properties": { + "autoRevokeAllowed": { + "$id": "#sp:create-campaign/autoRevokeAllowed", + "default": true, + "examples": [ + false + ], + "title": "autoRevokeAllowed", + "type": "boolean" + }, + "deadline": { + "$id": "#sp:create-campaign/deadline", + "default": "", + "examples": [ + "2020-12-25T06:00:00.468Z" + ], + "format": "date-time", + "pattern": "^.*$", + "title": "deadline", + "type": "string" + }, + "description": { + "$id": "#sp:create-campaign/description", + "default": "", + "examples": [ + "A review of everyone's access by their manager." + ], + "pattern": "^.*$", + "title": "description", + "type": "string" + }, + "emailNotificationEnabled": { + "$id": "#sp:create-campaign/emailNotificationEnabled", + "default": true, + "examples": [ + false + ], + "title": "emailNotificationEnabled", + "type": "boolean" + }, + "filter": { + "$id": "#sp:create-campaign/filter", + "properties": { + "id": { + "$id": "#sp:create-campaign/filter/id", + "default": "", + "examples": [ + "e0adaae69852e8fe8b8a3d48e5ce757c" + ], + "pattern": "^.*$", + "title": "id", + "type": "string" + }, + "type": { + "$id": "#sp:create-campaign/filter/type", + "default": "", + "examples": [ + "CAMPAIGN_FILTER" + ], + "pattern": "^.*$", + "title": "type", + "type": "string" + } + }, + "title": "filter", + "type": "object" + }, + "id": { + "$id": "#sp:create-campaign/id", + "default": "", + "examples": [ + "2c918086719eec070171a7e3355a360a" + ], + "pattern": "^.*$", + "title": "id", + "type": "string" + }, + "name": { + "$id": "#sp:create-campaign/name", + "default": "", + "examples": [ + "Manager Review" + ], + "pattern": "^.*$", + "title": "name", + "type": "string" + }, + "recommendationsEnabled": { + "$id": "#sp:create-campaign/recommendationsEnabled", + "default": true, + "examples": [ + false + ], + "title": "recommendationEnabled", + "type": "boolean" + }, + "type": { + "$id": "#sp:create-campaign/type", + "default": "", + "examples": [ + "MANAGER" + ], + "pattern": "^.*$", + "title": "type", + "type": "string" + } + }, + "title": "sp:create-campaign", + "type": "object" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflow-library/triggers": { + "get": { + "operationId": "listWorkflowLibraryTriggers", + "tags": [ + "Workflows" + ], + "summary": "List Workflow Library Triggers", + "description": "This lists the workflow triggers available to you", + "externalDocs": { + "description": "Additional documentation for each trigger", + "url": "https://documentation.sailpoint.com/saas/help/workflows/workflow-steps.html#triggers" + }, + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "example": "id eq \"idn:identity-attributes-changed\"" + } + ], + "security": [ + { + "UserContextAuth": [ + "sp:workflow:read" + ] + } + ], + "responses": { + "200": { + "description": "List of workflow triggers", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "title": "Workflow Trigger", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Trigger ID. This is a static namespaced ID for the trigger.", + "example": "idn:identity-attributes-changed" + }, + "type": { + "description": "Trigger type", + "type": "string", + "enum": [ + "EVENT", + "SCHEDULED", + "EXTERNAL" + ], + "example": "EVENT" + }, + "deprecated": { + "type": "boolean" + }, + "deprecatedBy": { + "type": "string", + "format": "date-time" + }, + "isSimulationEnabled": { + "type": "boolean" + }, + "outputSchema": { + "type": "object", + "description": "Example output schema" + }, + "name": { + "type": "string", + "description": "Trigger Name", + "example": "Identity Attributes Changed" + }, + "description": { + "type": "string", + "description": "Trigger Description", + "example": "One or more identity attributes changed." + }, + "isDynamicSchema": { + "type": "boolean", + "description": "Determines whether the dynamic output schema is returned in place of the action's output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.", + "example": false, + "default": false + }, + "inputExample": { + "type": "object", + "description": "Example trigger payload if applicable", + "nullable": true, + "externalDocs": { + "description": "List of triggers and their input schemas", + "url": "https://developer.sailpoint.com/idn/docs/event-triggers/available" + }, + "example": { + "changes": [ + { + "attribute": "department", + "newValue": "marketing", + "oldValue": "sales" + }, + { + "attribute": "manager", + "newValue": { + "id": "ee769173319b41d19ccec6c235423236c", + "name": "mean.guy", + "type": "IDENTITY" + }, + "oldValue": { + "id": "ee769173319b41d19ccec6c235423237b", + "name": "nice.guy", + "type": "IDENTITY" + } + }, + { + "attribute": "email", + "newValue": "john.doe@gmail.com", + "oldValue": "john.doe@hotmail.com" + } + ], + "identity": { + "id": "ee769173319b41d19ccec6cea52f237b", + "name": "john.doe", + "type": "IDENTITY" + } + } + }, + "formFields": { + "type": "array", + "nullable": true, + "description": "One or more inputs that the trigger accepts", + "example": [], + "items": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of the form field", + "example": "First value to compare" + }, + "helpText": { + "type": "string", + "description": "Describes the form field in the UI", + "example": "The name to give to this certification campaign." + }, + "label": { + "type": "string", + "description": "A human readable name for this form field in the UI", + "example": "Campaign Name" + }, + "name": { + "type": "string", + "description": "The name of the input attribute", + "example": "name" + }, + "required": { + "type": "boolean", + "description": "Denotes if this field is a required attribute", + "example": false, + "default": false + }, + "type": { + "description": "The type of the form field", + "type": "string", + "nullable": true, + "enum": [ + "text", + "textarea", + "boolean", + "email", + "url", + "number", + "json", + "checkbox", + "jsonpath", + "select", + "multiType", + "duration", + "toggle", + "formPicker", + "identityPicker", + "governanceGroupPicker", + "string", + "object", + "array", + "secret", + "keyValuePairs", + "emailPicker", + "advancedToggle", + "variableCreator", + "htmlEditor" + ], + "example": "text" + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflow-library/operators": { + "get": { + "operationId": "listWorkflowLibraryOperators", + "tags": [ + "Workflows" + ], + "summary": "List Workflow Library Operators", + "description": "This lists the workflow operators available to you", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:read" + ] + } + ], + "responses": { + "200": { + "description": "List of workflow operators", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "title": "Workflow Operator", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Operator ID.", + "example": "sp:compare-boolean" + }, + "name": { + "type": "string", + "description": "Operator friendly name", + "example": "Compare Boolean Values" + }, + "type": { + "description": "Operator type", + "type": "string", + "example": "OPERATOR" + }, + "description": { + "type": "string", + "description": "Description of the operator", + "example": "Compare two boolean values and decide what happens based on the result." + }, + "isDynamicSchema": { + "type": "boolean", + "description": "Determines whether the dynamic output schema is returned in place of the action's output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.", + "example": false + }, + "deprecated": { + "type": "boolean" + }, + "deprecatedBy": { + "type": "string", + "format": "date-time" + }, + "isSimulationEnabled": { + "type": "boolean" + }, + "formFields": { + "type": "array", + "nullable": true, + "description": "One or more inputs that the operator accepts", + "items": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of the form field", + "example": "First value to compare" + }, + "helpText": { + "type": "string", + "description": "Describes the form field in the UI", + "example": "The name to give to this certification campaign." + }, + "label": { + "type": "string", + "description": "A human readable name for this form field in the UI", + "example": "Campaign Name" + }, + "name": { + "type": "string", + "description": "The name of the input attribute", + "example": "name" + }, + "required": { + "type": "boolean", + "description": "Denotes if this field is a required attribute", + "example": false, + "default": false + }, + "type": { + "description": "The type of the form field", + "type": "string", + "nullable": true, + "enum": [ + "text", + "textarea", + "boolean", + "email", + "url", + "number", + "json", + "checkbox", + "jsonpath", + "select", + "multiType", + "duration", + "toggle", + "formPicker", + "identityPicker", + "governanceGroupPicker", + "string", + "object", + "array", + "secret", + "keyValuePairs", + "emailPicker", + "advancedToggle", + "variableCreator", + "htmlEditor" + ], + "example": "text" + } + } + }, + "example": [ + { + "description": "Enter the JSONPath to a value from the input to compare to Variable B.", + "helpText": "", + "label": "Variable A", + "name": "variableA.$", + "required": true, + "type": "text" + }, + { + "helpText": "Select an operation.", + "label": "Operation", + "name": "operator", + "options": [ + { + "label": "Equals", + "value": "BooleanEquals" + } + ], + "required": true, + "type": "select" + }, + { + "description": "Enter the JSONPath to a value from the input to compare to Variable A.", + "helpText": "", + "label": "Variable B", + "name": "variableB.$", + "required": false, + "type": "text" + }, + { + "description": "Enter True or False.", + "helpText": "", + "label": "Variable B", + "name": "variableB", + "required": false, + "type": "text" + } + ] + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflows/{id}/external/oauth-clients": { + "post": { + "operationId": "createWorkflowExternalTrigger", + "tags": [ + "Workflows" + ], + "summary": "Generate External Trigger OAuth Client", + "description": "Create OAuth client ID, client secret, and callback URL for use in an external trigger. External triggers will need this information to generate an access token to authenticate to the callback URL and submit a trigger payload that will initiate the workflow.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow:manage" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the workflow", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "responses": { + "200": { + "description": "The OAuth Client object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "OAuth client ID for the trigger. This is a UUID generated upon creation.", + "example": "1a58c03a6bf64dc2876f6988c6e2c7b7" + }, + "secret": { + "type": "string", + "description": "OAuthClient secret.", + "example": "00cc24a7fe810fe06a7cb38bc168ae104d703c7abb296f9944dc68e69ddb578b" + }, + "url": { + "type": "string", + "description": "URL for the external trigger to invoke", + "example": "https://tenant.api.identitynow.com/beta/workflows/execute/external/c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflows/execute/external/{id}": { + "post": { + "operationId": "createExternalExecuteWorkflow", + "tags": [ + "Workflows" + ], + "summary": "Execute Workflow via External Trigger", + "description": "This endpoint allows a service outside of IdentityNow to initiate a workflow that uses the \"External Trigger\" step. The external service will invoke this endpoint with the input data it wants to send to the workflow in the body.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow-execute:external" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the workflow", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "requestBody": { + "required": false, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "input": { + "type": "object", + "description": "The input for the workflow", + "example": { + "customAttribute1": "value1", + "customAttribute2": "value2" + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The Workflow object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "workflowExecutionId": { + "type": "string", + "description": "The workflow execution id", + "example": "0e11cefa-96e7-4b67-90d0-065bc1da5753" + }, + "message": { + "type": "string", + "description": "An error message if any errors occurred", + "example": "Workflow was not executed externally. Check enabled flag on workflow definition" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workflows/execute/external/{id}/test": { + "post": { + "operationId": "testExternalExecuteWorkflow", + "tags": [ + "Workflows" + ], + "summary": "Test Workflow via External Trigger", + "description": "Validate a workflow with an \"External Trigger\" can receive input. The response includes the input that the workflow received, which can be used to validate that the input is intact when it reaches the workflow.", + "security": [ + { + "UserContextAuth": [ + "sp:workflow-execute:external" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the workflow", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + } + ], + "requestBody": { + "required": false, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "input": { + "type": "object", + "description": "The test input for the workflow", + "example": { + "test": "hello world" + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Responds with the test input", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "payload": { + "type": "object", + "description": "The input that was received", + "example": { + "test": "hello world" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/source-usages/{sourceId}/status": { + "get": { + "tags": [ + "Source Usages" + ], + "summary": "Finds status of source usage", + "description": "This API returns the status of the source usage insights setup by IDN source ID.", + "operationId": "getStatusBySourceId", + "parameters": [ + { + "name": "sourceId", + "in": "path", + "description": "ID of IDN source", + "required": true, + "schema": { + "type": "string" + }, + "example": "2c9180835d191a86015d28455b4a2329" + } + ], + "security": [ + { + "UserContextAuth": [ + "idn:accounts:read" + ] + } + ], + "responses": { + "200": { + "description": "Status of the source usage insights setup by IDN source ID.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Source Usage Status. Acceptable values are:\n - COMPLETE\n - This status means that an activity data source has been setup and usage insights are available for the source.\n - INCOMPLETE\n - This status means that an activity data source has not been setup and usage insights are not available for the source.", + "example": "COMPLETE", + "enum": [ + "COMPLETE", + "INCOMPLETE" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/source-usages/{sourceId}/summaries": { + "get": { + "tags": [ + "Source Usages" + ], + "summary": "Returns source usage insights", + "description": "This API returns a summary of source usage insights for past 12 months.", + "operationId": "getUsagesBySourceId", + "parameters": [ + { + "name": "sourceId", + "in": "path", + "description": "ID of IDN source", + "required": true, + "schema": { + "type": "string" + }, + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "example": "-date" + } + ], + "security": [ + { + "UserContextAuth": [ + "idn:accounts:read" + ] + } + ], + "responses": { + "200": { + "description": "Summary of source usage insights for past 12 months.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "date": { + "type": "string", + "format": "date", + "description": "The first day of the month for which activity is aggregated.", + "example": "2023-04-21" + }, + "count": { + "type": "number", + "format": "float", + "description": "The average number of days that accounts were active within this source, for the month.", + "example": 10.45 + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/account-usages/{accountId}/summaries": { + "get": { + "tags": [ + "Account Usages" + ], + "summary": "Returns account usage insights", + "description": "This API returns a summary of account usage insights for past 12 months.", + "operationId": "getUsagesByAccountId", + "parameters": [ + { + "name": "accountId", + "in": "path", + "description": "ID of IDN account", + "required": true, + "schema": { + "type": "string" + }, + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "example": "-date" + } + ], + "security": [ + { + "UserContextAuth": [ + "idn:accounts:read" + ] + } + ], + "responses": { + "200": { + "description": "Summary of account usage insights for past 12 months.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "date": { + "type": "string", + "format": "date", + "description": "The first day of the month for which activity is aggregated.", + "example": "2023-04-21" + }, + "count": { + "type": "integer", + "format": "int64", + "description": "The number of days within the month that the account was active in a source.", + "example": 10 + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identity-profiles/identity-preview": { + "post": { + "operationId": "showIdentityPreview", + "tags": [ + "Identity Profiles" + ], + "summary": "Generate Identity Profile Preview", + "description": "Use this API to generate a non-persisted preview of the identity object after applying `IdentityAttributeConfig` sent in request body.\nThis API only allows `accountAttribute`, `reference` and `rule` transform types in the `IdentityAttributeConfig` sent in the request body.\nA token with ORG_ADMIN authority is required to call this API to generate an identity preview.", + "requestBody": { + "description": "Identity Preview request body.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "uuid", + "example": "2c9180857893f12901789445619b0366", + "description": "The Identity id" + }, + "identityAttributeConfig": { + "type": "array", + "items": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "A preview of the identity attributes after applying identity attributes config sent in request body.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identity": { + "type": "object", + "description": "Identity's basic details.", + "properties": { + "type": { + "type": "string", + "description": "Identity's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Identity's display name.", + "example": "Michael Michaels" + } + } + }, + "previewAttributes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the attribute that is being previewed.", + "example": "email" + }, + "value": { + "type": "object", + "description": "Value that was derived during the preview.", + "example": "email@mail.com" + }, + "previousValue": { + "type": "object", + "description": "The value of the attribute before the preview.", + "example": "oldEmail@mail.com" + }, + "errorMessages": { + "description": "A list of errors that may have been encountered.", + "type": "array", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile:manage" + ] + } + ] + } + }, + "/work-items/{id}/forward": { + "post": { + "operationId": "sendWorkItemForward", + "security": [ + { + "UserContextAuth": [ + "idn:work-item:update" + ] + } + ], + "tags": [ + "Work Items" + ], + "summary": "Forward a Work Item", + "description": "This API forwards a work item to a new owner. Either an admin, or the owning/current user must make this request. Accessible to work-item Owner, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the work item", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "targetOwnerId", + "comment" + ], + "properties": { + "targetOwnerId": { + "type": "string", + "description": "The ID of the identity to forward this work item to.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "comment": { + "type": "string", + "description": "Comments to send to the target owner", + "example": "I'm going on vacation." + }, + "sendNotifications": { + "type": "boolean", + "description": "If true, send a notification to the target owner.", + "default": true, + "example": true + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Success, but no data is returned." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/accounts/search-attribute-config": { + "post": { + "operationId": "createSearchAttributeConfig", + "security": [ + { + "UserContextAuth": [ + "idn:account-config:create" + ] + } + ], + "tags": [ + "Search Attribute Configuration" + ], + "summary": "Configure/create search attributes in IdentityNow.", + "description": "This API accepts an attribute name, an attribute display name and a list of name/value pair associates of application IDs to attribute names. It will then validate the inputs and configure/create and attribute promotion configuration in the Link ObjectConfig.\nA token with ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the new attribute", + "example": "newMailAttribute" + }, + "displayName": { + "type": "string", + "description": "The display name of the new attribute", + "example": "New Mail Attribute" + }, + "applicationAttributes": { + "type": "object", + "description": "Map of application id and their associated attribute.", + "example": { + "2c91808b79fd2422017a0b35d30f3968": "employeeNumber", + "2c91808b79fd2422017a0b36008f396b": "employeeNumber" + } + } + } + }, + "example": { + "name": "newMailAttribute", + "displayName": "New Mail Attribute", + "applicationAttributes": { + "2c9180866166b5b0016167c32ef31a66": "mail", + "2c9180866166b5b0016167c32ef31a67": "mail" + } + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "getSearchAttributeConfig", + "security": [ + { + "UserContextAuth": [ + "idn:account-config:read" + ] + } + ], + "tags": [ + "Search Attribute Configuration" + ], + "summary": "Retrieve attribute list in IdentityNow.", + "description": "This API retrieves a list of extended search attribute/application associates currently configured in IdentityNow.\nA token with ORG_ADMIN authority is required to call this API.", + "responses": { + "200": { + "description": "List of attribute configurations in IdentityNow.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the new attribute", + "example": "newMailAttribute" + }, + "displayName": { + "type": "string", + "description": "The display name of the new attribute", + "example": "New Mail Attribute" + }, + "applicationAttributes": { + "type": "object", + "description": "Map of application id and their associated attribute.", + "example": { + "2c91808b79fd2422017a0b35d30f3968": "employeeNumber", + "2c91808b79fd2422017a0b36008f396b": "employeeNumber" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/accounts/search-attribute-config/{name}": { + "get": { + "operationId": "getSingleSearchAttributeConfig", + "security": [ + { + "UserContextAuth": [ + "idn:account-config:read" + ] + } + ], + "tags": [ + "Search Attribute Configuration" + ], + "summary": "Get specific attribute in IdentityNow.", + "description": "This API accepts an extended search attribute name and retrieves the corresponding extended attribute configuration.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "name", + "in": "path", + "description": "Name of the extended search attribute configuration to retrieve.", + "required": true, + "schema": { + "type": "string", + "example": "newMailAttribute" + } + } + ], + "responses": { + "200": { + "description": "Specific attribute configuration in IdentityNow.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the new attribute", + "example": "newMailAttribute" + }, + "displayName": { + "type": "string", + "description": "The display name of the new attribute", + "example": "New Mail Attribute" + }, + "applicationAttributes": { + "type": "object", + "description": "Map of application id and their associated attribute.", + "example": { + "2c91808b79fd2422017a0b35d30f3968": "employeeNumber", + "2c91808b79fd2422017a0b36008f396b": "employeeNumber" + } + } + } + } + } + } + } + }, + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteSearchAttributeConfig", + "security": [ + { + "UserContextAuth": [ + "idn:account-config:delete" + ] + } + ], + "tags": [ + "Search Attribute Configuration" + ], + "summary": "Delete search attribute in IdentityNow.", + "description": "This API accepts an extended search attribute name and deletes the corresponding extended attribute configuration.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "name", + "in": "path", + "description": "Name of the extended search attribute configuration to delete.", + "required": true, + "schema": { + "type": "string", + "example": "newMailAttribute" + } + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchSearchAttributeConfig", + "security": [ + { + "UserContextAuth": [ + "idn:account-config:create" + ] + } + ], + "tags": [ + "Search Attribute Configuration" + ], + "summary": "Update search attribute in IdentityNow.", + "description": "This API updates an existing Search Attribute Configuration. The following fields are patchable:\n**name**, **displayName**, **applicationAttributes**\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "name", + "in": "path", + "description": "Name of the Search Attribute Configuration to patch.", + "required": true, + "schema": { + "type": "string", + "example": "promotedMailAttribute" + } + } + ], + "requestBody": { + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/name", + "value": "newAttributeName" + }, + { + "op": "replace", + "path": "/displayName", + "value": "new attribute display name" + }, + { + "op": "add", + "path": "/applicationAttributes", + "value": { + "2c91808b79fd2422017a0b35d30f3968": "employeeNumber" + } + } + ] + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Responds with the Search Attribute Configuration as updated.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the new attribute", + "example": "newMailAttribute" + }, + "displayName": { + "type": "string", + "description": "The display name of the new attribute", + "example": "New Mail Attribute" + }, + "applicationAttributes": { + "type": "object", + "description": "Map of application id and their associated attribute.", + "example": { + "2c91808b79fd2422017a0b35d30f3968": "employeeNumber", + "2c91808b79fd2422017a0b36008f396b": "employeeNumber" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-model-metadata/attributes": { + "get": { + "summary": "List Access Model Metadata Attributes", + "description": "Get a list of Access Model Metadata Attributes", + "tags": [ + "Access Model Metadata" + ], + "operationId": "listAccessModelMetadataAttribute", + "security": [ + { + "UserContextAuth": [ + "idn:access-model-metadata:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "example": "name eq \"Privacy\"", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq*\n\n**type**: *eq*\n\n**status**: *eq*\n\n**objectTypes**: *eq*\n\nSupported composite operators: *and*" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Technical name of the Attribute. This is unique and cannot be changed after creation.", + "example": "iscPrivacy" + }, + "name": { + "type": "string", + "description": "The display name of the key.", + "example": "Privacy" + }, + "multiselect": { + "type": "boolean", + "default": false, + "description": "Indicates whether the attribute can have multiple values.", + "example": false + }, + "status": { + "type": "string", + "description": "The status of the Attribute.", + "example": "active" + }, + "type": { + "type": "string", + "description": "The type of the Attribute. This can be either \"custom\" or \"governance\".", + "example": "governance" + }, + "objectTypes": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "An array of object types this attributes values can be applied to. Possible values are \"all\" or \"entitlement\". Value \"all\" means this attribute can be used with all object types that are supported.", + "example": [ + "entitlement" + ] + }, + "description": { + "type": "string", + "description": "The description of the Attribute.", + "example": "Specifies the level of privacy associated with an access item." + }, + "values": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-model-metadata/attributes/{key}": { + "get": { + "summary": "Get Access Model Metadata Attribute", + "description": "Get single Access Model Metadata Attribute", + "tags": [ + "Access Model Metadata" + ], + "operationId": "getAccessModelMetadataAttribute", + "security": [ + { + "UserContextAuth": [ + "idn:access-model-metadata:read" + ] + } + ], + "parameters": [ + { + "name": "key", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "Technical name of the Attribute.", + "example": "iscPrivacy" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Technical name of the Attribute. This is unique and cannot be changed after creation.", + "example": "iscPrivacy" + }, + "name": { + "type": "string", + "description": "The display name of the key.", + "example": "Privacy" + }, + "multiselect": { + "type": "boolean", + "default": false, + "description": "Indicates whether the attribute can have multiple values.", + "example": false + }, + "status": { + "type": "string", + "description": "The status of the Attribute.", + "example": "active" + }, + "type": { + "type": "string", + "description": "The type of the Attribute. This can be either \"custom\" or \"governance\".", + "example": "governance" + }, + "objectTypes": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "An array of object types this attributes values can be applied to. Possible values are \"all\" or \"entitlement\". Value \"all\" means this attribute can be used with all object types that are supported.", + "example": [ + "entitlement" + ] + }, + "description": { + "type": "string", + "description": "The description of the Attribute.", + "example": "Specifies the level of privacy associated with an access item." + }, + "values": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-model-metadata/attributes/{key}/values": { + "get": { + "summary": "List Access Model Metadata Values", + "description": "Get a list of Access Model Metadata Attribute Values", + "tags": [ + "Access Model Metadata" + ], + "operationId": "listAccessModelMetadataAttributeValue", + "security": [ + { + "UserContextAuth": [ + "idn:access-model-metadata:read" + ] + } + ], + "parameters": [ + { + "name": "key", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "Technical name of the Attribute.", + "example": "iscPrivacy" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-model-metadata/attributes/{key}/values/{value}": { + "get": { + "summary": "Get Access Model Metadata Value", + "description": "Get single Access Model Metadata Attribute Value", + "tags": [ + "Access Model Metadata" + ], + "operationId": "getAccessModelMetadataAttributeValue", + "security": [ + { + "UserContextAuth": [ + "idn:access-model-metadata:read" + ] + } + ], + "parameters": [ + { + "name": "key", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "Technical name of the Attribute.", + "example": "iscPrivacy" + }, + { + "name": "value", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "Technical name of the Attribute value.", + "example": "public" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/access-profiles/bulk-update-requestable": { + "post": { + "operationId": "updateAccessProfilesInBulk", + "summary": "Update Access Profile(s) requestable field.", + "tags": [ + "Access Profiles" + ], + "description": "This API initiates a bulk update of field requestable for one or more Access Profiles.\n\n> If any of the indicated Access Profiles is exists in Organization,then those Access Profiles will be added in **updated**\n list of the response.Requestable field of these Access Profiles marked as **true** or **false**.\n\n> If any of the indicated Access Profiles is not does not exists in Organization,then those Access Profiles will be added in **notFound** list of the response. Access Profiles marked as **notFound** will not be updated.\n> A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a SOURCE_SUBADMIN may only use this API to update Access Profiles which are associated with Sources they are able to administer.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "description": "List of Access profiles to be updated.", + "type": "array", + "items": { + "type": "object", + "description": "Access Profile's basic details.", + "properties": { + "id": { + "type": "string", + "description": "Access Profile ID.", + "example": "464ae7bf-791e-49fd-b746-06a2e4a8" + }, + "requestable": { + "type": "boolean", + "description": "Access Profile is requestable or not.", + "example": false + } + } + }, + "example": [ + { + "id": "464ae7bf-791e-49fd-b746-06a2e4a8", + "requestable": false + } + ], + "required": [ + "id", + "requestable" + ] + }, + "example": [ + { + "id": "464ae7bf-791e-49fd-b746-06a2e4a89635", + "requestable": false + } + ] + } + } + }, + "responses": { + "207": { + "description": "List of updated and not updated Access Profiles.", + "content": { + "application/json": { + "schema": { + "description": "Access Profile Bulk update response.", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "description": "Identifier of Access Profile in bulk update request.", + "type": "string", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "requestable": { + "description": "Access Profile requestable or not.", + "type": "boolean", + "example": false + }, + "status": { + "description": "\nThe HTTP response status code returned for an individual Access Profile that is requested for update during a bulk update operation.\n\n> 201 - Access profile is updated successfully.\n\n> 404 - Access profile not found.\n", + "type": "string", + "example": "201" + }, + "description": { + "description": "Human readable status description and containing additional context information about success or failures etc.\n", + "type": "string", + "example": "\n> Access profile is updated successfully.\n\n> Referenced Access profile with Id \"2c7180a46faadee4016fb4e018c20642\" was not found.\n" + } + }, + "required": [ + "id", + "requestable", + "status" + ] + }, + "example": [ + { + "id": "464ae7bf-791e-49fd-b746-06a2e4a8", + "status": "201", + "requestable": false, + "description": "Access Profile updated successfully." + } + ] + }, + "example": [ + { + "id": "464ae7bf-791e-49fd-b746-06a2e4a89635", + "status": "201", + "requestable": false, + "description": "Access Profile updated successfully." + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "412": { + "description": "Precondition Failed - Returned in response if API/Feature not enabled for an organization.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " API/Feature not enabled for your organization." + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:access-profile:manage" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/access-requests/close": { + "post": { + "operationId": "closeAccessRequest", + "tags": [ + "Access Requests" + ], + "summary": "Close Access Request", + "description": "This endpoint closes access requests that are stuck in a pending state. It can be used throughout a request's lifecycle even after the approval state, unlike the [Cancel Access Request endpoint](https://developer.sailpoint.com/idn/api/v3/cancel-access-request/). A token with ORG_ADMIN authority is required.\n\nTo find pending access requests with the UI, navigate to Search and use this query: status: Pending AND \"Access Request\". Use the Column Chooser to select 'Tracking Number', and use the 'Download' button to export a CSV containing the tracking numbers.\n\nTo find pending access requests with the API, use the [List Account Activities endpoint](https://developer.sailpoint.com/idn/api/v3/list-account-activities/).\n\nInput the IDs from either source.\n\nTo track the status of endpoint requests, navigate to Search and use this query: name:\"Close Identity Requests\". Search will include \"Close Identity Requests Started\" audits when requests are initiated and \"Close Identity Requests Completed\" audits when requests are completed. The completion audit will list the identity request IDs that finished in error.\n\nThis API triggers the [Provisioning Completed event trigger](https://developer.sailpoint.com/idn/docs/event-triggers/triggers/provisioning-completed/) for each access request that is closed.\n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Request body payload for close access requests endpoint.", + "required": [ + "accessRequestIds" + ], + "properties": { + "accessRequestIds": { + "type": "array", + "description": "Access Request IDs for the requests to be closed. Accepts 1-500 Identity Request IDs per request.", + "items": { + "type": "string" + }, + "example": [ + "2c90ad2a70ace7d50170acf22ca90010" + ] + }, + "message": { + "type": "string", + "description": "Reason for closing the access request. Displayed under Warnings in IdentityNow.", + "default": "The IdentityNow Administrator manually closed this request.", + "example": "The IdentityNow Administrator manually closed this request." + }, + "executionStatus": { + "type": "string", + "enum": [ + "Terminated", + "Completed" + ], + "description": "The request's provisioning status. Displayed as Stage in IdentityNow.", + "default": "Terminated", + "example": "Terminated" + }, + "completionStatus": { + "type": "string", + "enum": [ + "Success", + "Incomplete", + "Failure" + ], + "description": "The request's overall status. Displayed as Status in IdentityNow.", + "default": "Failure", + "example": "Failure" + } + } + }, + "example": { + "accessRequestIds": [ + "2c90ad2a70ace7d50170acf22ca90010" + ], + "executionStatus": "Terminated", + "completionStatus": "Failure", + "message": "The IdentityNow Administrator manually closed this request." + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/ai-access-request-recommendations": { + "get": { + "operationId": "getAccessRequestRecommendations", + "tags": [ + "IAI Access Request Recommendations" + ], + "summary": "Identity Access Request Recommendations", + "description": "This API returns the access request recommendations for the specified identity. The default identity is *me* which indicates the current user.", + "parameters": [ + { + "in": "query", + "name": "identity-id", + "description": "Get access request recommendations for an identityId. *me* indicates the current user.", + "schema": { + "type": "string", + "default": "me" + }, + "required": false, + "example": "2c91808570313110017040b06f344ec9" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.", + "required": false, + "schema": { + "type": "integer", + "minimum": 0, + "maximum": 15, + "default": 15 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "include-translation-messages", + "description": "If *true* it will populate a list of translation messages in the response.", + "schema": { + "type": "boolean", + "default": false + }, + "required": false, + "example": false + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.name**: *co*\n\n**access.type**: *eq, in*\n\n**access.description**: *co, eq, in*", + "example": "access.name co \"admin\"" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, access.type**\n\nBy default the recommendations are sorted by highest confidence first." + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of access request recommendations for the identityId", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "Identity ID for the recommendation", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + }, + "name": { + "type": "string", + "description": "Name of the access item", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "description": "Description of the access item", + "example": "This item grants an employee read and write access to the database" + } + } + }, + "ignored": { + "type": "boolean", + "example": true, + "description": "Whether or not the identity has already chosen to ignore this recommendation." + }, + "requested": { + "type": "boolean", + "example": true, + "description": "Whether or not the identity has already chosen to request this recommendation." + }, + "viewed": { + "type": "boolean", + "example": true, + "description": "Whether or not the identity reportedly viewed this recommendation." + }, + "messages": { + "type": "array", + "items": { + "type": "object", + "properties": { + "interpretation": { + "type": "string", + "description": "Information about why the access item was recommended.", + "example": "95% of your peers have this access." + } + } + } + }, + "translationMessages": { + "description": "The list of translation messages", + "type": "array", + "example": [ + { + "key": "recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH", + "values": [ + "75", + "department" + ] + } + ], + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the translation message", + "example": "recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH" + }, + "values": { + "type": "array", + "description": "The values corresponding to the translation messages", + "items": { + "type": "string" + }, + "example": [ + "75", + "department" + ] + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/ai-access-request-recommendations/ignored-items": { + "post": { + "operationId": "addAccessRequestRecommendationsIgnoredItem", + "tags": [ + "IAI Access Request Recommendations" + ], + "summary": "Notification of Ignored Access Request Recommendations", + "description": "This API ignores a recommended access request item. Once an item is ignored, it will be marked as ignored=true if it is still a recommended item. The consumer can decide to hide ignored recommendations.", + "requestBody": { + "description": "The recommended access item to ignore for an identity.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + } + }, + "required": [ + "identityId", + "access" + ] + } + } + } + }, + "responses": { + "201": { + "description": "Recommendation successfully stored as ignored.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "get": { + "operationId": "getAccessRequestRecommendationsIgnoredItems", + "tags": [ + "IAI Access Request Recommendations" + ], + "summary": "List of Ignored Access Request Recommendations", + "description": "This API returns the list of ignored access request recommendations.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "example": "identityId eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "example": "access.id" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns list of ignored access request recommendations.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/ai-access-request-recommendations/requested-items": { + "post": { + "operationId": "addAccessRequestRecommendationsRequestedItem", + "tags": [ + "IAI Access Request Recommendations" + ], + "summary": "Notification of Requested Access Request Recommendations", + "description": "This API consumes a notification that a recommended access request item was requested. This API does not actually make the request, it is just a notification. This will help provide feedback in order to improve our recommendations.", + "requestBody": { + "description": "The recommended access item that was requested for an identity.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + } + }, + "required": [ + "identityId", + "access" + ] + } + } + } + }, + "responses": { + "201": { + "description": "Notification successfully acknowledged.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "get": { + "operationId": "getAccessRequestRecommendationsRequestedItems", + "tags": [ + "IAI Access Request Recommendations" + ], + "summary": "List of Requested Access Request Recommendations", + "description": "This API returns a list of requested access request recommendations.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "example": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns the list of requested access request recommendations.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/ai-access-request-recommendations/viewed-items": { + "post": { + "operationId": "addAccessRequestRecommendationsViewedItem", + "tags": [ + "IAI Access Request Recommendations" + ], + "summary": "Notification of Viewed Access Request Recommendations", + "description": "This API consumes a notification that a recommended access request item was viewed. Future recommendations with this item will be marked with viewed=true. This can be useful for the consumer to determine if there are any new/unviewed recommendations.", + "requestBody": { + "description": "The recommended access that was viewed for an identity.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + } + }, + "required": [ + "identityId", + "access" + ] + } + } + } + }, + "responses": { + "201": { + "description": "Recommendation successfully stored as viewed.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "get": { + "operationId": "getAccessRequestRecommendationsViewedItems", + "tags": [ + "IAI Access Request Recommendations" + ], + "summary": "List of Viewed Access Request Recommendations", + "description": "This API returns the list of viewed access request recommendations.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "example": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns list of viewed access request recommendations.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/ai-access-request-recommendations/viewed-items/bulk-create": { + "post": { + "operationId": "addAccessRequestRecommendationsViewedItems", + "tags": [ + "IAI Access Request Recommendations" + ], + "summary": "Notification of Viewed Access Request Recommendations in Bulk", + "description": "This API consumes a notification that a set of recommended access request item were viewed. Future recommendations with these items will be marked with viewed=true. This can be useful for the consumer to determine if there are any new/unviewed recommendations.", + "requestBody": { + "description": "The recommended access items that were viewed for an identity.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + } + }, + "required": [ + "identityId", + "access" + ] + } + } + } + } + }, + "responses": { + "201": { + "description": "Recommendations successfully stored as viewed.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "format": "UUID", + "description": "The identity ID taking the action.", + "example": "2c91808570313110017040b06f344ec9" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "UUID", + "description": "ID of access item being recommended.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + } + } + }, + "timestamp": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/accounts/{id}/remove": { + "post": { + "operationId": "deleteAccountAsync", + "summary": "Remove Account", + "tags": [ + "Accounts" + ], + "description": "Use this endpoint to remove accounts from the system without provisioning changes to the source. Accounts that are removed could be re-created during the next aggregation.\n\nThis endpoint is good for:\n* Removing accounts that no longer exist on the source.\n* Removing accounts that won't be aggregated following updates to the source configuration.\n* Forcing accounts to be re-created following the next aggregation to re-run account processing, support testing, etc.\n", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The account id", + "example": "c350d6aa4f104c61b062cb632421ad10" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "202": { + "description": "Accepted. Returns task result details of removal request.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Task result.", + "properties": { + "type": { + "type": "string", + "description": "Task result DTO type.", + "enum": [ + "TASK_RESULT" + ], + "example": "TASK_RESULT" + }, + "id": { + "type": "string", + "description": "Task result ID.", + "example": "464ae7bf791e49fdb74606a2e4a89635" + }, + "name": { + "type": "string", + "description": "Task result display name.", + "nullable": true, + "example": null + } + } + }, + "example": { + "type": "TASK_RESULT", + "id": "464ae7bf791e49fdb74606a2e4a89635", + "name": null + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:account:remove" + ] + } + ] + } + }, + "/identities-accounts/{id}/enable": { + "post": { + "operationId": "enableAccountForIdentity", + "tags": [ + "Accounts" + ], + "summary": "Enable IDN Account for Identity", + "description": "This API submits a task to enable IDN account for a single identity.", + "externalDocs": { + "description": "Learn more about enabling identities here", + "url": "https://documentation.sailpoint.com/saas/help/common/users/user_access.html#enabling-user-identities" + }, + "security": [ + { + "UserContextAuth": [ + "idn:accounts-state:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id.", + "example": "2c91808384203c2d018437e631158309" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identities-accounts/{id}/disable": { + "post": { + "operationId": "disableAccountForIdentity", + "tags": [ + "Accounts" + ], + "summary": "Disable IDN Account for Identity", + "description": "This API submits a task to disable IDN account for a single identity.", + "externalDocs": { + "description": "Learn more about disabling identities here", + "url": "https://documentation.sailpoint.com/saas/help/common/users/user_access.html#disabling-user-identities" + }, + "security": [ + { + "UserContextAuth": [ + "idn:accounts-state:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id.", + "example": "2c91808384203c2d018437e631158309" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identities-accounts/enable": { + "post": { + "operationId": "enableAccountsForIdentities", + "tags": [ + "Accounts" + ], + "summary": "Enable IDN Accounts for Identities", + "description": "This API submits tasks to enable IDN account for each identity provided in the request body.", + "externalDocs": { + "description": "Learn more about enabling identities here", + "url": "https://documentation.sailpoint.com/saas/help/common/users/user_access.html#enabling-user-identities" + }, + "security": [ + { + "UserContextAuth": [ + "idn:accounts-state:manage" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityIds": { + "description": "The ids of the identities for which enable/disable accounts.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c91808384203c2d018437e631158308", + "2c9180858082150f0180893dbaf553fe" + ] + } + } + } + } + } + }, + "responses": { + "207": { + "description": "Bulk response details.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Bulk response object.", + "properties": { + "id": { + "type": "string", + "description": "Identifier of bulk request item.", + "example": "2c9180858082150f0180893dbaf553fe" + }, + "statusCode": { + "type": "integer", + "format": "int32", + "description": "Response status value.", + "example": 404 + }, + "message": { + "type": "string", + "description": "Status containing additional context information about failures.", + "example": "Referenced identity \"2c9180858082150f0180893dbaf553fe\" was not found." + } + } + }, + "example": [ + { + "id": "2c9180858082150f0180893dbaf553fe", + "statusCode": 404, + "message": "Referenced identity \"2c9180858082150f0180893dbaf553fe\" was not found." + }, + { + "id": "2c91808384203c2d018437e631158308", + "statusCode": 202, + "message": null + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/identities-accounts/disable": { + "post": { + "operationId": "disableAccountsForIdentities", + "tags": [ + "Accounts" + ], + "summary": "Disable IDN Accounts for Identities", + "description": "This API submits tasks to disable IDN account for each identity provided in the request body.", + "externalDocs": { + "description": "Learn more about disabling identities here", + "url": "https://documentation.sailpoint.com/saas/help/common/users/user_access.html#disabling-user-identities" + }, + "security": [ + { + "UserContextAuth": [ + "idn:accounts-state:manage" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityIds": { + "description": "The ids of the identities for which enable/disable accounts.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "2c91808384203c2d018437e631158308", + "2c9180858082150f0180893dbaf553fe" + ] + } + } + } + } + } + }, + "responses": { + "207": { + "description": "Bulk response details.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Bulk response object.", + "properties": { + "id": { + "type": "string", + "description": "Identifier of bulk request item.", + "example": "2c9180858082150f0180893dbaf553fe" + }, + "statusCode": { + "type": "integer", + "format": "int32", + "description": "Response status value.", + "example": 404 + }, + "message": { + "type": "string", + "description": "Status containing additional context information about failures.", + "example": "Referenced identity \"2c9180858082150f0180893dbaf553fe\" was not found." + } + } + }, + "example": [ + { + "id": "2c9180858082150f0180893dbaf553fe", + "statusCode": 404, + "message": "Referenced identity \"2c9180858082150f0180893dbaf553fe\" was not found." + }, + { + "id": "2c91808384203c2d018437e631158308", + "statusCode": 202, + "message": null + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/account-aggregations/{id}/status": { + "get": { + "operationId": "getAccountAggregationStatus", + "tags": [ + "Account Aggregations" + ], + "summary": "In-progress Account Aggregation status", + "description": "This API returns the status of an *in-progress* account aggregation, along with the total number of **NEW**, **CHANGED** and **DELETED** accounts found since the previous aggregation, and the number of those accounts that have been processed so far.\n\nAccounts that have not changed since the previous aggregation are not included in **totalAccounts** and **processedAccounts** counts returned by this API. This is distinct from **Accounts Scanned** shown in the Aggregation UI, which indicates total accounts scanned regardless of whether they changed or not.\n\nSince this endpoint reports on the status of an *in-progress* account aggregation, totalAccounts and processedAccounts may change between calls to this endpoint.\n\n*Only available up to an hour after the aggregation completes. May respond with *404 Not Found* after that.*\n\nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN or DASHBOARD authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The account aggregation id", + "example": "2c91808477a6b0c60177a81146b8110b" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "An account aggregation status object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "start": { + "type": "string", + "format": "date-time", + "example": "2021-01-31T14:30:05.104Z", + "description": "When the aggregation started." + }, + "status": { + "type": "string", + "enum": [ + "STARTED", + "ACCOUNTS_COLLECTED", + "COMPLETED", + "CANCELLED", + "RETRIED", + "TERMINATED" + ], + "example": "ACCOUNTS_COLLECTED", + "description": "STARTED - Aggregation started, but source account iteration has not completed.\n\nACCOUNTS_COLLECTED - Source account iteration completed, but all accounts have not yet been processed.\n\nCOMPLETED - Aggregation completed (*possibly with errors*).\n\nCANCELLED - Aggregation cancelled by user.\n\nRETRIED - Aggregation retried because of connectivity issues with the Virtual Appliance.\n\nTERMINATED - Aggregation marked as failed after 3 tries after connectivity issues with the Virtual Appliance.\n" + }, + "totalAccounts": { + "type": "integer", + "example": 520, + "description": "The total number of *NEW, CHANGED and DELETED* accounts that need to be processed for this aggregation. This does not include accounts that were unchanged since the previous aggregation. This can be zero if there were no new, changed or deleted accounts since the previous aggregation. *Only available when status is ACCOUNTS_COLLECTED or COMPLETED.*" + }, + "processedAccounts": { + "type": "integer", + "example": 150, + "description": "The number of *NEW, CHANGED and DELETED* accounts that have been processed so far. This reflects the number of accounts that have been processed at the time of the API call, and may increase on subsequent API calls while the status is ACCOUNTS_COLLECTED. *Only available when status is ACCOUNTS_COLLECTED or COMPLETED.*" + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/auth-profiles": { + "get": { + "operationId": "getProfileConfigList", + "tags": [ + "Auth Profile" + ], + "summary": "Get list of Auth Profiles.", + "description": "This API returns a list of auth profiles.", + "security": [ + { + "UserContextAuth": [ + "sp:auth-profile:read" + ] + } + ], + "responses": { + "200": { + "description": "List of Auth Profiles", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "tenant": { + "type": "string", + "description": "Tenant name.", + "example": "test-tenant" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "2c91808458ae7a4f0158b1bbf8af0628" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/auth-profiles/{id}": { + "get": { + "operationId": "getProfileConfig", + "tags": [ + "Auth Profile" + ], + "summary": "Get Auth Profile.", + "description": "This API returns auth profile information.", + "security": [ + { + "UserContextAuth": [ + "sp:auth-profile:read" + ] + } + ], + "responses": { + "200": { + "description": "Auth Profile", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Authentication Profile name.", + "example": "EndToEnd-Profile" + }, + "offNetwork": { + "type": "boolean", + "description": "Use it to block access from off network.", + "default": false, + "example": true + }, + "untrustedGeography": { + "type": "boolean", + "description": "Use it to block access from untrusted geoographies.", + "default": false, + "example": true + }, + "applicationId": { + "type": "string", + "description": "Application ID.", + "example": "2c91808458ae7a4f0158b1bbf8af0628" + }, + "applicationName": { + "type": "string", + "description": "Application name.", + "example": "EndToEnd-Source" + }, + "type": { + "type": "string", + "enum": [ + "BLOCK", + "MFA", + "NON_PTA", + "PTA" + ], + "description": "Type of the Authentication Profile.", + "example": "PTA" + }, + "strongAuthLogin": { + "type": "boolean", + "description": "Use it to enable strong authentication.", + "default": false, + "example": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "patch": { + "operationId": "patchProfileConfig", + "tags": [ + "Auth Profile" + ], + "summary": "Patch a specified Auth Profile", + "description": "This API updates an existing Auth Profile. The following fields are patchable:\n**offNetwork**, **untrustedGeography**, **applicationId**, **applicationName**, **type**", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the Auth Profile to patch.", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Responds with the Auth Profile as updated.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Authentication Profile name.", + "example": "EndToEnd-Profile" + }, + "offNetwork": { + "type": "boolean", + "description": "Use it to block access from off network.", + "default": false, + "example": true + }, + "untrustedGeography": { + "type": "boolean", + "description": "Use it to block access from untrusted geoographies.", + "default": false, + "example": true + }, + "applicationId": { + "type": "string", + "description": "Application ID.", + "example": "2c91808458ae7a4f0158b1bbf8af0628" + }, + "applicationName": { + "type": "string", + "description": "Application name.", + "example": "EndToEnd-Source" + }, + "type": { + "type": "string", + "enum": [ + "BLOCK", + "MFA", + "NON_PTA", + "PTA" + ], + "description": "Type of the Authentication Profile.", + "example": "PTA" + }, + "strongAuthLogin": { + "type": "boolean", + "description": "Use it to enable strong authentication.", + "default": false, + "example": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:auth-profile:update" + ] + } + ] + } + }, + "/connector-rules": { + "get": { + "tags": [ + "Connector Rule Management" + ], + "operationId": "getConnectorRuleList", + "summary": "List Connector Rules", + "description": "Returns the list of connector rules.\nA token with ORG_ADMIN authority is required to call this API.", + "responses": { + "200": { + "description": "A list of connector rules", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "description": "ConnectorRuleResponse", + "allOf": [ + { + "description": "ConnectorRuleCreateRequest", + "type": "object", + "required": [ + "name", + "type", + "sourceCode" + ], + "properties": { + "name": { + "type": "string", + "description": "the name of the rule", + "example": "WebServiceBeforeOperationRule", + "minLength": 1, + "maxLength": 128 + }, + "description": { + "type": "string", + "description": "a description of the rule's purpose", + "example": "This rule does that" + }, + "type": { + "type": "string", + "enum": [ + "BuildMap", + "ConnectorAfterCreate", + "ConnectorAfterDelete", + "ConnectorAfterModify", + "ConnectorBeforeCreate", + "ConnectorBeforeDelete", + "ConnectorBeforeModify", + "JDBCBuildMap", + "JDBCOperationProvisioning", + "JDBCProvision", + "PeopleSoftHRMSBuildMap", + "PeopleSoftHRMSOperationProvisioning", + "PeopleSoftHRMSProvision", + "RACFPermissionCustomization", + "SAPBuildMap", + "SapHrManagerRule", + "SapHrOperationProvisioning", + "SapHrProvision", + "SuccessFactorsOperationProvisioning", + "WebServiceAfterOperationRule", + "WebServiceBeforeOperationRule" + ], + "description": "the type of rule", + "example": "BuildMap" + }, + "signature": { + "description": "The rule's function signature. Describes the rule's input arguments and output (if any)", + "type": "object", + "required": [ + "input" + ], + "properties": { + "input": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + }, + "output": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + } + }, + "sourceCode": { + "description": "SourceCode", + "type": "object", + "required": [ + "version", + "script" + ], + "properties": { + "version": { + "type": "string", + "description": "the version of the code", + "example": "1.0" + }, + "script": { + "type": "string", + "description": "The code", + "example": "return \"Mr. \" + firstName;" + } + } + }, + "attributes": { + "type": "object", + "nullable": true, + "description": "a map of string to objects", + "example": {} + } + } + }, + { + "type": "object", + "nullable": true, + "required": [ + "id", + "created" + ], + "properties": { + "id": { + "type": "string", + "description": "the ID of the rule", + "example": "8113d48c0b914f17b4c6072d4dcb9dfe" + }, + "created": { + "type": "string", + "description": "an ISO 8601 UTC timestamp when this rule was created", + "example": "021-07-22T15:59:23Z" + }, + "modified": { + "type": "string", + "nullable": true, + "description": "an ISO 8601 UTC timestamp when this rule was last modified", + "example": "021-07-22T15:59:23Z" + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:rule-management-connector:read", + "idn:rule-management-connector:manage" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "post": { + "tags": [ + "Connector Rule Management" + ], + "operationId": "createConnectorRule", + "summary": "Create Connector Rule", + "description": "Creates a new connector rule.\nA token with ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "description": "The connector rule to create", + "content": { + "application/json": { + "schema": { + "description": "ConnectorRuleCreateRequest", + "type": "object", + "required": [ + "name", + "type", + "sourceCode" + ], + "properties": { + "name": { + "type": "string", + "description": "the name of the rule", + "example": "WebServiceBeforeOperationRule", + "minLength": 1, + "maxLength": 128 + }, + "description": { + "type": "string", + "description": "a description of the rule's purpose", + "example": "This rule does that" + }, + "type": { + "type": "string", + "enum": [ + "BuildMap", + "ConnectorAfterCreate", + "ConnectorAfterDelete", + "ConnectorAfterModify", + "ConnectorBeforeCreate", + "ConnectorBeforeDelete", + "ConnectorBeforeModify", + "JDBCBuildMap", + "JDBCOperationProvisioning", + "JDBCProvision", + "PeopleSoftHRMSBuildMap", + "PeopleSoftHRMSOperationProvisioning", + "PeopleSoftHRMSProvision", + "RACFPermissionCustomization", + "SAPBuildMap", + "SapHrManagerRule", + "SapHrOperationProvisioning", + "SapHrProvision", + "SuccessFactorsOperationProvisioning", + "WebServiceAfterOperationRule", + "WebServiceBeforeOperationRule" + ], + "description": "the type of rule", + "example": "BuildMap" + }, + "signature": { + "description": "The rule's function signature. Describes the rule's input arguments and output (if any)", + "type": "object", + "required": [ + "input" + ], + "properties": { + "input": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + }, + "output": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + } + }, + "sourceCode": { + "description": "SourceCode", + "type": "object", + "required": [ + "version", + "script" + ], + "properties": { + "version": { + "type": "string", + "description": "the version of the code", + "example": "1.0" + }, + "script": { + "type": "string", + "description": "The code", + "example": "return \"Mr. \" + firstName;" + } + } + }, + "attributes": { + "type": "object", + "nullable": true, + "description": "a map of string to objects", + "example": {} + } + } + } + } + } + }, + "responses": { + "201": { + "description": "The created connector rule", + "content": { + "application/json": { + "schema": { + "description": "ConnectorRuleResponse", + "allOf": [ + { + "description": "ConnectorRuleCreateRequest", + "type": "object", + "required": [ + "name", + "type", + "sourceCode" + ], + "properties": { + "name": { + "type": "string", + "description": "the name of the rule", + "example": "WebServiceBeforeOperationRule", + "minLength": 1, + "maxLength": 128 + }, + "description": { + "type": "string", + "description": "a description of the rule's purpose", + "example": "This rule does that" + }, + "type": { + "type": "string", + "enum": [ + "BuildMap", + "ConnectorAfterCreate", + "ConnectorAfterDelete", + "ConnectorAfterModify", + "ConnectorBeforeCreate", + "ConnectorBeforeDelete", + "ConnectorBeforeModify", + "JDBCBuildMap", + "JDBCOperationProvisioning", + "JDBCProvision", + "PeopleSoftHRMSBuildMap", + "PeopleSoftHRMSOperationProvisioning", + "PeopleSoftHRMSProvision", + "RACFPermissionCustomization", + "SAPBuildMap", + "SapHrManagerRule", + "SapHrOperationProvisioning", + "SapHrProvision", + "SuccessFactorsOperationProvisioning", + "WebServiceAfterOperationRule", + "WebServiceBeforeOperationRule" + ], + "description": "the type of rule", + "example": "BuildMap" + }, + "signature": { + "description": "The rule's function signature. Describes the rule's input arguments and output (if any)", + "type": "object", + "required": [ + "input" + ], + "properties": { + "input": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + }, + "output": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + } + }, + "sourceCode": { + "description": "SourceCode", + "type": "object", + "required": [ + "version", + "script" + ], + "properties": { + "version": { + "type": "string", + "description": "the version of the code", + "example": "1.0" + }, + "script": { + "type": "string", + "description": "The code", + "example": "return \"Mr. \" + firstName;" + } + } + }, + "attributes": { + "type": "object", + "nullable": true, + "description": "a map of string to objects", + "example": {} + } + } + }, + { + "type": "object", + "nullable": true, + "required": [ + "id", + "created" + ], + "properties": { + "id": { + "type": "string", + "description": "the ID of the rule", + "example": "8113d48c0b914f17b4c6072d4dcb9dfe" + }, + "created": { + "type": "string", + "description": "an ISO 8601 UTC timestamp when this rule was created", + "example": "021-07-22T15:59:23Z" + }, + "modified": { + "type": "string", + "nullable": true, + "description": "an ISO 8601 UTC timestamp when this rule was last modified", + "example": "021-07-22T15:59:23Z" + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:rule-management-connector:manage" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/connector-rules/{id}": { + "get": { + "tags": [ + "Connector Rule Management" + ], + "summary": "Connector-Rule by ID", + "operationId": "getConnectorRule", + "description": "Returns the connector rule specified by ID.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the connector rule to retrieve", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string" + }, + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Connector rule with the given ID", + "content": { + "application/json": { + "schema": { + "description": "ConnectorRuleResponse", + "allOf": [ + { + "description": "ConnectorRuleCreateRequest", + "type": "object", + "required": [ + "name", + "type", + "sourceCode" + ], + "properties": { + "name": { + "type": "string", + "description": "the name of the rule", + "example": "WebServiceBeforeOperationRule", + "minLength": 1, + "maxLength": 128 + }, + "description": { + "type": "string", + "description": "a description of the rule's purpose", + "example": "This rule does that" + }, + "type": { + "type": "string", + "enum": [ + "BuildMap", + "ConnectorAfterCreate", + "ConnectorAfterDelete", + "ConnectorAfterModify", + "ConnectorBeforeCreate", + "ConnectorBeforeDelete", + "ConnectorBeforeModify", + "JDBCBuildMap", + "JDBCOperationProvisioning", + "JDBCProvision", + "PeopleSoftHRMSBuildMap", + "PeopleSoftHRMSOperationProvisioning", + "PeopleSoftHRMSProvision", + "RACFPermissionCustomization", + "SAPBuildMap", + "SapHrManagerRule", + "SapHrOperationProvisioning", + "SapHrProvision", + "SuccessFactorsOperationProvisioning", + "WebServiceAfterOperationRule", + "WebServiceBeforeOperationRule" + ], + "description": "the type of rule", + "example": "BuildMap" + }, + "signature": { + "description": "The rule's function signature. Describes the rule's input arguments and output (if any)", + "type": "object", + "required": [ + "input" + ], + "properties": { + "input": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + }, + "output": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + } + }, + "sourceCode": { + "description": "SourceCode", + "type": "object", + "required": [ + "version", + "script" + ], + "properties": { + "version": { + "type": "string", + "description": "the version of the code", + "example": "1.0" + }, + "script": { + "type": "string", + "description": "The code", + "example": "return \"Mr. \" + firstName;" + } + } + }, + "attributes": { + "type": "object", + "nullable": true, + "description": "a map of string to objects", + "example": {} + } + } + }, + { + "type": "object", + "nullable": true, + "required": [ + "id", + "created" + ], + "properties": { + "id": { + "type": "string", + "description": "the ID of the rule", + "example": "8113d48c0b914f17b4c6072d4dcb9dfe" + }, + "created": { + "type": "string", + "description": "an ISO 8601 UTC timestamp when this rule was created", + "example": "021-07-22T15:59:23Z" + }, + "modified": { + "type": "string", + "nullable": true, + "description": "an ISO 8601 UTC timestamp when this rule was last modified", + "example": "021-07-22T15:59:23Z" + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:rule-management-connector:read", + "idn:rule-management-connector:manage" + ] + } + ] + }, + "put": { + "tags": [ + "Connector Rule Management" + ], + "summary": "Update a Connector Rule", + "description": "Updates an existing connector rule with the one provided in the request body. Note that the fields 'id', 'name', and 'type' are immutable.\nA token with ORG_ADMIN authority is required to call this API.", + "operationId": "updateConnectorRule", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the connector rule to update", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string" + }, + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "The connector rule with updated data", + "content": { + "application/json": { + "schema": { + "description": "ConnectorRuleUpdateRequest", + "allOf": [ + { + "type": "object", + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "the ID of the rule to update", + "example": "8113d48c0b914f17b4c6072d4dcb9dfe" + } + } + }, + { + "description": "ConnectorRuleCreateRequest", + "type": "object", + "required": [ + "name", + "type", + "sourceCode" + ], + "properties": { + "name": { + "type": "string", + "description": "the name of the rule", + "example": "WebServiceBeforeOperationRule", + "minLength": 1, + "maxLength": 128 + }, + "description": { + "type": "string", + "description": "a description of the rule's purpose", + "example": "This rule does that" + }, + "type": { + "type": "string", + "enum": [ + "BuildMap", + "ConnectorAfterCreate", + "ConnectorAfterDelete", + "ConnectorAfterModify", + "ConnectorBeforeCreate", + "ConnectorBeforeDelete", + "ConnectorBeforeModify", + "JDBCBuildMap", + "JDBCOperationProvisioning", + "JDBCProvision", + "PeopleSoftHRMSBuildMap", + "PeopleSoftHRMSOperationProvisioning", + "PeopleSoftHRMSProvision", + "RACFPermissionCustomization", + "SAPBuildMap", + "SapHrManagerRule", + "SapHrOperationProvisioning", + "SapHrProvision", + "SuccessFactorsOperationProvisioning", + "WebServiceAfterOperationRule", + "WebServiceBeforeOperationRule" + ], + "description": "the type of rule", + "example": "BuildMap" + }, + "signature": { + "description": "The rule's function signature. Describes the rule's input arguments and output (if any)", + "type": "object", + "required": [ + "input" + ], + "properties": { + "input": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + }, + "output": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + } + }, + "sourceCode": { + "description": "SourceCode", + "type": "object", + "required": [ + "version", + "script" + ], + "properties": { + "version": { + "type": "string", + "description": "the version of the code", + "example": "1.0" + }, + "script": { + "type": "string", + "description": "The code", + "example": "return \"Mr. \" + firstName;" + } + } + }, + "attributes": { + "type": "object", + "nullable": true, + "description": "a map of string to objects", + "example": {} + } + } + } + ] + } + } + } + }, + "responses": { + "200": { + "description": "The updated connector rule", + "content": { + "application/json": { + "schema": { + "description": "ConnectorRuleResponse", + "allOf": [ + { + "description": "ConnectorRuleCreateRequest", + "type": "object", + "required": [ + "name", + "type", + "sourceCode" + ], + "properties": { + "name": { + "type": "string", + "description": "the name of the rule", + "example": "WebServiceBeforeOperationRule", + "minLength": 1, + "maxLength": 128 + }, + "description": { + "type": "string", + "description": "a description of the rule's purpose", + "example": "This rule does that" + }, + "type": { + "type": "string", + "enum": [ + "BuildMap", + "ConnectorAfterCreate", + "ConnectorAfterDelete", + "ConnectorAfterModify", + "ConnectorBeforeCreate", + "ConnectorBeforeDelete", + "ConnectorBeforeModify", + "JDBCBuildMap", + "JDBCOperationProvisioning", + "JDBCProvision", + "PeopleSoftHRMSBuildMap", + "PeopleSoftHRMSOperationProvisioning", + "PeopleSoftHRMSProvision", + "RACFPermissionCustomization", + "SAPBuildMap", + "SapHrManagerRule", + "SapHrOperationProvisioning", + "SapHrProvision", + "SuccessFactorsOperationProvisioning", + "WebServiceAfterOperationRule", + "WebServiceBeforeOperationRule" + ], + "description": "the type of rule", + "example": "BuildMap" + }, + "signature": { + "description": "The rule's function signature. Describes the rule's input arguments and output (if any)", + "type": "object", + "required": [ + "input" + ], + "properties": { + "input": { + "type": "array", + "items": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + }, + "output": { + "type": "object", + "nullable": true, + "properties": { + "name": { + "type": "string", + "description": "the name of the argument", + "example": "firstName" + }, + "description": { + "type": "string", + "description": "the description of the argument", + "example": "the first name of the identity" + }, + "type": { + "type": "string", + "nullable": true, + "description": "the programmatic type of the argument", + "example": "String" + } + }, + "required": [ + "name" + ] + } + } + }, + "sourceCode": { + "description": "SourceCode", + "type": "object", + "required": [ + "version", + "script" + ], + "properties": { + "version": { + "type": "string", + "description": "the version of the code", + "example": "1.0" + }, + "script": { + "type": "string", + "description": "The code", + "example": "return \"Mr. \" + firstName;" + } + } + }, + "attributes": { + "type": "object", + "nullable": true, + "description": "a map of string to objects", + "example": {} + } + } + }, + { + "type": "object", + "nullable": true, + "required": [ + "id", + "created" + ], + "properties": { + "id": { + "type": "string", + "description": "the ID of the rule", + "example": "8113d48c0b914f17b4c6072d4dcb9dfe" + }, + "created": { + "type": "string", + "description": "an ISO 8601 UTC timestamp when this rule was created", + "example": "021-07-22T15:59:23Z" + }, + "modified": { + "type": "string", + "nullable": true, + "description": "an ISO 8601 UTC timestamp when this rule was last modified", + "example": "021-07-22T15:59:23Z" + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:rule-management-connector:manage" + ] + } + ] + }, + "delete": { + "tags": [ + "Connector Rule Management" + ], + "summary": "Delete a Connector-Rule", + "description": "Deletes the connector rule specified by the given ID.\nA token with ORG_ADMIN authority is required to call this API.", + "operationId": "deleteConnectorRule", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the connector rule to delete", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string" + }, + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:rule-management-connector:manage" + ] + } + ] + } + }, + "/connector-rules/validate": { + "post": { + "tags": [ + "Connector Rule Management" + ], + "operationId": "validateConnectorRule", + "summary": "Validate Connector Rule", + "description": "Returns a list of issues within the code to fix, if any.\nA token with ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "description": "The code to validate", + "content": { + "application/json": { + "schema": { + "description": "SourceCode", + "type": "object", + "required": [ + "version", + "script" + ], + "properties": { + "version": { + "type": "string", + "description": "the version of the code", + "example": "1.0" + }, + "script": { + "type": "string", + "description": "The code", + "example": "return \"Mr. \" + firstName;" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The status of the code's eligibility as a connector rule", + "content": { + "application/json": { + "schema": { + "description": "ConnectorRuleValidationResponse", + "type": "object", + "required": [ + "state", + "details" + ], + "properties": { + "state": { + "type": "string", + "enum": [ + "OK", + "ERROR" + ], + "example": "ERROR" + }, + "details": { + "type": "array", + "items": { + "description": "CodeErrorDetail", + "type": "object", + "required": [ + "line", + "column", + "message" + ], + "properties": { + "line": { + "type": "integer", + "description": "The line number where the issue occurred", + "example": 2 + }, + "column": { + "type": "integer", + "description": "the column number where the issue occurred", + "example": 5 + }, + "messsage": { + "type": "string", + "description": "a description of the issue in the code", + "example": "Remove reference to .decrypt(" + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:rule-management-connector:read", + "idn:rule-management-connector:manage" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/custom-password-instructions": { + "post": { + "operationId": "createCustomPasswordInstructions", + "tags": [ + "Custom Password Instructions" + ], + "summary": "Create Custom Password Instructions", + "description": "This API creates the custom password instructions for the specified page ID. A token with ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "pageId": { + "type": "string", + "description": "The page ID that represents the page for forget user name, reset password and unlock account flow.", + "enum": [ + "change-password:enter-password", + "change-password:finish", + "flow-selection:select", + "forget-username:user-email", + "mfa:enter-code", + "mfa:enter-kba", + "mfa:select", + "reset-password:enter-password", + "reset-password:enter-username", + "reset-password:finish", + "unlock-account:enter-username", + "unlock-account:finish" + ] + }, + "pageContent": { + "type": "string", + "description": "The custom instructions for the specified page. Allow basic HTML format and maximum length is 1000 characters. The custom instructions will be sanitized to avoid attacks. If the customization text includes a link, like ... clicking on this will open the link on the current browser page. If you want your link to be redirected to a different page, please redirect it to \"_blank\" like this: link. This will open a new tab when the link is clicked. Notice we're only supporting _blank as the redirection target." + }, + "locale": { + "type": "string", + "example": "en", + "description": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\"." + } + } + }, + "example": { + "pageId": "reset-password:enter-password", + "pageContent": "See company password policies for details by clicking here" + } + } + } + }, + "responses": { + "200": { + "description": "Reference to the custom password instructions.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "pageId": { + "type": "string", + "description": "The page ID that represents the page for forget user name, reset password and unlock account flow.", + "enum": [ + "change-password:enter-password", + "change-password:finish", + "flow-selection:select", + "forget-username:user-email", + "mfa:enter-code", + "mfa:enter-kba", + "mfa:select", + "reset-password:enter-password", + "reset-password:enter-username", + "reset-password:finish", + "unlock-account:enter-username", + "unlock-account:finish" + ] + }, + "pageContent": { + "type": "string", + "description": "The custom instructions for the specified page. Allow basic HTML format and maximum length is 1000 characters. The custom instructions will be sanitized to avoid attacks. If the customization text includes a link, like ... clicking on this will open the link on the current browser page. If you want your link to be redirected to a different page, please redirect it to \"_blank\" like this: link. This will open a new tab when the link is clicked. Notice we're only supporting _blank as the redirection target." + }, + "locale": { + "type": "string", + "example": "en", + "description": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\"." + } + } + }, + "example": { + "pageId": "reset-password:enter-password", + "locale": "default", + "pageContent": "See company password policies for details by clicking here" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/custom-password-instructions/{pageId}": { + "get": { + "operationId": "getCustomPasswordInstructions", + "tags": [ + "Custom Password Instructions" + ], + "summary": "Get Custom Password Instructions by Page ID", + "description": "This API returns the custom password instructions for the specified page ID. A token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "pageId", + "schema": { + "type": "string", + "enum": [ + "change-password:enter-password", + "change-password:finish", + "flow-selection:select", + "forget-username:user-email", + "mfa:enter-code", + "mfa:enter-kba", + "mfa:select", + "reset-password:enter-password", + "reset-password:enter-username", + "reset-password:finish", + "unlock-account:enter-username", + "unlock-account:finish" + ] + }, + "required": true, + "description": "The page ID of custom password instructions to query.", + "example": "mfa:select" + }, + { + "in": "query", + "name": "locale", + "schema": { + "type": "string" + }, + "description": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\"." + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Reference to the custom password instructions.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "pageId": { + "type": "string", + "description": "The page ID that represents the page for forget user name, reset password and unlock account flow.", + "enum": [ + "change-password:enter-password", + "change-password:finish", + "flow-selection:select", + "forget-username:user-email", + "mfa:enter-code", + "mfa:enter-kba", + "mfa:select", + "reset-password:enter-password", + "reset-password:enter-username", + "reset-password:finish", + "unlock-account:enter-username", + "unlock-account:finish" + ] + }, + "pageContent": { + "type": "string", + "description": "The custom instructions for the specified page. Allow basic HTML format and maximum length is 1000 characters. The custom instructions will be sanitized to avoid attacks. If the customization text includes a link, like ... clicking on this will open the link on the current browser page. If you want your link to be redirected to a different page, please redirect it to \"_blank\" like this: link. This will open a new tab when the link is clicked. Notice we're only supporting _blank as the redirection target." + }, + "locale": { + "type": "string", + "example": "en", + "description": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\"." + } + } + }, + "example": { + "pageId": "reset-password:enter-password", + "locale": "default", + "pageContent": "See company password policies for details by clicking here" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteCustomPasswordInstructions", + "tags": [ + "Custom Password Instructions" + ], + "summary": "Delete Custom Password Instructions by page ID", + "description": "This API delete the custom password instructions for the specified page ID. A token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "pageId", + "schema": { + "type": "string", + "enum": [ + "change-password:enter-password", + "change-password:finish", + "flow-selection:select", + "forget-username:user-email", + "mfa:enter-code", + "mfa:enter-kba", + "mfa:select", + "reset-password:enter-password", + "reset-password:enter-username", + "reset-password:finish", + "unlock-account:enter-username", + "unlock-account:finish" + ] + }, + "required": true, + "description": "The page ID of custom password instructions to delete.", + "example": "mfa:select" + }, + { + "in": "query", + "name": "locale", + "schema": { + "type": "string" + }, + "description": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\"." + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/entitlements": { + "get": { + "operationId": "listEntitlements", + "tags": [ + "Entitlements" + ], + "summary": "Gets a list of entitlements.", + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:read", + "idn:entitlement:manage" + ] + } + ], + "description": "This API returns a list of entitlements.\n\nThis API can be used in one of the two following ways: either getting entitlements for a specific **account-id**, or getting via use of **filters** (those two options are exclusive).\n\nAny authenticated token can call this API.", + "parameters": [ + { + "in": "query", + "name": "account-id", + "schema": { + "type": "string" + }, + "description": "The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).", + "example": "ef38f94347e94562b5bb8424a56397d8", + "required": false + }, + { + "in": "query", + "name": "segmented-for-identity", + "schema": { + "type": "string" + }, + "description": "If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.", + "example": "me", + "required": false + }, + { + "in": "query", + "name": "for-segment-ids", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCannot be specified with the **account-id** or **segmented-for-identity** param(s).", + "example": "041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649", + "required": false + }, + { + "in": "query", + "name": "include-unsegmented", + "schema": { + "type": "boolean", + "default": true + }, + "description": "Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.", + "example": true, + "required": false + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable**", + "example": "name,-modified", + "required": false, + "style": "form", + "explode": true + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*", + "example": "attribute eq \"memberOf\"", + "required": false, + "style": "form", + "explode": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of entitlements", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The entitlement id", + "example": "2c91808874ff91550175097daaec161c" + }, + "name": { + "type": "string", + "description": "The entitlement name", + "example": "LauncherTest2" + }, + "created": { + "type": "string", + "description": "Time when the entitlement was created", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "modified": { + "type": "string", + "description": "Time when the entitlement was last modified", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute name", + "example": "memberOf", + "nullable": true + }, + "value": { + "type": "string", + "description": "The value of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The object type of the entitlement from the source schema", + "example": "group" + }, + "privileged": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is privileged", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "requestable": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is requestable", + "example": true + }, + "attributes": { + "type": "object", + "description": "A map of free-form key-value pairs from the source system", + "example": { + "fieldName": "fieldValue" + }, + "additionalProperties": true + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The source ID", + "example": "2c9180827ca885d7017ca8ce28a000eb" + }, + "type": { + "type": "string", + "description": "The source type, will always be \"SOURCE\"", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The source name", + "example": "ODS-AD-Source", + "nullable": true + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "description": "Simplified DTO for the owner object of the entitlement", + "properties": { + "id": { + "type": "string", + "description": "The owner id for the entitlement", + "example": "2a2fdacca5e345f18bf7970cfbb8fec2" + }, + "name": { + "type": "string", + "description": "The owner name for the entitlement", + "example": "identity 1" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the owner. Initially only type IDENTITY is supported", + "example": "IDENTITY" + } + } + }, + { + "nullable": true + } + ] + }, + "directPermissions": { + "type": "array", + "items": { + "type": "object", + "description": "Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.", + "properties": { + "rights": { + "type": "array", + "description": "All the rights (e.g. actions) that this permission allows on the target", + "readOnly": true, + "items": { + "type": "string", + "example": "SELECT" + } + }, + "target": { + "type": "string", + "description": "The target the permission would grants rights on.", + "readOnly": true, + "example": "SYS.GV_$TRANSACTION" + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Entitlement is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "manuallyUpdatedFields": { + "allOf": [ + { + "type": "object", + "properties": { + "DISPLAY_NAME": { + "type": "boolean", + "default": false, + "description": "True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property.", + "example": true + }, + "DESCRIPTION": { + "type": "boolean", + "default": false, + "description": "True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property.", + "example": true + } + } + }, + { + "nullable": true, + "description": "Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.", + "example": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + } + } + ] + }, + "accessModelMetadata": { + "allOf": [ + { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Technical name of the Attribute. This is unique and cannot be changed after creation.", + "example": "iscPrivacy" + }, + "name": { + "type": "string", + "description": "The display name of the key.", + "example": "Privacy" + }, + "multiselect": { + "type": "boolean", + "default": false, + "description": "Indicates whether the attribute can have multiple values.", + "example": false + }, + "status": { + "type": "string", + "description": "The status of the Attribute.", + "example": "active" + }, + "type": { + "type": "string", + "description": "The type of the Attribute. This can be either \"custom\" or \"governance\".", + "example": "governance" + }, + "objectTypes": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "An array of object types this attributes values can be applied to. Possible values are \"all\" or \"entitlement\". Value \"all\" means this attribute can be used with all object types that are supported.", + "example": [ + "entitlement" + ] + }, + "description": { + "type": "string", + "description": "The description of the Attribute.", + "example": "Specifies the level of privacy associated with an access item." + }, + "values": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + }, + "example": [ + { + "key": "iscPrivacy", + "name": "Privacy", + "multiselect": false, + "status": "active", + "type": "governance", + "objectTypes": [ + "all" + ], + "description": "Specifies the level of privacy associated with an access item.", + "values": [ + { + "value": "public", + "name": "Public", + "status": "active" + } + ] + } + ] + } + } + }, + { + "nullable": true, + "description": "Access Model Metadata (beta)." + } + ] + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/entitlements/{id}": { + "get": { + "operationId": "getEntitlement", + "tags": [ + "Entitlements" + ], + "summary": "Get an entitlement", + "description": "This API returns an entitlement by its ID.", + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:read", + "idn:entitlement:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The entitlement ID", + "example": "2c91808874ff91550175097daaec161c" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "An entitlement", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The entitlement id", + "example": "2c91808874ff91550175097daaec161c" + }, + "name": { + "type": "string", + "description": "The entitlement name", + "example": "LauncherTest2" + }, + "created": { + "type": "string", + "description": "Time when the entitlement was created", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "modified": { + "type": "string", + "description": "Time when the entitlement was last modified", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute name", + "example": "memberOf", + "nullable": true + }, + "value": { + "type": "string", + "description": "The value of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The object type of the entitlement from the source schema", + "example": "group" + }, + "privileged": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is privileged", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "requestable": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is requestable", + "example": true + }, + "attributes": { + "type": "object", + "description": "A map of free-form key-value pairs from the source system", + "example": { + "fieldName": "fieldValue" + }, + "additionalProperties": true + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The source ID", + "example": "2c9180827ca885d7017ca8ce28a000eb" + }, + "type": { + "type": "string", + "description": "The source type, will always be \"SOURCE\"", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The source name", + "example": "ODS-AD-Source", + "nullable": true + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "description": "Simplified DTO for the owner object of the entitlement", + "properties": { + "id": { + "type": "string", + "description": "The owner id for the entitlement", + "example": "2a2fdacca5e345f18bf7970cfbb8fec2" + }, + "name": { + "type": "string", + "description": "The owner name for the entitlement", + "example": "identity 1" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the owner. Initially only type IDENTITY is supported", + "example": "IDENTITY" + } + } + }, + { + "nullable": true + } + ] + }, + "directPermissions": { + "type": "array", + "items": { + "type": "object", + "description": "Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.", + "properties": { + "rights": { + "type": "array", + "description": "All the rights (e.g. actions) that this permission allows on the target", + "readOnly": true, + "items": { + "type": "string", + "example": "SELECT" + } + }, + "target": { + "type": "string", + "description": "The target the permission would grants rights on.", + "readOnly": true, + "example": "SYS.GV_$TRANSACTION" + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Entitlement is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "manuallyUpdatedFields": { + "allOf": [ + { + "type": "object", + "properties": { + "DISPLAY_NAME": { + "type": "boolean", + "default": false, + "description": "True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property.", + "example": true + }, + "DESCRIPTION": { + "type": "boolean", + "default": false, + "description": "True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property.", + "example": true + } + } + }, + { + "nullable": true, + "description": "Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.", + "example": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + } + } + ] + }, + "accessModelMetadata": { + "allOf": [ + { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Technical name of the Attribute. This is unique and cannot be changed after creation.", + "example": "iscPrivacy" + }, + "name": { + "type": "string", + "description": "The display name of the key.", + "example": "Privacy" + }, + "multiselect": { + "type": "boolean", + "default": false, + "description": "Indicates whether the attribute can have multiple values.", + "example": false + }, + "status": { + "type": "string", + "description": "The status of the Attribute.", + "example": "active" + }, + "type": { + "type": "string", + "description": "The type of the Attribute. This can be either \"custom\" or \"governance\".", + "example": "governance" + }, + "objectTypes": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "An array of object types this attributes values can be applied to. Possible values are \"all\" or \"entitlement\". Value \"all\" means this attribute can be used with all object types that are supported.", + "example": [ + "entitlement" + ] + }, + "description": { + "type": "string", + "description": "The description of the Attribute.", + "example": "Specifies the level of privacy associated with an access item." + }, + "values": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + }, + "example": [ + { + "key": "iscPrivacy", + "name": "Privacy", + "multiselect": false, + "status": "active", + "type": "governance", + "objectTypes": [ + "all" + ], + "description": "Specifies the level of privacy associated with an access item.", + "values": [ + { + "value": "public", + "name": "Public", + "status": "active" + } + ] + } + ] + } + } + }, + { + "nullable": true, + "description": "Access Model Metadata (beta)." + } + ] + } + } + }, + "example": { + "sourceSchemaObjectType": "group", + "attribute": "memberOf", + "attributes": { + "GroupType": "Security", + "sAMAccountName": "LauncherTest1", + "GroupScope": "Global", + "objectguid": "{01a6e70b-9705-4155-a5c6-492a9bcc8c64}", + "objectSid": "S-1-5-21-3585869415-1648031554-2909195034-1633", + "cn": "LauncherTest1", + "msDS-PrincipalName": "AUTOMATIONAD\\LauncherTest1" + }, + "value": "CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "description": "some description", + "privileged": false, + "cloudGoverned": false, + "source": { + "type": "SOURCE", + "id": "2c9180877504c40e0175097d5ce707c8", + "name": "EndToEnd-ADSource" + }, + "owner": { + "id": "2c9180858315595501831958427e5424", + "name": "Addie Smith", + "type": "IDENTITY" + }, + "segments": [ + "1d126fe0-45e2-4aea-bc64-a07e9344ef26" + ], + "manuallyUpdatedFields": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + }, + "id": "2c91808c74ff913f0175097daa9d59cd", + "name": "LauncherTest1", + "created": "2020-10-08T18:33:52.029Z", + "modified": "2021-01-19T16:53:35.707Z" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchEntitlement", + "tags": [ + "Entitlements" + ], + "summary": "Patch an entitlement", + "description": "This API updates an existing entitlement using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.\n\nThe following fields are patchable: **requestable**, **privileged**, **segments**, **owner**, **name**, **description**, and **manuallyUpdatedFields**\n\nWhen you're patching owner, only owner type and owner id must be provided. Owner name is optional, and it won't be modified. If the owner name is provided, it should correspond to the real name. The only owner type currently supported is IDENTITY.\n\nA token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:manage" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the entitlement to patch", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121e121518" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + }, + "example": [ + { + "op": "replace", + "path": "/requestable", + "value": true + } + ] + }, + "examples": { + "Make an entitlement requestable and privileged in one call": { + "description": "This example shows how multiple fields may be updated with a single patch call.", + "value": [ + { + "op": "replace", + "path": "/requestable", + "value": true + }, + { + "op": "replace", + "path": "/privileged", + "value": true + } + ] + }, + "Assign an entitlement to a segment": { + "description": "This example shows how to use patch to assign an entitlement to a segment by adding the segment's ID to the entitlement's segments array.", + "value": [ + { + "op": "add", + "path": "/segments/-", + "value": "f7b1b8a3-5fed-4fd4-ad29-82014e137e19" + } + ] + }, + "Assign an owner to an entitlement": { + "description": "This example shows how to use patch to assign an owner to an entitlement by adding the owner's info to the entitlement.", + "value": [ + { + "op": "add", + "path": "/owner", + "value": { + "type": "IDENTITY", + "id": "2c9180858315595501831958427e5424" + } + } + ] + }, + "Replace an owner for an entitlement": { + "description": "This example shows how to use patch to replace an entitlement's owner by replacing the owner's info to the entitlement.", + "value": [ + { + "op": "replace", + "path": "/owner", + "value": { + "type": "IDENTITY", + "id": "2c9180858315595501831958427e5424" + } + } + ] + }, + "Set entitlement manually updated fields": { + "description": "This example shows how to set an entitlement's manually updated fields values with patch request. Values for all manually updateable fields must be specified in the request. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.", + "value": [ + { + "op": "replace", + "path": "/manuallyUpdatedFields", + "value": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + } + } + ] + }, + "Add the description for an entitlement": { + "description": "This example shows how to use patch to add a description for the entitlement.", + "value": [ + { + "op": "add", + "path": "/description", + "value": "new description for the entitlement" + } + ] + }, + "Update the name for an entitlement": { + "description": "This example shows how to use patch to update an entitlement's name.", + "value": [ + { + "op": "replace", + "path": "/name", + "value": "entitlement new name" + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "Responds with the entitlement as updated.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The entitlement id", + "example": "2c91808874ff91550175097daaec161c" + }, + "name": { + "type": "string", + "description": "The entitlement name", + "example": "LauncherTest2" + }, + "created": { + "type": "string", + "description": "Time when the entitlement was created", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "modified": { + "type": "string", + "description": "Time when the entitlement was last modified", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute name", + "example": "memberOf", + "nullable": true + }, + "value": { + "type": "string", + "description": "The value of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The object type of the entitlement from the source schema", + "example": "group" + }, + "privileged": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is privileged", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "requestable": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is requestable", + "example": true + }, + "attributes": { + "type": "object", + "description": "A map of free-form key-value pairs from the source system", + "example": { + "fieldName": "fieldValue" + }, + "additionalProperties": true + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The source ID", + "example": "2c9180827ca885d7017ca8ce28a000eb" + }, + "type": { + "type": "string", + "description": "The source type, will always be \"SOURCE\"", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The source name", + "example": "ODS-AD-Source", + "nullable": true + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "description": "Simplified DTO for the owner object of the entitlement", + "properties": { + "id": { + "type": "string", + "description": "The owner id for the entitlement", + "example": "2a2fdacca5e345f18bf7970cfbb8fec2" + }, + "name": { + "type": "string", + "description": "The owner name for the entitlement", + "example": "identity 1" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the owner. Initially only type IDENTITY is supported", + "example": "IDENTITY" + } + } + }, + { + "nullable": true + } + ] + }, + "directPermissions": { + "type": "array", + "items": { + "type": "object", + "description": "Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.", + "properties": { + "rights": { + "type": "array", + "description": "All the rights (e.g. actions) that this permission allows on the target", + "readOnly": true, + "items": { + "type": "string", + "example": "SELECT" + } + }, + "target": { + "type": "string", + "description": "The target the permission would grants rights on.", + "readOnly": true, + "example": "SYS.GV_$TRANSACTION" + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Entitlement is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "manuallyUpdatedFields": { + "allOf": [ + { + "type": "object", + "properties": { + "DISPLAY_NAME": { + "type": "boolean", + "default": false, + "description": "True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property.", + "example": true + }, + "DESCRIPTION": { + "type": "boolean", + "default": false, + "description": "True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property.", + "example": true + } + } + }, + { + "nullable": true, + "description": "Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.", + "example": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + } + } + ] + }, + "accessModelMetadata": { + "allOf": [ + { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Technical name of the Attribute. This is unique and cannot be changed after creation.", + "example": "iscPrivacy" + }, + "name": { + "type": "string", + "description": "The display name of the key.", + "example": "Privacy" + }, + "multiselect": { + "type": "boolean", + "default": false, + "description": "Indicates whether the attribute can have multiple values.", + "example": false + }, + "status": { + "type": "string", + "description": "The status of the Attribute.", + "example": "active" + }, + "type": { + "type": "string", + "description": "The type of the Attribute. This can be either \"custom\" or \"governance\".", + "example": "governance" + }, + "objectTypes": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "An array of object types this attributes values can be applied to. Possible values are \"all\" or \"entitlement\". Value \"all\" means this attribute can be used with all object types that are supported.", + "example": [ + "entitlement" + ] + }, + "description": { + "type": "string", + "description": "The description of the Attribute.", + "example": "Specifies the level of privacy associated with an access item." + }, + "values": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + }, + "example": [ + { + "key": "iscPrivacy", + "name": "Privacy", + "multiselect": false, + "status": "active", + "type": "governance", + "objectTypes": [ + "all" + ], + "description": "Specifies the level of privacy associated with an access item.", + "values": [ + { + "value": "public", + "name": "Public", + "status": "active" + } + ] + } + ] + } + } + }, + { + "nullable": true, + "description": "Access Model Metadata (beta)." + } + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/entitlements/{id}/parents": { + "get": { + "operationId": "listEntitlementParents", + "tags": [ + "Entitlements" + ], + "summary": "List of entitlements parents", + "description": "This API returns a list of all parent entitlements of a given entitlement.", + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:read", + "idn:entitlement:manage" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Entitlement Id", + "example": "2c91808c74ff913f0175097daa9d59cd" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "example": "name,-modified", + "required": false, + "style": "form", + "explode": true + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "example": "attribute eq \"memberOf\"", + "required": false, + "style": "form", + "explode": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of entitlements parents from an entitlement", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The entitlement id", + "example": "2c91808874ff91550175097daaec161c" + }, + "name": { + "type": "string", + "description": "The entitlement name", + "example": "LauncherTest2" + }, + "created": { + "type": "string", + "description": "Time when the entitlement was created", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "modified": { + "type": "string", + "description": "Time when the entitlement was last modified", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute name", + "example": "memberOf", + "nullable": true + }, + "value": { + "type": "string", + "description": "The value of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The object type of the entitlement from the source schema", + "example": "group" + }, + "privileged": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is privileged", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "requestable": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is requestable", + "example": true + }, + "attributes": { + "type": "object", + "description": "A map of free-form key-value pairs from the source system", + "example": { + "fieldName": "fieldValue" + }, + "additionalProperties": true + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The source ID", + "example": "2c9180827ca885d7017ca8ce28a000eb" + }, + "type": { + "type": "string", + "description": "The source type, will always be \"SOURCE\"", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The source name", + "example": "ODS-AD-Source", + "nullable": true + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "description": "Simplified DTO for the owner object of the entitlement", + "properties": { + "id": { + "type": "string", + "description": "The owner id for the entitlement", + "example": "2a2fdacca5e345f18bf7970cfbb8fec2" + }, + "name": { + "type": "string", + "description": "The owner name for the entitlement", + "example": "identity 1" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the owner. Initially only type IDENTITY is supported", + "example": "IDENTITY" + } + } + }, + { + "nullable": true + } + ] + }, + "directPermissions": { + "type": "array", + "items": { + "type": "object", + "description": "Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.", + "properties": { + "rights": { + "type": "array", + "description": "All the rights (e.g. actions) that this permission allows on the target", + "readOnly": true, + "items": { + "type": "string", + "example": "SELECT" + } + }, + "target": { + "type": "string", + "description": "The target the permission would grants rights on.", + "readOnly": true, + "example": "SYS.GV_$TRANSACTION" + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Entitlement is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "manuallyUpdatedFields": { + "allOf": [ + { + "type": "object", + "properties": { + "DISPLAY_NAME": { + "type": "boolean", + "default": false, + "description": "True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property.", + "example": true + }, + "DESCRIPTION": { + "type": "boolean", + "default": false, + "description": "True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property.", + "example": true + } + } + }, + { + "nullable": true, + "description": "Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.", + "example": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + } + } + ] + }, + "accessModelMetadata": { + "allOf": [ + { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Technical name of the Attribute. This is unique and cannot be changed after creation.", + "example": "iscPrivacy" + }, + "name": { + "type": "string", + "description": "The display name of the key.", + "example": "Privacy" + }, + "multiselect": { + "type": "boolean", + "default": false, + "description": "Indicates whether the attribute can have multiple values.", + "example": false + }, + "status": { + "type": "string", + "description": "The status of the Attribute.", + "example": "active" + }, + "type": { + "type": "string", + "description": "The type of the Attribute. This can be either \"custom\" or \"governance\".", + "example": "governance" + }, + "objectTypes": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "An array of object types this attributes values can be applied to. Possible values are \"all\" or \"entitlement\". Value \"all\" means this attribute can be used with all object types that are supported.", + "example": [ + "entitlement" + ] + }, + "description": { + "type": "string", + "description": "The description of the Attribute.", + "example": "Specifies the level of privacy associated with an access item." + }, + "values": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + }, + "example": [ + { + "key": "iscPrivacy", + "name": "Privacy", + "multiselect": false, + "status": "active", + "type": "governance", + "objectTypes": [ + "all" + ], + "description": "Specifies the level of privacy associated with an access item.", + "values": [ + { + "value": "public", + "name": "Public", + "status": "active" + } + ] + } + ] + } + } + }, + { + "nullable": true, + "description": "Access Model Metadata (beta)." + } + ] + } + } + } + }, + "example": [ + { + "sourceSchemaObjectType": "group", + "attribute": "memberOf", + "attributes": { + "GroupType": "Security", + "sAMAccountName": "LauncherTest1", + "GroupScope": "Global", + "objectguid": "{01a6e70b-9705-4155-a5c6-492a9bcc8c64}", + "objectSid": "S-1-5-21-3585869415-1648031554-2909195034-1633", + "cn": "LauncherTest1", + "msDS-PrincipalName": "AUTOMATIONAD\\LauncherTest1" + }, + "value": "CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "description": "some description", + "privileged": false, + "cloudGoverned": false, + "source": { + "type": "SOURCE", + "id": "2c9180877504c40e0175097d5ce707c8", + "name": "EndToEnd-ADSource" + }, + "owner": { + "id": "2a2fdacca5e345f18bf7970cfbb8fec2", + "name": "identity 1", + "type": "IDENTITY" + }, + "segments": [ + "1d126fe0-45e2-4aea-bc64-a07e9344ef26" + ], + "manuallyUpdatedFields": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + }, + "id": "2c91808c74ff913f0175097daa9d59cd", + "name": "LauncherTest1", + "created": "2020-10-08T18:33:52.029Z", + "modified": "2021-01-19T16:53:35.707Z" + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/entitlements/{id}/children": { + "get": { + "operationId": "listEntitlementChildren", + "tags": [ + "Entitlements" + ], + "summary": "List of entitlements children", + "description": "This API returns a list of all child entitlements of a given entitlement.", + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Entitlement Id", + "example": "2c91808874ff91550175097daaec161c" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "example": "name,-modified", + "required": false, + "style": "form", + "explode": true + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "example": "attribute eq \"memberOf\"", + "required": false, + "style": "form", + "explode": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of entitlements children from an entitlement", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The entitlement id", + "example": "2c91808874ff91550175097daaec161c" + }, + "name": { + "type": "string", + "description": "The entitlement name", + "example": "LauncherTest2" + }, + "created": { + "type": "string", + "description": "Time when the entitlement was created", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "modified": { + "type": "string", + "description": "Time when the entitlement was last modified", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute name", + "example": "memberOf", + "nullable": true + }, + "value": { + "type": "string", + "description": "The value of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The object type of the entitlement from the source schema", + "example": "group" + }, + "privileged": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is privileged", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "requestable": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is requestable", + "example": true + }, + "attributes": { + "type": "object", + "description": "A map of free-form key-value pairs from the source system", + "example": { + "fieldName": "fieldValue" + }, + "additionalProperties": true + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The source ID", + "example": "2c9180827ca885d7017ca8ce28a000eb" + }, + "type": { + "type": "string", + "description": "The source type, will always be \"SOURCE\"", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The source name", + "example": "ODS-AD-Source", + "nullable": true + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "description": "Simplified DTO for the owner object of the entitlement", + "properties": { + "id": { + "type": "string", + "description": "The owner id for the entitlement", + "example": "2a2fdacca5e345f18bf7970cfbb8fec2" + }, + "name": { + "type": "string", + "description": "The owner name for the entitlement", + "example": "identity 1" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the owner. Initially only type IDENTITY is supported", + "example": "IDENTITY" + } + } + }, + { + "nullable": true + } + ] + }, + "directPermissions": { + "type": "array", + "items": { + "type": "object", + "description": "Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.", + "properties": { + "rights": { + "type": "array", + "description": "All the rights (e.g. actions) that this permission allows on the target", + "readOnly": true, + "items": { + "type": "string", + "example": "SELECT" + } + }, + "target": { + "type": "string", + "description": "The target the permission would grants rights on.", + "readOnly": true, + "example": "SYS.GV_$TRANSACTION" + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Entitlement is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "manuallyUpdatedFields": { + "allOf": [ + { + "type": "object", + "properties": { + "DISPLAY_NAME": { + "type": "boolean", + "default": false, + "description": "True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property.", + "example": true + }, + "DESCRIPTION": { + "type": "boolean", + "default": false, + "description": "True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property.", + "example": true + } + } + }, + { + "nullable": true, + "description": "Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.", + "example": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + } + } + ] + }, + "accessModelMetadata": { + "allOf": [ + { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Technical name of the Attribute. This is unique and cannot be changed after creation.", + "example": "iscPrivacy" + }, + "name": { + "type": "string", + "description": "The display name of the key.", + "example": "Privacy" + }, + "multiselect": { + "type": "boolean", + "default": false, + "description": "Indicates whether the attribute can have multiple values.", + "example": false + }, + "status": { + "type": "string", + "description": "The status of the Attribute.", + "example": "active" + }, + "type": { + "type": "string", + "description": "The type of the Attribute. This can be either \"custom\" or \"governance\".", + "example": "governance" + }, + "objectTypes": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "An array of object types this attributes values can be applied to. Possible values are \"all\" or \"entitlement\". Value \"all\" means this attribute can be used with all object types that are supported.", + "example": [ + "entitlement" + ] + }, + "description": { + "type": "string", + "description": "The description of the Attribute.", + "example": "Specifies the level of privacy associated with an access item." + }, + "values": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + }, + "example": [ + { + "key": "iscPrivacy", + "name": "Privacy", + "multiselect": false, + "status": "active", + "type": "governance", + "objectTypes": [ + "all" + ], + "description": "Specifies the level of privacy associated with an access item.", + "values": [ + { + "value": "public", + "name": "Public", + "status": "active" + } + ] + } + ] + } + } + }, + { + "nullable": true, + "description": "Access Model Metadata (beta)." + } + ] + } + } + } + }, + "example": [ + { + "sourceSchemaObjectType": "group", + "attribute": "memberOf", + "attributes": { + "GroupType": "Security", + "sAMAccountName": "LauncherTest1", + "GroupScope": "Global", + "objectguid": "{01a6e70b-9705-4155-a5c6-492a9bcc8c64}", + "objectSid": "S-1-5-21-3585869415-1648031554-2909195034-1633", + "cn": "LauncherTest1", + "msDS-PrincipalName": "AUTOMATIONAD\\LauncherTest1" + }, + "value": "CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "description": "some description", + "privileged": false, + "cloudGoverned": false, + "source": { + "type": "SOURCE", + "id": "2c9180877504c40e0175097d5ce707c8", + "name": "EndToEnd-ADSource" + }, + "owner": { + "id": "2a2fdacca5e345f18bf7970cfbb8fec2", + "name": "identity 1", + "type": "IDENTITY" + }, + "segments": [ + "1d126fe0-45e2-4aea-bc64-a07e9344ef26" + ], + "manuallyUpdatedFields": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + }, + "id": "2c91808c74ff913f0175097daa9d59cd", + "name": "LauncherTest1", + "created": "2020-10-08T18:33:52.029Z", + "modified": "2021-01-19T16:53:35.707Z" + } + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/entitlements/bulk-update": { + "post": { + "operationId": "updateEntitlementsInBulk", + "tags": [ + "Entitlements" + ], + "summary": "Bulk update an entitlement list", + "description": "This API applies an update to every entitlement of the list.\n\nThe number of entitlements to update is limited to 50 items maximum.\n\nThe JsonPatch update follows the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. allowed operations : **{ \"op\": \"replace\", \"path\": \"/privileged\", \"value\": boolean }** **{ \"op\": \"replace\", \"path\": \"/requestable\",\"value\": boolean }** \n\nA token with ORG_ADMIN or API authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "entitlementIds": { + "type": "array", + "description": "List of entitlement ids to update", + "maxItems": 50, + "items": { + "type": "string" + }, + "example": [ + "2c91808a7624751a01762f19d665220d", + "2c91808a7624751a01762f19d67c220e", + "2c91808a7624751a01762f19d692220f" + ] + }, + "jsonPatch": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + }, + "example": [ + { + "op": "replace", + "path": "/privileged", + "value": false + }, + { + "op": "replace", + "path": "/requestable", + "value": false + } + ] + } + }, + "example": { + "entitlementIds": [ + "2c91808a7624751a01762f19d665220d", + "2c91808a7624751a01762f19d67c220e", + "2c91808a7624751a01762f19d692220f" + ], + "jsonPatch": [ + { + "op": "replace", + "path": "/privileged", + "value": false + }, + { + "op": "replace", + "path": "/requestable", + "value": false + } + ] + }, + "required": [ + "entitlementIds", + "jsonPatch" + ] + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/entitlements/{id}/entitlement-request-config": { + "get": { + "operationId": "getEntitlementRequestConfig", + "tags": [ + "Entitlements" + ], + "summary": "Get Entitlement Request Config", + "description": "This API returns the entitlement request config for a specified entitlement.", + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:read", + "idn:entitlement:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Entitlement Id", + "example": "2c91808874ff91550175097daaec161c" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "An Entitlement Request Config", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "accessRequestConfig": { + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "description": "Ordered list of approval steps for the access request. Empty when no approval is required.", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "ENTITLEMENT_OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**ENTITLEMENT_OWNER**: Owner of the associated Entitlement\n\n**SOURCE_OWNER**: Owner of the associated Source\n\n**MANAGER**: Manager of the Identity for whom the request is being made\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "e3eab852-8315-467f-9de7-70eda97f63c8" + } + } + } + }, + "requestCommentRequired": { + "type": "boolean", + "description": "If the requester must provide a comment during access request.", + "default": false, + "example": true + }, + "denialCommentRequired": { + "type": "boolean", + "description": "If the reviewer must provide a comment when denying the access request.", + "default": false, + "example": false + } + } + } + } + }, + "example": { + "accessRequestConfig": { + "requestCommentRequired": true, + "denialCommentRequired": true, + "approvalSchemes": [ + { + "approverType": "ENTITLEMENT_OWNER", + "approverId": null + }, + { + "approverType": "SOURCE_OWNER", + "approverId": null + }, + { + "approverType": "MANAGER", + "approverId": null + }, + { + "approverType": "GOVERNANCE_GROUP", + "approverId": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putEntitlementRequestConfig", + "tags": [ + "Entitlements" + ], + "summary": "Replace Entitlement Request Config", + "description": "This API replaces the entitlement request config for a specified entitlement.", + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:manage" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Entitlement ID", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121e121518" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "accessRequestConfig": { + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "description": "Ordered list of approval steps for the access request. Empty when no approval is required.", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "ENTITLEMENT_OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**ENTITLEMENT_OWNER**: Owner of the associated Entitlement\n\n**SOURCE_OWNER**: Owner of the associated Source\n\n**MANAGER**: Manager of the Identity for whom the request is being made\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "e3eab852-8315-467f-9de7-70eda97f63c8" + } + } + } + }, + "requestCommentRequired": { + "type": "boolean", + "description": "If the requester must provide a comment during access request.", + "default": false, + "example": true + }, + "denialCommentRequired": { + "type": "boolean", + "description": "If the reviewer must provide a comment when denying the access request.", + "default": false, + "example": false + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Responds with the entitlement request config as updated.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "accessRequestConfig": { + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "description": "Ordered list of approval steps for the access request. Empty when no approval is required.", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "ENTITLEMENT_OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**ENTITLEMENT_OWNER**: Owner of the associated Entitlement\n\n**SOURCE_OWNER**: Owner of the associated Source\n\n**MANAGER**: Manager of the Identity for whom the request is being made\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "e3eab852-8315-467f-9de7-70eda97f63c8" + } + } + } + }, + "requestCommentRequired": { + "type": "boolean", + "description": "If the requester must provide a comment during access request.", + "default": false, + "example": true + }, + "denialCommentRequired": { + "type": "boolean", + "description": "If the reviewer must provide a comment when denying the access request.", + "default": false, + "example": false + } + } + } + } + }, + "example": { + "accessRequestConfig": { + "requestCommentRequired": true, + "denialCommentRequired": true, + "approvalSchemes": [ + { + "approverType": "ENTITLEMENT_OWNER", + "approverId": null + }, + { + "approverType": "SOURCE_OWNER", + "approverId": null + }, + { + "approverType": "MANAGER", + "approverId": null + }, + { + "approverType": "GOVERNANCE_GROUP", + "approverId": "46c79819-a69f-49a2-becb-12c971ae66c6" + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/entitlements/reset/sources/{id}": { + "post": { + "operationId": "resetSourceEntitlements", + "tags": [ + "Entitlements" + ], + "summary": "Reset Source Entitlements", + "description": "Removes all entitlements on a specific source.", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of source for the entitlement reset", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "202": { + "description": "Entitlement source reset task result", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The DTO type", + "example": "TASK_RESULT" + }, + "id": { + "type": "string", + "description": "The task ID of the object to which this reference applies", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "Entitlement Source Reset" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:update" + ] + } + ] + } + }, + "/entitlements/{id}/access-model-metadata/{attributeKey}/values/{attributeValue}": { + "post": { + "summary": "Add metadata to an entitlement.", + "description": "Add single Access Model Metadata to an entitlement.", + "tags": [ + "Entitlements" + ], + "operationId": "createAccessModelMetadataForEntitlement", + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:update" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "The entitlement id.", + "example": "2c91808c74ff913f0175097daa9d59cd" + }, + { + "name": "attributeKey", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "Technical name of the Attribute.", + "example": "iscPrivacy" + }, + { + "name": "attributeValue", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "Technical name of the Attribute Value.", + "example": "public" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The entitlement id", + "example": "2c91808874ff91550175097daaec161c" + }, + "name": { + "type": "string", + "description": "The entitlement name", + "example": "LauncherTest2" + }, + "created": { + "type": "string", + "description": "Time when the entitlement was created", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "modified": { + "type": "string", + "description": "Time when the entitlement was last modified", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute name", + "example": "memberOf", + "nullable": true + }, + "value": { + "type": "string", + "description": "The value of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The object type of the entitlement from the source schema", + "example": "group" + }, + "privileged": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is privileged", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "requestable": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is requestable", + "example": true + }, + "attributes": { + "type": "object", + "description": "A map of free-form key-value pairs from the source system", + "example": { + "fieldName": "fieldValue" + }, + "additionalProperties": true + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The source ID", + "example": "2c9180827ca885d7017ca8ce28a000eb" + }, + "type": { + "type": "string", + "description": "The source type, will always be \"SOURCE\"", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The source name", + "example": "ODS-AD-Source", + "nullable": true + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "description": "Simplified DTO for the owner object of the entitlement", + "properties": { + "id": { + "type": "string", + "description": "The owner id for the entitlement", + "example": "2a2fdacca5e345f18bf7970cfbb8fec2" + }, + "name": { + "type": "string", + "description": "The owner name for the entitlement", + "example": "identity 1" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the owner. Initially only type IDENTITY is supported", + "example": "IDENTITY" + } + } + }, + { + "nullable": true + } + ] + }, + "directPermissions": { + "type": "array", + "items": { + "type": "object", + "description": "Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.", + "properties": { + "rights": { + "type": "array", + "description": "All the rights (e.g. actions) that this permission allows on the target", + "readOnly": true, + "items": { + "type": "string", + "example": "SELECT" + } + }, + "target": { + "type": "string", + "description": "The target the permission would grants rights on.", + "readOnly": true, + "example": "SYS.GV_$TRANSACTION" + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Entitlement is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "manuallyUpdatedFields": { + "allOf": [ + { + "type": "object", + "properties": { + "DISPLAY_NAME": { + "type": "boolean", + "default": false, + "description": "True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property.", + "example": true + }, + "DESCRIPTION": { + "type": "boolean", + "default": false, + "description": "True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property.", + "example": true + } + } + }, + { + "nullable": true, + "description": "Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.", + "example": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + } + } + ] + }, + "accessModelMetadata": { + "allOf": [ + { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Technical name of the Attribute. This is unique and cannot be changed after creation.", + "example": "iscPrivacy" + }, + "name": { + "type": "string", + "description": "The display name of the key.", + "example": "Privacy" + }, + "multiselect": { + "type": "boolean", + "default": false, + "description": "Indicates whether the attribute can have multiple values.", + "example": false + }, + "status": { + "type": "string", + "description": "The status of the Attribute.", + "example": "active" + }, + "type": { + "type": "string", + "description": "The type of the Attribute. This can be either \"custom\" or \"governance\".", + "example": "governance" + }, + "objectTypes": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "An array of object types this attributes values can be applied to. Possible values are \"all\" or \"entitlement\". Value \"all\" means this attribute can be used with all object types that are supported.", + "example": [ + "entitlement" + ] + }, + "description": { + "type": "string", + "description": "The description of the Attribute.", + "example": "Specifies the level of privacy associated with an access item." + }, + "values": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + }, + "example": [ + { + "key": "iscPrivacy", + "name": "Privacy", + "multiselect": false, + "status": "active", + "type": "governance", + "objectTypes": [ + "all" + ], + "description": "Specifies the level of privacy associated with an access item.", + "values": [ + { + "value": "public", + "name": "Public", + "status": "active" + } + ] + } + ] + } + } + }, + { + "nullable": true, + "description": "Access Model Metadata (beta)." + } + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "summary": "Remove metadata from an entitlement.", + "description": "Remove single Access Model Metadata from an entitlement.", + "tags": [ + "Entitlements" + ], + "operationId": "deleteAccessModelMetadataFromEntitlement", + "security": [ + { + "UserContextAuth": [ + "idn:entitlement:delete" + ] + } + ], + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "The entitlement id.", + "example": "2c91808c74ff913f0175097daa9d59cd" + }, + { + "name": "attributeKey", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "Technical name of the Attribute.", + "example": "iscPrivacy" + }, + { + "name": "attributeValue", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "description": "Technical name of the Attribute Value.", + "example": "public" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "OK" + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/entitlements/aggregate/sources/{id}": { + "post": { + "tags": [ + "Entitlements" + ], + "summary": "Aggregate Entitlements", + "deprecated": true, + "operationId": "importEntitlementsBySource", + "description": "Starts an entitlement aggregation on the specified source. Though this endpoint has been deprecated, you can find its Beta equivalent [here](https://developer.sailpoint.com/docs/api/beta/import-entitlements).\n\nIf the target source is a direct connection, then the request body must be empty. You will also need to make sure the Content-Type header is not set. If you set the Content-Type header without specifying a body, then you will receive a 500 error.\n\nIf the target source is a delimited file source, then the CSV file needs to be included in the request body. You will also need to set the Content-Type header to `multipart/form-data`.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Source Id", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "csvFile": { + "type": "string", + "format": "binary", + "description": "The CSV file containing the source entitlements to aggregate." + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Aggregate Entitlements Task", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the task this taskStatus represents", + "type": "string", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "type": { + "description": "Type of task this task represents", + "type": "string", + "example": "QUARTZ" + }, + "uniqueName": { + "description": "The name of the task", + "type": "string", + "example": "Cloud Group Aggregation" + }, + "description": { + "description": "The description of the task", + "type": "string", + "example": "Aggregate from the specified application" + }, + "launcher": { + "description": "The user who initiated the task", + "type": "string", + "example": "John Doe" + }, + "created": { + "description": "The creation date of the task", + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "returns": { + "description": "Return values from the task", + "type": "array", + "items": { + "type": "object", + "properties": { + "displayLabel": { + "description": "The display label for the return value", + "type": "string", + "example": "TASK_OUT_ACCOUNT_GROUP_AGGREGATION_APPLICATIONS" + }, + "attributeName": { + "description": "The attribute name for the return value", + "type": "string", + "example": "applications" + } + } + }, + "example": [ + { + "displayLabel": "TASK_OUT_ACCOUNT_GROUP_AGGREGATION_APPLICATIONS", + "attributeName": "applications" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_GROUP_AGGREGATION_TOTAL", + "attributeName": "total" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_GROUP_AGGREGATION_CREATED", + "attributeName": "groupsCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_GROUP_AGGREGATION_UPDATED", + "attributeName": "groupsUpdated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_GROUP_AGGREGATION_DELETED", + "attributeName": "groupsDeleted" + } + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:entitlements:manage" + ] + } + ] + } + }, + "/generate-password-reset-token/digit": { + "post": { + "operationId": "generateDigitToken", + "tags": [ + "Password Management" + ], + "summary": "Generate a digit token", + "description": "This API is used to generate a digit token for password management. Requires authorization scope of \"idn:password-digit-token:create\".", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "userId" + ], + "properties": { + "userId": { + "type": "string", + "description": "The uid of the user requested for digit token", + "example": "Abby.Smith" + }, + "length": { + "type": "integer", + "description": "The length of digit token. It should be from 6 to 18, inclusive. The default value is 6.", + "example": 8 + }, + "durationMinutes": { + "type": "integer", + "description": "The time to live for the digit token in minutes. The default value is 5 minutes.", + "example": 5 + } + } + }, + "example": { + "userId": "Abby.Smith", + "length": 8, + "durationMinutes": 5 + } + } + } + }, + "responses": { + "200": { + "description": "The digit token for password management.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "digitToken": { + "type": "string", + "description": "The digit token for password management", + "example": "09087713" + }, + "requestId": { + "type": "string", + "description": "The reference ID of the digit token generation request", + "example": "e1267ecd-fcd9-4c73-9c55-12555efad136" + } + } + }, + "example": { + "digitToken": "09087713", + "requestId": "e1267ecd-fcd9-4c73-9c55-12555efad136" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/historical-identities": { + "get": { + "operationId": "listHistoricalIdentities", + "summary": "Lists all the identities", + "description": "This gets the list of identities for the customer. This list end point does not support count=true request param. The total count of identities would never be returned even if the count param is specified in the request Requires authorization scope of 'idn:identity-history:read'", + "security": [ + { + "UserContextAuth": [ + "idn:identity-history:read" + ] + } + ], + "tags": [ + "Identity History" + ], + "parameters": [ + { + "in": "query", + "name": "starts-with-query", + "schema": { + "type": "string" + }, + "description": "This param is used for starts-with search for first, last and display name of the identity", + "example": "Ada" + }, + { + "in": "query", + "name": "is-deleted", + "schema": { + "type": "boolean" + }, + "description": "Indicates if we want to only list down deleted identities or not.", + "example": true + }, + { + "in": "query", + "name": "is-active", + "schema": { + "type": "boolean" + }, + "description": "Indicates if we want to only list active or inactive identities.", + "example": true + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of identities for the customer.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the identity ID", + "example": "bc693f07e7b645539626c25954c58554" + }, + "displayName": { + "type": "string", + "description": "the display name of the identity", + "example": "Adam Zampa" + }, + "firstName": { + "type": "string", + "nullable": true, + "description": "the first name of the identity", + "example": "Adam" + }, + "lastName": { + "type": "string", + "nullable": true, + "description": "the last name of the identity", + "example": "Zampa" + }, + "active": { + "type": "boolean", + "default": true, + "description": "indicates if an identity is active or not", + "example": true + }, + "deletedDate": { + "type": "string", + "nullable": true, + "description": "the date when the identity was deleted", + "example": "2007-03-01T13:00:00.000Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/historical-identities/{id}": { + "get": { + "operationId": "getHistoricalIdentity", + "tags": [ + "Identity History" + ], + "summary": "Get latest snapshot of identity", + "description": "This method retrieves a specified identity Requires authorization scope of 'idn:identity-history:read'", + "security": [ + { + "UserContextAuth": [ + "idn:identity-history:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The identity object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the identity ID", + "example": "bc693f07e7b645539626c25954c58554" + }, + "displayName": { + "type": "string", + "description": "the display name of the identity", + "example": "Adam Zampa" + }, + "snapshot": { + "type": "string", + "description": "the date when the identity record was created", + "example": "2007-03-01T13:00:00.000Z" + }, + "deletedDate": { + "type": "string", + "description": "the date when the identity was deleted", + "example": "2007-03-01T13:00:00.000Z" + }, + "accessItemCount": { + "type": "object", + "description": "A map containing the count of each access item", + "example": { + "app": 0, + "role": 2, + "entitlement": 4, + "accessProfile": 3, + "account": 1 + }, + "additionalProperties": { + "type": "integer", + "format": "int32" + } + }, + "attributes": { + "type": "object", + "description": "A map containing the identity attributes", + "additionalProperties": true, + "example": { + "jobTitle": "HR Manager", + "location": "NYC", + "firstname": "Adam", + "lastname": "Zampa", + "department": "HR" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/historical-identities/{id}/access-items": { + "get": { + "operationId": "listIdentityAccessItems", + "tags": [ + "Identity History" + ], + "summary": "Gets a list of access items for the identity filtered by item type", + "description": "This method retrieves a list of access item for the identity filtered by the access item type Requires authorization scope of 'idn:identity-history:read' ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "query", + "name": "type", + "schema": { + "type": "string" + }, + "description": "The type of access item for the identity. If not provided, it defaults to account", + "example": "account" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The list of access items.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "oneOf": [ + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "accessProfile", + "description": "the access item type. accessProfile in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "name": { + "type": "string", + "example": "sample", + "description": "the access profile name" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "description": { + "type": "string", + "example": "AccessProfile - Workday/Citizenship access", + "description": "the description for the access profile" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + }, + "entitlementCount": { + "type": "string", + "example": 12, + "description": "the number of entitlements the access profile will create" + }, + "appDisplayName": { + "type": "string", + "example": "AppName", + "description": "the name of" + }, + "removeDate": { + "type": "string", + "example": "2024-07-01T06:00:00.000Z", + "description": "the date the access profile is no longer assigned to the specified identity" + }, + "standalone": { + "type": "boolean", + "example": false, + "description": "indicates whether the access profile is standalone" + }, + "revocable": { + "type": "boolean", + "example": true, + "description": "indicates whether the access profile is" + } + }, + "required": [ + "standalone", + "revocable" + ] + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "account", + "description": "the access item type. account in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "nativeIdentity": { + "type": "string", + "example": "dr.arden.ogahn.d", + "description": "the native identifier used to uniquely identify an acccount" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "entitlementCount": { + "type": "string", + "example": 12, + "description": "the number of entitlements the account will create" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + } + } + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "app", + "description": "the access item type. entitlement in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "displayName": { + "type": "string", + "example": "Display Name", + "description": "the access item display name" + }, + "sourceName": { + "type": "string", + "example": "appName", + "description": "the associated source name if it exists" + }, + "appRoleId": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the app role id" + } + } + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "entitlement", + "description": "the access item type. entitlement in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "attribute": { + "type": "string", + "example": "groups", + "description": "the entitlement attribute" + }, + "value": { + "type": "string", + "example": "Upward mobility access", + "description": "the associated value" + }, + "entitlementType": { + "type": "string", + "example": "entitlement", + "description": "the type of entitlement" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "description": { + "type": "string", + "example": "Entitlement - Workday/Citizenship access", + "description": "the description for the entitlment" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + }, + "standalone": { + "type": "boolean", + "example": true, + "description": "indicates whether the entitlement is standalone" + }, + "privileged": { + "type": "boolean", + "example": false, + "description": "indicates whether the entitlement is privileged" + }, + "cloudGoverned": { + "type": "boolean", + "example": true, + "description": "indicates whether the entitlement is cloud governed" + } + }, + "required": [ + "standalone", + "privileged", + "cloudGoverned" + ] + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "role", + "description": "the access item type. role in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "displayName": { + "type": "string", + "example": "sample", + "description": "the role display name" + }, + "description": { + "type": "string", + "example": "Role - Workday/Citizenship access", + "description": "the description for the role" + }, + "sourceName": { + "type": "string", + "example": "Source Name", + "description": "the associated source name if it exists" + }, + "removeDate": { + "type": "string", + "example": "2024-07-01T06:00:00.000Z", + "description": "the date the role is no longer assigned to the specified identity" + }, + "revocable": { + "type": "boolean", + "example": true, + "description": "indicates whether the role is revocable" + } + }, + "required": [ + "revocable" + ] + } + ] + } + }, + "examples": { + "Access Profile": { + "description": "An access profile response", + "value": [ + { + "accessType": "accessProfile", + "id": "2c918087763e69d901763e72e97f006f", + "name": "sample", + "sourceName": "DataScienceDataset", + "sourceId": "2793o32dwd", + "description": "AccessProfile - Workday/Citizenship access", + "displayName": "Dr. Arden Rogahn MD", + "entitlementCount": 12, + "appDisplayName": "AppName" + } + ] + }, + "Account": { + "description": "An account response", + "value": [ + { + "accessType": "account", + "id": "2c918087763e69d901763e72e97f006f", + "nativeIdentity": "dr.arden.ogahn.d", + "sourceName": "DataScienceDataset", + "sourceId": "2793o32dwd", + "entitlementCount": 12, + "displayName": "Dr. Arden Rogahn MD" + } + ] + }, + "App": { + "description": "An app response", + "value": [ + { + "accessType": "app", + "id": "2c918087763e69d901763e72e97f006f", + "name": "appName" + } + ] + }, + "Entitlement": { + "description": "An entitlement event", + "value": [ + { + "accessType": "entitlement", + "id": "2c918087763e69d901763e72e97f006f", + "attribute": "groups", + "value": "Upward mobility access", + "type": "group", + "sourceName": "DataScienceDataset", + "sourceId": "2793o32dwd", + "description": "Entitlement - Workday/Citizenship access", + "displayName": "Dr. Arden Rogahn MD" + } + ] + }, + "Role": { + "description": "A role response", + "value": [ + { + "accessType": "role", + "id": "2c918087763e69d901763e72e97f006f", + "name": "sample", + "description": "Role - Workday/Citizenship access" + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/historical-identities/{id}/snapshots": { + "get": { + "operationId": "listIdentitySnapshots", + "tags": [ + "Identity History" + ], + "summary": "Lists all the snapshots for the identity", + "description": "This method retrieves all the snapshots for the identity Requires authorization scope of 'idn:identity-history:read' ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "query", + "name": "start", + "schema": { + "type": "string" + }, + "description": "The specified start date", + "example": "2007-03-01T13:00:00Z" + }, + { + "in": "query", + "name": "interval", + "schema": { + "type": "string", + "enum": [ + "day", + "month" + ] + }, + "description": "The interval indicating the range in day or month for the specified interval-name" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A list of identity summary for each snapshot.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "snapshot": { + "type": "string", + "description": "the date when the identity record was created", + "example": "2007-03-01T13:00:00.000Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/historical-identities/{id}/snapshot-summary": { + "get": { + "operationId": "getIdentitySnapshotSummary", + "tags": [ + "Identity History" + ], + "summary": "Gets the summary for the event count for a specific identity", + "description": "This method gets the summary for the event count for a specific identity by month/day Requires authorization scope of 'idn:identity-history:read' ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "query", + "name": "before", + "schema": { + "type": "string" + }, + "description": "The date before which snapshot summary is required", + "example": "2007-03-01T13:00:00Z" + }, + { + "in": "query", + "name": "interval", + "schema": { + "type": "string", + "enum": [ + "day", + "month" + ] + }, + "description": "The interval indicating day or month. Defaults to month if not specified" + }, + { + "in": "query", + "name": "time-zone", + "schema": { + "type": "string" + }, + "description": "The time zone. Defaults to UTC if not provided", + "example": "UTC" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A summary list of identity changes in date histogram format.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "the name of metric" + }, + "value": { + "type": "number", + "description": "the value associated to the metric" + } + }, + "example": { + "name": "2021-04-01T00:00:00.000Z", + "value": 2 + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/historical-identities/{id}/snapshots/{date}": { + "get": { + "operationId": "getIdentitySnapshot", + "tags": [ + "Identity History" + ], + "summary": "Gets an identity snapshot at a given date", + "description": "This method retrieves a specified identity snapshot at a given date Requires authorization scope of 'idn:identity-history:read' ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "path", + "name": "date", + "schema": { + "type": "string" + }, + "description": "The specified date", + "example": "2007-03-01T13:00:00Z", + "required": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The identity object.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the identity ID", + "example": "bc693f07e7b645539626c25954c58554" + }, + "displayName": { + "type": "string", + "description": "the display name of the identity", + "example": "Adam Zampa" + }, + "snapshot": { + "type": "string", + "description": "the date when the identity record was created", + "example": "2007-03-01T13:00:00.000Z" + }, + "deletedDate": { + "type": "string", + "description": "the date when the identity was deleted", + "example": "2007-03-01T13:00:00.000Z" + }, + "accessItemCount": { + "type": "object", + "description": "A map containing the count of each access item", + "example": { + "app": 0, + "role": 2, + "entitlement": 4, + "accessProfile": 3, + "account": 1 + }, + "additionalProperties": { + "type": "integer", + "format": "int32" + } + }, + "attributes": { + "type": "object", + "description": "A map containing the identity attributes", + "additionalProperties": true, + "example": { + "jobTitle": "HR Manager", + "location": "NYC", + "firstname": "Adam", + "lastname": "Zampa", + "department": "HR" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/historical-identities/{id}/snapshots/{date}/access-items": { + "get": { + "operationId": "listIdentitySnapshotAccessItems", + "tags": [ + "Identity History" + ], + "summary": "Gets the list of identity access items at a given date filterd by item type", + "description": "This method retrieves the list of identity access items at a given date filterd by item type Requires authorization scope of 'idn:identity-history:read' ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "path", + "name": "date", + "schema": { + "type": "string" + }, + "required": true, + "description": "The specified date", + "example": "2007-03-01T13:00:00Z" + }, + { + "in": "query", + "name": "type", + "schema": { + "type": "string" + }, + "description": "The access item type", + "example": "account" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The identity object.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "oneOf": [ + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "accessProfile", + "description": "the access item type. accessProfile in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "name": { + "type": "string", + "example": "sample", + "description": "the access profile name" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "description": { + "type": "string", + "example": "AccessProfile - Workday/Citizenship access", + "description": "the description for the access profile" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + }, + "entitlementCount": { + "type": "string", + "example": 12, + "description": "the number of entitlements the access profile will create" + }, + "appDisplayName": { + "type": "string", + "example": "AppName", + "description": "the name of" + }, + "removeDate": { + "type": "string", + "example": "2024-07-01T06:00:00.000Z", + "description": "the date the access profile is no longer assigned to the specified identity" + }, + "standalone": { + "type": "boolean", + "example": false, + "description": "indicates whether the access profile is standalone" + }, + "revocable": { + "type": "boolean", + "example": true, + "description": "indicates whether the access profile is" + } + }, + "required": [ + "standalone", + "revocable" + ] + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "account", + "description": "the access item type. account in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "nativeIdentity": { + "type": "string", + "example": "dr.arden.ogahn.d", + "description": "the native identifier used to uniquely identify an acccount" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "entitlementCount": { + "type": "string", + "example": 12, + "description": "the number of entitlements the account will create" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + } + } + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "app", + "description": "the access item type. entitlement in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "displayName": { + "type": "string", + "example": "Display Name", + "description": "the access item display name" + }, + "sourceName": { + "type": "string", + "example": "appName", + "description": "the associated source name if it exists" + }, + "appRoleId": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the app role id" + } + } + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "entitlement", + "description": "the access item type. entitlement in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "attribute": { + "type": "string", + "example": "groups", + "description": "the entitlement attribute" + }, + "value": { + "type": "string", + "example": "Upward mobility access", + "description": "the associated value" + }, + "entitlementType": { + "type": "string", + "example": "entitlement", + "description": "the type of entitlement" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "description": { + "type": "string", + "example": "Entitlement - Workday/Citizenship access", + "description": "the description for the entitlment" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + }, + "standalone": { + "type": "boolean", + "example": true, + "description": "indicates whether the entitlement is standalone" + }, + "privileged": { + "type": "boolean", + "example": false, + "description": "indicates whether the entitlement is privileged" + }, + "cloudGoverned": { + "type": "boolean", + "example": true, + "description": "indicates whether the entitlement is cloud governed" + } + }, + "required": [ + "standalone", + "privileged", + "cloudGoverned" + ] + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "role", + "description": "the access item type. role in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "displayName": { + "type": "string", + "example": "sample", + "description": "the role display name" + }, + "description": { + "type": "string", + "example": "Role - Workday/Citizenship access", + "description": "the description for the role" + }, + "sourceName": { + "type": "string", + "example": "Source Name", + "description": "the associated source name if it exists" + }, + "removeDate": { + "type": "string", + "example": "2024-07-01T06:00:00.000Z", + "description": "the date the role is no longer assigned to the specified identity" + }, + "revocable": { + "type": "boolean", + "example": true, + "description": "indicates whether the role is revocable" + } + }, + "required": [ + "revocable" + ] + } + ] + } + }, + "examples": { + "Access Item AccessProfile Response": { + "description": "An access profile response", + "value": [ + { + "type": "accessProfile", + "id": "2c918087763e69d901763e72e97f006f", + "name": "sample", + "sourceName": "DataScienceDataset", + "sourceId": "2793o32dwd", + "description": "AccessProfile - Workday/Citizenship access", + "displayName": "Dr. Arden Rogahn MD", + "entitlementCount": 12, + "appDisplayName": "AppName" + } + ] + }, + "Access Item Account Response": { + "description": "An account response", + "value": [ + { + "type": "account", + "id": "2c918087763e69d901763e72e97f006f", + "nativeIdentity": "dr.arden.ogahn.d", + "sourceName": "DataScienceDataset", + "sourceId": "2793o32dwd", + "entitlementCount": 12, + "displayName": "Dr. Arden Rogahn MD" + } + ] + }, + "Access Item App Response": { + "description": "An app response", + "value": [ + { + "type": "app", + "id": "2c918087763e69d901763e72e97f006f", + "name": "appName" + } + ] + }, + "Access Item Entitlement Response": { + "description": "An entitlement event", + "value": [ + { + "type": "entitlement", + "id": "2c918087763e69d901763e72e97f006f", + "attribute": "groups", + "value": "Upward mobility access", + "entitlementType": "entitlement", + "sourceName": "DataScienceDataset", + "sourceId": "2793o32dwd", + "description": "Entitlement - Workday/Citizenship access", + "displayName": "Dr. Arden Rogahn MD" + } + ] + }, + "Access Item Role Response": { + "description": "A role response", + "value": [ + { + "type": "role", + "id": "2c918087763e69d901763e72e97f006f", + "name": "sample", + "description": "Role - Workday/Citizenship access" + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/common-access": { + "get": { + "operationId": "getCommonAccess", + "summary": "Get a paginated list of common access", + "tags": [ + "IAI Common Access" + ], + "description": "This endpoint returns the current common access for a customer. The returned items can be filtered and sorted. Requires authorization scope of iai:access-modeling:read", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq, sw*\n\n**reviewedByUser** *eq*\n\n**access.id**: *eq, sw*\n\n**access.type**: *eq*\n\n**access.name**: *sw, eq*\n\n**access.description**: *sw, eq*", + "example": "access.type eq \"ROLE\"", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, status**\n\nBy default the common access items are sorted by name, ascending.", + "example": "access.name" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of common access for a customer.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Unique ID of the common access item", + "example": "555ab47a-0d32-4813-906f-adf3567de6a4" + }, + "access": { + "description": "common access item", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Common access ID" + }, + "type": { + "description": "Common access type (ROLE or ACCESS_PROFILE)", + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ] + }, + "name": { + "type": "string", + "description": "Common access name" + }, + "description": { + "type": "string", + "description": "Common access description", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "Common access owner name" + }, + "ownerId": { + "type": "string", + "description": "Common access owner ID" + } + } + }, + "status": { + "type": "string", + "description": "CONFIRMED or DENIED" + }, + "commonAccessType": { + "type": "string", + "example": "UNSET" + }, + "lastUpdated": { + "type": "string", + "readOnly": true, + "format": "date-time" + }, + "reviewedByUser": { + "type": "boolean", + "description": "true if user has confirmed or denied status" + }, + "lastReviewed": { + "type": "string", + "readOnly": true, + "format": "date-time", + "nullable": true + }, + "createdByUser": { + "type": "boolean", + "default": false, + "example": false + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createCommonAccess", + "summary": "Create common access items", + "tags": [ + "IAI Common Access" + ], + "description": "This API is used to add roles/access profiles to the list of common access for a customer. Requires authorization scope of iai:access-modeling:create", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Common access ID" + }, + "type": { + "description": "Common access type (ROLE or ACCESS_PROFILE)", + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ] + }, + "name": { + "type": "string", + "description": "Common access name" + }, + "description": { + "type": "string", + "description": "Common access description", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "Common access owner name" + }, + "ownerId": { + "type": "string", + "description": "Common access owner ID" + } + } + }, + "status": { + "type": "string", + "enum": [ + "CONFIRMED", + "DENIED" + ], + "description": "State of common access item." + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Returns details of the common access classification request.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Common Access Item ID" + }, + "access": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Common access ID" + }, + "type": { + "description": "Common access type (ROLE or ACCESS_PROFILE)", + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE" + ] + }, + "name": { + "type": "string", + "description": "Common access name" + }, + "description": { + "type": "string", + "description": "Common access description", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "Common access owner name" + }, + "ownerId": { + "type": "string", + "description": "Common access owner ID" + } + } + }, + "status": { + "type": "string", + "enum": [ + "CONFIRMED", + "DENIED" + ], + "description": "State of common access item." + }, + "lastUpdated": { + "type": "string" + }, + "reviewedByUser": { + "type": "boolean" + }, + "lastReviewed": { + "type": "string" + }, + "createdByUser": { + "type": "string" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/common-access/update-status": { + "post": { + "operationId": "updateCommonAccessStatusInBulk", + "summary": "Bulk update common access status", + "tags": [ + "IAI Common Access" + ], + "description": "This submits an update request to the common access application. At this time there are no parameters. Requires authorization scope of iai:access-modeling:update", + "requestBody": { + "description": "Confirm or deny in bulk the common access ids that are (or aren't) common access", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "confirmedIds": { + "description": "List of confirmed common access ids.", + "type": "array", + "items": { + "type": "string", + "format": "uuid" + } + }, + "deniedIds": { + "description": "List of denied common access ids.", + "type": "array", + "items": { + "type": "string", + "format": "uuid" + } + } + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/historical-identities/{id}/events": { + "get": { + "operationId": "getHistoricalIdentityEvents", + "tags": [ + "Identity History" + ], + "summary": "Lists all events for the given identity", + "description": "This method retrieves all access events for the identity Requires authorization scope of 'idn:identity-history:read' ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "query", + "name": "from", + "schema": { + "type": "string" + }, + "description": "The optional instant until which access events are returned", + "example": "2024-03-01T13:00:00Z" + }, + { + "in": "query", + "name": "eventTypes", + "schema": { + "type": "array", + "items": { + "type": "string" + } + }, + "description": "An optional list of event types to return. If null or empty, all events are returned", + "example": [ + "AccessAddedEvent", + "AccessRemovedEvent" + ] + }, + { + "in": "query", + "name": "accessItemTypes", + "schema": { + "type": "array", + "items": { + "type": "string" + } + }, + "description": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "example": [ + "entitlement", + "account" + ] + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The list of events for the identity", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "object", + "properties": { + "accessItem": { + "type": "object", + "oneOf": [ + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "accessProfile", + "description": "the access item type. accessProfile in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "name": { + "type": "string", + "example": "sample", + "description": "the access profile name" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "description": { + "type": "string", + "example": "AccessProfile - Workday/Citizenship access", + "description": "the description for the access profile" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + }, + "entitlementCount": { + "type": "string", + "example": 12, + "description": "the number of entitlements the access profile will create" + }, + "appDisplayName": { + "type": "string", + "example": "AppName", + "description": "the name of" + }, + "removeDate": { + "type": "string", + "example": "2024-07-01T06:00:00.000Z", + "description": "the date the access profile is no longer assigned to the specified identity" + }, + "standalone": { + "type": "boolean", + "example": false, + "description": "indicates whether the access profile is standalone" + }, + "revocable": { + "type": "boolean", + "example": true, + "description": "indicates whether the access profile is" + } + }, + "required": [ + "standalone", + "revocable" + ] + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "account", + "description": "the access item type. account in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "nativeIdentity": { + "type": "string", + "example": "dr.arden.ogahn.d", + "description": "the native identifier used to uniquely identify an acccount" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "entitlementCount": { + "type": "string", + "example": 12, + "description": "the number of entitlements the account will create" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + } + } + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "app", + "description": "the access item type. entitlement in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "displayName": { + "type": "string", + "example": "Display Name", + "description": "the access item display name" + }, + "sourceName": { + "type": "string", + "example": "appName", + "description": "the associated source name if it exists" + }, + "appRoleId": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the app role id" + } + } + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "entitlement", + "description": "the access item type. entitlement in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "attribute": { + "type": "string", + "example": "groups", + "description": "the entitlement attribute" + }, + "value": { + "type": "string", + "example": "Upward mobility access", + "description": "the associated value" + }, + "entitlementType": { + "type": "string", + "example": "entitlement", + "description": "the type of entitlement" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "description": { + "type": "string", + "example": "Entitlement - Workday/Citizenship access", + "description": "the description for the entitlment" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + }, + "standalone": { + "type": "boolean", + "example": true, + "description": "indicates whether the entitlement is standalone" + }, + "privileged": { + "type": "boolean", + "example": false, + "description": "indicates whether the entitlement is privileged" + }, + "cloudGoverned": { + "type": "boolean", + "example": true, + "description": "indicates whether the entitlement is cloud governed" + } + }, + "required": [ + "standalone", + "privileged", + "cloudGoverned" + ] + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "role", + "description": "the access item type. role in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "displayName": { + "type": "string", + "example": "sample", + "description": "the role display name" + }, + "description": { + "type": "string", + "example": "Role - Workday/Citizenship access", + "description": "the description for the role" + }, + "sourceName": { + "type": "string", + "example": "Source Name", + "description": "the associated source name if it exists" + }, + "removeDate": { + "type": "string", + "example": "2024-07-01T06:00:00.000Z", + "description": "the date the role is no longer assigned to the specified identity" + }, + "revocable": { + "type": "boolean", + "example": true, + "description": "indicates whether the role is revocable" + } + }, + "required": [ + "revocable" + ] + } + ], + "example": { + "id": "8c190e6787aa4ed9a90bd9d5344523fb", + "accessType": "account", + "nativeIdentity": 127999, + "sourceName": "JDBC Entitlements Source", + "entitlementCount": 0, + "displayName": "Sample Name" + } + }, + "identityId": { + "type": "string", + "description": "the identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + "eventType": { + "type": "string", + "description": "the event type", + "example": "AccessItemAssociated" + }, + "dt": { + "type": "string", + "description": "the date of event", + "example": "2019-03-08T22:37:33.901Z" + }, + "governanceEvent": { + "example": { + "name": "Manager Certification for Jon Snow", + "dt": "2019-03-08T22:37:33.901Z", + "type": "certification", + "governanceId": "2c91808a77ff216301782327a50f09bf", + "owners": [ + { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + ], + "reviewers": [ + { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + ], + "decisionMaker": { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + }, + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the governance event, such as the certification name or access request ID.", + "example": "Manager Certification for Jon Snow" + }, + "dt": { + "type": "string", + "description": "The date that the certification or access request was completed.", + "example": "2019-03-08T22:37:33.901Z" + }, + "type": { + "type": "string", + "enum": [ + "certification", + "accessRequest" + ], + "description": "The type of governance event.", + "example": "certification" + }, + "governanceId": { + "type": "string", + "description": "The ID of the instance that caused the event - either the certification ID or access request ID.", + "example": "2c91808a77ff216301782327a50f09bf" + }, + "owners": { + "type": "array", + "description": "The owners of the governance event (the certifiers or approvers)", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the certifier", + "example": "8a80828f643d484f01643e14202e206f" + }, + "displayName": { + "type": "string", + "description": "the name of the certifier", + "example": "John Snow" + } + } + }, + "example": [ + { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + } + ] + }, + "reviewers": { + "type": "array", + "description": "The owners of the governance event (the certifiers or approvers), this field should be preferred over owners", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the certifier", + "example": "8a80828f643d484f01643e14202e206f" + }, + "displayName": { + "type": "string", + "description": "the name of the certifier", + "example": "John Snow" + } + } + }, + "example": [ + { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + } + ] + }, + "decisionMaker": { + "description": "The decision maker", + "example": { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the certifier", + "example": "8a80828f643d484f01643e14202e206f" + }, + "displayName": { + "type": "string", + "description": "the name of the certifier", + "example": "John Snow" + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "accessItem": { + "type": "object", + "oneOf": [ + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "accessProfile", + "description": "the access item type. accessProfile in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "name": { + "type": "string", + "example": "sample", + "description": "the access profile name" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "description": { + "type": "string", + "example": "AccessProfile - Workday/Citizenship access", + "description": "the description for the access profile" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + }, + "entitlementCount": { + "type": "string", + "example": 12, + "description": "the number of entitlements the access profile will create" + }, + "appDisplayName": { + "type": "string", + "example": "AppName", + "description": "the name of" + }, + "removeDate": { + "type": "string", + "example": "2024-07-01T06:00:00.000Z", + "description": "the date the access profile is no longer assigned to the specified identity" + }, + "standalone": { + "type": "boolean", + "example": false, + "description": "indicates whether the access profile is standalone" + }, + "revocable": { + "type": "boolean", + "example": true, + "description": "indicates whether the access profile is" + } + }, + "required": [ + "standalone", + "revocable" + ] + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "account", + "description": "the access item type. account in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "nativeIdentity": { + "type": "string", + "example": "dr.arden.ogahn.d", + "description": "the native identifier used to uniquely identify an acccount" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "entitlementCount": { + "type": "string", + "example": 12, + "description": "the number of entitlements the account will create" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + } + } + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "app", + "description": "the access item type. entitlement in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "displayName": { + "type": "string", + "example": "Display Name", + "description": "the access item display name" + }, + "sourceName": { + "type": "string", + "example": "appName", + "description": "the associated source name if it exists" + }, + "appRoleId": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the app role id" + } + } + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "entitlement", + "description": "the access item type. entitlement in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "attribute": { + "type": "string", + "example": "groups", + "description": "the entitlement attribute" + }, + "value": { + "type": "string", + "example": "Upward mobility access", + "description": "the associated value" + }, + "entitlementType": { + "type": "string", + "example": "entitlement", + "description": "the type of entitlement" + }, + "sourceName": { + "type": "string", + "example": "DataScienceDataset", + "description": "the name of the source" + }, + "sourceId": { + "type": "string", + "example": "2793o32dwd", + "description": "the id of the source" + }, + "description": { + "type": "string", + "example": "Entitlement - Workday/Citizenship access", + "description": "the description for the entitlment" + }, + "displayName": { + "type": "string", + "example": "Dr. Arden Rogahn MD", + "description": "the display name of the identity" + }, + "standalone": { + "type": "boolean", + "example": true, + "description": "indicates whether the entitlement is standalone" + }, + "privileged": { + "type": "boolean", + "example": false, + "description": "indicates whether the entitlement is privileged" + }, + "cloudGoverned": { + "type": "boolean", + "example": true, + "description": "indicates whether the entitlement is cloud governed" + } + }, + "required": [ + "standalone", + "privileged", + "cloudGoverned" + ] + }, + { + "type": "object", + "properties": { + "accessType": { + "type": "string", + "example": "role", + "description": "the access item type. role in this case" + }, + "id": { + "type": "string", + "example": "2c918087763e69d901763e72e97f006f", + "description": "the access item id" + }, + "displayName": { + "type": "string", + "example": "sample", + "description": "the role display name" + }, + "description": { + "type": "string", + "example": "Role - Workday/Citizenship access", + "description": "the description for the role" + }, + "sourceName": { + "type": "string", + "example": "Source Name", + "description": "the associated source name if it exists" + }, + "removeDate": { + "type": "string", + "example": "2024-07-01T06:00:00.000Z", + "description": "the date the role is no longer assigned to the specified identity" + }, + "revocable": { + "type": "boolean", + "example": true, + "description": "indicates whether the role is revocable" + } + }, + "required": [ + "revocable" + ] + } + ], + "example": { + "id": "8c190e6787aa4ed9a90bd9d5344523fb", + "accessType": "account", + "nativeIdentity": 127999, + "sourceName": "JDBC Entitlements Source", + "entitlementCount": 0, + "displayName": "Sample Name" + } + }, + "identityId": { + "type": "string", + "description": "the identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + "eventType": { + "type": "string", + "description": "the event type", + "example": "AccessItemRemoved" + }, + "dt": { + "type": "string", + "description": "the date of event", + "example": "2019-03-08T22:37:33.901Z" + }, + "governanceEvent": { + "example": { + "name": "Manager Certification for Jon Snow", + "dt": "2019-03-08T22:37:33.901Z", + "type": "certification", + "governanceId": "2c91808a77ff216301782327a50f09bf", + "owners": [ + { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + ], + "reviewers": [ + { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + ], + "decisionMaker": { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + }, + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the governance event, such as the certification name or access request ID.", + "example": "Manager Certification for Jon Snow" + }, + "dt": { + "type": "string", + "description": "The date that the certification or access request was completed.", + "example": "2019-03-08T22:37:33.901Z" + }, + "type": { + "type": "string", + "enum": [ + "certification", + "accessRequest" + ], + "description": "The type of governance event.", + "example": "certification" + }, + "governanceId": { + "type": "string", + "description": "The ID of the instance that caused the event - either the certification ID or access request ID.", + "example": "2c91808a77ff216301782327a50f09bf" + }, + "owners": { + "type": "array", + "description": "The owners of the governance event (the certifiers or approvers)", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the certifier", + "example": "8a80828f643d484f01643e14202e206f" + }, + "displayName": { + "type": "string", + "description": "the name of the certifier", + "example": "John Snow" + } + } + }, + "example": [ + { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + } + ] + }, + "reviewers": { + "type": "array", + "description": "The owners of the governance event (the certifiers or approvers), this field should be preferred over owners", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the certifier", + "example": "8a80828f643d484f01643e14202e206f" + }, + "displayName": { + "type": "string", + "description": "the name of the certifier", + "example": "John Snow" + } + } + }, + "example": [ + { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + } + ] + }, + "decisionMaker": { + "description": "The decision maker", + "example": { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the certifier", + "example": "8a80828f643d484f01643e14202e206f" + }, + "displayName": { + "type": "string", + "description": "the name of the certifier", + "example": "John Snow" + } + } + } + } + } + } + }, + { + "type": "object", + "properties": { + "changes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "the attribute name" + }, + "previousValue": { + "type": "string", + "description": "the old value of attribute" + }, + "newValue": { + "type": "string", + "description": "the new value of attribute" + } + }, + "example": { + "name": "firstname", + "previousValue": "adam", + "newValue": "zampa" + } + } + }, + "eventType": { + "type": "string", + "description": "the event type" + }, + "identityId": { + "type": "string", + "description": "the identity id" + }, + "dt": { + "type": "string", + "description": "the date of event" + } + }, + "example": { + "attributeChanges": { + "name": "firstname", + "previousValue": "adam", + "newValue": "zampa" + }, + "eventType": "AttributesChanged", + "identityId": "8a80828f643d484f01643e14202e206f", + "dt": "2019-03-08T22:37:33.901Z" + } + }, + { + "type": "object", + "properties": { + "accessRequest": { + "description": "the access request details", + "type": "object", + "properties": { + "requesterId": { + "type": "string", + "example": "2c91808a77ff216301782327a50f09bf", + "description": "the requester Id" + }, + "requesterName": { + "type": "string", + "example": "Bing C", + "description": "the requesterName" + }, + "items": { + "type": "array", + "example": [ + { + "operation": "Add", + "accessItemType": "role", + "name": "Role-1", + "decision": "APPROVED", + "description": "The role descrition", + "sourceId": "8a80828f643d484f01643e14202e206f", + "sourceName": "Source1", + "approvalInfos": [ + { + "name": "John Snow", + "id": "8a80828f643d484f01643e14202e2000", + "status": "Approved" + } + ] + } + ], + "items": { + "type": "object", + "properties": { + "operation": { + "type": "string", + "example": "Add", + "description": "the access request item operation" + }, + "accessItemType": { + "type": "string", + "example": "role", + "description": "the access item type" + }, + "name": { + "type": "string", + "example": "Role-1", + "description": "the name of access request item" + }, + "decision": { + "type": "string", + "example": "APPROVED", + "enum": [ + "APPROVED", + "REJECTED" + ], + "description": "the final decision for the access request" + }, + "description": { + "type": "string", + "example": "The role descrition", + "description": "the description of access request item" + }, + "sourceId": { + "type": "string", + "example": "8a80828f643d484f01643e14202e206f", + "description": "the source id" + }, + "sourceName": { + "type": "string", + "example": "Source1", + "description": "the source Name" + }, + "approvalInfos": { + "type": "array", + "example": [ + { + "name": "John Snow", + "id": "8a80828f643d484f01643e14202e2000", + "status": "Approved" + } + ], + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "8a80828f643d484f01643e14202e2000", + "description": "the id of approver" + }, + "name": { + "type": "string", + "example": "John Snow", + "description": "the name of approver" + }, + "status": { + "type": "string", + "example": "Approved", + "description": "the status of the approval request" + } + } + } + } + } + } + } + } + }, + "identityId": { + "type": "string", + "example": "8a80828f643d484f01643e14202e206f", + "description": "the identity id" + }, + "eventType": { + "type": "string", + "example": "AccessRequested", + "description": "the event type" + }, + "dt": { + "type": "string", + "example": "2019-03-08T22:37:33.901Z", + "description": "the date of event" + } + } + }, + { + "type": "object", + "properties": { + "certificationId": { + "type": "string", + "description": "the id of the certification item", + "example": "2c91808a77ff216301782327a50f09bf" + }, + "certificationName": { + "type": "string", + "description": "the certification item name", + "example": "Cert name" + }, + "signedDate": { + "type": "string", + "description": "the date ceritification was signed", + "example": "2019-03-08T22:37:33.901Z" + }, + "certifiers": { + "type": "array", + "description": "this field is deprecated and may go away", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the certifier", + "example": "8a80828f643d484f01643e14202e206f" + }, + "displayName": { + "type": "string", + "description": "the name of the certifier", + "example": "John Snow" + } + } + }, + "example": [ + { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + } + ] + }, + "reviewers": { + "type": "array", + "description": "The list of identities who review this certification", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the certifier", + "example": "8a80828f643d484f01643e14202e206f" + }, + "displayName": { + "type": "string", + "description": "the name of the certifier", + "example": "John Snow" + } + } + }, + "example": [ + { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + } + ] + }, + "signer": { + "description": "Identity who signed off on the certification", + "example": { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the certifier", + "example": "8a80828f643d484f01643e14202e206f" + }, + "displayName": { + "type": "string", + "description": "the name of the certifier", + "example": "John Snow" + } + } + }, + "eventType": { + "type": "string", + "description": "the event type", + "example": "IdentityCertified" + }, + "dt": { + "type": "string", + "description": "the date of event", + "example": "2019-03-08T22:37:33.901Z" + } + } + }, + { + "type": "object", + "properties": { + "eventType": { + "type": "string", + "description": "the event type" + }, + "identityId": { + "type": "string", + "description": "the identity id" + }, + "dt": { + "type": "string", + "description": "the date of event" + }, + "account": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the ID of the account in the database" + }, + "nativeIdentity": { + "type": "string", + "description": "the native identifier of the account" + }, + "displayName": { + "type": "string", + "description": "the display name of the account" + }, + "sourceId": { + "type": "string", + "description": "the ID of the source for this account" + }, + "sourceName": { + "type": "string", + "description": "the name of the source for this account" + }, + "entitlementCount": { + "type": "integer", + "description": "the number of entitlements on this account" + }, + "accessType": { + "type": "string", + "description": "this value is always \"account\"" + } + } + }, + "statusChange": { + "type": "object", + "properties": { + "previousStatus": { + "type": "string", + "description": "the previous status of the account", + "enum": [ + "enabled", + "disabled", + "locked" + ] + }, + "newStatus": { + "type": "string", + "description": "the new status of the account", + "enum": [ + "enabled", + "disabled", + "locked" + ] + } + } + } + }, + "example": { + "account": { + "id": "2c91808a77ff216301782327a50f09bf", + "nativeIdentity": 127999, + "displayName": "Sample Name", + "sourceId": "8a80828f643d484f01643e14202e206f", + "sourceName": "JDBC Entitlements Source", + "entitlementCount": 0, + "accessType": "account" + }, + "statusChange": { + "previousStatus": "enabled", + "newStatus": "disabled" + }, + "eventType": "AccountStatusChanged", + "identityId": "8a80828f643d484f01643e14202e206f", + "date": "2019-03-08T22:37:33.901Z" + } + } + ] + } + }, + "examples": { + "AccessItemAssociated": { + "description": "An Access item associated event", + "value": [ + { + "accessItem": { + "id": "8c190e6787aa4ed9a90bd9d5344523fb", + "accessType": "account", + "nativeIdentity": 127999, + "sourceName": "JDBC Entitlements Source", + "entitlementCount": 0, + "displayName": "Sample Name" + }, + "eventType": "AccessItemAssociated", + "identityId": "8a80828f643d484f01643e14202e206f", + "dt": "2019-03-08T22:37:33.901Z", + "governanceEvent": { + "name": "Access Request 58", + "dt": "2019-03-08T22:37:33.901Z", + "type": "accessRequest", + "governanceId": "2c91808a77ff216301782327a50f09e1", + "owners": [ + { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + ], + "reviewers": [ + { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + ], + "decisionMaker": { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + } + } + ] + }, + "AccessItemRemoved": { + "description": "An Access item removed event", + "value": [ + { + "accessItem": { + "id": "8c190e6787aa4ed9a90bd9d5344523fb", + "accessType": "account", + "nativeIdentity": 127999, + "sourceName": "JDBC Entitlements Source", + "entitlementCount": 0, + "displayName": "Sample Name" + }, + "eventType": "AccessItemRemoved", + "identityId": "8a80828f643d484f01643e14202e206f", + "dt": "2019-03-08T22:37:33.901Z", + "governanceEvent": { + "name": "Manager Certification for Jon Snow", + "dt": "2019-03-08T22:37:33.901Z", + "type": "certification", + "governanceId": "2c91808a77ff216301782327a50f09bf", + "owners": [ + { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + ], + "reviewers": [ + { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + ], + "decisionMaker": { + "id": "bc693f07e7b645539626c25954c58554", + "displayName": "Jon Snow" + } + } + } + ] + }, + "AttributesChanged": { + "description": "An attribute changed event", + "value": [ + { + "attributeChanges": [ + { + "name": "firstname", + "previousValue": "adam", + "newValue": "zampa" + } + ], + "eventType": "AttributesChanged", + "identityId": "8a80828f643d484f01643e14202e206f", + "dt": "2019-03-08T22:37:33.901Z" + } + ] + }, + "AccessRequested": { + "description": "An access requested event", + "value": { + "accessRequest": { + "requesterId": "2c91808a77ff216301782327a50f09bf", + "requestName": "Bing C", + "items": [ + { + "operation": "Add", + "accessItemType": "role", + "name": "Role-1", + "decision": "APPROVED", + "description": "The role descrition", + "sourceId": "8a80828f643d484f01643e14202e206f", + "sourceName": "Source1", + "approvalInfos": [ + { + "name": "John Snow", + "id": "8a80828f643d484f01643e14202e2000", + "status": "Approved" + } + ] + } + ] + }, + "eventType": "AccessRequested", + "identityId": "8a80828f643d484f01643e14202e206f", + "dt": "2019-03-08T22:37:33.901Z" + } + }, + "IdentityCertified": { + "description": "An identity certified event", + "value": [ + { + "certification": { + "id": "2c91808a77ff216301782327a50f09bf", + "name": "Cert name", + "signedDate": "2019-03-08T22:37:33.901Z", + "certifiers": [ + { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "John Snow" + } + ], + "reviewers": [ + { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "Daenerys Targaryen" + } + ], + "signer": { + "id": "8a80828f643d484f01643e14202e206f", + "displayName": "Tyrion Lannister" + } + }, + "eventType": "IdentityCertified", + "identityId": "8a80828f643d484f01643e14202e206f", + "dt": "2019-03-08T22:37:33.901Z" + } + ] + }, + "AccountStatusChanged": { + "description": "An account status changed event", + "value": [ + { + "account": { + "id": "2c91808a77ff216301782327a50f09bf", + "nativeIdentity": 127999, + "displayName": "Sample Name", + "sourceId": "8a80828f643d484f01643e14202e206f", + "sourceName": "JDBC Entitlements Source", + "entitlementCount": 0, + "accessType": "account" + }, + "statusChange": { + "previousStatus": "ENABLED", + "newStatus": "DISABLED" + }, + "eventType": "AccountStatusChanged", + "identityId": "8a80828f643d484f01643e14202e206f", + "dt": "2019-03-08T22:37:33.901Z" + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/historical-identities/{id}/start-date": { + "get": { + "operationId": "getIdentityStartDate", + "tags": [ + "Identity History" + ], + "summary": "Gets the start date of the identity", + "description": "This method retrieves start date of the identity Requires authorization scope of 'idn:identity-history:read' ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The start date of the identity", + "content": { + "application/json": { + "schema": { + "type": "string", + "example": "2017-03-01T13:00:00.000Z" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/historical-identities/{id}/compare": { + "get": { + "operationId": "compareIdentitySnapshots", + "tags": [ + "Identity History" + ], + "summary": "Gets a difference of count for each access item types for the given identity between 2 snapshots", + "description": "This method gets a difference of count for each access item types for the given identity between 2 snapshots Requires authorization scope of 'idn:identity-history:read' ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "query", + "name": "snapshot1", + "schema": { + "type": "string" + }, + "description": "The snapshot 1 of identity", + "example": "2007-03-01T13:00:00Z" + }, + { + "in": "query", + "name": "snapshot2", + "schema": { + "type": "string" + }, + "description": "The snapshot 2 of identity", + "example": "2008-03-01T13:00:00Z" + }, + { + "in": "query", + "name": "accessItemTypes", + "schema": { + "type": "array", + "items": { + "type": "string" + } + }, + "description": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned " + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A IdentityCompare object with difference details for each access item type", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "accessItemDiff": { + "type": "object", + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check.", + "additionalProperties": { + "type": "object" + } + } + }, + "example": { + "accessItemDiff": { + "role": { + "accessAdded": 2, + "accessRemoved": 3 + }, + "entitlement": { + "accessAdded": 4, + "accessRemoved": 0 + }, + "accessProfile": { + "accessAdded": 0, + "accessRemoved": 1 + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/historical-identities/{id}/compare/{access-type}": { + "get": { + "operationId": "compareIdentitySnapshotsAccessType", + "tags": [ + "Identity History" + ], + "summary": "Gets a list of differences of specific accessType for the given identity between 2 snapshots", + "description": "This method gets a list of differences of specific accessType for the given identity between 2 snapshots Requires authorization scope of 'idn:identity-history:read' ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The identity id", + "example": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "in": "path", + "name": "accessType", + "schema": { + "type": "string" + }, + "required": true, + "description": "The specific type which needs to be compared", + "example": "role" + }, + { + "in": "query", + "name": "access-associated", + "schema": { + "type": "boolean" + }, + "description": "Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed", + "example": "2007-03-01T13:00:00Z" + }, + { + "in": "query", + "name": "snapshot1", + "schema": { + "type": "string" + }, + "description": "The snapshot 1 of identity", + "example": "2008-03-01T13:00:00Z" + }, + { + "in": "query", + "name": "snapshot2", + "schema": { + "type": "string" + }, + "description": "The snapshot 2 of identity", + "example": "2009-03-01T13:00:00Z" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A list of events for the identity", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the id of the access item" + }, + "eventType": { + "type": "string", + "enum": [ + "ADD", + "REMOVE" + ] + }, + "displayName": { + "type": "string", + "description": "the display name of the access item" + }, + "sourceName": { + "type": "string", + "description": "the source name of the access item" + } + }, + "example": { + "id": "2c91808c7726345b017726a0a2fb013b", + "eventType": "ADD", + "displayName": "Test", + "sourceName": "Source" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identities/{identityId}/synchronize-attributes": { + "post": { + "operationId": "synchronizeAttributesForIdentity", + "tags": [ + "Identities" + ], + "summary": "Attribute synchronization for single identity.", + "description": "This end-point performs attribute synchronization for a selected identity. The endpoint can be called once in 10 seconds per identity. A token with ORG_ADMIN or API authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "identityId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Identity id" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "202": { + "description": "An Identity Sync job", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Job ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "status": { + "type": "string", + "description": "The job status.", + "enum": [ + "QUEUED", + "IN_PROGRESS", + "SUCCESS", + "ERROR" + ], + "example": "IN_PROGRESS" + }, + "payload": { + "description": "Job payload.", + "example": { + "type": "SYNCHRONIZE_IDENTITY_ATTRIBUTES", + "dataJson": "{\"identityId\":\"2c918083746f642c01746f990884012a\"}" + }, + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Payload type.", + "example": "SYNCHRONIZE_IDENTITY_ATTRIBUTES" + }, + "dataJson": { + "type": "string", + "description": "Payload type.", + "example": "{\"identityId\":\"2c918083746f642c01746f990884012a\"}" + } + }, + "required": [ + "type", + "dataJson" + ] + } + }, + "required": [ + "id", + "status", + "payload" + ] + }, + "example": { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3dfc", + "status": "IN_PROGRESS", + "payload": { + "type": "SYNCHRONIZE_IDENTITY_ATTRIBUTES", + "dataJson": "{\"identityId\":\"2c918083746f642c01746f990884012a\"}" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identities/{identityId}/ownership": { + "get": { + "operationId": "getIdentityOwnershipDetails", + "summary": "Get ownership details", + "tags": [ + "Identities" + ], + "description": "Use this API to return an identity's owned objects that will cause problems for deleting the identity. \nUse this API as a checklist of objects that you need to reassign to a different identity before you can delete the identity. \nFor a full list of objects owned by an identity, use the [Search API](https://developer.sailpoint.com/docs/api/v3/search-post/). When you search for identities, the returned identities have a property, `owns`, that contains a more comprehensive list of identity's owned objects.", + "security": [ + { + "UserContextAuth": [ + "idn:identity:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identityId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Identity ID.", + "example": "ff8081814d2a8036014d701f3fbf53fa" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Identity's ownership association details.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "associationDetails": { + "type": "array", + "description": "list of all the resource associations for the identity", + "items": { + "type": "object", + "properties": { + "associationType": { + "type": "string", + "description": "association type with the identity", + "example": "ROLE_OWNER" + }, + "entities": { + "type": "array", + "description": "the specific resource this identity has ownership on", + "items": { + "type": "object", + "properties": { + "identityEntity": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "id of the resource to which the identity is associated", + "example": "031034e97f094a4096c1be53f75f6b91" + }, + "name": { + "type": "string", + "description": "name of the resource to which the identity is associated", + "example": "Gaston.800ddf9640a" + }, + "type": { + "type": "string", + "description": "type of the resource to which the identity is associated", + "example": "CAMPAIGN_CAMPAIGNER" + } + } + } + } + }, + "example": { + "id": "b660a232f05b4e04812ca974b3011e0f", + "name": "Gaston.800ddf9640a", + "type": "ROLE" + } + } + } + } + } + } + }, + "example": { + "associationDetails": { + "associationType": "ROLE_OWNER", + "entities": [ + { + "id": "b660a232f05b4e04812ca974b3011e0f", + "name": "Gaston.800ddf9640a", + "type": "ROLE" + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identities": { + "get": { + "operationId": "listIdentities", + "tags": [ + "Identities" + ], + "summary": "List Identities", + "description": "This API returns a list of identities.", + "security": [ + { + "UserContextAuth": [ + "idn:identity:read", + "idn:identity:manage" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "required": false, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**alias**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*\n\n**email**: *eq, sw*\n\n**cloudStatus**: *eq*\n\n**processingState**: *eq*\n\n**correlated**: *eq*\n\n**protected**: *eq*", + "example": "id eq \"6c9079b270a266a60170a2779fcb0006\" or correlated eq false" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "required": false, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, alias, cloudStatus**", + "example": "name,-cloudStatus" + }, + { + "in": "query", + "name": "defaultFilter", + "schema": { + "type": "string", + "enum": [ + "CORRELATED_ONLY", + "NONE" + ], + "default": "CORRELATED_ONLY" + }, + "required": false, + "description": "Adds additional filter to filters query parameter.\n\nCORRELATED_ONLY adds correlated=true and returns only identities that are correlated.\n\nNONE does not add any and returns all identities that satisfy filters query parameter.", + "example": "NONE" + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of identities.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "format": "date-time", + "readOnly": true, + "example": "2023-01-03T21:16:22.432Z" + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "format": "date-time", + "readOnly": true, + "example": "2023-01-03T21:16:22.432Z" + } + } + }, + { + "type": "object", + "title": "IdentityDto", + "properties": { + "alias": { + "type": "string", + "description": "Alternate unique identifier for the identity", + "example": "walter.white" + }, + "emailAddress": { + "type": "string", + "description": "The email address of the identity", + "example": "sender@example.com", + "nullable": true + }, + "processingState": { + "type": "string", + "nullable": true, + "description": "The processing state of the identity", + "enum": [ + "ERROR", + "OK", + null + ], + "example": "ERROR" + }, + "identityStatus": { + "type": "string", + "description": "The identity's status in the system", + "enum": [ + "UNREGISTERED", + "REGISTERED", + "PENDING", + "WARNING", + "DISABLED", + "ACTIVE", + "DEACTIVATED", + "TERMINATED", + "ERROR", + "LOCKED" + ], + "example": "LOCKED" + }, + "managerRef": { + "type": "object", + "description": "Identity's manager.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity's manager.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity's manager.", + "example": "2c4180a46faadee4016fb4e018c20626" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity's manager.", + "example": "Robert Robinson" + } + } + }, + "isManager": { + "type": "boolean", + "description": "Whether this identity is a manager of another identity", + "default": false, + "example": true + }, + "lastRefresh": { + "type": "string", + "format": "date-time", + "description": "The last time the identity was refreshed by the system", + "example": "2020-11-22T15:42:31.123Z" + }, + "attributes": { + "type": "object", + "description": "A map with the identity attributes for the identity", + "example": "{\"uid\":\"Walter White\",\"firstname\":\"walter\",\"cloudStatus\":\"UNREGISTERED\",\"displayName\":\"Walter White\",\"identificationNumber\":\"942\",\"lastSyncDate\":1470348809380,\"email\":\"walter@gmail.com\",\"lastname\":\"white\"}" + }, + "lifecycleState": { + "allOf": [ + { + "type": "object", + "properties": { + "stateName": { + "type": "string", + "description": "The name of the lifecycle state", + "example": "active" + }, + "manuallyUpdated": { + "type": "boolean", + "description": "Whether the lifecycle state has been manually or automatically set", + "example": true + } + }, + "required": [ + "stateName", + "manuallyUpdated" + ] + }, + { + "nullable": true, + "description": "Lifecycle state details that include lifecycle state name and whether this lifecycle state has been set manually" + } + ] + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identities/{id}": { + "get": { + "operationId": "getIdentity", + "tags": [ + "Identities" + ], + "summary": "Identity Details", + "description": "This API returns a single identity using the Identity ID.", + "security": [ + { + "UserContextAuth": [ + "idn:identity:read", + "idn:identity:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Identity Id", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "An identity object", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "format": "date-time", + "readOnly": true, + "example": "2023-01-03T21:16:22.432Z" + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "format": "date-time", + "readOnly": true, + "example": "2023-01-03T21:16:22.432Z" + } + } + }, + { + "type": "object", + "title": "IdentityDto", + "properties": { + "alias": { + "type": "string", + "description": "Alternate unique identifier for the identity", + "example": "walter.white" + }, + "emailAddress": { + "type": "string", + "description": "The email address of the identity", + "example": "sender@example.com", + "nullable": true + }, + "processingState": { + "type": "string", + "nullable": true, + "description": "The processing state of the identity", + "enum": [ + "ERROR", + "OK", + null + ], + "example": "ERROR" + }, + "identityStatus": { + "type": "string", + "description": "The identity's status in the system", + "enum": [ + "UNREGISTERED", + "REGISTERED", + "PENDING", + "WARNING", + "DISABLED", + "ACTIVE", + "DEACTIVATED", + "TERMINATED", + "ERROR", + "LOCKED" + ], + "example": "LOCKED" + }, + "managerRef": { + "type": "object", + "description": "Identity's manager.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity's manager.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity's manager.", + "example": "2c4180a46faadee4016fb4e018c20626" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity's manager.", + "example": "Robert Robinson" + } + } + }, + "isManager": { + "type": "boolean", + "description": "Whether this identity is a manager of another identity", + "default": false, + "example": true + }, + "lastRefresh": { + "type": "string", + "format": "date-time", + "description": "The last time the identity was refreshed by the system", + "example": "2020-11-22T15:42:31.123Z" + }, + "attributes": { + "type": "object", + "description": "A map with the identity attributes for the identity", + "example": "{\"uid\":\"Walter White\",\"firstname\":\"walter\",\"cloudStatus\":\"UNREGISTERED\",\"displayName\":\"Walter White\",\"identificationNumber\":\"942\",\"lastSyncDate\":1470348809380,\"email\":\"walter@gmail.com\",\"lastname\":\"white\"}" + }, + "lifecycleState": { + "allOf": [ + { + "type": "object", + "properties": { + "stateName": { + "type": "string", + "description": "The name of the lifecycle state", + "example": "active" + }, + "manuallyUpdated": { + "type": "boolean", + "description": "Whether the lifecycle state has been manually or automatically set", + "example": true + } + }, + "required": [ + "stateName", + "manuallyUpdated" + ] + }, + { + "nullable": true, + "description": "Lifecycle state details that include lifecycle state name and whether this lifecycle state has been set manually" + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteIdentity", + "tags": [ + "Identities" + ], + "summary": "Delete identity", + "description": "The API returns successful response if the requested identity was deleted.", + "security": [ + { + "UserContextAuth": [ + "idn:identity:delete" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Identity Id", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request is invalid. It may indicate that the specified identity is marked as protected and cannot be deleted.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "any additional context information of the http call result", + "example": "Identity cannot be deleted as it is owner of following resources" + }, + "associationDetails": { + "type": "array", + "description": "list of all the resource associations for the identity", + "items": { + "type": "object", + "properties": { + "associationType": { + "type": "string", + "description": "association type with the identity", + "example": "CAMPAIGN_OWNER" + }, + "entities": { + "type": "array", + "description": "the specific resource this identity has ownership on", + "items": { + "type": "object", + "properties": { + "identityEntity": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "id of the resource to which the identity is associated", + "example": "031034e97f094a4096c1be53f75f6b91" + }, + "name": { + "type": "string", + "description": "name of the resource to which the identity is associated", + "example": "Gaston.800ddf9640a" + }, + "type": { + "type": "string", + "description": "type of the resource to which the identity is associated", + "example": "CAMPAIGN_CAMPAIGNER" + } + } + } + } + }, + "example": { + "id": "b660a232f05b4e04812ca974b3011e0f", + "name": "Gaston.800ddf9640a", + "type": "CAMPAIGN_CAMPAIGNER" + } + } + } + } + } + } + }, + "example": { + "message": "Identity is the owner of following resources", + "associationDetails": { + "associationType": "CAMPAIGN_OWNER", + "entities": [ + { + "id": "b660a232f05b4e04812ca974b3011e0f", + "name": "Gaston.800ddf9640a", + "type": "CAMPAIGN_CAMPAIGNER" + } + ] + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identities/process": { + "post": { + "operationId": "startIdentityProcessing", + "tags": [ + "Identities" + ], + "summary": "Process a list of identityIds", + "description": "This operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing) and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing) that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized. \n\nThis endpoint will perform the following tasks:\n1. Calculate identity attributes, including applying or running any rules or transforms (e.g. calculate Lifecycle State at a point-in-time it's expected to change).\n2. Evaluate role assignments, leading to assignment of new roles and removal of existing roles.\n3. Enforce provisioning for any assigned accesses that haven't been fulfilled (e.g. failure due to source health).\n4. Recalculate manager relationships.\n5. Potentially clean-up identity processing errors, assuming the error has been resolved.\n\nA token with ORG_ADMIN or HELPDESK authority is required to call this API.\n", + "externalDocs": { + "description": "Learn more about manually processing identities here", + "url": "https://documentation.sailpoint.com/saas/help/setup/identity_processing.html" + }, + "security": [ + { + "UserContextAuth": [ + "idn:identity:manage" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "minItems": 1, + "maxItems": 250, + "description": "List of up to 250 identity IDs to process.", + "items": { + "type": "string", + "example": "ef38f94347e94562b5bb8424a56397d8" + } + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Object containing the DTO type TASK_RESULT and the job id for the task", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "the type of response reference", + "example": "TASK_RESULT" + }, + "id": { + "type": "string", + "description": "the task ID", + "example": "78733556-9ea3-4f59-bf69-e5cd92b011b4" + }, + "name": { + "type": "string", + "description": "the task name (not used in this endpoint, always null)", + "example": "null" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/identities/{id}/reset": { + "post": { + "operationId": "resetIdentity", + "tags": [ + "Identities" + ], + "summary": "Reset an identity", + "description": "Use this endpoint to reset a user's identity if they have forgotten their authentication information like their answers to knowledge-based questions. Resetting an identity de-registers the user and removes any elevated user levels they have.", + "security": [ + { + "UserContextAuth": [ + "idn:identity:update" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identityId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Identity Id", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "202": { + "description": "Accepted. The reset request accepted and is in progress." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identities/{identityId}/role-assignments": { + "get": { + "operationId": "getRoleAssignments", + "tags": [ + "Identities" + ], + "summary": "List role assignments", + "description": "This returns either a list of Role Assignments when querying with either a Role Id or Role Name, or a list of Role Assignment References if querying with only identity Id.", + "security": [ + { + "UserContextAuth": [ + "idn:identity:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identityId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Identity Id to get the role assignments for", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "query", + "name": "roleId", + "schema": { + "type": "string" + }, + "required": false, + "description": "Role Id to filter the role assignments with", + "example": "e7697a1e96d04db1ac7b0f4544915d2c" + }, + { + "in": "query", + "name": "roleName", + "schema": { + "type": "string" + }, + "required": false, + "description": "Role name to filter the role assignments with", + "example": "Engineer" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A role assignment object", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Assignment Id", + "example": "1cbb0705b38c4226b1334eadd8874086" + }, + "role": { + "description": "Role Id and Name related to this assignment", + "example": { + "id": "e7697a1e96d04db1ac7b0f4544915d2c", + "type": "ROLE", + "name": "Engineer" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + } + } + }, + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Assignment Id", + "example": "1cbb0705b38c4226b1334eadd8874086" + }, + "role": { + "description": "Role Id and Name related to this assignment", + "example": { + "id": "e7697a1e96d04db1ac7b0f4544915d2c", + "type": "ROLE", + "name": "Engineer" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + }, + "comments": { + "type": "string", + "description": "Comments added by the user when the assignment was made", + "example": "I'm a new Engineer and need this role to do my work" + }, + "assignmentSource": { + "type": "string", + "description": "Source describing how this assignment was made", + "example": "UI" + }, + "assigner": { + "description": "The identity that performed the assignment. This could be blank or system", + "example": { + "id": "2c9180867c184ff6017c2a2fbf031666", + "type": "IDENTITY", + "name": "Jeff Richardson" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + }, + "assignedDimensions": { + "type": "array", + "description": "Dimensions assigned related to this role", + "example": [ + { + "id": "1acc8ffe5fcf457090de28bee2af36ee", + "type": "DIMENSION", + "name": "Northeast region" + } + ], + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + } + }, + "assignmentContext": { + "description": "The context around the role assignment", + "example": { + "requested": { + "contextAttributes": [ + { + "attribute": "department", + "value": "Engineering", + "derived": false + } + ] + }, + "matched": [ + { + "id": "e7697a1e96d04db1ac7b0f4544915d2c", + "type": "DIMENSION", + "name": "Engineer" + } + ], + "computedDate": "Wed Feb 14 10:58:42" + }, + "type": "object", + "properties": { + "requested": { + "type": "object", + "properties": { + "contextAttributes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "attribute": { + "type": "string", + "description": "The name of the attribute", + "example": "location" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "Austin" + }, + { + "type": "array", + "items": { + "type": "string", + "example": [ + "Austin", + "Houston", + "Dallas" + ] + } + } + ], + "description": "The value of the attribute. This can be either a string or a multi-valued string", + "example": "Austin" + }, + "derived": { + "type": "boolean", + "description": "True if the attribute was derived.", + "default": false, + "example": false + } + } + } + } + } + }, + "matched": { + "type": "array", + "items": { + "type": "object", + "properties": { + "roleRef": { + "description": "Role Id and Name related to this match", + "example": { + "id": "e7697a1e96d04db1ac7b0f4544915d2c", + "type": "DIMENSION", + "name": "Engineer" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + }, + "matchedAttributes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "attribute": { + "type": "string", + "description": "The name of the attribute", + "example": "location" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "Austin" + }, + { + "type": "array", + "items": { + "type": "string", + "example": [ + "Austin", + "Houston", + "Dallas" + ] + } + } + ], + "description": "The value of the attribute. This can be either a string or a multi-valued string", + "example": "Austin" + }, + "derived": { + "type": "boolean", + "description": "True if the attribute was derived.", + "default": false, + "example": false + } + } + } + } + } + } + }, + "computedDate": { + "type": "string", + "description": "Date that the assignment will was evaluated", + "example": "Wed Feb 14 10:58:42" + } + } + }, + "accountTargets": { + "type": "array", + "items": { + "type": "object", + "properties": { + "source": { + "description": "Source Id and Name related to this assignment", + "example": { + "id": "d18b74853739439986501ad180b27db6", + "type": "SOURCE", + "name": "Active Directory" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + }, + "accountInfo": { + "type": "object", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The unique ID of the account generated by the source system", + "example": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + }, + "displayName": { + "type": "string", + "description": "Display name for this account", + "example": "Abby.Smith" + }, + "uuid": { + "type": "string", + "description": "UUID associated with this account", + "example": "{ad9fc391-246d-40af-b248-b6556a2b7c01}" + } + } + }, + "roleName": { + "type": "string", + "description": "Specific role name for this target if using multiple accounts", + "example": "Marketing" + } + } + } + }, + "removeDate": { + "type": "string", + "description": "Date that the assignment will be removed", + "example": "Wed Feb 14 10:58:42" + } + } + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identities/{identityId}/role-assignments/{assignmentId}": { + "get": { + "operationId": "getRoleAssignment", + "tags": [ + "Identities" + ], + "summary": "Role assignment details", + "security": [ + { + "UserContextAuth": [ + "idn:identity:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identityId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Identity Id", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "in": "path", + "name": "assignmentId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Assignment Id", + "example": "1cbb0705b38c4226b1334eadd8874086" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A role assignment object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Assignment Id", + "example": "1cbb0705b38c4226b1334eadd8874086" + }, + "role": { + "description": "Role Id and Name related to this assignment", + "example": { + "id": "e7697a1e96d04db1ac7b0f4544915d2c", + "type": "ROLE", + "name": "Engineer" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + }, + "comments": { + "type": "string", + "description": "Comments added by the user when the assignment was made", + "example": "I'm a new Engineer and need this role to do my work" + }, + "assignmentSource": { + "type": "string", + "description": "Source describing how this assignment was made", + "example": "UI" + }, + "assigner": { + "description": "The identity that performed the assignment. This could be blank or system", + "example": { + "id": "2c9180867c184ff6017c2a2fbf031666", + "type": "IDENTITY", + "name": "Jeff Richardson" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + }, + "assignedDimensions": { + "type": "array", + "description": "Dimensions assigned related to this role", + "example": [ + { + "id": "1acc8ffe5fcf457090de28bee2af36ee", + "type": "DIMENSION", + "name": "Northeast region" + } + ], + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + } + }, + "assignmentContext": { + "description": "The context around the role assignment", + "example": { + "requested": { + "contextAttributes": [ + { + "attribute": "department", + "value": "Engineering", + "derived": false + } + ] + }, + "matched": [ + { + "id": "e7697a1e96d04db1ac7b0f4544915d2c", + "type": "DIMENSION", + "name": "Engineer" + } + ], + "computedDate": "Wed Feb 14 10:58:42" + }, + "type": "object", + "properties": { + "requested": { + "type": "object", + "properties": { + "contextAttributes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "attribute": { + "type": "string", + "description": "The name of the attribute", + "example": "location" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "Austin" + }, + { + "type": "array", + "items": { + "type": "string", + "example": [ + "Austin", + "Houston", + "Dallas" + ] + } + } + ], + "description": "The value of the attribute. This can be either a string or a multi-valued string", + "example": "Austin" + }, + "derived": { + "type": "boolean", + "description": "True if the attribute was derived.", + "default": false, + "example": false + } + } + } + } + } + }, + "matched": { + "type": "array", + "items": { + "type": "object", + "properties": { + "roleRef": { + "description": "Role Id and Name related to this match", + "example": { + "id": "e7697a1e96d04db1ac7b0f4544915d2c", + "type": "DIMENSION", + "name": "Engineer" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + }, + "matchedAttributes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "attribute": { + "type": "string", + "description": "The name of the attribute", + "example": "location" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "Austin" + }, + { + "type": "array", + "items": { + "type": "string", + "example": [ + "Austin", + "Houston", + "Dallas" + ] + } + } + ], + "description": "The value of the attribute. This can be either a string or a multi-valued string", + "example": "Austin" + }, + "derived": { + "type": "boolean", + "description": "True if the attribute was derived.", + "default": false, + "example": false + } + } + } + } + } + } + }, + "computedDate": { + "type": "string", + "description": "Date that the assignment will was evaluated", + "example": "Wed Feb 14 10:58:42" + } + } + }, + "accountTargets": { + "type": "array", + "items": { + "type": "object", + "properties": { + "source": { + "description": "Source Id and Name related to this assignment", + "example": { + "id": "d18b74853739439986501ad180b27db6", + "type": "SOURCE", + "name": "Active Directory" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "the application ID", + "example": "ff8081814d977c21014da056804a0af3" + }, + "name": { + "type": "string", + "description": "the application name", + "example": "Github" + } + } + }, + "accountInfo": { + "type": "object", + "properties": { + "nativeIdentity": { + "type": "string", + "description": "The unique ID of the account generated by the source system", + "example": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + }, + "displayName": { + "type": "string", + "description": "Display name for this account", + "example": "Abby.Smith" + }, + "uuid": { + "type": "string", + "description": "UUID associated with this account", + "example": "{ad9fc391-246d-40af-b248-b6556a2b7c01}" + } + } + }, + "roleName": { + "type": "string", + "description": "Specific role name for this target if using multiple accounts", + "example": "Marketing" + } + } + } + }, + "removeDate": { + "type": "string", + "description": "Date that the assignment will be removed", + "example": "Wed Feb 14 10:58:42" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identity-attributes": { + "get": { + "operationId": "listIdentityAttributes", + "tags": [ + "Identity Attributes" + ], + "summary": "List Identity Attributes", + "description": "Use this API to get a collection of identity attributes.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-attribute-list:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "includeSystem", + "schema": { + "type": "boolean", + "default": false + }, + "description": "Include 'system' attributes in the response.", + "required": false, + "example": false + }, + { + "in": "query", + "name": "includeSilent", + "schema": { + "type": "boolean", + "default": false + }, + "description": "Include 'silent' attributes in the response.", + "required": false, + "example": false + }, + { + "in": "query", + "name": "searchableOnly", + "schema": { + "type": "boolean", + "default": false + }, + "description": "Include only 'searchable' attributes in the response.", + "required": false, + "example": false + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of identity attributes.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "Identity attribute's technical name.", + "example": "costCenter" + }, + "displayName": { + "type": "string", + "description": "Identity attribute's business-friendly name.", + "example": "Cost Center" + }, + "standard": { + "type": "boolean", + "description": "Indicates whether the attribute is 'standard' or 'default'.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "Identity attribute's type.", + "nullable": true, + "example": "string" + }, + "multi": { + "type": "boolean", + "description": "Indicates whether the identity attribute is multi-valued.", + "default": false, + "example": false + }, + "searchable": { + "type": "boolean", + "description": "Indicates whether the identity attribute is searchable.", + "default": false, + "example": false + }, + "system": { + "type": "boolean", + "description": "Indicates whether the identity attribute is 'system', meaning that it doesn't have a source and isn't configurable.", + "default": false, + "example": false + }, + "sources": { + "description": "Identity attribute's list of sources - this specifies how the rule's value is derived.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Attribute mapping type.", + "example": "rule" + }, + "properties": { + "type": "object", + "description": "Attribute mapping properties.", + "example": { + "ruleType": "IdentityAttribute", + "ruleName": "Cloud Promote Identity Attribute" + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createIdentityAttribute", + "tags": [ + "Identity Attributes" + ], + "summary": "Create Identity Attribute", + "description": "Use this API to create a new identity attribute.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-attribute:create" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "Identity attribute's technical name.", + "example": "costCenter" + }, + "displayName": { + "type": "string", + "description": "Identity attribute's business-friendly name.", + "example": "Cost Center" + }, + "standard": { + "type": "boolean", + "description": "Indicates whether the attribute is 'standard' or 'default'.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "Identity attribute's type.", + "nullable": true, + "example": "string" + }, + "multi": { + "type": "boolean", + "description": "Indicates whether the identity attribute is multi-valued.", + "default": false, + "example": false + }, + "searchable": { + "type": "boolean", + "description": "Indicates whether the identity attribute is searchable.", + "default": false, + "example": false + }, + "system": { + "type": "boolean", + "description": "Indicates whether the identity attribute is 'system', meaning that it doesn't have a source and isn't configurable.", + "default": false, + "example": false + }, + "sources": { + "description": "Identity attribute's list of sources - this specifies how the rule's value is derived.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Attribute mapping type.", + "example": "rule" + }, + "properties": { + "type": "object", + "description": "Attribute mapping properties.", + "example": { + "ruleType": "IdentityAttribute", + "ruleName": "Cloud Promote Identity Attribute" + } + } + } + } + } + } + } + } + } + }, + "responses": { + "201": { + "description": "The identity attribute was created successfully.", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "Identity attribute's technical name.", + "example": "costCenter" + }, + "displayName": { + "type": "string", + "description": "Identity attribute's business-friendly name.", + "example": "Cost Center" + }, + "standard": { + "type": "boolean", + "description": "Indicates whether the attribute is 'standard' or 'default'.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "Identity attribute's type.", + "nullable": true, + "example": "string" + }, + "multi": { + "type": "boolean", + "description": "Indicates whether the identity attribute is multi-valued.", + "default": false, + "example": false + }, + "searchable": { + "type": "boolean", + "description": "Indicates whether the identity attribute is searchable.", + "default": false, + "example": false + }, + "system": { + "type": "boolean", + "description": "Indicates whether the identity attribute is 'system', meaning that it doesn't have a source and isn't configurable.", + "default": false, + "example": false + }, + "sources": { + "description": "Identity attribute's list of sources - this specifies how the rule's value is derived.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Attribute mapping type.", + "example": "rule" + }, + "properties": { + "type": "object", + "description": "Attribute mapping properties.", + "example": { + "ruleType": "IdentityAttribute", + "ruleName": "Cloud Promote Identity Attribute" + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/identity-attributes/{name}": { + "get": { + "operationId": "getIdentityAttribute", + "tags": [ + "Identity Attributes" + ], + "summary": "Get Identity Attribute", + "description": "This gets an identity attribute for a given technical name.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-attribute:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "name", + "schema": { + "type": "string" + }, + "description": "The attribute's technical name.", + "required": true, + "example": "displayName" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The identity attribute with the given name", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "Identity attribute's technical name.", + "example": "costCenter" + }, + "displayName": { + "type": "string", + "description": "Identity attribute's business-friendly name.", + "example": "Cost Center" + }, + "standard": { + "type": "boolean", + "description": "Indicates whether the attribute is 'standard' or 'default'.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "Identity attribute's type.", + "nullable": true, + "example": "string" + }, + "multi": { + "type": "boolean", + "description": "Indicates whether the identity attribute is multi-valued.", + "default": false, + "example": false + }, + "searchable": { + "type": "boolean", + "description": "Indicates whether the identity attribute is searchable.", + "default": false, + "example": false + }, + "system": { + "type": "boolean", + "description": "Indicates whether the identity attribute is 'system', meaning that it doesn't have a source and isn't configurable.", + "default": false, + "example": false + }, + "sources": { + "description": "Identity attribute's list of sources - this specifies how the rule's value is derived.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Attribute mapping type.", + "example": "rule" + }, + "properties": { + "type": "object", + "description": "Attribute mapping properties.", + "example": { + "ruleType": "IdentityAttribute", + "ruleName": "Cloud Promote Identity Attribute" + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putIdentityAttribute", + "tags": [ + "Identity Attributes" + ], + "summary": "Update Identity Attribute", + "description": "This updates an existing identity attribute. Making an attribute searchable requires that the `system`, `standard`, and `multi` properties be set to false.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-attribute:create" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "name", + "schema": { + "type": "string" + }, + "description": "The attribute's technical name.", + "required": true, + "example": "displayName" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "Identity attribute's technical name.", + "example": "costCenter" + }, + "displayName": { + "type": "string", + "description": "Identity attribute's business-friendly name.", + "example": "Cost Center" + }, + "standard": { + "type": "boolean", + "description": "Indicates whether the attribute is 'standard' or 'default'.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "Identity attribute's type.", + "nullable": true, + "example": "string" + }, + "multi": { + "type": "boolean", + "description": "Indicates whether the identity attribute is multi-valued.", + "default": false, + "example": false + }, + "searchable": { + "type": "boolean", + "description": "Indicates whether the identity attribute is searchable.", + "default": false, + "example": false + }, + "system": { + "type": "boolean", + "description": "Indicates whether the identity attribute is 'system', meaning that it doesn't have a source and isn't configurable.", + "default": false, + "example": false + }, + "sources": { + "description": "Identity attribute's list of sources - this specifies how the rule's value is derived.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Attribute mapping type.", + "example": "rule" + }, + "properties": { + "type": "object", + "description": "Attribute mapping properties.", + "example": { + "ruleType": "IdentityAttribute", + "ruleName": "Cloud Promote Identity Attribute" + } + } + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The identity attribute was updated successfully", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "Identity attribute's technical name.", + "example": "costCenter" + }, + "displayName": { + "type": "string", + "description": "Identity attribute's business-friendly name.", + "example": "Cost Center" + }, + "standard": { + "type": "boolean", + "description": "Indicates whether the attribute is 'standard' or 'default'.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "Identity attribute's type.", + "nullable": true, + "example": "string" + }, + "multi": { + "type": "boolean", + "description": "Indicates whether the identity attribute is multi-valued.", + "default": false, + "example": false + }, + "searchable": { + "type": "boolean", + "description": "Indicates whether the identity attribute is searchable.", + "default": false, + "example": false + }, + "system": { + "type": "boolean", + "description": "Indicates whether the identity attribute is 'system', meaning that it doesn't have a source and isn't configurable.", + "default": false, + "example": false + }, + "sources": { + "description": "Identity attribute's list of sources - this specifies how the rule's value is derived.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Attribute mapping type.", + "example": "rule" + }, + "properties": { + "type": "object", + "description": "Attribute mapping properties.", + "example": { + "ruleType": "IdentityAttribute", + "ruleName": "Cloud Promote Identity Attribute" + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteIdentityAttribute", + "tags": [ + "Identity Attributes" + ], + "summary": "Delete Identity Attribute", + "description": "This deletes an identity attribute with the given name. The `system` and `standard` properties must be set to false before you can delete an identity attribute.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-attribute:delete" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "name", + "schema": { + "type": "string" + }, + "description": "The attribute's technical name.", + "required": true, + "example": "displayName" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/identity-attributes/bulk-delete": { + "delete": { + "operationId": "deleteIdentityAttributesInBulk", + "tags": [ + "Identity Attributes" + ], + "summary": "Bulk delete Identity Attributes", + "description": "Use this API to bulk delete identity attributes for a given set of names. Attributes that are currently mapped in an identity profile cannot be deleted. The `system` and `standard` properties must be set to 'false' before you can delete an identity attribute.", + "security": [ + { + "UserContextAuth": [ + "idn:identity-profile-attribute-bulk:delete" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Identity attribute IDs.", + "properties": { + "ids": { + "description": "List of identity attributes' technical names.", + "type": "array", + "items": { + "type": "string", + "example": "name" + }, + "example": [ + "name", + "displayName" + ] + } + } + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/mail-from-attributes": { + "put": { + "security": [ + { + "UserContextAuth": [ + "sp:notification-mail-from-attributes:write" + ] + } + ], + "operationId": "putMailFromAttributes", + "tags": [ + "Notifications" + ], + "summary": "Change MAIL FROM domain", + "description": "Change the MAIL FROM domain of an AWS SES email identity and provide the MX and TXT records to be placed in the caller's DNS", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identity": { + "type": "string", + "example": "BobSmith@sailpoint.com", + "description": "The identity or domain address" + }, + "mailFromDomain": { + "type": "string", + "example": "example.sailpoint.com", + "description": "The new MAIL FROM domain of the identity. Must be a subdomain of the identity." + } + }, + "description": "MAIL FROM attributes for a domain / identity" + }, + "example": { + "identity": "BobSmith@sailpoint.com", + "mailFromDomain": "example.sailpoint.com" + } + } + } + }, + "responses": { + "200": { + "description": "MAIL FROM Attributes required to verify the change", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identity": { + "type": "string", + "example": "bob.smith@sailpoint.com", + "description": "The email identity" + }, + "mailFromDomain": { + "type": "string", + "example": "foo.sailpoint.com", + "description": "The name of a domain that an email identity uses as a custom MAIL FROM domain" + }, + "mxRecord": { + "type": "string", + "example": "10 feedback-smtp.us-east-1.amazonses.com", + "description": "MX record that is required in customer's DNS to allow the domain to receive bounce and complaint notifications that email providers send you" + }, + "txtRecord": { + "type": "string", + "example": "v=spf1 include:amazonses.com ~all", + "description": "TXT record that is required in customer's DNS in order to prove that Amazon SES is authorized to send email from your domain" + }, + "mailFromDomainStatus": { + "type": "string", + "enum": [ + "PENDING", + "SUCCESS", + "FAILED" + ], + "example": "PENDING", + "description": "The current status of the MAIL FROM verification" + } + }, + "description": "MAIL FROM attributes for a domain / identity" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/mail-from-attributes/{identity}": { + "get": { + "security": [ + { + "UserContextAuth": [ + "sp:notification-mail-from-attributes:read" + ] + } + ], + "operationId": "getMailFromAttributes", + "tags": [ + "Notifications" + ], + "summary": "Get MAIL FROM Attributes", + "description": "Retrieve MAIL FROM attributes for a given AWS SES identity.", + "parameters": [ + { + "in": "query", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status", + "example": "bobsmith@sailpoint.com" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "MAIL FROM Attributes object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "identity": { + "type": "string", + "example": "bob.smith@sailpoint.com", + "description": "The email identity" + }, + "mailFromDomain": { + "type": "string", + "example": "foo.sailpoint.com", + "description": "The name of a domain that an email identity uses as a custom MAIL FROM domain" + }, + "mxRecord": { + "type": "string", + "example": "10 feedback-smtp.us-east-1.amazonses.com", + "description": "MX record that is required in customer's DNS to allow the domain to receive bounce and complaint notifications that email providers send you" + }, + "txtRecord": { + "type": "string", + "example": "v=spf1 include:amazonses.com ~all", + "description": "TXT record that is required in customer's DNS in order to prove that Amazon SES is authorized to send email from your domain" + }, + "mailFromDomainStatus": { + "type": "string", + "enum": [ + "PENDING", + "SUCCESS", + "FAILED" + ], + "example": "PENDING", + "description": "The current status of the MAIL FROM verification" + } + }, + "description": "MAIL FROM attributes for a domain / identity" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/generic-approvals": { + "get": { + "security": [ + { + "UserContextAuth": [ + "sp:approvals:read" + ] + } + ], + "operationId": "getApprovals", + "tags": [ + "Approvals" + ], + "summary": "Get Approvals", + "description": "Retrieve a list of approvals, which can be filtered by requester ID, status, or reference type. \"Mine\" query parameter can be used and it will return all approvals for the current approver. This endpoint is for generic approvals, different than the access-request-approval endpoint and does not include access-request-approvals. \nAbsence of all query parameters will will default to mine=true.", + "parameters": [ + { + "in": "query", + "name": "mine", + "schema": { + "type": "boolean" + }, + "description": "Returns the list of approvals for the current caller", + "example": "true" + }, + { + "in": "query", + "name": "requesterId", + "schema": { + "type": "string" + }, + "description": "Returns the list of approvals for a given requester ID", + "example": "17e633e7d57e481569df76323169deb6a" + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq*\n\n**referenceType**: *eq*", + "example": "filters=status eq PENDING" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of Approvals", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "approvalId": { + "type": "string", + "example": "38453251-6be2-5f8f-df93-5ce19e295837", + "description": "The Approval ID" + }, + "approvers": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "Object representation of an approver of an approval" + }, + "createdDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the approval was created" + }, + "type": { + "type": "string", + "example": "ENTITLEMENT_DESCRIPTIONS", + "description": "Type of approval" + }, + "name": { + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "example": "Audit DB Access", + "description": "Name of the approval" + }, + "locale": { + "type": "string", + "example": "en_US", + "description": "What locale the name of the approval is using" + } + }, + "description": "Approval Name Object" + }, + "description": "The name of the approval for a given locale" + }, + "batchRequest": { + "type": "object", + "description": "The name of the approval for a given locale", + "example": { + "batchId": "38453251-6be2-5f8f-df93-5ce19e295837", + "batchSize": 100 + }, + "properties": { + "batchId": { + "type": "string", + "example": "38453251-6be2-5f8f-df93-5ce19e295837", + "description": "ID of the batch" + }, + "batchSize": { + "type": "integer", + "format": "int64", + "example": 100, + "description": "How many approvals are going to be in this batch. Defaults to 1 if not provided." + } + } + }, + "description": { + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "example": "This access allows viewing and editing of workflow resource", + "description": "The description of what the approval is asking for" + }, + "locale": { + "type": "string", + "example": "en_US", + "description": "What locale the description of the approval is using" + } + }, + "description": "The description of what the approval is asking for" + }, + "description": "The description of the approval for a given locale" + }, + "priority": { + "type": "string", + "enum": [ + "HIGH", + "MEDIUM", + "LOW" + ], + "example": "HIGH", + "description": "The priority of the approval" + }, + "requester": { + "type": "object", + "description": "Object representation of the requester of the approval", + "example": { + "id": "85d173e7d57e496569df763231d6deb6a", + "type": "IDENTITY", + "name": "John Doe" + }, + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + } + }, + "comments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "author": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "comment": { + "type": "string", + "example": "Looks good", + "description": "Comment to be left on an approval" + }, + "createdDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the comment was created" + } + }, + "description": "Comments Object" + }, + "description": "Object representation of a comment on the approval" + }, + "approvedBy": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "Array of approvers who have approved the approval" + }, + "rejectedBy": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "Array of approvers who have rejected the approval" + }, + "completedDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the approval was completed" + }, + "approvalCriteria": { + "type": "string", + "enum": [ + "SINGLE", + "DOUBLE", + "TRIPLE", + "QUARTER", + "HALF", + "ALL" + ], + "example": "SINGLE", + "description": "Criteria that needs to be met for an approval to be marked as approved" + }, + "status": { + "type": "string", + "enum": [ + "PENDING", + "APPROVED", + "REJECTED" + ], + "example": "PENDING", + "description": "The current status of the approval" + }, + "additionalAttributes": { + "type": "string", + "example": "{ \"llm_description\": \"generated description\" }", + "description": "Json string representing additional attributes known about the object to be approved." + }, + "referenceData": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "64012350-8fd9-4f6c-a170-1fe123683899", + "description": "Id of the reference object" + }, + "type": { + "type": "string", + "example": "AccessRequestId", + "description": "What reference object does this ID correspond to" + } + }, + "description": "Reference objects related to the approval" + }, + "description": "Reference data related to the approval" + } + }, + "description": "Approval Object" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/generic-approvals/{id}": { + "get": { + "security": [ + { + "UserContextAuth": [ + "sp:approvals:read" + ] + } + ], + "operationId": "getApproval", + "tags": [ + "Approvals" + ], + "summary": "Get an approval", + "description": "Retrieve a single approval for a given approval ID. This endpoint is for generic approvals, different than the access-request-approval endpoint and does not include access-request-approvals.", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "ID of the approval that is to be returned", + "example": "38453251-6be2-5f8f-df93-5ce19e295837" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Approval object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "approvalId": { + "type": "string", + "example": "38453251-6be2-5f8f-df93-5ce19e295837", + "description": "The Approval ID" + }, + "approvers": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "Object representation of an approver of an approval" + }, + "createdDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the approval was created" + }, + "type": { + "type": "string", + "example": "ENTITLEMENT_DESCRIPTIONS", + "description": "Type of approval" + }, + "name": { + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "example": "Audit DB Access", + "description": "Name of the approval" + }, + "locale": { + "type": "string", + "example": "en_US", + "description": "What locale the name of the approval is using" + } + }, + "description": "Approval Name Object" + }, + "description": "The name of the approval for a given locale" + }, + "batchRequest": { + "type": "object", + "description": "The name of the approval for a given locale", + "example": { + "batchId": "38453251-6be2-5f8f-df93-5ce19e295837", + "batchSize": 100 + }, + "properties": { + "batchId": { + "type": "string", + "example": "38453251-6be2-5f8f-df93-5ce19e295837", + "description": "ID of the batch" + }, + "batchSize": { + "type": "integer", + "format": "int64", + "example": 100, + "description": "How many approvals are going to be in this batch. Defaults to 1 if not provided." + } + } + }, + "description": { + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "example": "This access allows viewing and editing of workflow resource", + "description": "The description of what the approval is asking for" + }, + "locale": { + "type": "string", + "example": "en_US", + "description": "What locale the description of the approval is using" + } + }, + "description": "The description of what the approval is asking for" + }, + "description": "The description of the approval for a given locale" + }, + "priority": { + "type": "string", + "enum": [ + "HIGH", + "MEDIUM", + "LOW" + ], + "example": "HIGH", + "description": "The priority of the approval" + }, + "requester": { + "type": "object", + "description": "Object representation of the requester of the approval", + "example": { + "id": "85d173e7d57e496569df763231d6deb6a", + "type": "IDENTITY", + "name": "John Doe" + }, + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + } + }, + "comments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "author": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "comment": { + "type": "string", + "example": "Looks good", + "description": "Comment to be left on an approval" + }, + "createdDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the comment was created" + } + }, + "description": "Comments Object" + }, + "description": "Object representation of a comment on the approval" + }, + "approvedBy": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "Array of approvers who have approved the approval" + }, + "rejectedBy": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "Array of approvers who have rejected the approval" + }, + "completedDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the approval was completed" + }, + "approvalCriteria": { + "type": "string", + "enum": [ + "SINGLE", + "DOUBLE", + "TRIPLE", + "QUARTER", + "HALF", + "ALL" + ], + "example": "SINGLE", + "description": "Criteria that needs to be met for an approval to be marked as approved" + }, + "status": { + "type": "string", + "enum": [ + "PENDING", + "APPROVED", + "REJECTED" + ], + "example": "PENDING", + "description": "The current status of the approval" + }, + "additionalAttributes": { + "type": "string", + "example": "{ \"llm_description\": \"generated description\" }", + "description": "Json string representing additional attributes known about the object to be approved." + }, + "referenceData": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "64012350-8fd9-4f6c-a170-1fe123683899", + "description": "Id of the reference object" + }, + "type": { + "type": "string", + "example": "AccessRequestId", + "description": "What reference object does this ID correspond to" + } + }, + "description": "Reference objects related to the approval" + }, + "description": "Reference data related to the approval" + } + }, + "description": "Approval Object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "security": [ + { + "UserContextAuth": [ + "sp:approvals:write" + ] + } + ], + "operationId": "patchApproval", + "tags": [ + "Approvals" + ], + "summary": "Change an approval", + "description": "Change the values of a given approval", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "comments": { + "type": "object", + "items": { + "type": "object", + "properties": { + "author": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "comment": { + "type": "string", + "example": "Looks good", + "description": "Comment to be left on an approval" + }, + "createdDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the comment was created" + } + }, + "description": "Comments Object" + }, + "description": "Object representation of a comment on the approval", + "example": { + "author": "85d173e7d57e496569df763231d6deb6a", + "comment": "Looks good", + "createdDate": "2023-04-12T23:20:50.520Z" + } + }, + "approvedBy": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "An array of identities who have approved the approval" + }, + "rejectedBy": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "An array of identities who have rejected the approval" + }, + "reassignFrom": { + "description": "The identity that is replaced by reassignTo", + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + } + }, + "reassignTo": { + "description": "If reassigning this identity will replace reassignFrom, otherwise this identity will be added to the approval request", + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + } + }, + "additionalAttributes": { + "type": "object", + "example": { + "any": "any", + "additional": "attributes" + }, + "description": "Any additional attributes that the approval request may need" + } + }, + "description": "Payload for changing the fields of an approval." + } + } + } + }, + "responses": { + "200": { + "description": "Approval object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "approvalId": { + "type": "string", + "example": "38453251-6be2-5f8f-df93-5ce19e295837", + "description": "The Approval ID" + }, + "approvers": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "Object representation of an approver of an approval" + }, + "createdDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the approval was created" + }, + "type": { + "type": "string", + "example": "ENTITLEMENT_DESCRIPTIONS", + "description": "Type of approval" + }, + "name": { + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "example": "Audit DB Access", + "description": "Name of the approval" + }, + "locale": { + "type": "string", + "example": "en_US", + "description": "What locale the name of the approval is using" + } + }, + "description": "Approval Name Object" + }, + "description": "The name of the approval for a given locale" + }, + "batchRequest": { + "type": "object", + "description": "The name of the approval for a given locale", + "example": { + "batchId": "38453251-6be2-5f8f-df93-5ce19e295837", + "batchSize": 100 + }, + "properties": { + "batchId": { + "type": "string", + "example": "38453251-6be2-5f8f-df93-5ce19e295837", + "description": "ID of the batch" + }, + "batchSize": { + "type": "integer", + "format": "int64", + "example": 100, + "description": "How many approvals are going to be in this batch. Defaults to 1 if not provided." + } + } + }, + "description": { + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "example": "This access allows viewing and editing of workflow resource", + "description": "The description of what the approval is asking for" + }, + "locale": { + "type": "string", + "example": "en_US", + "description": "What locale the description of the approval is using" + } + }, + "description": "The description of what the approval is asking for" + }, + "description": "The description of the approval for a given locale" + }, + "priority": { + "type": "string", + "enum": [ + "HIGH", + "MEDIUM", + "LOW" + ], + "example": "HIGH", + "description": "The priority of the approval" + }, + "requester": { + "type": "object", + "description": "Object representation of the requester of the approval", + "example": { + "id": "85d173e7d57e496569df763231d6deb6a", + "type": "IDENTITY", + "name": "John Doe" + }, + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + } + }, + "comments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "author": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "comment": { + "type": "string", + "example": "Looks good", + "description": "Comment to be left on an approval" + }, + "createdDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the comment was created" + } + }, + "description": "Comments Object" + }, + "description": "Object representation of a comment on the approval" + }, + "approvedBy": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "Array of approvers who have approved the approval" + }, + "rejectedBy": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "85d173e7d57e496569df763231d6deb6a", + "description": "The identity ID" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc" + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "Name of the identity" + } + }, + "description": "Identity Object" + }, + "description": "Array of approvers who have rejected the approval" + }, + "completedDate": { + "type": "string", + "example": "2023-04-12T23:20:50.520Z", + "description": "Date the approval was completed" + }, + "approvalCriteria": { + "type": "string", + "enum": [ + "SINGLE", + "DOUBLE", + "TRIPLE", + "QUARTER", + "HALF", + "ALL" + ], + "example": "SINGLE", + "description": "Criteria that needs to be met for an approval to be marked as approved" + }, + "status": { + "type": "string", + "enum": [ + "PENDING", + "APPROVED", + "REJECTED" + ], + "example": "PENDING", + "description": "The current status of the approval" + }, + "additionalAttributes": { + "type": "string", + "example": "{ \"llm_description\": \"generated description\" }", + "description": "Json string representing additional attributes known about the object to be approved." + }, + "referenceData": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "64012350-8fd9-4f6c-a170-1fe123683899", + "description": "Id of the reference object" + }, + "type": { + "type": "string", + "example": "AccessRequestId", + "description": "What reference object does this ID correspond to" + } + }, + "description": "Reference objects related to the approval" + }, + "description": "Reference data related to the approval" + } + }, + "description": "Approval Object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/notification-template-defaults": { + "get": { + "operationId": "listNotificationTemplateDefaults", + "tags": [ + "Notifications" + ], + "summary": "List Notification Template Defaults", + "description": "This lists the default templates used for notifications, such as emails from IdentityNow.", + "security": [ + { + "UserContextAuth": [ + "idn:notification-template-defaults:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string", + "example": "key eq \"cloud_manual_work_item_summary\"" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A list of the default template objects", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "example": "cloud_manual_work_item_summary", + "description": "The key of the default template" + }, + "name": { + "type": "string", + "example": "Task Manager Subscription", + "description": "The name of the default template" + }, + "medium": { + "type": "string", + "description": "The message medium. More mediums may be added in the future.", + "enum": [ + "EMAIL", + "PHONE", + "SMS", + "SLACK", + "TEAMS" + ], + "example": "EMAIL" + }, + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en" + }, + "subject": { + "type": "string", + "example": "You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.", + "description": "The subject of the default template", + "nullable": true + }, + "header": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The header value is now located within the body field. If included with non-null values, will result in a 400." + }, + "body": { + "type": "string", + "example": "Please go to the task manager", + "description": "The body of the default template" + }, + "footer": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The footer value is now located within the body field. If included with non-null values, will result in a 400." + }, + "from": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"From:\" address of the default template", + "nullable": true + }, + "replyTo": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"Reply To\" field of the default template", + "nullable": true + }, + "description": { + "type": "string", + "example": "Daily digest - sent if number of outstanding tasks for task owner > 0", + "description": "The description of the default template", + "nullable": true + }, + "slackTemplate": { + "type": "object", + "nullable": true, + "properties": { + "key": { + "type": "string", + "nullable": true + }, + "text": { + "type": "string" + }, + "blocks": { + "type": "string", + "nullable": true + }, + "attachments": { + "type": "string" + }, + "notificationType": { + "type": "string", + "nullable": true + }, + "approvalId": { + "type": "string", + "nullable": true + }, + "requestId": { + "type": "string", + "nullable": true + }, + "requestedById": { + "type": "string", + "nullable": true + }, + "isSubscription": { + "type": "boolean", + "nullable": true + }, + "autoApprovalData": { + "type": "object", + "nullable": true, + "properties": { + "isAutoApproved": { + "type": "string", + "nullable": true + }, + "itemId": { + "type": "string", + "nullable": true + }, + "itemType": { + "type": "string", + "nullable": true + }, + "autoApprovalMessageJSON": { + "type": "string", + "nullable": true + }, + "autoApprovalTitle": { + "type": "string", + "nullable": true + } + } + }, + "customFields": { + "type": "object", + "nullable": true, + "properties": { + "requestType": { + "type": "string", + "nullable": true + }, + "containsDeny": { + "type": "string", + "nullable": true + }, + "campaignId": { + "type": "string", + "nullable": true + }, + "campaignStatus": { + "type": "string", + "nullable": true + } + } + } + } + }, + "teamsTemplate": { + "type": "object", + "nullable": true, + "properties": { + "key": { + "type": "string", + "nullable": true + }, + "title": { + "type": "string", + "nullable": true + }, + "text": { + "type": "string" + }, + "messageJSON": { + "type": "string", + "nullable": true + }, + "isSubscription": { + "type": "boolean", + "nullable": true + }, + "approvalId": { + "type": "string", + "nullable": true + }, + "requestId": { + "type": "string", + "nullable": true + }, + "requestedById": { + "type": "string", + "nullable": true + }, + "notificationType": { + "type": "string", + "nullable": true + }, + "autoApprovalData": { + "type": "object", + "nullable": true, + "properties": { + "isAutoApproved": { + "type": "string", + "nullable": true + }, + "itemId": { + "type": "string", + "nullable": true + }, + "itemType": { + "type": "string", + "nullable": true + }, + "autoApprovalMessageJSON": { + "type": "string", + "nullable": true + }, + "autoApprovalTitle": { + "type": "string", + "nullable": true + } + } + }, + "customFields": { + "type": "object", + "nullable": true, + "properties": { + "requestType": { + "type": "string", + "nullable": true + }, + "containsDeny": { + "type": "string", + "nullable": true + }, + "campaignId": { + "type": "string", + "nullable": true + }, + "campaignStatus": { + "type": "string", + "nullable": true + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/notification-templates": { + "get": { + "operationId": "listNotificationTemplates", + "tags": [ + "Notifications" + ], + "summary": "List Notification Templates", + "description": "This lists the templates that you have modified for your site.", + "security": [ + { + "UserContextAuth": [ + "idn:notification-templates:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "example": "medium eq \"EMAIL\"" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A list of template objects for your site", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "example": "cloud_manual_work_item_summary", + "description": "The key of the template" + }, + "name": { + "type": "string", + "example": "Task Manager Subscription", + "description": "The name of the Task Manager Subscription" + }, + "medium": { + "type": "string", + "description": "The message medium. More mediums may be added in the future.", + "enum": [ + "EMAIL", + "PHONE", + "SMS", + "SLACK", + "TEAMS" + ], + "example": "EMAIL" + }, + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en" + }, + "subject": { + "type": "string", + "example": "You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.", + "description": "The subject line in the template" + }, + "header": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The header value is now located within the body field. If included with non-null values, will result in a 400." + }, + "body": { + "type": "string", + "example": "Please go to the task manager", + "description": "The body in the template" + }, + "footer": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The footer value is now located within the body field. If included with non-null values, will result in a 400." + }, + "from": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"From:\" address in the template" + }, + "replyTo": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"Reply To\" line in the template" + }, + "description": { + "type": "string", + "example": "Daily digest - sent if number of outstanding tasks for task owner > 0", + "description": "The description in the template" + }, + "id": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "description": "This is auto-generated." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this template is created. This is auto-generated.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this template was last modified. This is auto-generated.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "slackTemplate": { + "type": "string", + "nullable": true + }, + "teamsTemplate": { + "type": "string", + "nullable": true + } + }, + "required": [ + "key", + "medium", + "locale" + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createNotificationTemplate", + "tags": [ + "Notifications" + ], + "summary": "Create Notification Template", + "description": "This creates a template for your site. \n\nYou can also use this endpoint to update a template. First, copy the response body from the [get notification template endpoint](https://developer.sailpoint.com/idn/api/beta/get-notification-template) for a template you wish to update and paste it into the request body for this endpoint. Modify the fields you want to change and submit the POST request when ready.", + "security": [ + { + "UserContextAuth": [ + "idn:notification-templates:create" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "key": { + "type": "string", + "example": "cloud_manual_work_item_summary", + "description": "The key of the template" + }, + "name": { + "type": "string", + "example": "Task Manager Subscription", + "description": "The name of the Task Manager Subscription" + }, + "medium": { + "type": "string", + "description": "The message medium. More mediums may be added in the future.", + "enum": [ + "EMAIL", + "PHONE", + "SMS", + "SLACK", + "TEAMS" + ], + "example": "EMAIL" + }, + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en" + }, + "subject": { + "type": "string", + "example": "You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.", + "description": "The subject line in the template" + }, + "header": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The header value is now located within the body field. If included with non-null values, will result in a 400." + }, + "body": { + "type": "string", + "example": "Please go to the task manager", + "description": "The body in the template" + }, + "footer": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The footer value is now located within the body field. If included with non-null values, will result in a 400." + }, + "from": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"From:\" address in the template" + }, + "replyTo": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"Reply To\" line in the template" + }, + "description": { + "type": "string", + "example": "Daily digest - sent if number of outstanding tasks for task owner > 0", + "description": "The description in the template" + }, + "id": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "description": "This is auto-generated." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this template is created. This is auto-generated.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this template was last modified. This is auto-generated.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "slackTemplate": { + "type": "string", + "nullable": true + }, + "teamsTemplate": { + "type": "string", + "nullable": true + } + }, + "required": [ + "key", + "medium", + "locale" + ] + } + } + } + }, + "responses": { + "200": { + "description": "A template object for your site", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "key": { + "type": "string", + "example": "cloud_manual_work_item_summary", + "description": "The key of the template" + }, + "name": { + "type": "string", + "example": "Task Manager Subscription", + "description": "The name of the Task Manager Subscription" + }, + "medium": { + "type": "string", + "description": "The message medium. More mediums may be added in the future.", + "enum": [ + "EMAIL", + "PHONE", + "SMS", + "SLACK", + "TEAMS" + ], + "example": "EMAIL" + }, + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en" + }, + "subject": { + "type": "string", + "example": "You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.", + "description": "The subject line in the template" + }, + "header": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The header value is now located within the body field. If included with non-null values, will result in a 400." + }, + "body": { + "type": "string", + "example": "Please go to the task manager", + "description": "The body in the template" + }, + "footer": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The footer value is now located within the body field. If included with non-null values, will result in a 400." + }, + "from": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"From:\" address in the template" + }, + "replyTo": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"Reply To\" line in the template" + }, + "description": { + "type": "string", + "example": "Daily digest - sent if number of outstanding tasks for task owner > 0", + "description": "The description in the template" + }, + "id": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "description": "This is auto-generated." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this template is created. This is auto-generated.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this template was last modified. This is auto-generated.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "slackTemplate": { + "type": "string", + "nullable": true + }, + "teamsTemplate": { + "type": "string", + "nullable": true + } + }, + "required": [ + "key", + "medium", + "locale" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/notification-templates/{id}": { + "get": { + "operationId": "getNotificationTemplate", + "tags": [ + "Notifications" + ], + "summary": "Get Notification Template By Id", + "description": "This gets a template that you have modified for your site by Id.", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Id of the Notification Template", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A template object for your site", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "example": "cloud_manual_work_item_summary", + "description": "The key of the template" + }, + "name": { + "type": "string", + "example": "Task Manager Subscription", + "description": "The name of the Task Manager Subscription" + }, + "medium": { + "type": "string", + "description": "The message medium. More mediums may be added in the future.", + "enum": [ + "EMAIL", + "PHONE", + "SMS", + "SLACK", + "TEAMS" + ], + "example": "EMAIL" + }, + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en" + }, + "subject": { + "type": "string", + "example": "You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.", + "description": "The subject line in the template" + }, + "header": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The header value is now located within the body field. If included with non-null values, will result in a 400." + }, + "body": { + "type": "string", + "example": "Please go to the task manager", + "description": "The body in the template" + }, + "footer": { + "type": "string", + "nullable": true, + "example": null, + "deprecated": true, + "description": "The footer value is now located within the body field. If included with non-null values, will result in a 400." + }, + "from": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"From:\" address in the template" + }, + "replyTo": { + "type": "string", + "example": "$__global.emailFromAddress", + "description": "The \"Reply To\" line in the template" + }, + "description": { + "type": "string", + "example": "Daily digest - sent if number of outstanding tasks for task owner > 0", + "description": "The description in the template" + }, + "id": { + "type": "string", + "example": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "description": "This is auto-generated." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time when this template is created. This is auto-generated.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time when this template was last modified. This is auto-generated.", + "example": "2020-01-01T00:00:00.000000Z" + }, + "slackTemplate": { + "type": "string", + "nullable": true + }, + "teamsTemplate": { + "type": "string", + "nullable": true + } + }, + "required": [ + "key", + "medium", + "locale" + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/notification-templates/bulk-delete": { + "post": { + "operationId": "deleteNotificationTemplatesInBulk", + "tags": [ + "Notifications" + ], + "summary": "Bulk Delete Notification Templates", + "description": "This lets you bulk delete templates that you previously created for your site. Since this is a beta feature, please contact support to enable usage.", + "security": [ + { + "UserContextAuth": [ + "idn:notification-templates:delete" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "example": "cloud_manual_work_item_summary" + }, + "medium": { + "type": "string", + "enum": [ + "EMAIL", + "PHONE", + "SMS" + ], + "example": "EMAIL" + }, + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en" + } + }, + "required": [ + "key" + ] + } + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/org-config": { + "get": { + "operationId": "getOrgConfig", + "tags": [ + "Org Config" + ], + "summary": "Get Org configuration settings", + "security": [ + { + "UserContextAuth": [ + "idn:org-configs:read", + "idn:org-configs:manage" + ] + } + ], + "description": "Get org configuration with only external (org admin) accessible properties for the current org.", + "responses": { + "200": { + "description": "Request succeeded.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "DTO class for OrgConfig data accessible by customer external org admin (\"ORG_ADMIN\") users", + "properties": { + "orgName": { + "type": "string", + "description": "The name of the org.", + "example": "acme-solar" + }, + "timeZone": { + "type": "string", + "description": "The selected time zone which is to be used for the org. This directly affects when scheduled tasks are executed. Valid options can be found at /beta/org-config/valid-time-zones", + "example": "America/Toronto" + }, + "lcsChangeHonorsSourceEnableFeature": { + "type": "boolean", + "description": "Flag to determine whether the LCS_CHANGE_HONORS_SOURCE_ENABLE_FEATURE flag is enabled for the current org.", + "example": false + }, + "armCustomerId": { + "type": "string", + "description": "ARM Customer ID", + "nullable": true, + "example": "DE38E75A-5FF6-4A65-5DC7-08D64426B09E" + }, + "armSapSystemIdMappings": { + "type": "string", + "description": "A list of IDN::sourceId to ARM::systemId mappings.", + "nullable": true, + "example": [ + { + "sourceId": "2c91808c791a94e501792388b0d62659", + "systemId": "1556" + }, + { + "sourceId": "2_2c91808c791a94e501792388b0d62659", + "systemId": "2_1556" + }, + { + "sourceId": "3_2c91808c791a94e501792388b0d62659", + "systemId": "3_1556" + } + ] + }, + "armAuth": { + "type": "string", + "description": "ARM authentication string", + "nullable": true, + "example": "epiYNTRYA2S7swisDWk1Zv4VMNgvqEjiBh5_ufuCWsma2m-5XADijqBg0ijXLby5nS6lxZNXabhGnAPGeDGc4V3jQKrhwV-UHypRLs8ZLgOjiQNus9NimS0uPdKomRW6TFWqXyfnYd-znNgbbVuwUy9GyD9ebDVJSntPastxSx7UcyGuWBqfNZYpuxKRWe_7TVY60qL55jUqyz8N4XUbbdcxdbZ0uik6ut-Bv90MKTbZexBW_PR4qcgIkaEs4kIenLyBxnGziYo7AO0tJ8bGHO8FJRkibCpAQIt7PISLo7Gg_Xf9j10dKq2YDgy4pPTvz3fE2ZHYnXCXvXFSA-vVag==" + }, + "armDb": { + "type": "string", + "description": "ARM database name", + "nullable": true, + "example": "EU" + }, + "armSsoUrl": { + "type": "string", + "description": "ARM SSO URL", + "nullable": true, + "example": "https://your-arm-sso-url" + }, + "iaiEnableCertificationRecommendations": { + "type": "boolean", + "description": "Flag to determine whether IAI Certification Recommendations are enabled for the current org", + "example": true + }, + "sodReportConfigs": { + "type": "array", + "items": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "Name of column in report", + "example": "SOD Business Name" + }, + "required": { + "type": "boolean", + "description": "If true, column is required in all reports, and this entry is immutable. A 400 error will result from any attempt to modify the column's definition.", + "example": true, + "default": false + }, + "included": { + "type": "boolean", + "description": "If true, column is included in the report. A 400 error will be thrown if an attempt is made to set included=false if required==true.", + "example": false, + "default": false + }, + "order": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "Relative sort order for the column. Columns will be displayed left-to-right in nondecreasing order.", + "example": 2 + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "patch": { + "operationId": "patchOrgConfig", + "tags": [ + "Org Config" + ], + "summary": "Patch an Org configuration property", + "security": [ + { + "UserContextAuth": [ + "idn:org-configs:manage" + ] + } + ], + "description": "Patch configuration of the current org using http://jsonpatch.com/ syntax. Commonly used for changing the time zone of an org.", + "requestBody": { + "description": "A list of schema attribute update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/timeZone", + "value": "America/Toronto" + } + ] + } + }, + "required": true + }, + "responses": { + "200": { + "description": "The Org was successfully patched.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "DTO class for OrgConfig data accessible by customer external org admin (\"ORG_ADMIN\") users", + "properties": { + "orgName": { + "type": "string", + "description": "The name of the org.", + "example": "acme-solar" + }, + "timeZone": { + "type": "string", + "description": "The selected time zone which is to be used for the org. This directly affects when scheduled tasks are executed. Valid options can be found at /beta/org-config/valid-time-zones", + "example": "America/Toronto" + }, + "lcsChangeHonorsSourceEnableFeature": { + "type": "boolean", + "description": "Flag to determine whether the LCS_CHANGE_HONORS_SOURCE_ENABLE_FEATURE flag is enabled for the current org.", + "example": false + }, + "armCustomerId": { + "type": "string", + "description": "ARM Customer ID", + "nullable": true, + "example": "DE38E75A-5FF6-4A65-5DC7-08D64426B09E" + }, + "armSapSystemIdMappings": { + "type": "string", + "description": "A list of IDN::sourceId to ARM::systemId mappings.", + "nullable": true, + "example": [ + { + "sourceId": "2c91808c791a94e501792388b0d62659", + "systemId": "1556" + }, + { + "sourceId": "2_2c91808c791a94e501792388b0d62659", + "systemId": "2_1556" + }, + { + "sourceId": "3_2c91808c791a94e501792388b0d62659", + "systemId": "3_1556" + } + ] + }, + "armAuth": { + "type": "string", + "description": "ARM authentication string", + "nullable": true, + "example": "epiYNTRYA2S7swisDWk1Zv4VMNgvqEjiBh5_ufuCWsma2m-5XADijqBg0ijXLby5nS6lxZNXabhGnAPGeDGc4V3jQKrhwV-UHypRLs8ZLgOjiQNus9NimS0uPdKomRW6TFWqXyfnYd-znNgbbVuwUy9GyD9ebDVJSntPastxSx7UcyGuWBqfNZYpuxKRWe_7TVY60qL55jUqyz8N4XUbbdcxdbZ0uik6ut-Bv90MKTbZexBW_PR4qcgIkaEs4kIenLyBxnGziYo7AO0tJ8bGHO8FJRkibCpAQIt7PISLo7Gg_Xf9j10dKq2YDgy4pPTvz3fE2ZHYnXCXvXFSA-vVag==" + }, + "armDb": { + "type": "string", + "description": "ARM database name", + "nullable": true, + "example": "EU" + }, + "armSsoUrl": { + "type": "string", + "description": "ARM SSO URL", + "nullable": true, + "example": "https://your-arm-sso-url" + }, + "iaiEnableCertificationRecommendations": { + "type": "boolean", + "description": "Flag to determine whether IAI Certification Recommendations are enabled for the current org", + "example": true + }, + "sodReportConfigs": { + "type": "array", + "items": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "Name of column in report", + "example": "SOD Business Name" + }, + "required": { + "type": "boolean", + "description": "If true, column is required in all reports, and this entry is immutable. A 400 error will result from any attempt to modify the column's definition.", + "example": true, + "default": false + }, + "included": { + "type": "boolean", + "description": "If true, column is included in the report. A 400 error will be thrown if an attempt is made to set included=false if required==true.", + "example": false, + "default": false + }, + "order": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "Relative sort order for the column. Columns will be displayed left-to-right in nondecreasing order.", + "example": 2 + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/org-config/valid-time-zones": { + "get": { + "operationId": "getValidTimeZones", + "tags": [ + "Org Config" + ], + "summary": "Get list of time zones", + "security": [ + { + "UserContextAuth": [ + "idn:org-configs:read", + "idn:org-configs-user:read" + ] + } + ], + "description": "Get a list of valid time zones that can be set in org configurations.", + "responses": { + "200": { + "description": "Request successful", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "string" + } + }, + "example": [ + "Etc/GMT-6", + "Etc/GMT+8", + "EST", + "America/Chicago", + "America/Toronto", + "Asia/Gaza", + "Europe/Brussels", + "Europe/Kiev" + ] + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/outlier-summaries": { + "get": { + "operationId": "getIdentityOutlierSnapshots", + "tags": [ + "IAI Outliers" + ], + "summary": "IAI Identity Outliers Summary", + "description": "This API receives a summary containing: the number of identities that customer has, the number of outliers, and the type of outlier\nRequires authorization scope of 'iai:outliers-management:read'", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "name": "type", + "in": "query", + "description": "Type of the identity outliers snapshot to filter on", + "required": false, + "schema": { + "type": "string", + "enum": [ + "LOW_SIMILARITY", + "STRUCTURAL" + ] + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**snapshotDate**: *ge, le*", + "example": "snapshotDate ge \"2022-02-07T20:13:29.356648026Z\"" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **snapshotDate**", + "example": "snapshotDate", + "required": false + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns list of objects. Each object is a summary to give high level statistics/counts of outliers", + "headers": { + "X-Total-Count": { + "description": "The total result count.", + "schema": { + "type": "integer" + } + } + }, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "LOW_SIMILARITY", + "STRUCTURAL" + ], + "description": "The type of outlier summary", + "example": "LOW_SIMILARITY" + }, + "snapshotDate": { + "type": "string", + "format": "date-time", + "description": "The date the bulk outlier detection ran/snapshot was created", + "example": "2021-05-01T18:40:35.772Z" + }, + "totalOutliers": { + "type": "integer", + "description": "Total number of outliers for the customer making the request", + "example": 50 + }, + "totalIdentities": { + "type": "integer", + "description": "Total number of identities for the customer making the request", + "example": 5000 + }, + "totalIgnored": { + "type": "integer", + "default": 0, + "example": 0 + } + } + } + } + } + } + }, + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/outlier-summaries/latest": { + "get": { + "operationId": "getLatestIdentityOutlierSnapshots", + "tags": [ + "IAI Outliers" + ], + "summary": "IAI Identity Outliers Latest Summary", + "description": "This API returns a most recent snapshot of each outlier type, each containing: the number of identities that customer has, the number of outliers, and the type of outlier\nRequires authorization scope of 'iai:outliers-management:read'", + "parameters": [ + { + "name": "type", + "in": "query", + "description": "Type of the identity outliers snapshot to filter on", + "required": false, + "schema": { + "type": "string", + "enum": [ + "LOW_SIMILARITY", + "STRUCTURAL" + ] + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns list of objects. Each object is a summary to give high level statistics/counts of outliers", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "LOW_SIMILARITY", + "STRUCTURAL" + ], + "description": "The type of outlier summary", + "example": "LOW_SIMILARITY" + }, + "snapshotDate": { + "type": "string", + "format": "date-time", + "description": "The date the bulk outlier detection ran/snapshot was created", + "example": "2021-05-01T18:40:35.772Z" + }, + "totalOutliers": { + "type": "integer", + "description": "Total number of outliers for the customer making the request", + "example": 50 + }, + "totalIdentities": { + "type": "integer", + "description": "Total number of identities for the customer making the request", + "example": 5000 + }, + "totalIgnored": { + "type": "integer", + "description": "Total number of ignored outliers", + "example": 10 + } + } + } + } + } + } + }, + "202": { + "description": "Accepted - Returned if the request was successfully accepted into the system.", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/outliers": { + "get": { + "operationId": "getIdentityOutliers", + "tags": [ + "IAI Outliers" + ], + "summary": "IAI Get Identity Outliers", + "description": "This API receives a list of outliers, containing data such as: identityId, outlier type, detection dates, identity attributes, if identity is ignore, and certification information\nRequires authorization scope of 'iai:outliers-management:read'", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "type", + "in": "query", + "description": "Type of the identity outliers snapshot to filter on", + "required": false, + "schema": { + "type": "string", + "enum": [ + "LOW_SIMILARITY", + "STRUCTURAL" + ], + "example": "LOW_SIMILARITY" + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**attributes**: *eq, sw, co, in*\n\n**firstDetectionDate**: *ge, le*\n\n**certStatus**: *eq*\n\n**ignored**: *eq*\n\n**score**: *ge, le*", + "example": "attributes.displayName sw \"John\" and certStatus eq \"false\"" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **firstDetectionDate, attributes, score**", + "example": "attributes.displayName,firstDetectionDate,-score" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns list of objects. Each object contains information about outliers", + "headers": { + "X-Total-Count": { + "description": "The total result count.", + "schema": { + "type": "integer" + } + } + }, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The identity's unique identifier for the outlier record", + "example": "5be33d3e-c54d-4ed7-af73-2380543e8283" + }, + "identityId": { + "type": "string", + "description": "The ID of the identity that is detected as an outlier", + "example": "5be33d3e-c54d-4ed7-af73-2380543e8283" + }, + "type": { + "type": "string", + "enum": [ + "LOW_SIMILARITY", + "STRUCTURAL" + ], + "description": "The type of outlier summary", + "example": "LOW_SIMILARITY" + }, + "firstDetectionDate": { + "type": "string", + "format": "date-time", + "description": "The first date the outlier was detected", + "example": "2021-05-01T18:40:35.772Z" + }, + "latestDetectionDate": { + "type": "string", + "format": "date-time", + "description": "The most recent date the outlier was detected", + "example": "2021-05-03T18:40:35.772Z" + }, + "ignored": { + "type": "boolean", + "description": "Flag whether or not the outlier has been ignored", + "example": false + }, + "attributes": { + "type": "object", + "description": "Object containing mapped identity attributes", + "example": { + "displayName": "John Smith", + "jobTitle": "Software Engineer", + "department": "Engineering" + } + }, + "score": { + "type": "number", + "format": "float", + "description": "The outlier score determined by the detection engine ranging from 0..1", + "example": 0.92 + }, + "unignoreType": { + "type": "string", + "enum": [ + "MANUAL", + "AUTOMATIC", + null + ], + "description": "Enum value of if the outlier manually or automatically un-ignored. Will be NULL if outlier is not ignored", + "example": "MANUAL", + "nullable": true + }, + "unignoreDate": { + "type": "string", + "format": "date-time", + "description": "shows date when last time has been unignored outlier", + "example": "2021-06-01T18:40:35.772Z", + "nullable": true + }, + "ignoreDate": { + "type": "string", + "format": "date-time", + "description": "shows date when last time has been ignored outlier", + "example": "2021-06-01T18:40:35.772Z", + "nullable": true + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/outliers/{outlierId}/contributing-features": { + "get": { + "operationId": "getPeerGroupOutliersContributingFeatures", + "tags": [ + "IAI Outliers" + ], + "summary": "Get identity outlier's contibuting features", + "description": "This API returns a list of contributing feature objects for a single outlier. The object contains: feature name, feature value type, value, importance, display name (translated text or message key), description (translated text or message key), translation messages object\nRequires authorization scope of 'iai:outliers-management:read'", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "include-translation-messages", + "in": "query", + "description": "Whether or not to include translation messages object in returned response", + "required": false, + "schema": { + "type": "string", + "example": "include-translation-messages=" + } + }, + { + "in": "path", + "example": "2c918085842e69ae018432d22ccb212f", + "name": "outlierId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The outlier id" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "importance", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **importance**" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns list of objects. Each object contains a feature and metadata about that feature", + "headers": { + "X-Total-Count": { + "description": "The total result count.", + "schema": { + "type": "integer" + } + }, + "accept-language": { + "description": "The locale to use for translations for displayName and description text", + "schema": { + "type": "string" + } + } + }, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Contributing feature id", + "example": "66e38828-5017-47af-92ff-9844871352c5" + }, + "name": { + "type": "string", + "description": "The name of the feature", + "example": "entitlement_count" + }, + "valueType": { + "type": "string", + "enum": [ + "INTEGER", + "FLOAT" + ], + "description": "The data type of the value field", + "example": "INTEGER" + }, + "value": { + "oneOf": [ + { + "type": "number", + "format": "float", + "minimum": 0, + "maximum": 1 + }, + { + "type": "integer", + "format": "int64" + } + ], + "description": "The feature value", + "example": 0.92 + }, + "importance": { + "type": "number", + "format": "float", + "description": "The importance of the feature. This can also be a negative value", + "minimum": -1, + "maximum": 1, + "example": -0.15 + }, + "displayName": { + "type": "string", + "description": "The (translated if header is passed) displayName for the feature", + "example": "Number of entitlements" + }, + "description": { + "type": "string", + "description": "The (translated if header is passed) description for the feature", + "example": "The total number of entitlements belonging to an identity" + }, + "translationMessages": { + "type": "object", + "properties": { + "displayName": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the translation message", + "example": "recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH" + }, + "values": { + "type": "array", + "description": "The values corresponding to the translation messages", + "items": { + "type": "string" + }, + "example": [ + "75", + "department" + ] + } + } + }, + "description": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the translation message", + "example": "recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH" + }, + "values": { + "type": "array", + "description": "The values corresponding to the translation messages", + "items": { + "type": "string" + }, + "example": [ + "75", + "department" + ] + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/outliers/{outlierId}/feature-details/{contributingFeatureName}/access-items": { + "get": { + "operationId": "listOutliersContributingFeatureAccessItems", + "tags": [ + "IAI Outliers" + ], + "summary": "Gets a list of access items associated with each identity outlier contributing feature", + "description": "This API returns a list of the enriched access items associated with each feature filtered by the access item type The object contains: accessItemId, display name (translated text or message key), description (translated text or message key), accessType, sourceName, extremelyRare\nRequires authorization scope of 'iai:outliers-management:read'", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "path", + "name": "outlierId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The outlier id", + "example": "2c918085842e69ae018432d22ccb212f" + }, + { + "in": "path", + "name": "contributingFeatureName", + "schema": { + "type": "string", + "enum": [ + "radical_entitlement_count", + "entitlement_count", + "max_jaccard_similarity", + "mean_max_bundle_concurrency", + "single_entitlement_bundle_count", + "peerless_score" + ] + }, + "required": true, + "description": "The name of contributing feature", + "example": "entitlement_count" + }, + { + "in": "query", + "name": "accessType", + "required": false, + "schema": { + "type": "string" + }, + "description": "The type of access item for the identity outlier contributing feature. If not provided, it returns all", + "example": "ENTITLEMENT" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "displayName", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **displayName**" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The list of access items.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the access item", + "example": "2c938083633d259901633d2623ec0375" + }, + "displayName": { + "type": "string", + "description": "the display name of the access item", + "example": "Applied Research Access" + }, + "description": { + "type": "string", + "description": "Description of the access item.", + "example": "Access to research information, lab results, and schematics" + }, + "accessType": { + "type": "string", + "example": "ENTITLEMENT", + "description": "The type of the access item.", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ] + }, + "sourceName": { + "type": "string", + "example": "appName", + "description": "the associated source name if it exists" + }, + "extremelyRare": { + "type": "boolean", + "default": false, + "example": true, + "description": "rarest access" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "iai:outliers-management:read" + ] + } + ] + } + }, + "/outliers/ignore": { + "post": { + "operationId": "ignoreIdentityOutliers", + "tags": [ + "IAI Outliers" + ], + "summary": "IAI Identity Outliers Ignore", + "description": "This API receives a list of IdentityIDs in the request, changes the outliers to be ignored--returning a 204 if successful.\nRequires authorization scope of 'iai:outliers-management:update'", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of identity IDs to ignore from outlier listing", + "example": [ + "abc123def456", + "ghi789jkl012" + ] + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/outliers/unignore": { + "post": { + "operationId": "unIgnoreIdentityOutliers", + "tags": [ + "IAI Outliers" + ], + "summary": "IAI Identity Outliers Unignore", + "description": "This API receives a list of IdentityIDs in the request, changes the outliers to be un-ignored--returning a 204 if successful.\nRequires authorization scope of 'iai:outliers-management:update'", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of identity IDs to un-ignore from outlier listing", + "example": [ + "abc123def456", + "ghi789jkl012" + ] + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/outliers/export": { + "get": { + "operationId": "exportOutliersZip", + "tags": [ + "IAI Outliers" + ], + "summary": "IAI Identity Outliers Export", + "description": "This API exports a list of ignored outliers to a CSV as well as list of non-ignored outliers to a CSV. These two CSVs will be zipped and exported Columns will include: identityID, type, firstDetectionDate, latestDetectionDate, ignored, & attributes (defined set of identity attributes)\nRequires authorization scope of 'iai:outliers-management:read'", + "parameters": [ + { + "name": "type", + "in": "query", + "description": "Type of the identity outliers snapshot to filter on", + "required": false, + "schema": { + "type": "string", + "enum": [ + "LOW_SIMILARITY", + "STRUCTURAL" + ] + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns zip of 2 CSVs to download. 1 CSV for ignored outliers and 1 for non-ignored outliers", + "content": { + "application/zip": { + "schema": { + "type": "string", + "format": "binary" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/outlier-feature-summaries/{outlierFeatureId}": { + "get": { + "operationId": "getOutlierContributingFeatureSummary", + "tags": [ + "IAI Outliers" + ], + "summary": "Get identity outlier contibuting feature summary", + "description": "This API returns a summary of a contributing feature for an identity outlier. The object contains: contributing feature name (translated text or message key), identity outlier display name, feature values, feature definition and explanation (translated text or message key), peer display name and identityId, access item reference, translation messages object\nRequires authorization scope of 'iai:outliers-management:read'", + "parameters": [ + { + "in": "path", + "name": "outlierFeatureId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Contributing feature id", + "example": "04654b66-7561-4090-94f9-abee0722a1af" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns selected contributing feature summary for an outlier", + "headers": { + "accept-language": { + "description": "The locale to use for translations", + "schema": { + "type": "string" + } + } + }, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "contributingFeatureName": { + "type": "string", + "description": "Contributing feature name", + "example": "Rare Access" + }, + "identityOutlierDisplayName": { + "type": "string", + "description": "Identity display name", + "example": "John Smith" + }, + "outlierFeatureDisplayValues": { + "type": "array", + "items": { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "Aliza Chris", + "description": "display name" + }, + "value": { + "type": "string", + "example": 55, + "description": "value" + }, + "valueType": { + "type": "string", + "enum": [ + "INTEGER", + "FLOAT" + ], + "description": "The data type of the value field", + "example": "INTEGER" + } + } + } + }, + "featureDefinition": { + "type": "string", + "description": "Definition of the feature", + "example": "Identity total number of entitlements" + }, + "featureExplanation": { + "type": "string", + "description": "Detailed explanation of the feature", + "example": "An identity that has too much rare access has a higher change of becoming a security threat due to the unique access they possess" + }, + "peerDisplayName": { + "type": "string", + "description": "outlier's peer identity display name", + "example": "Mary Jane" + }, + "peerIdentityId": { + "type": "string", + "description": "outlier's peer identity id", + "example": "9f9d5d53ad0e48fba7352f6da9f1b8gbg" + }, + "accessItemReference": { + "type": "object", + "description": "Access Item reference", + "example": { + "displayName": "All Rare Entitlements", + "searchPlaceholder": "Search by name or description" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "iai:outliers-management:read" + ] + } + ] + } + }, + "/peer-group-strategies/{strategy}/identity-outliers": { + "get": { + "operationId": "getPeerGroupOutliers", + "tags": [ + "IAI Peer Group Strategies" + ], + "summary": "Identity Outliers List", + "deprecated": true, + "description": "-- Deprecated : See 'IAI Outliers' This API will be used by Identity Governance systems to identify identities that are not included in an organization's peer groups. By default, 250 identities are returned. You can specify between 1 and 1000 number of identities that can be returned.", + "parameters": [ + { + "in": "path", + "name": "strategy", + "schema": { + "type": "string" + }, + "required": true, + "description": "The strategy used to create peer groups. Currently, 'entitlement' is supported.", + "example": "entitlement" + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of identities that are not included in peer groups.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "A unique identifier for the peer group member." + }, + "type": { + "type": "string", + "description": "The type of the peer group member." + }, + "peer_group_id": { + "type": "string", + "description": "The ID of the peer group." + }, + "attributes": { + "type": "object", + "additionalProperties": { + "type": "object" + }, + "description": "Arbitrary key-value pairs, belonging to the peer group member." + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [] + } + ] + } + }, + "/notification-template-context": { + "get": { + "operationId": "getNotificationsTemplateContext", + "tags": [ + "Notifications" + ], + "summary": "Get Notification Template Context", + "description": "The notification service maintains metadata to construct the notification templates or supply any information during the event propagation. The data-store where this information is retrieved is called \"Global Context\" (a.k.a. notification template context). It defines a set of attributes\n that will be available per tenant (organization).", + "security": [ + { + "UserContextAuth": [ + "idn:notification-templates:read" + ] + } + ], + "responses": { + "200": { + "description": "Notification template context attributes for a specific tenant.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "attributes": { + "type": "object", + "additionalProperties": true, + "description": "A JSON object that stores the context.", + "example": { + "productUrl": "https://test-org.identitysoon.com", + "brandingConfigs": { + "default": { + "narrowLogoURL": null, + "productName": "SailPoint", + "standardLogoURL": null, + "navigationColor": "011E64", + "actionButtonColor": "20B2DE", + "emailFromAddress": null, + "activeLinkColor": "20B2DE", + "loginInformationalMessage": null + } + } + } + }, + "created": { + "type": "string", + "description": "When the global context was created", + "format": "date-time", + "example": "2020-04-15T16:16:47.525Z" + }, + "modified": { + "type": "string", + "description": "When the global context was last modified", + "format": "date-time", + "example": "2020-04-15T16:16:47.525Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/notification-preferences/{key}": { + "get": { + "operationId": "listNotificationPreferences", + "tags": [ + "Notifications" + ], + "summary": "List Notification Preferences for tenant.", + "description": "Returns a list of notification preferences for tenant.", + "security": [ + { + "UserContextAuth": [ + "idn:notification-preferences:read" + ] + } + ], + "responses": { + "200": { + "description": "Return preference for the given notification key.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Maps an Identity's attribute key to a list of preferred notification mediums.", + "properties": { + "key": { + "type": "string", + "description": "The template notification key.", + "example": "cloud_manual_work_item_summary" + }, + "mediums": { + "type": "array", + "description": "List of preferred notification mediums, i.e., the mediums (or method) for which notifications are enabled. More mediums may be added in the future.", + "items": { + "type": "string", + "enum": [ + "EMAIL", + "SMS", + "PHONE", + "SLACK", + "TEAMS" + ] + }, + "example": [ + "EMAIL" + ] + }, + "modified": { + "type": "string", + "description": "Modified date of preference", + "format": "date-time", + "example": "2020-05-15T14:37:06.909Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/reassignment-configurations/types": { + "get": { + "operationId": "getReassignmentConfigTypes", + "tags": [ + "Work Reassignment" + ], + "summary": "List Reassignment Config Types", + "description": "Gets a collection of types which are available in the Reassignment Configuration UI.", + "security": [ + { + "UserContextAuth": [ + "idn:reassignment-configuration:read" + ] + } + ], + "responses": { + "200": { + "description": "List of Reassignment Configuration Types", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Type of Reassignment Configuration.", + "properties": { + "priority": { + "type": "integer", + "example": 1 + }, + "internalName": { + "type": "string", + "description": "Enum list of valid work types that can be selected for a Reassignment Configuration", + "enum": [ + "accessRequests", + "certifications", + "manualTasks" + ], + "example": "accessRequests" + }, + "internalNameCamel": { + "type": "string", + "description": "Enum list of valid work types that can be selected for a Reassignment Configuration", + "enum": [ + "ACCESS_REQUESTS", + "CERTIFICATIONS", + "MANUAL_TASKS" + ], + "example": "ACCESS_REQUESTS" + }, + "displayName": { + "type": "string", + "description": "Human readable display name of the type to be shown on UI", + "example": "Access Requests" + }, + "description": { + "type": "string", + "description": "Description of the type of work to be reassigned, displayed by the UI.", + "example": "Reassign Access Request Work Items for an identity" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/reassignment-configurations": { + "get": { + "operationId": "listReassignmentConfigurations", + "tags": [ + "Work Reassignment" + ], + "summary": "List Reassignment Configurations", + "description": "Gets all Reassignment configuration for the current org.", + "security": [ + { + "UserContextAuth": [ + "idn:reassignment-configuration:read" + ] + } + ], + "responses": { + "200": { + "description": "A list of Reassignment Configurations for an org", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "The response body of a Reassignment Configuration for a single identity", + "properties": { + "identity": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "configDetails": { + "type": "array", + "description": "Details of how work should be reassigned for an Identity", + "items": { + "type": "object", + "description": "The request body of Reassignment Configuration Details for a specific identity and config type", + "properties": { + "configType": { + "type": "string", + "description": "Enum list of valid work types that can be selected for a Reassignment Configuration", + "enum": [ + "ACCESS_REQUESTS", + "CERTIFICATIONS", + "MANUAL_TASKS" + ], + "example": "ACCESS_REQUESTS" + }, + "targetIdentity": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "startDate": { + "type": "string", + "description": "The date from which to start reassigning work items", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "endDate": { + "type": "string", + "description": "The date from which to stop reassigning work items. If this is an empty string it indicates a permanent reassignment.", + "format": "date-time", + "example": "0001-01-01T00:00:00Z" + }, + "auditDetails": { + "type": "object", + "description": "Audit details for the reassignment configuration of an identity", + "properties": { + "created": { + "type": "string", + "description": "Initial date and time when the record was created", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "createdBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "modified": { + "type": "string", + "description": "Last modified date and time for the record", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "modifiedBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + } + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "post": { + "operationId": "createReassignmentConfiguration", + "tags": [ + "Work Reassignment" + ], + "summary": "Create a Reassignment Configuration", + "description": "Creates a new Reassignment Configuration for the specified identity.", + "security": [ + { + "UserContextAuth": [ + "idn:reassignment-configuration:create" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "The request body for creation or update of a Reassignment Configuration for a single identity and work type", + "properties": { + "reassignedFromId": { + "type": "string", + "description": "The identity id to reassign an item from", + "example": "2c91808781a71ddb0181b9090b5c504e" + }, + "reassignedToId": { + "type": "string", + "description": "The identity id to reassign an item to", + "example": "2c91808781a71ddb0181b9090b53504a" + }, + "configType": { + "type": "string", + "description": "Enum list of valid work types that can be selected for a Reassignment Configuration", + "enum": [ + "ACCESS_REQUESTS", + "CERTIFICATIONS", + "MANUAL_TASKS" + ], + "example": "ACCESS_REQUESTS" + }, + "startDate": { + "type": "string", + "description": "The date from which to start reassigning work items", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "endDate": { + "type": "string", + "description": "The date from which to stop reassigning work items. If this is an null string it indicates a permanent reassignment.", + "format": "date-time", + "nullable": true, + "example": "2022-07-30T17:00:00.000Z" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "The newly created Reassignment Configuration object", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "The response body of a Reassignment Configuration for a single identity", + "properties": { + "identity": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "configDetails": { + "type": "array", + "description": "Details of how work should be reassigned for an Identity", + "items": { + "type": "object", + "description": "The request body of Reassignment Configuration Details for a specific identity and config type", + "properties": { + "configType": { + "type": "string", + "description": "Enum list of valid work types that can be selected for a Reassignment Configuration", + "enum": [ + "ACCESS_REQUESTS", + "CERTIFICATIONS", + "MANUAL_TASKS" + ], + "example": "ACCESS_REQUESTS" + }, + "targetIdentity": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "startDate": { + "type": "string", + "description": "The date from which to start reassigning work items", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "endDate": { + "type": "string", + "description": "The date from which to stop reassigning work items. If this is an empty string it indicates a permanent reassignment.", + "format": "date-time", + "example": "0001-01-01T00:00:00Z" + }, + "auditDetails": { + "type": "object", + "description": "Audit details for the reassignment configuration of an identity", + "properties": { + "created": { + "type": "string", + "description": "Initial date and time when the record was created", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "createdBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "modified": { + "type": "string", + "description": "Last modified date and time for the record", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "modifiedBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/reassignment-configurations/{identityId}": { + "get": { + "operationId": "getReassignmentConfiguration", + "tags": [ + "Work Reassignment" + ], + "summary": "Get Reassignment Configuration", + "description": "Gets the Reassignment Configuration for an identity.", + "security": [ + { + "UserContextAuth": [ + "idn:reassignment-configuration:read" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identityId", + "schema": { + "type": "string" + }, + "description": "unique identity id", + "required": true, + "example": "2c91808781a71ddb0181b9090b5c504f" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Reassignment Configuration for an identity", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "The response body of a Reassignment Configuration for a single identity", + "properties": { + "identity": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "configDetails": { + "type": "array", + "description": "Details of how work should be reassigned for an Identity", + "items": { + "type": "object", + "description": "The request body of Reassignment Configuration Details for a specific identity and config type", + "properties": { + "configType": { + "type": "string", + "description": "Enum list of valid work types that can be selected for a Reassignment Configuration", + "enum": [ + "ACCESS_REQUESTS", + "CERTIFICATIONS", + "MANUAL_TASKS" + ], + "example": "ACCESS_REQUESTS" + }, + "targetIdentity": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "startDate": { + "type": "string", + "description": "The date from which to start reassigning work items", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "endDate": { + "type": "string", + "description": "The date from which to stop reassigning work items. If this is an empty string it indicates a permanent reassignment.", + "format": "date-time", + "example": "0001-01-01T00:00:00Z" + }, + "auditDetails": { + "type": "object", + "description": "Audit details for the reassignment configuration of an identity", + "properties": { + "created": { + "type": "string", + "description": "Initial date and time when the record was created", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "createdBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "modified": { + "type": "string", + "description": "Last modified date and time for the record", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "modifiedBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putReassignmentConfig", + "tags": [ + "Work Reassignment" + ], + "summary": "Update Reassignment Configuration", + "description": "Replaces existing Reassignment configuration for an identity with the newly provided configuration.", + "security": [ + { + "UserContextAuth": [ + "idn:reassignment-configuration:update" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identityId", + "schema": { + "type": "string" + }, + "description": "unique identity id", + "required": true, + "example": "2c91808781a71ddb0181b9090b5c504e" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "The request body for creation or update of a Reassignment Configuration for a single identity and work type", + "properties": { + "reassignedFromId": { + "type": "string", + "description": "The identity id to reassign an item from", + "example": "2c91808781a71ddb0181b9090b5c504e" + }, + "reassignedToId": { + "type": "string", + "description": "The identity id to reassign an item to", + "example": "2c91808781a71ddb0181b9090b53504a" + }, + "configType": { + "type": "string", + "description": "Enum list of valid work types that can be selected for a Reassignment Configuration", + "enum": [ + "ACCESS_REQUESTS", + "CERTIFICATIONS", + "MANUAL_TASKS" + ], + "example": "ACCESS_REQUESTS" + }, + "startDate": { + "type": "string", + "description": "The date from which to start reassigning work items", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "endDate": { + "type": "string", + "description": "The date from which to stop reassigning work items. If this is an null string it indicates a permanent reassignment.", + "format": "date-time", + "nullable": true, + "example": "2022-07-30T17:00:00.000Z" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Reassignment Configuration updated", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "The response body of a Reassignment Configuration for a single identity", + "properties": { + "identity": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "configDetails": { + "type": "array", + "description": "Details of how work should be reassigned for an Identity", + "items": { + "type": "object", + "description": "The request body of Reassignment Configuration Details for a specific identity and config type", + "properties": { + "configType": { + "type": "string", + "description": "Enum list of valid work types that can be selected for a Reassignment Configuration", + "enum": [ + "ACCESS_REQUESTS", + "CERTIFICATIONS", + "MANUAL_TASKS" + ], + "example": "ACCESS_REQUESTS" + }, + "targetIdentity": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "startDate": { + "type": "string", + "description": "The date from which to start reassigning work items", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "endDate": { + "type": "string", + "description": "The date from which to stop reassigning work items. If this is an empty string it indicates a permanent reassignment.", + "format": "date-time", + "example": "0001-01-01T00:00:00Z" + }, + "auditDetails": { + "type": "object", + "description": "Audit details for the reassignment configuration of an identity", + "properties": { + "created": { + "type": "string", + "description": "Initial date and time when the record was created", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "createdBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "modified": { + "type": "string", + "description": "Last modified date and time for the record", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "modifiedBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteReassignmentConfiguration", + "tags": [ + "Work Reassignment" + ], + "summary": "Delete Reassignment Configuration", + "description": "Deletes all Reassignment Configuration for the specified identity", + "security": [ + { + "UserContextAuth": [ + "idn:reassignment-configuration:delete" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identityId", + "schema": { + "type": "string" + }, + "description": "unique identity id", + "required": true, + "example": "2c91808781a71ddb0181b9090b5c504e" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "Reassignment Configuration deleted" + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/reassignment-configurations/{identityId}/evaluate/{configType}": { + "get": { + "operationId": "getEvaluateReassignmentConfiguration", + "tags": [ + "Work Reassignment" + ], + "summary": "Evaluate Reassignment Configuration", + "description": "Evaluates the Reassignment Configuration for an `Identity` to determine if work items for the specified type should be reassigned. If a valid Reassignment Configuration is found for the identity & work type, then a lookup is initiated which recursively fetches the Reassignment Configuration for the next `TargetIdentity` until no more results are found or a max depth of 5. That lookup trail is provided in the response and the final reassigned identity in the lookup list is returned as the `reassignToId` property. If no Reassignment Configuration is found for the specified identity & config type then the requested Identity ID will be used as the `reassignToId` value and the lookupTrail node will be empty.", + "security": [ + { + "UserContextAuth": [ + "idn:reassignment-configuration:evaluate" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "identityId", + "required": true, + "schema": { + "type": "string" + }, + "description": "unique identity id", + "example": "2c91808781a71ddb0181b9090b5c504e" + }, + { + "in": "path", + "name": "configType", + "required": true, + "schema": { + "type": "string", + "description": "Enum list of valid work types that can be selected for a Reassignment Configuration", + "enum": [ + "ACCESS_REQUESTS", + "CERTIFICATIONS", + "MANUAL_TASKS" + ], + "example": "ACCESS_REQUESTS" + }, + "description": "Reassignment work type", + "example": "accessRequests" + }, + { + "in": "query", + "name": "exclusionFilters", + "required": false, + "schema": { + "type": "array", + "items": { + "type": "string" + } + }, + "description": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "example": "SELF_REVIEW_DELEGATION" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Evaluated Reassignment Configuration", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "The response body for Evaluate Reassignment Configuration", + "properties": { + "reassignToId": { + "type": "string", + "description": "The Identity ID which should be the recipient of any work items sent to a specific identity & work type", + "example": "869320b6b6f34a169b6178b1a865e66f" + }, + "lookupTrail": { + "type": "array", + "description": "List of Reassignments found by looking up the next `TargetIdentity` in a ReassignmentConfiguration", + "items": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "reassignedToId": { + "type": "string", + "description": "The ID of the Identity who work is reassigned to", + "example": "869320b6b6f34a169b6178b1a865e66f" + }, + "reassignedFromId": { + "type": "string", + "description": "The ID of the Identity who work is reassigned from", + "example": "51948a8f306a4e7a9a6f8f5d032fa59e" + }, + "reassignmentType": { + "description": "Reassignment type", + "type": "string", + "enum": [ + "MANUAL_REASSIGNMENT,", + "AUTOMATIC_REASSIGNMENT,", + "AUTO_ESCALATION,", + "SELF_REVIEW_DELEGATION" + ], + "example": "AUTOMATIC_REASSIGNMENT" + } + } + } + } + } + } + }, + "examples": { + "empty": { + "summary": "Evaluate response when no Reassignment Configuration is found", + "value": { + "reassignToId": "2c9180825a6c1adc015a71c9023f0818", + "lookupTrail": [] + } + }, + "longTrail": { + "summary": "Evaluate response when a long Reassignment trail is found", + "value": { + "reassignToId": "2c9180825a6c1adc015a71c9023f0818", + "lookupTrail": [ + { + "reassignedToId": "2c918084575812550157589064f33b89", + "reassignedFromId": "2c9180825a6c1adc015a71c9023f0818", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + }, + { + "reassignedToId": "073204941f3f49c0b3a3c49d1c17ef0e", + "reassignedFromId": "2c918084575812550157589064f33b89", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + }, + { + "reassignedToId": "31d9c631f5574571a935aaa48a6255df", + "reassignedFromId": "073204941f3f49c0b3a3c49d1c17ef0e", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + }, + { + "reassignedToId": "279de502e5dc43f4854e1b96f57c578f", + "reassignedFromId": "31d9c631f5574571a935aaa48a6255df", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + } + ] + } + }, + "selfReview": { + "summary": "Evaluate response when a self-review is found and manager or org admin escalation is applied", + "value": { + "reassignToId": "2c9180825a6c1adc015a71c9023f0818", + "lookupTrail": [ + { + "reassignedToId": "2c918084575812550157589064f33b89", + "reassignedFromId": "2c9180825a6c1adc015a71c9023f0818", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + }, + { + "reassignedToId": "073204941f3f49c0b3a3c49d1c17ef0e", + "reassignedFromId": "2c918084575812550157589064f33b89", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + }, + { + "reassignedToId": "31d9c631f5574571a935aaa48a6255df", + "reassignedFromId": "073204941f3f49c0b3a3c49d1c17ef0e", + "reassignmentType": "SELF_REVIEW_DELEGATION" + }, + { + "reassignedToId": "279de502e5dc43f4854e1b96f57c578f", + "reassignedFromId": "31d9c631f5574571a935aaa48a6255df", + "reassignmentType": "AUTOMATIC_REASSIGNMENT" + } + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/reassignment-configurations/tenant-config": { + "get": { + "operationId": "getTenantConfigConfiguration", + "tags": [ + "Work Reassignment" + ], + "summary": "Get Tenant-wide Reassignment Configuration settings", + "description": "Gets the global Reassignment Configuration settings for the requestor's tenant.", + "security": [ + { + "UserContextAuth": [ + "idn:reassignment-tenant-configuration:read" + ] + } + ], + "responses": { + "200": { + "description": "Tenant-wide Reassignment Configuration settings", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Tenant-wide Reassignment Configuration settings", + "properties": { + "auditDetails": { + "type": "object", + "description": "Audit details for the reassignment configuration of an identity", + "properties": { + "created": { + "type": "string", + "description": "Initial date and time when the record was created", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "createdBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "modified": { + "type": "string", + "description": "Last modified date and time for the record", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "modifiedBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + } + } + }, + "configDetails": { + "type": "object", + "description": "Details of any tenant-wide Reassignment Configurations (eg. enabled/disabled)", + "properties": { + "disabled": { + "type": "boolean", + "nullable": true, + "description": "Flag to determine if Reassignment Configuration is enabled or disabled for a tenant. When this flag is set to true, Reassignment Configuration is disabled.", + "default": false, + "example": true + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "put": { + "operationId": "putTenantConfiguration", + "tags": [ + "Work Reassignment" + ], + "summary": "Update Tenant-wide Reassignment Configuration settings", + "description": "Replaces existing Tenant-wide Reassignment Configuration settings with the newly provided settings.", + "security": [ + { + "UserContextAuth": [ + "idn:reassignment-tenant-configuration:update" + ] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Tenant-wide Reassignment Configuration settings", + "properties": { + "configDetails": { + "type": "object", + "description": "Details of any tenant-wide Reassignment Configurations (eg. enabled/disabled)", + "properties": { + "disabled": { + "type": "boolean", + "nullable": true, + "description": "Flag to determine if Reassignment Configuration is enabled or disabled for a tenant. When this flag is set to true, Reassignment Configuration is disabled.", + "default": false, + "example": true + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Tenant-wide Reassignment Configuration settings", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Tenant-wide Reassignment Configuration settings", + "properties": { + "auditDetails": { + "type": "object", + "description": "Audit details for the reassignment configuration of an identity", + "properties": { + "created": { + "type": "string", + "description": "Initial date and time when the record was created", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "createdBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + }, + "modified": { + "type": "string", + "description": "Last modified date and time for the record", + "format": "date-time", + "example": "2022-07-21T11:13:12.345Z" + }, + "modifiedBy": { + "type": "object", + "description": "The definition of an Identity according to the Reassignment Configuration service", + "properties": { + "id": { + "type": "string", + "description": "The ID of the object", + "example": "2c91808380aa05580180aaaaf1940410" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object", + "example": "William Wilson" + } + } + } + } + }, + "configDetails": { + "type": "object", + "description": "Details of any tenant-wide Reassignment Configurations (eg. enabled/disabled)", + "properties": { + "disabled": { + "type": "boolean", + "nullable": true, + "description": "Flag to determine if Reassignment Configuration is enabled or disabled for a tenant. When this flag is set to true, Reassignment Configuration is disabled.", + "default": false, + "example": true + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/recommendations/request": { + "post": { + "operationId": "getRecommendations", + "summary": "Returns a Recommendation Based on Object", + "tags": [ + "IAI Recommendations" + ], + "description": "The getRecommendations API returns recommendations based on the requested object. The recommendations are invoked by IdentityIQ and IdentityNow plug-ins that retrieve recommendations based on the performed calculations.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "requests": { + "type": "array", + "items": { + "description": "List of requests to retrieve recommendations", + "type": "object", + "properties": { + "identityId": { + "type": "string", + "description": "The identity ID", + "example": "2c938083633d259901633d25c68c00fa" + }, + "item": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the access item to retrieve the recommendation for.", + "example": "2c938083633d259901633d2623ec0375" + }, + "type": { + "type": "string", + "example": "ENTITLEMENT", + "description": "Access item's type.", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ] + } + } + } + } + } + }, + "excludeInterpretations": { + "type": "boolean", + "description": "Exclude interpretations in the response if \"true\". Return interpretations in the response if this attribute is not specified.", + "default": "false", + "example": "false" + }, + "includeTranslationMessages": { + "type": "boolean", + "description": "When set to true, the calling system uses the translated messages for the specified language", + "default": "false", + "example": "false" + }, + "includeDebugInformation": { + "type": "boolean", + "description": "Returns the recommender calculations if set to true", + "default": "false", + "example": "true" + }, + "prescribeMode": { + "type": "boolean", + "description": "When set to true, uses prescribedRulesRecommenderConfig to get identity attributes and peer group threshold instead of standard config.", + "default": "false", + "example": "false" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "The recommendations for a customer", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "response": { + "type": "array", + "items": { + "type": "object", + "properties": { + "request": { + "type": "object", + "properties": { + "identityId": { + "type": "string", + "description": "The identity ID", + "example": "2c938083633d259901633d25c68c00fa" + }, + "item": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the access item to retrieve the recommendation for.", + "example": "2c938083633d259901633d2623ec0375" + }, + "type": { + "type": "string", + "example": "ENTITLEMENT", + "description": "Access item's type.", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ] + } + } + } + } + }, + "recommendation": { + "type": "string", + "example": "YES", + "description": "The recommendation - YES if the access is recommended, NO if not recommended, MAYBE if there is not enough information to make a recommendation, NOT_FOUND if the identity is not found in the system", + "enum": [ + "YES", + "NO", + "MAYBE", + "NOT_FOUND" + ] + }, + "interpretations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of interpretations explaining the recommendation. The array is empty if includeInterpretations is false or not present in the request. e.g. - [ \"Not approved in the last 6 months.\" ]. Interpretations will be translated using the client's locale as found in the Accept-Language header. If a translation for the client's locale cannot be found, the US English translation will be returned.", + "example": [ + "75% of identities with the same department have this access. This information had a high impact on the overall score.", + "67% of identities with the same peer group have this access. This information had a low impact on the overall score.", + "42% of identities with the same location have this access. This information had a low impact on the overall score." + ] + }, + "translationMessages": { + "type": "array", + "example": [ + { + "key": "recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH", + "values": [ + "75", + "department" + ] + } + ], + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the translation message", + "example": "recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH" + }, + "values": { + "type": "array", + "description": "The values corresponding to the translation messages", + "items": { + "type": "string" + }, + "example": [ + "75", + "department" + ] + } + } + }, + "description": "The list of translation messages, if they have been requested." + }, + "recommenderCalculations": { + "description": "The calcuations performed behind the scenes that provide recommendations to the user.", + "properties": { + "identityId": { + "type": "string", + "description": "The ID of the identity", + "example": "2c91808457d8f3ab0157e3e62cb4213c" + }, + "entitlementId": { + "type": "string", + "description": "The entitlement ID", + "example": "2c91809050db617d0150e0bf3215385e" + }, + "recommendation": { + "type": "string", + "description": "The actual recommendation", + "example": "YES" + }, + "overallWeightedScore": { + "type": "number", + "description": "The overall weighted score" + }, + "featureWeightedScores": { + "type": "object", + "description": "The weighted score of each individual feature", + "additionalProperties": { + "type": "number" + } + }, + "threshold": { + "type": "number", + "description": "The configured value against which the overallWeightedScore is compared" + }, + "identityAttributes": { + "type": "object", + "description": "The values for your configured features", + "additionalProperties": { + "type": "object", + "properties": { + "value": { + "type": "string" + } + } + } + }, + "featureValues": { + "description": "The feature details", + "type": "object", + "properties": { + "feature": { + "type": "string", + "description": "The type of feature", + "example": "department" + }, + "numerator": { + "type": "integer", + "format": "int32", + "example": 14, + "description": "The number of identities that have access to the feature" + }, + "denominator": { + "type": "integer", + "format": "int32", + "example": 14, + "description": "The number of identities with the corresponding feature" + } + } + } + } + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/recommendations/config": { + "get": { + "operationId": "getRecommendationsConfig", + "summary": "Get certification recommendation config values", + "tags": [ + "IAI Recommendations" + ], + "description": "Retrieves configuration attributes used by certification recommendations.", + "responses": { + "200": { + "description": "Cert recommendation configuration attributes", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "recommenderFeatures": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of identity attributes to use for calculating certification recommendations", + "example": [ + "jobTitle", + "location", + "peer_group", + "department", + "active" + ] + }, + "peerGroupPercentageThreshold": { + "type": "number", + "description": "The percent value that the recommendation calculation must surpass to produce a YES recommendation", + "minimum": 0, + "maximum": 1, + "format": "float", + "example": 0.5 + }, + "runAutoSelectOnce": { + "type": "boolean", + "description": "If true, rulesRecommenderConfig will be refreshed with new programatically selected attribute and threshold values on the next pipeline run", + "default": false, + "example": false + }, + "onlyTuneThreshold": { + "type": "boolean", + "description": "If true, rulesRecommenderConfig will be refreshed with new programatically selected threshold values on the next pipeline run", + "default": false, + "example": false + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "put": { + "operationId": "updateRecommendationsConfig", + "summary": "Update certification recommendation config values", + "tags": [ + "IAI Recommendations" + ], + "description": "Updates configuration attributes used by certification recommendations.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "recommenderFeatures": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of identity attributes to use for calculating certification recommendations", + "example": [ + "jobTitle", + "location", + "peer_group", + "department", + "active" + ] + }, + "peerGroupPercentageThreshold": { + "type": "number", + "description": "The percent value that the recommendation calculation must surpass to produce a YES recommendation", + "minimum": 0, + "maximum": 1, + "format": "float", + "example": 0.5 + }, + "runAutoSelectOnce": { + "type": "boolean", + "description": "If true, rulesRecommenderConfig will be refreshed with new programatically selected attribute and threshold values on the next pipeline run", + "default": false, + "example": false + }, + "onlyTuneThreshold": { + "type": "boolean", + "description": "If true, rulesRecommenderConfig will be refreshed with new programatically selected threshold values on the next pipeline run", + "default": false, + "example": false + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Cert recommendation configuration attributes after update", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "recommenderFeatures": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of identity attributes to use for calculating certification recommendations", + "example": [ + "jobTitle", + "location", + "peer_group", + "department", + "active" + ] + }, + "peerGroupPercentageThreshold": { + "type": "number", + "description": "The percent value that the recommendation calculation must surpass to produce a YES recommendation", + "minimum": 0, + "maximum": 1, + "format": "float", + "example": 0.5 + }, + "runAutoSelectOnce": { + "type": "boolean", + "description": "If true, rulesRecommenderConfig will be refreshed with new programatically selected attribute and threshold values on the next pipeline run", + "default": false, + "example": false + }, + "onlyTuneThreshold": { + "type": "boolean", + "description": "If true, rulesRecommenderConfig will be refreshed with new programatically selected threshold values on the next pipeline run", + "default": false, + "example": false + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/role-insights/requests": { + "post": { + "operationId": "createRoleInsightRequests", + "summary": "Generate insights for roles", + "deprecated": true, + "tags": [ + "Role Insights" + ], + "description": "Submits a create role insights request to the role insights application. At this time there are no parameters. All business roles will be processed for the customer.", + "responses": { + "201": { + "description": "Submitted a role insights generation request", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Request Id for a role insight generation request", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time role insights request was created.", + "example": "2020-09-16T18:49:32.150Z" + }, + "lastGenerated": { + "type": "string", + "format": "date-time", + "description": "The date-time role insights request was completed.", + "example": "2020-09-16T18:50:12.150Z" + }, + "numberOfUpdates": { + "type": "integer", + "description": "Total number of updates for this request. Starts with 0 and will have correct number when request is COMPLETED.", + "example": 0 + }, + "roleIds": { + "description": "The role IDs that are in this request.", + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string", + "description": "Request status", + "enum": [ + "CREATED", + "IN PROGRESS", + "COMPLETED", + "FAILED" + ] + } + }, + "example": { + "id": "c9aa02f7-86b0-4bc4-84bd-3116a6131e77", + "createdDate": "2020-09-16T18:49:32.150Z", + "lastGenerated": "2020-09-16T18:49:32.150Z", + "numberOfUpdates": 0, + "roleIds": [ + "2c91808e720e94f8017253287c0a44f4", + "2c918087723ac2800172532191540e03", + "2c9180986e4c8592016e6b15eaef447c" + ], + "status": "CREATED" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/role-insights/requests/{id}": { + "get": { + "operationId": "getRoleInsightsRequests", + "summary": "Returns metadata from prior request.", + "deprecated": true, + "tags": [ + "Role Insights" + ], + "description": "This endpoint returns details of a prior role insights request. ", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role insights request id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns details of an earlier role insights request.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Request Id for a role insight generation request", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time role insights request was created.", + "example": "2020-09-16T18:49:32.150Z" + }, + "lastGenerated": { + "type": "string", + "format": "date-time", + "description": "The date-time role insights request was completed.", + "example": "2020-09-16T18:50:12.150Z" + }, + "numberOfUpdates": { + "type": "integer", + "description": "Total number of updates for this request. Starts with 0 and will have correct number when request is COMPLETED.", + "example": 0 + }, + "roleIds": { + "description": "The role IDs that are in this request.", + "type": "array", + "items": { + "type": "string" + } + }, + "status": { + "type": "string", + "description": "Request status", + "enum": [ + "CREATED", + "IN PROGRESS", + "COMPLETED", + "FAILED" + ] + } + }, + "example": { + "id": "c9aa02f7-86b0-4bc4-84bd-3116a6131e77", + "createdDate": "2020-09-16T18:49:32.150Z", + "lastGenerated": "2020-09-16T18:49:32.150Z", + "numberOfUpdates": 0, + "roleIds": [ + "2c91808e720e94f8017253287c0a44f4", + "2c918087723ac2800172532191540e03", + "2c9180986e4c8592016e6b15eaef447c" + ], + "status": "CREATED" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-insights/summary": { + "get": { + "operationId": "getRoleInsightsSummary", + "summary": "Get role insights summary information", + "tags": [ + "Role Insights" + ], + "description": "This method returns high level summary information for role insights for a customer.", + "responses": { + "200": { + "description": "Succeeded. Returns high level counts.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "numberOfUpdates": { + "type": "integer", + "description": "Total number of roles with updates" + }, + "lastGenerated": { + "type": "string", + "format": "date-time", + "description": "The date-time role insights were last found.", + "example": "2020-05-19T13:49:37.385Z" + }, + "entitlementsIncludedInRoles": { + "type": "integer", + "description": "The number of entitlements included in roles (vs free radicals).", + "example": 45 + }, + "totalNumberOfEntitlements": { + "type": "integer", + "description": "The total number of entitlements.", + "example": 250 + }, + "identitiesWithAccessViaRoles": { + "type": "integer", + "description": "The number of identities in roles vs. identities with just entitlements and not in roles.", + "example": 550 + }, + "totalNumberOfIdentities": { + "type": "integer", + "description": "The total number of identities.", + "example": 980 + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/role-insights": { + "get": { + "operationId": "getRoleInsights", + "summary": "Get role insights", + "tags": [ + "Role Insights" + ], + "description": "This method returns detailed role insights for each role.", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "sorters", + "in": "query", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities**", + "example": "numberOfUpdates", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "name": "filters", + "in": "query", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**ownerName**: *sw*\n\n**description**: *sw*", + "required": false, + "style": "form", + "explode": true, + "example": "name sw \"John\"", + "schema": { + "type": "string" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of roles with information about insights for each role.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Insight id", + "example": "1467e61e-f284-439c-ba2d-c6cc11cf0941" + }, + "numberOfUpdates": { + "type": "integer", + "description": "Total number of updates for this role", + "example": 5 + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time insights were last created for this role." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "nullable": true, + "description": "The date-time insights were last modified for this role.", + "example": "2020-05-19T13:49:37.385Z" + }, + "role": { + "description": "A role", + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Role name", + "example": "Software Engineer" + }, + "id": { + "type": "string", + "description": "Role id", + "example": "1467e61e-f284-439c-ba2d-c6cc11cf0941" + }, + "description": { + "type": "string", + "description": "Role description", + "example": "Person who develops software" + }, + "ownerName": { + "type": "string", + "description": "Role owner name", + "example": "Bob" + }, + "ownerId": { + "type": "string", + "description": "Role owner id", + "example": "1467e61e-f284-439c-ba2d-c6cc11cf0941" + } + } + }, + "insight": { + "description": "The kind of insight this is and some stats", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The number of identities in this role with the entitlement.", + "example": "ADD" + }, + "identitiesWithAccess": { + "type": "integer", + "description": "The number of identities in this role with the entitlement.", + "example": 850 + }, + "identitiesImpacted": { + "type": "integer", + "description": "The number of identities in this role that do not have the specified entitlement.", + "example": 150 + }, + "totalNumberOfIdentities": { + "type": "integer", + "description": "The total number of identities.", + "example": 1000 + }, + "impactedIdentityNames": { + "type": "string", + "nullable": true + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-insights/{insightId}": { + "get": { + "operationId": "getRoleInsight", + "summary": "Get a single role insight", + "tags": [ + "Role Insights" + ], + "description": "This endpoint gets role insights information for a role.", + "parameters": [ + { + "in": "path", + "name": "insightId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role insight id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns information about insights for a single role.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Insight id", + "example": "1467e61e-f284-439c-ba2d-c6cc11cf0941" + }, + "numberOfUpdates": { + "type": "integer", + "description": "Total number of updates for this role", + "example": 5 + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time insights were last created for this role." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "nullable": true, + "description": "The date-time insights were last modified for this role.", + "example": "2020-05-19T13:49:37.385Z" + }, + "role": { + "description": "A role", + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Role name", + "example": "Software Engineer" + }, + "id": { + "type": "string", + "description": "Role id", + "example": "1467e61e-f284-439c-ba2d-c6cc11cf0941" + }, + "description": { + "type": "string", + "description": "Role description", + "example": "Person who develops software" + }, + "ownerName": { + "type": "string", + "description": "Role owner name", + "example": "Bob" + }, + "ownerId": { + "type": "string", + "description": "Role owner id", + "example": "1467e61e-f284-439c-ba2d-c6cc11cf0941" + } + } + }, + "insight": { + "description": "The kind of insight this is and some stats", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The number of identities in this role with the entitlement.", + "example": "ADD" + }, + "identitiesWithAccess": { + "type": "integer", + "description": "The number of identities in this role with the entitlement.", + "example": 850 + }, + "identitiesImpacted": { + "type": "integer", + "description": "The number of identities in this role that do not have the specified entitlement.", + "example": 150 + }, + "totalNumberOfIdentities": { + "type": "integer", + "description": "The total number of identities.", + "example": 1000 + }, + "impactedIdentityNames": { + "type": "string", + "nullable": true + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-insights/{insightId}/entitlement-changes": { + "get": { + "operationId": "getRoleInsightsEntitlementsChanges", + "summary": "Get entitlement insights for a role", + "tags": [ + "Role Insights" + ], + "description": "This endpoint returns entitlement insights for a role.", + "parameters": [ + { + "in": "path", + "name": "insightId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role insight id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "sorters", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess, name**", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "required": false, + "style": "form", + "example": "name sw \"Admin\"", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of entitlements to be added for a role.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the entitlement" + }, + "id": { + "type": "string", + "description": "Id of the entitlement" + }, + "description": { + "type": "string", + "description": "Description for the entitlement" + }, + "attribute": { + "type": "string", + "description": "Attribute for the entitlement" + }, + "value": { + "type": "string", + "description": "Attribute value for the entitlement" + }, + "source": { + "type": "string", + "description": "Source or the application for the entitlement" + }, + "insight": { + "description": "The kind of insight this is and some stats", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The number of identities in this role with the entitlement.", + "example": "ADD" + }, + "identitiesWithAccess": { + "type": "integer", + "description": "The number of identities in this role with the entitlement.", + "example": 850 + }, + "identitiesImpacted": { + "type": "integer", + "description": "The number of identities in this role that do not have the specified entitlement.", + "example": 150 + }, + "totalNumberOfIdentities": { + "type": "integer", + "description": "The total number of identities.", + "example": 1000 + }, + "impactedIdentityNames": { + "type": "string", + "nullable": true + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-insights/{insightId}/entitlement-changes/download": { + "get": { + "operationId": "downloadRoleInsightsEntitlementsChanges", + "summary": "Download entitlement insights for a role", + "tags": [ + "Role Insights" + ], + "description": "This endpoint returns the entitlement insights for a role.", + "parameters": [ + { + "in": "path", + "name": "insightId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role insight id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "sorters", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess**\n\nThe default sort is **identitiesWithAccess** in descending order.", + "required": false, + "example": "identitiesWithAccess", + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "example": "name sw \"r\"", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a csv file containing a list of entitlements to be added for a role.", + "content": { + "text/csv": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-insights/{insightId}/current-entitlements": { + "get": { + "operationId": "getRoleInsightsCurrentEntitlements", + "summary": "Get current entitlement for a role", + "tags": [ + "Role Insights" + ], + "description": "This endpoint gets the entitlements for a role. The term \"current\" is to distinguish from the entitlement(s) an insight might recommend adding.", + "parameters": [ + { + "in": "path", + "name": "insightId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role insight id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "example": "name sw \"r\"", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of current or pre-existing entitlements for a role.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the entitlement" + }, + "id": { + "type": "string", + "description": "Id of the entitlement" + }, + "description": { + "type": "string", + "description": "Description for the entitlement" + }, + "source": { + "type": "string", + "description": "Source or the application for the entitlement" + }, + "attribute": { + "type": "string", + "description": "Attribute for the entitlement" + }, + "value": { + "type": "string", + "description": "Attribute value for the entitlement" + } + }, + "example": { + "name": "Administrator", + "id": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "description": "Full administrative access to IdentityNow", + "source": "IdentityNow", + "attribute": "assignedGroups", + "value": "ORG_ADMIN" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-insights/{insightId}/entitlement-changes/{entitlementId}/identities": { + "get": { + "operationId": "getEntitlementChangesIdentities", + "summary": "Get identities for a suggested entitlement (for a role)", + "tags": [ + "Role Insights" + ], + "description": "Role insights suggests entitlements to be added for a role. This endpoint returns a list of identities in the role, with or without the entitlements, for a suggested entitlement so that the user can see which identities would be affected if the suggested entitlement were to be added to the role.", + "parameters": [ + { + "in": "path", + "name": "insightId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role insight id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "entitlementId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The entitlement id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "hasEntitlement", + "description": "Identity has this entitlement or not", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "example": "name", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "example": "name sw \"Jan\"", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of identities with or without the entitlement.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id for identity" + }, + "name": { + "type": "string", + "description": "Name for identity" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + }, + "example": { + "id": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "name": "Adam Smith", + "attributes": { + "department": "Human Resources-tah-mgb-dnd", + "firstName": "Adam", + "jobTitle": "Sales Analyst", + "location": "Mexico" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions": { + "post": { + "operationId": "createRoleMiningSessions", + "summary": "Create a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "This submits a create role mining session request to the role mining application.", + "requestBody": { + "description": "Role mining session parameters", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": [ + { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + ] + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 50, + "format": "int32" + }, + "prescribedPruneThreshold": { + "type": "integer", + "description": "The calculated prescribedPruneThreshold", + "nullable": true, + "example": 10, + "format": "int32" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "potentialRoleCount": { + "type": "integer", + "description": "Number of potential roles", + "example": 0, + "format": "int32" + }, + "potentialRolesReadyCount": { + "type": "integer", + "description": "Number of potential roles ready", + "example": 0, + "format": "int32" + }, + "type": { + "description": "Role mining session type", + "example": "SPECIALIZED", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ] + }, + "emailRecipientId": { + "type": "string", + "description": "The id of the user who will receive an email about the role mining session", + "nullable": true, + "example": "2c918090761a5aac0176215c46a62d58" + }, + "identityCount": { + "type": "integer", + "description": "Number of identities in the population which meet the search criteria or identity list provided", + "example": 0, + "format": "int32" + }, + "saved": { + "type": "boolean", + "description": "The session's saved status", + "default": false, + "example": true + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "Submitted a role mining session request", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "scope": { + "description": "The scope of identities for this role mining session", + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "nullable": true, + "description": "Minimum number of identities in a potential role", + "example": 20 + }, + "scopingMethod": { + "type": "string", + "description": "The scoping method of the role mining session", + "nullable": true, + "example": "AUTO_RM" + }, + "prescribedPruneThreshold": { + "type": "integer", + "nullable": true, + "description": "The computed (or prescribed) prune threshold for this session", + "example": 83 + }, + "pruneThreshold": { + "type": "integer", + "nullable": true, + "description": "The prune threshold to be used for this role mining session", + "example": 70 + }, + "potentialRoleCount": { + "type": "integer", + "description": "The number of potential roles", + "example": 8 + }, + "potentialRolesReadyCount": { + "type": "integer", + "description": "The number of potential roles which have completed processing", + "example": 4 + }, + "status": { + "description": "The role mining session status", + "type": "object", + "properties": { + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + } + } + }, + "emailRecipientId": { + "type": "string", + "description": "The id of the user who will receive an email about the role mining session", + "nullable": true + }, + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The session created by details" + }, + "identityCount": { + "type": "integer", + "description": "The number of identities", + "example": 39 + }, + "saved": { + "type": "boolean", + "description": "The session's saved status", + "default": false, + "example": true + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "dataFilePath": { + "type": "string", + "description": "The data file path of the role mining session", + "nullable": true + }, + "id": { + "type": "string", + "description": "Session Id for this role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this role mining session was created." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this role mining session was completed." + }, + "type": { + "description": "Role mining session type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + } + }, + "example": { + "scope": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": null + }, + "scopingMethod": "AUTO_RM", + "minNumIdentitiesInPotentialRole": 20, + "pruneThreshold": 70, + "prescribedPruneThreshold": 83, + "potentialRoleCount": 8, + "potentialRolesReadyCount": 4, + "status": { + "state": "POTENTIAL_ROLES_PROCESSING" + }, + "type": "SPECIALIZED", + "emailRecipientId": null, + "createdBy": null, + "identityCount": 0, + "saved": false, + "name": null, + "dataFilePath": null, + "id": "602ba738-cf48-499b-a780-7b67b3fc1ecf", + "createdDate": "2021-09-08T16:11:05.348Z", + "modifiedDate": "2021-09-08T16:11:05.348Z" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "get": { + "operationId": "getRoleMiningSessions", + "summary": "Retrieves all role mining sessions", + "tags": [ + "IAI Role Mining" + ], + "description": "Returns all role mining sessions that match the query parameters", + "parameters": [ + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**saved**: *eq*\n\n**name**: *eq, sw*", + "example": "saved eq \"true\" and name sw \"RM Session\"" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdBy, createdDate**", + "example": "createdBy,createdDate" + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns all role mining sessions that match the query parameters.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": [ + { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + ] + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 50, + "format": "int32" + }, + "prescribedPruneThreshold": { + "type": "integer", + "description": "The calculated prescribedPruneThreshold", + "nullable": true, + "example": 10, + "format": "int32" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "potentialRoleCount": { + "type": "integer", + "description": "Number of potential roles", + "example": 0, + "format": "int32" + }, + "potentialRolesReadyCount": { + "type": "integer", + "description": "Number of potential roles ready", + "example": 0, + "format": "int32" + }, + "type": { + "description": "Role mining session type", + "example": "SPECIALIZED", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ] + }, + "emailRecipientId": { + "type": "string", + "description": "The id of the user who will receive an email about the role mining session", + "nullable": true, + "example": "2c918090761a5aac0176215c46a62d58" + }, + "identityCount": { + "type": "integer", + "description": "Number of identities in the population which meet the search criteria or identity list provided", + "example": 0, + "format": "int32" + }, + "saved": { + "type": "boolean", + "description": "The session's saved status", + "default": false, + "example": true + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}": { + "patch": { + "operationId": "patchRoleMiningSession", + "summary": "Patch a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "The method updates an existing role mining session using PATCH. Supports op in {\"replace\"} and changes to pruneThreshold and/or minNumIdentitiesInPotentialRole. The potential roles in this role mining session is then re-calculated.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id to be patched", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "description": "Replace pruneThreshold and/or minNumIdentitiesInPotentialRole in role mining session. Update saved status or saved name for a role mining session.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "example": [ + { + "op": "replace", + "path": "/pruneThreshold", + "value": "83" + }, + { + "op": "replace", + "path": "/minNumIdentitiesInPotentialRole", + "value": "10" + }, + { + "op": "replace", + "path": "/saved", + "value": "false" + }, + { + "op": "replace", + "path": "/name", + "value": "RM Session - 07/10/22" + }, + { + "op": "add", + "path": "/name", + "value": "RM Session - 07/10/22" + } + ] + } + } + }, + "responses": { + "202": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "type": "object" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "get": { + "operationId": "getRoleMiningSession", + "summary": "Get a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "The method retrieves a role mining session.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id to be retrieved.", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns a role mining session", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "scope": { + "description": "The scope of identities for this role mining session", + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "nullable": true, + "description": "Minimum number of identities in a potential role", + "example": 20 + }, + "scopingMethod": { + "type": "string", + "description": "The scoping method of the role mining session", + "nullable": true, + "example": "AUTO_RM" + }, + "prescribedPruneThreshold": { + "type": "integer", + "nullable": true, + "description": "The computed (or prescribed) prune threshold for this session", + "example": 83 + }, + "pruneThreshold": { + "type": "integer", + "nullable": true, + "description": "The prune threshold to be used for this role mining session", + "example": 70 + }, + "potentialRoleCount": { + "type": "integer", + "description": "The number of potential roles", + "example": 8 + }, + "potentialRolesReadyCount": { + "type": "integer", + "description": "The number of potential roles which have completed processing", + "example": 4 + }, + "status": { + "description": "The role mining session status", + "type": "object", + "properties": { + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + } + } + }, + "emailRecipientId": { + "type": "string", + "description": "The id of the user who will receive an email about the role mining session", + "nullable": true + }, + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The session created by details" + }, + "identityCount": { + "type": "integer", + "description": "The number of identities", + "example": 39 + }, + "saved": { + "type": "boolean", + "description": "The session's saved status", + "default": false, + "example": true + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "dataFilePath": { + "type": "string", + "description": "The data file path of the role mining session", + "nullable": true + }, + "id": { + "type": "string", + "description": "Session Id for this role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this role mining session was created." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this role mining session was completed." + }, + "type": { + "description": "Role mining session type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + } + }, + "example": { + "scope": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": null + }, + "scopingMethod": "AUTO_RM", + "minNumIdentitiesInPotentialRole": 20, + "pruneThreshold": 70, + "prescribedPruneThreshold": 83, + "potentialRoleCount": 8, + "potentialRolesReadyCount": 4, + "status": { + "state": "POTENTIAL_ROLES_PROCESSING" + }, + "type": "SPECIALIZED", + "emailRecipientId": null, + "createdBy": null, + "identityCount": 0, + "saved": false, + "name": null, + "dataFilePath": null, + "id": "602ba738-cf48-499b-a780-7b67b3fc1ecf", + "createdDate": "2021-09-08T16:11:05.348Z", + "modifiedDate": "2021-09-08T16:11:05.348Z" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/status": { + "get": { + "operationId": "getRoleMiningSessionStatus", + "summary": "Get role mining session status state", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns a role mining session status for a customer.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns session status", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-role-summaries": { + "get": { + "operationId": "getPotentialRoleSummaries", + "summary": "Retrieves all potential role summaries", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns the potential role summaries for a role mining session.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate**", + "example": "createdDate" + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq*", + "example": "(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of potential role summaries for a role mining session.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "name": { + "type": "string", + "description": "Name of the potential role", + "example": "Potential Role - e0cc5d" + }, + "potentialRoleRef": { + "description": "Details about the potential role", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "name": { + "type": "string", + "description": "Name of the potential role", + "example": "Potential Role - e0cc5d" + } + } + }, + "identityCount": { + "type": "integer", + "description": "The number of identities in a potential role.", + "format": "int32", + "example": 25 + }, + "entitlementCount": { + "type": "integer", + "description": "The number of entitlements in a potential role.", + "format": "int32", + "example": 15 + }, + "identityGroupStatus": { + "type": "string", + "description": "The status for this identity group which can be \"REQUESTED\" or \"OBTAINED\"", + "example": "OBTAINED" + }, + "provisionState": { + "description": "The status of provisioning for this potential role. Can be \"POTENTIAL\", \"PENDING\", \"FAILED\", or \"COMPLETE\".", + "example": "PENDING", + "type": "string", + "enum": [ + "POTENTIAL", + "PENDING", + "COMPLETE", + "FAILED" + ] + }, + "roleId": { + "type": "string", + "description": "ID of the provisioned role in IIQ or IDN. Null if this potential role has not been provisioned.", + "nullable": true, + "example": "2a4be6fbcf3c4e66b95a0c15ffd591" + }, + "density": { + "type": "integer", + "description": "The density metric (0-100) of this potential role. Higher density values indicate higher similarity amongst the identities.", + "format": "int32", + "example": 90 + }, + "freshness": { + "type": "integer", + "description": "The freshness metric (0-100) of this potential role. Higher freshness values indicate this potential role is more distinctive compared to existing roles.", + "format": "int32", + "example": 70 + }, + "quality": { + "type": "integer", + "description": "The quality metric (0-100) of this potential role. Higher quality values indicate this potential role has high density and freshness.", + "format": "int32", + "example": 80 + }, + "type": { + "description": "Role mining potential type.", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The potential role created by details" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was created." + }, + "saved": { + "type": "boolean", + "description": "The potential role's saved status", + "default": false, + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "Description of the potential role" + }, + "session": { + "description": "The session parameters of the potential role.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the role mining session", + "example": "9f36f5e5-1e81-4eca-b087-548959d91c71" + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 5, + "format": "int32" + }, + "saved": { + "type": "boolean", + "default": true, + "description": "The session's saved status", + "example": true + }, + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "type": { + "description": "Role mining potential type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + }, + "scopingMethod": { + "description": "Scoping method used in current role mining session", + "type": "string", + "enum": [ + "MANUAL", + "AUTO_RM" + ], + "example": "MANUAL" + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}": { + "get": { + "operationId": "getPotentialRole", + "summary": "Retrieves a specific potential role", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns a specific potential role for a role mining session.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of potential roles for a role mining session.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The session created by details" + }, + "density": { + "type": "integer", + "description": "The density of a potential role.", + "example": 75, + "format": "int32" + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of a potential role.", + "example": "Potential Role for Accounting dept" + }, + "entitlementCount": { + "type": "integer", + "description": "The number of entitlements in a potential role.", + "example": 25, + "format": "int32" + }, + "excludedEntitlements": { + "description": "The list of entitlement ids to be excluded.", + "nullable": true, + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "freshness": { + "type": "integer", + "description": "The freshness of a potential role.", + "example": 75, + "format": "int32" + }, + "identityCount": { + "type": "integer", + "description": "The number of identities in a potential role.", + "example": 25, + "format": "int32" + }, + "identityDistribution": { + "description": "Identity attribute distribution.", + "nullable": true, + "type": "array", + "items": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "Id of the potential role", + "example": "department" + }, + "distribution": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "example": [ + { + "attributeValue": "NM Tier 3", + "count": 6 + } + ] + } + } + } + }, + "identityIds": { + "description": "The list of ids in a potential role.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "name": { + "type": "string", + "description": "Name of the potential role.", + "example": "Saved Potential Role - 07/10" + }, + "provisionState": { + "description": "The provisioning state of a potential role.", + "nullable": true, + "type": "string", + "enum": [ + "POTENTIAL", + "PENDING", + "COMPLETE", + "FAILED" + ], + "example": "POTENTIAL" + }, + "quality": { + "type": "integer", + "description": "The quality of a potential role.", + "example": 100, + "format": "int32" + }, + "roleId": { + "type": "string", + "nullable": true, + "description": "The roleId of a potential role.", + "example": "07a0b4e2-7a76-44fa-bd0b-c64654b66519" + }, + "saved": { + "type": "boolean", + "description": "The potential role's saved status.", + "example": true + }, + "session": { + "description": "The session parameters of the potential role.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the role mining session", + "example": "9f36f5e5-1e81-4eca-b087-548959d91c71" + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 5, + "format": "int32" + }, + "saved": { + "type": "boolean", + "default": true, + "description": "The session's saved status", + "example": true + }, + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "type": { + "description": "Role mining potential type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + }, + "scopingMethod": { + "description": "Scoping method used in current role mining session", + "type": "string", + "enum": [ + "MANUAL", + "AUTO_RM" + ], + "example": "MANUAL" + } + } + }, + "type": { + "description": "Role mining potential type.", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was created." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was modified." + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchPotentialRole", + "summary": "Update a potential role", + "tags": [ + "IAI Role Mining" + ], + "description": "The method updates an existing potential role using.\n\nThe following fields can be modified:\n\n* `description`\n\n* `name`\n\n* `saved`\n\n\n>**NOTE: All other fields cannot be modified.**\n", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The potential role summary id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "remove", + "replace" + ], + "example": "replace" + } + } + } + }, + "example": [ + { + "op": "remove", + "path": "/description" + }, + { + "op": "replace", + "path": "/description", + "value": "Acct I - Potential Role" + }, + { + "op": "remove", + "path": "/saved" + }, + { + "op": "replace", + "path": "/saved", + "value": "false" + }, + { + "op": "remove", + "path": "/name" + }, + { + "op": "replace", + "path": "/name", + "value": "Potential Role Accounting" + } + ] + } + } + }, + "responses": { + "200": { + "description": "Succeeded. Returns the potential role summary based on the potentialRoleId provided.", + "content": { + "application/json": { + "schema": { + "type": "object", + "items": { + "type": "object", + "properties": { + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The session created by details" + }, + "density": { + "type": "integer", + "description": "The density of a potential role.", + "example": 75, + "format": "int32" + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of a potential role.", + "example": "Potential Role for Accounting dept" + }, + "entitlementCount": { + "type": "integer", + "description": "The number of entitlements in a potential role.", + "example": 25, + "format": "int32" + }, + "excludedEntitlements": { + "description": "The list of entitlement ids to be excluded.", + "nullable": true, + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "freshness": { + "type": "integer", + "description": "The freshness of a potential role.", + "example": 75, + "format": "int32" + }, + "identityCount": { + "type": "integer", + "description": "The number of identities in a potential role.", + "example": 25, + "format": "int32" + }, + "identityDistribution": { + "description": "Identity attribute distribution.", + "nullable": true, + "type": "array", + "items": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "Id of the potential role", + "example": "department" + }, + "distribution": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "example": [ + { + "attributeValue": "NM Tier 3", + "count": 6 + } + ] + } + } + } + }, + "identityIds": { + "description": "The list of ids in a potential role.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "name": { + "type": "string", + "description": "Name of the potential role.", + "example": "Saved Potential Role - 07/10" + }, + "provisionState": { + "description": "The provisioning state of a potential role.", + "nullable": true, + "type": "string", + "enum": [ + "POTENTIAL", + "PENDING", + "COMPLETE", + "FAILED" + ], + "example": "POTENTIAL" + }, + "quality": { + "type": "integer", + "description": "The quality of a potential role.", + "example": 100, + "format": "int32" + }, + "roleId": { + "type": "string", + "nullable": true, + "description": "The roleId of a potential role.", + "example": "07a0b4e2-7a76-44fa-bd0b-c64654b66519" + }, + "saved": { + "type": "boolean", + "description": "The potential role's saved status.", + "example": true + }, + "session": { + "description": "The session parameters of the potential role.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the role mining session", + "example": "9f36f5e5-1e81-4eca-b087-548959d91c71" + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 5, + "format": "int32" + }, + "saved": { + "type": "boolean", + "default": true, + "description": "The session's saved status", + "example": true + }, + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "type": { + "description": "Role mining potential type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + }, + "scopingMethod": { + "description": "Scoping method used in current role mining session", + "type": "string", + "enum": [ + "MANUAL", + "AUTO_RM" + ], + "example": "MANUAL" + } + } + }, + "type": { + "description": "Role mining potential type.", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was created." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was modified." + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}/applications": { + "get": { + "operationId": "getPotentialRoleApplications", + "summary": "Retrieves the applications of a potential role for a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns the applications of a potential role for a role mining session.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of potential roles for a role mining session.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the potential role" + }, + "name": { + "type": "string", + "description": "Name of the potential role" + } + }, + "example": { + "id": "2c9180877212632a017228d5a796292b", + "name": "Slack" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularities": { + "get": { + "operationId": "getEntitlementsPotentialRole", + "summary": "Retrieves entitlements for a potential role in a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns entitlements for a potential role in a role mining session.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "includeCommonAccess", + "description": "Boolean determining whether common access entitlements will be included or not", + "example": true, + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "boolean", + "default": true + } + }, + { + "in": "query", + "name": "sorters", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity, entitlementName, applicationName**\n\nThe default sort is **popularity** in descending order. ", + "example": "popularity", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "example": "applicationName sw \"AD\"", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of entitlements for a potential role.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "entitlementRef": { + "description": "Details about the entitlement", + "example": { + "id": "2c91808a7e95e6e0017e96e2086206c8", + "name": "App.entitlement.1", + "description": "Entitlement 1", + "attribute": "groups" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the entitlement", + "example": "2c91808a7e95e6e0017e96e2086206c8" + }, + "name": { + "type": "string", + "description": "Name of the entitlement", + "example": "App.entitlement.1" + }, + "description": { + "type": "string", + "description": "Description forthe entitlement", + "nullable": true, + "example": "Entitlement 1" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute", + "example": "groups" + } + } + }, + "name": { + "type": "string", + "description": "Name of the entitlement", + "example": "Add/modify/delete users" + }, + "applicationName": { + "type": "string", + "description": "Application name of the entitlement", + "example": "AppName" + }, + "identityCount": { + "type": "integer", + "description": "The number of identities with this entitlement in a role.", + "format": "int32", + "example": 45 + }, + "popularity": { + "type": "number", + "description": "The % popularity of this entitlement in a role.", + "format": "float", + "example": 65.2 + }, + "popularityInOrg": { + "type": "number", + "description": "The % popularity of this entitlement in the org.", + "format": "float", + "example": 35.8 + }, + "sourceId": { + "type": "string", + "description": "The ID of the source/application.", + "example": "2c9180877620c1460176267f336a106f" + }, + "activitySourceState": { + "type": "string", + "description": "The status of activity data for the source. Value is complete or notComplete.", + "nullable": true, + "example": "complete" + }, + "sourceUsagePercent": { + "type": "number", + "description": "The percentage of identities in the potential role that have usage of the source/application of this entitlement.", + "format": "float", + "nullable": true, + "example": 65.6 + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [] + } + ] + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularity-distribution": { + "get": { + "operationId": "getEntitlementDistributionPotentialRole", + "summary": "Retrieves entitlement popularity distribution for a potential role in a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns entitlement popularity distribution for a potential role in a role mining session.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "includeCommonAccess", + "description": "Boolean determining whether common access entitlements will be included or not", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "boolean" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a map containing entitlement popularity distribution for a potential role.", + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "integer" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/edit-entitlements": { + "post": { + "operationId": "updateEntitlementsPotentialRole", + "summary": "Edit entitlements for a potential role to exclude some entitlements", + "tags": [ + "IAI Role Mining" + ], + "description": "This endpoint adds or removes entitlements from an exclusion list for a potential role.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "Role mining session parameters", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "ids": { + "description": "The list of entitlement ids to be edited", + "type": "array", + "items": { + "type": "string" + } + }, + "exclude": { + "type": "boolean", + "description": "If true, add ids to be exclusion list. If false, remove ids from the exclusion list." + } + }, + "example": { + "ids": [ + "entId1", + "entId2" + ], + "exclude": true + } + } + } + } + }, + "responses": { + "201": { + "description": "Adds or removes entitlements from a potential role's entitlement exclusion list.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The session created by details" + }, + "density": { + "type": "integer", + "description": "The density of a potential role.", + "example": 75, + "format": "int32" + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of a potential role.", + "example": "Potential Role for Accounting dept" + }, + "entitlementCount": { + "type": "integer", + "description": "The number of entitlements in a potential role.", + "example": 25, + "format": "int32" + }, + "excludedEntitlements": { + "description": "The list of entitlement ids to be excluded.", + "nullable": true, + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "freshness": { + "type": "integer", + "description": "The freshness of a potential role.", + "example": 75, + "format": "int32" + }, + "identityCount": { + "type": "integer", + "description": "The number of identities in a potential role.", + "example": 25, + "format": "int32" + }, + "identityDistribution": { + "description": "Identity attribute distribution.", + "nullable": true, + "type": "array", + "items": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "Id of the potential role", + "example": "department" + }, + "distribution": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "example": [ + { + "attributeValue": "NM Tier 3", + "count": 6 + } + ] + } + } + } + }, + "identityIds": { + "description": "The list of ids in a potential role.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "name": { + "type": "string", + "description": "Name of the potential role.", + "example": "Saved Potential Role - 07/10" + }, + "provisionState": { + "description": "The provisioning state of a potential role.", + "nullable": true, + "type": "string", + "enum": [ + "POTENTIAL", + "PENDING", + "COMPLETE", + "FAILED" + ], + "example": "POTENTIAL" + }, + "quality": { + "type": "integer", + "description": "The quality of a potential role.", + "example": 100, + "format": "int32" + }, + "roleId": { + "type": "string", + "nullable": true, + "description": "The roleId of a potential role.", + "example": "07a0b4e2-7a76-44fa-bd0b-c64654b66519" + }, + "saved": { + "type": "boolean", + "description": "The potential role's saved status.", + "example": true + }, + "session": { + "description": "The session parameters of the potential role.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the role mining session", + "example": "9f36f5e5-1e81-4eca-b087-548959d91c71" + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 5, + "format": "int32" + }, + "saved": { + "type": "boolean", + "default": true, + "description": "The session's saved status", + "example": true + }, + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "type": { + "description": "Role mining potential type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + }, + "scopingMethod": { + "description": "Scoping method used in current role mining session", + "type": "string", + "enum": [ + "MANUAL", + "AUTO_RM" + ], + "example": "MANUAL" + } + } + }, + "type": { + "description": "Role mining potential type.", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was created." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was modified." + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/identities": { + "get": { + "operationId": "getIdentitiesPotentialRole", + "summary": "Retrieves identities for a potential role in a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns identities for a potential role in a role mining session.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "sorters", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "required": false, + "style": "form", + "explode": true, + "example": "name", + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of identities for a potential role.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the identity" + }, + "name": { + "type": "string", + "description": "Name of the identity" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + }, + "example": { + "id": "2c9180877212632a017228d5934525e6", + "name": "Allene Abernathy-Welch", + "attributes": { + "jobTitle": "SQL Developer", + "department": "IT", + "location": "NYC", + "firstName": "Allene" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export": { + "get": { + "operationId": "exportRoleMiningPotentialRole", + "summary": "Export (download) details for a potential role in a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "This endpoint downloads all the information for a potential role in a role mining session. Includes identities and entitlements in the potential role.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.", + "content": { + "application/zip": { + "schema": { + "type": "string", + "format": "binary" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async": { + "post": { + "operationId": "exportRoleMiningPotentialRoleAsync", + "summary": "Asynchronously export details for a potential role in a role mining session and upload to S3", + "tags": [ + "IAI Role Mining" + ], + "description": "This endpoint uploads all the information for a potential role in a role mining session to S3 as a downloadable zip archive. Includes identities and entitlements in the potential role.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "278359a6-04b7-4669-9468-924cf580964a" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "minEntitlementPopularity": { + "type": "integer", + "description": "The minimum popularity among identities in the role which an entitlement must have to be included in the report", + "example": 0 + }, + "includeCommonAccess": { + "type": "boolean", + "description": "If false, do not include entitlements that are highly popular among the entire orginization", + "example": true + } + }, + "example": { + "minEntitlementPopularity": 0, + "includeCommonAccess": true + } + } + } + } + }, + "responses": { + "202": { + "description": "Job Submitted. Returns a reportId that can be used to download the zip once complete", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "minEntitlementPopularity": { + "type": "integer", + "description": "The minimum popularity among identities in the role which an entitlement must have to be included in the report", + "example": 0 + }, + "includeCommonAccess": { + "type": "boolean", + "description": "If false, do not include entitlements that are highly popular among the entire orginization", + "example": true + } + }, + "example": { + "minEntitlementPopularity": 0, + "includeCommonAccess": true + } + }, + { + "type": "object", + "properties": { + "exportId": { + "type": "string", + "format": "uuid", + "description": "ID used to reference this export", + "example": "0c6cdb76-1227-4aaf-af21-192dbdfbfa04" + }, + "status": { + "description": "The status of this export", + "example": "QUEUED", + "type": "string", + "enum": [ + "QUEUED", + "IN_PROGRESS", + "SUCCESS", + "ERROR" + ] + } + } + } + ], + "example": { + "exportId": "0c6cdb76-1227-4aaf-af21-192dbdfbfa04", + "status": "QUEUED", + "minEntitlementPopularity": 0, + "includeCommonAccess": true + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}": { + "get": { + "operationId": "exportRoleMiningPotentialRoleStatus", + "summary": "Retrieve status of a potential role export job", + "tags": [ + "IAI Role Mining" + ], + "description": "This endpoint retrieves information about the current status of a potential role export.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "278359a6-04b7-4669-9468-924cf580964a" + }, + { + "in": "path", + "name": "exportId", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "The id of a previously run export job for this potential role", + "example": "4940ffd4-836f-48a3-b2b0-6d498c3fdf40" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Success. Returns the current status of this export", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "minEntitlementPopularity": { + "type": "integer", + "description": "The minimum popularity among identities in the role which an entitlement must have to be included in the report", + "example": 0 + }, + "includeCommonAccess": { + "type": "boolean", + "description": "If false, do not include entitlements that are highly popular among the entire orginization", + "example": true + } + }, + "example": { + "minEntitlementPopularity": 0, + "includeCommonAccess": true + } + }, + { + "type": "object", + "properties": { + "exportId": { + "type": "string", + "format": "uuid", + "description": "ID used to reference this export", + "example": "0c6cdb76-1227-4aaf-af21-192dbdfbfa04" + }, + "status": { + "description": "The status of this export", + "example": "QUEUED", + "type": "string", + "enum": [ + "QUEUED", + "IN_PROGRESS", + "SUCCESS", + "ERROR" + ] + } + } + } + ], + "example": { + "exportId": "0c6cdb76-1227-4aaf-af21-192dbdfbfa04", + "status": "QUEUED", + "minEntitlementPopularity": 0, + "includeCommonAccess": true + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}/download": { + "get": { + "operationId": "downloadRoleMiningPotentialRoleZip", + "summary": "Export (download) details for a potential role in a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "This endpoint downloads a completed export of information for a potential role in a role mining session.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "278359a6-04b7-4669-9468-924cf580964a" + }, + { + "in": "path", + "name": "exportId", + "schema": { + "type": "string", + "format": "uuid" + }, + "required": true, + "description": "The id of a previously run export job for this potential role", + "example": "4940ffd4-836f-48a3-b2b0-6d498c3fdf40" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.", + "content": { + "application/zip": { + "schema": { + "type": "string", + "format": "binary" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/provision": { + "post": { + "operationId": "createPotentialRoleProvisionRequest", + "summary": "Create request to provision a potential role into an actual role.", + "tags": [ + "IAI Role Mining" + ], + "description": "This method starts a job to provision a potential role", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "min-entitlement-popularity", + "description": "Minimum popularity required for an entitlement to be included in the provisioned role.", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "integer", + "default": 0, + "minimum": 0, + "maximum": 100 + } + }, + { + "in": "query", + "name": "include-common-access", + "description": "Boolean determining whether common access entitlements will be included in the provisioned role.", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "boolean", + "default": true + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "Required information to create a new role", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "roleName": { + "type": "string", + "description": "Name of the new role being created", + "example": "Finance - Accounting" + }, + "roleDescription": { + "type": "string", + "description": "Short description of the new role being created", + "example": "General access for accounting department" + }, + "ownerId": { + "type": "string", + "description": "ID of the identity that will own this role", + "example": "2b568c65bc3c4c57a43bd97e3a8e41" + }, + "includeIdentities": { + "type": "boolean", + "description": "When true, create access requests for the identities associated with the potential role", + "default": false, + "example": true + }, + "directlyAssignedEntitlements": { + "type": "boolean", + "description": "When true, assign entitlements directly to the role; otherwise, create access profiles containing the entitlements", + "default": false, + "example": false + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Accepted. Returns a potential role summary including the status of the provison request", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "name": { + "type": "string", + "description": "Name of the potential role", + "example": "Potential Role - e0cc5d" + }, + "potentialRoleRef": { + "description": "Details about the potential role", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "name": { + "type": "string", + "description": "Name of the potential role", + "example": "Potential Role - e0cc5d" + } + } + }, + "identityCount": { + "type": "integer", + "description": "The number of identities in a potential role.", + "format": "int32", + "example": 25 + }, + "entitlementCount": { + "type": "integer", + "description": "The number of entitlements in a potential role.", + "format": "int32", + "example": 15 + }, + "identityGroupStatus": { + "type": "string", + "description": "The status for this identity group which can be \"REQUESTED\" or \"OBTAINED\"", + "example": "OBTAINED" + }, + "provisionState": { + "description": "The status of provisioning for this potential role. Can be \"POTENTIAL\", \"PENDING\", \"FAILED\", or \"COMPLETE\".", + "example": "PENDING", + "type": "string", + "enum": [ + "POTENTIAL", + "PENDING", + "COMPLETE", + "FAILED" + ] + }, + "roleId": { + "type": "string", + "description": "ID of the provisioned role in IIQ or IDN. Null if this potential role has not been provisioned.", + "nullable": true, + "example": "2a4be6fbcf3c4e66b95a0c15ffd591" + }, + "density": { + "type": "integer", + "description": "The density metric (0-100) of this potential role. Higher density values indicate higher similarity amongst the identities.", + "format": "int32", + "example": 90 + }, + "freshness": { + "type": "integer", + "description": "The freshness metric (0-100) of this potential role. Higher freshness values indicate this potential role is more distinctive compared to existing roles.", + "format": "int32", + "example": 70 + }, + "quality": { + "type": "integer", + "description": "The quality metric (0-100) of this potential role. Higher quality values indicate this potential role has high density and freshness.", + "format": "int32", + "example": 80 + }, + "type": { + "description": "Role mining potential type.", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The potential role created by details" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was created." + }, + "saved": { + "type": "boolean", + "description": "The potential role's saved status", + "default": false, + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "Description of the potential role" + }, + "session": { + "description": "The session parameters of the potential role.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the role mining session", + "example": "9f36f5e5-1e81-4eca-b087-548959d91c71" + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 5, + "format": "int32" + }, + "saved": { + "type": "boolean", + "default": true, + "description": "The session's saved status", + "example": true + }, + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "type": { + "description": "Role mining potential type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + }, + "scopingMethod": { + "description": "Scoping method used in current role mining session", + "type": "string", + "enum": [ + "MANUAL", + "AUTO_RM" + ], + "example": "MANUAL" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/excluded-entitlements": { + "get": { + "operationId": "getExcludedEntitlementsPotentialRole", + "summary": "Retrieves excluded entitlements for a potential role in a role mining session", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns excluded entitlements for a potential role in a role mining session.", + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id in a role mining session", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "query", + "name": "sorters", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity**", + "example": "populariity", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "example": "applicationName sw \"AD\"", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of excluded entitlements for a potential roles.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "entitlementRef": { + "description": "Details about the entitlement", + "example": { + "id": "2c91808a7e95e6e0017e96e2086206c8", + "name": "App.entitlement.1", + "description": "Entitlement 1", + "attribute": "groups" + }, + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the entitlement", + "example": "2c91808a7e95e6e0017e96e2086206c8" + }, + "name": { + "type": "string", + "description": "Name of the entitlement", + "example": "App.entitlement.1" + }, + "description": { + "type": "string", + "description": "Description forthe entitlement", + "nullable": true, + "example": "Entitlement 1" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute", + "example": "groups" + } + } + }, + "name": { + "type": "string", + "description": "Name of the entitlement", + "example": "Add/modify/delete users" + }, + "applicationName": { + "type": "string", + "description": "Application name of the entitlement", + "example": "AppName" + }, + "identityCount": { + "type": "integer", + "description": "The number of identities with this entitlement in a role.", + "format": "int32", + "example": 45 + }, + "popularity": { + "type": "number", + "description": "The % popularity of this entitlement in a role.", + "format": "float", + "example": 65.2 + }, + "popularityInOrg": { + "type": "number", + "description": "The % popularity of this entitlement in the org.", + "format": "float", + "example": 35.8 + }, + "sourceId": { + "type": "string", + "description": "The ID of the source/application.", + "example": "2c9180877620c1460176267f336a106f" + }, + "activitySourceState": { + "type": "string", + "description": "The status of activity data for the source. Value is complete or notComplete.", + "nullable": true, + "example": "complete" + }, + "sourceUsagePercent": { + "type": "number", + "description": "The percentage of identities in the potential role that have usage of the source/application of this entitlement.", + "format": "float", + "nullable": true, + "example": 65.6 + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-potential-roles": { + "get": { + "operationId": "getAllPotentialRoleSummaries", + "summary": "Retrieves all potential role summaries", + "tags": [ + "IAI Role Mining" + ], + "description": "Returns all potential role summaries that match the query parameters", + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "in": "query", + "name": "sorters", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality**", + "example": "createdDate" + }, + { + "in": "query", + "name": "filters", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co, ge, gt, le, lt*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq, ge, gt, le, lt*\n\n**scopingMethod**: *eq*\n\n**sessionState**: *eq*\n\n**identityAttribute**: *co*", + "example": "(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns all potential role summaries that match the query parameters.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "name": { + "type": "string", + "description": "Name of the potential role", + "example": "Potential Role - e0cc5d" + }, + "potentialRoleRef": { + "description": "Details about the potential role", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "name": { + "type": "string", + "description": "Name of the potential role", + "example": "Potential Role - e0cc5d" + } + } + }, + "identityCount": { + "type": "integer", + "description": "The number of identities in a potential role.", + "format": "int32", + "example": 25 + }, + "entitlementCount": { + "type": "integer", + "description": "The number of entitlements in a potential role.", + "format": "int32", + "example": 15 + }, + "identityGroupStatus": { + "type": "string", + "description": "The status for this identity group which can be \"REQUESTED\" or \"OBTAINED\"", + "example": "OBTAINED" + }, + "provisionState": { + "description": "The status of provisioning for this potential role. Can be \"POTENTIAL\", \"PENDING\", \"FAILED\", or \"COMPLETE\".", + "example": "PENDING", + "type": "string", + "enum": [ + "POTENTIAL", + "PENDING", + "COMPLETE", + "FAILED" + ] + }, + "roleId": { + "type": "string", + "description": "ID of the provisioned role in IIQ or IDN. Null if this potential role has not been provisioned.", + "nullable": true, + "example": "2a4be6fbcf3c4e66b95a0c15ffd591" + }, + "density": { + "type": "integer", + "description": "The density metric (0-100) of this potential role. Higher density values indicate higher similarity amongst the identities.", + "format": "int32", + "example": 90 + }, + "freshness": { + "type": "integer", + "description": "The freshness metric (0-100) of this potential role. Higher freshness values indicate this potential role is more distinctive compared to existing roles.", + "format": "int32", + "example": 70 + }, + "quality": { + "type": "integer", + "description": "The quality metric (0-100) of this potential role. Higher quality values indicate this potential role has high density and freshness.", + "format": "int32", + "example": 80 + }, + "type": { + "description": "Role mining potential type.", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The potential role created by details" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was created." + }, + "saved": { + "type": "boolean", + "description": "The potential role's saved status", + "default": false, + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "Description of the potential role" + }, + "session": { + "description": "The session parameters of the potential role.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the role mining session", + "example": "9f36f5e5-1e81-4eca-b087-548959d91c71" + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 5, + "format": "int32" + }, + "saved": { + "type": "boolean", + "default": true, + "description": "The session's saved status", + "example": true + }, + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "type": { + "description": "Role mining potential type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + }, + "scopingMethod": { + "description": "Scoping method used in current role mining session", + "type": "string", + "enum": [ + "MANUAL", + "AUTO_RM" + ], + "example": "MANUAL" + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-potential-roles/{potentialRoleId}": { + "get": { + "operationId": "getRoleMiningPotentialRole", + "summary": "Retrieves a specific potential role", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns a specific potential role.", + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of potential roles for a role mining session.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The session created by details" + }, + "density": { + "type": "integer", + "description": "The density of a potential role.", + "example": 75, + "format": "int32" + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of a potential role.", + "example": "Potential Role for Accounting dept" + }, + "entitlementCount": { + "type": "integer", + "description": "The number of entitlements in a potential role.", + "example": 25, + "format": "int32" + }, + "excludedEntitlements": { + "description": "The list of entitlement ids to be excluded.", + "nullable": true, + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "freshness": { + "type": "integer", + "description": "The freshness of a potential role.", + "example": 75, + "format": "int32" + }, + "identityCount": { + "type": "integer", + "description": "The number of identities in a potential role.", + "example": 25, + "format": "int32" + }, + "identityDistribution": { + "description": "Identity attribute distribution.", + "nullable": true, + "type": "array", + "items": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "Id of the potential role", + "example": "department" + }, + "distribution": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "example": [ + { + "attributeValue": "NM Tier 3", + "count": 6 + } + ] + } + } + } + }, + "identityIds": { + "description": "The list of ids in a potential role.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "name": { + "type": "string", + "description": "Name of the potential role.", + "example": "Saved Potential Role - 07/10" + }, + "provisionState": { + "description": "The provisioning state of a potential role.", + "nullable": true, + "type": "string", + "enum": [ + "POTENTIAL", + "PENDING", + "COMPLETE", + "FAILED" + ], + "example": "POTENTIAL" + }, + "quality": { + "type": "integer", + "description": "The quality of a potential role.", + "example": 100, + "format": "int32" + }, + "roleId": { + "type": "string", + "nullable": true, + "description": "The roleId of a potential role.", + "example": "07a0b4e2-7a76-44fa-bd0b-c64654b66519" + }, + "saved": { + "type": "boolean", + "description": "The potential role's saved status.", + "example": true + }, + "session": { + "description": "The session parameters of the potential role.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the role mining session", + "example": "9f36f5e5-1e81-4eca-b087-548959d91c71" + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 5, + "format": "int32" + }, + "saved": { + "type": "boolean", + "default": true, + "description": "The session's saved status", + "example": true + }, + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "type": { + "description": "Role mining potential type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + }, + "scopingMethod": { + "description": "Scoping method used in current role mining session", + "type": "string", + "enum": [ + "MANUAL", + "AUTO_RM" + ], + "example": "MANUAL" + } + } + }, + "type": { + "description": "Role mining potential type.", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was created." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was modified." + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "patch": { + "operationId": "patchPotentialRole", + "summary": "Update a potential role", + "tags": [ + "IAI Role Mining" + ], + "description": "The method updates an existing potential role using.\n\nThe following fields can be modified:\n\n* `description`\n\n* `name`\n\n* `saved`\n\n\n>**NOTE: All other fields cannot be modified.**\n", + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "in": "path", + "name": "sessionId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The role mining session id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The potential role summary id", + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "remove", + "replace" + ], + "example": "replace" + } + } + } + }, + "example": [ + { + "op": "remove", + "path": "/description" + }, + { + "op": "replace", + "path": "/description", + "value": "Acct I - Potential Role" + }, + { + "op": "remove", + "path": "/saved" + }, + { + "op": "replace", + "path": "/saved", + "value": "false" + }, + { + "op": "remove", + "path": "/name" + }, + { + "op": "replace", + "path": "/name", + "value": "Potential Role Accounting" + } + ] + } + } + }, + "responses": { + "200": { + "description": "Succeeded. Returns the potential role summary based on the potentialRoleId provided.", + "content": { + "application/json": { + "schema": { + "type": "object", + "items": { + "type": "object", + "properties": { + "createdBy": { + "oneOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the creator", + "example": "2c918090761a5aac0176215c46a62d58" + }, + "displayName": { + "type": "string", + "description": "The display name of the creator", + "example": "Ashley.Pierce" + } + } + }, + { + "type": "string", + "nullable": true, + "description": "Workaround to support null", + "example": "Dummy" + } + ], + "description": "The session created by details" + }, + "density": { + "type": "integer", + "description": "The density of a potential role.", + "example": 75, + "format": "int32" + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of a potential role.", + "example": "Potential Role for Accounting dept" + }, + "entitlementCount": { + "type": "integer", + "description": "The number of entitlements in a potential role.", + "example": 25, + "format": "int32" + }, + "excludedEntitlements": { + "description": "The list of entitlement ids to be excluded.", + "nullable": true, + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "freshness": { + "type": "integer", + "description": "The freshness of a potential role.", + "example": 75, + "format": "int32" + }, + "identityCount": { + "type": "integer", + "description": "The number of identities in a potential role.", + "example": 25, + "format": "int32" + }, + "identityDistribution": { + "description": "Identity attribute distribution.", + "nullable": true, + "type": "array", + "items": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "Id of the potential role", + "example": "department" + }, + "distribution": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "example": [ + { + "attributeValue": "NM Tier 3", + "count": 6 + } + ] + } + } + } + }, + "identityIds": { + "description": "The list of ids in a potential role.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "name": { + "type": "string", + "description": "Name of the potential role.", + "example": "Saved Potential Role - 07/10" + }, + "provisionState": { + "description": "The provisioning state of a potential role.", + "nullable": true, + "type": "string", + "enum": [ + "POTENTIAL", + "PENDING", + "COMPLETE", + "FAILED" + ], + "example": "POTENTIAL" + }, + "quality": { + "type": "integer", + "description": "The quality of a potential role.", + "example": 100, + "format": "int32" + }, + "roleId": { + "type": "string", + "nullable": true, + "description": "The roleId of a potential role.", + "example": "07a0b4e2-7a76-44fa-bd0b-c64654b66519" + }, + "saved": { + "type": "boolean", + "description": "The potential role's saved status.", + "example": true + }, + "session": { + "description": "The session parameters of the potential role.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the role mining session", + "example": "9f36f5e5-1e81-4eca-b087-548959d91c71" + }, + "name": { + "type": "string", + "description": "The session's saved name", + "nullable": true, + "example": "Saved RM Session - 07/10" + }, + "minNumIdentitiesInPotentialRole": { + "type": "integer", + "description": "Minimum number of identities in a potential role", + "nullable": true, + "example": 20, + "format": "int32" + }, + "pruneThreshold": { + "type": "integer", + "description": "The prune threshold to be used or null to calculate prescribedPruneThreshold", + "nullable": true, + "example": 5, + "format": "int32" + }, + "saved": { + "type": "boolean", + "default": true, + "description": "The session's saved status", + "example": true + }, + "scope": { + "description": "The scope of identities for this role mining session", + "example": { + "identityIds": [], + "criteria": "source.name:DataScienceDataset", + "attributeFilterCriteria": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + }, + "type": "object", + "properties": { + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "criteria": { + "type": "string", + "description": "The \"search\" criteria that produces the list of identities for this role mining session.", + "nullable": true, + "example": "source.name:DataScienceDataset" + }, + "attributeFilterCriteria": { + "type": "array", + "items": { + "type": "object" + }, + "description": "The filter criteria for this role mining session.", + "nullable": true, + "example": { + "displayName": { + "untranslated": "Location: Miami" + }, + "ariaLabel": { + "untranslated": "Location: Miami" + }, + "data": { + "displayName": { + "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION" + }, + "name": "location", + "operator": "EQUALS", + "values": [ + "Miami" + ] + } + } + } + } + }, + "type": { + "description": "Role mining potential type", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "state": { + "description": "Role mining session state", + "type": "string", + "enum": [ + "CREATED", + "UPDATED", + "IDENTITIES_OBTAINED", + "PRUNE_THRESHOLD_OBTAINED", + "POTENTIAL_ROLES_PROCESSING", + "POTENTIAL_ROLES_CREATED" + ], + "example": "CREATED" + }, + "scopingMethod": { + "description": "Scoping method used in current role mining session", + "type": "string", + "enum": [ + "MANUAL", + "AUTO_RM" + ], + "example": "MANUAL" + } + } + }, + "type": { + "description": "Role mining potential type.", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ], + "example": "SPECIALIZED" + }, + "id": { + "type": "string", + "description": "Id of the potential role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was created." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential role was modified." + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-potential-roles/saved": { + "get": { + "operationId": "getSavedPotentialRoles", + "summary": "Retrieves all saved potential roles", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns all saved potential roles (draft roles).", + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "in": "query", + "name": "sorters", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified**", + "example": "modified" + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of draft roles for a role mining session.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the draft role", + "example": "Saved RM Session - 07/10" + }, + "description": { + "type": "string", + "description": "Draft role description", + "example": "Person who develops software" + }, + "identityIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identities for this role mining session.", + "example": [ + "2c918090761a5aac0176215c46a62d58", + "2c918090761a5aac01722015c46a62d42" + ] + }, + "entitlementIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of entitlement ids for this role mining session.", + "example": [ + "2c91808a7624751a01762f19d665220d", + "2c91808a7624751a01762f19d67c220e" + ] + }, + "excludedEntitlements": { + "type": "array", + "description": "The list of excluded entitlement ids.", + "items": { + "type": "string" + }, + "example": [ + "07a0b4e2", + "13b4e2a0" + ] + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "Last modified date", + "example": "2020-09-16T18:49:32.150Z" + }, + "type": { + "description": "Role mining session type", + "example": "SPECIALIZED", + "type": "string", + "enum": [ + "SPECIALIZED", + "COMMON" + ] + }, + "id": { + "type": "string", + "description": "Id of the potential draft role", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + "createdDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential draft role was created." + }, + "modifiedDate": { + "type": "string", + "format": "date-time", + "description": "The date-time when this potential draft role was modified." + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/role-mining-potential-roles/{potentialRoleId}/sources/{sourceId}/identityUsage": { + "get": { + "operationId": "getPotentialRoleSourceIdentityUsage", + "summary": "Retrieves potential role source usage", + "tags": [ + "IAI Role Mining" + ], + "description": "This method returns source usageCount (as number of days in the last 90 days) for each identity in a potential role.", + "security": [ + { + "UserContextAuth": [] + } + ], + "parameters": [ + { + "in": "path", + "name": "potentialRoleId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A potential role id", + "example": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923" + }, + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "description": "A source id", + "example": "2c9180877620c1460176267f336a106f" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "style": "form", + "explode": true, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount**", + "example": "-usageCount" + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Succeeded. Returns a list of source usage for the identities in a potential role.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The identity ID", + "example": "2c918089762475180176267f894b54dc" + }, + "displayName": { + "type": "string", + "description": "Display name for the identity", + "example": "Kirk Koepp" + }, + "email": { + "type": "string", + "description": "Email address for the identity", + "example": "kirk.koepp@testmail.identitynow.com" + }, + "usageCount": { + "type": "integer", + "description": "The number of days there has been usage of the source by the identity.", + "format": "int32", + "example": 25 + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/roles/{id}/entitlements": { + "get": { + "operationId": "getRoleEntitlements", + "tags": [ + "Roles" + ], + "summary": "List role's Entitlements", + "description": "This API lists the Entitlements associated with a given role.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API.", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "ID of the containing role", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*", + "example": "attribute eq \"memberOf\"", + "required": false + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "example": "name,-modified", + "required": false + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of Entitlements", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The entitlement id", + "example": "2c91808874ff91550175097daaec161c" + }, + "name": { + "type": "string", + "description": "The entitlement name", + "example": "LauncherTest2" + }, + "created": { + "type": "string", + "description": "Time when the entitlement was created", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "modified": { + "type": "string", + "description": "Time when the entitlement was last modified", + "format": "date-time", + "example": "2020-10-08T18:33:52.029Z" + }, + "attribute": { + "type": "string", + "description": "The entitlement attribute name", + "example": "memberOf", + "nullable": true + }, + "value": { + "type": "string", + "description": "The value of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "sourceSchemaObjectType": { + "type": "string", + "description": "The object type of the entitlement from the source schema", + "example": "group" + }, + "privileged": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is privileged", + "example": true + }, + "cloudGoverned": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is cloud governed", + "example": true + }, + "description": { + "type": "string", + "nullable": true, + "description": "The description of the entitlement", + "example": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local" + }, + "requestable": { + "type": "boolean", + "default": false, + "description": "True if the entitlement is requestable", + "example": true + }, + "attributes": { + "type": "object", + "description": "A map of free-form key-value pairs from the source system", + "example": { + "fieldName": "fieldValue" + }, + "additionalProperties": true + }, + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The source ID", + "example": "2c9180827ca885d7017ca8ce28a000eb" + }, + "type": { + "type": "string", + "description": "The source type, will always be \"SOURCE\"", + "example": "SOURCE" + }, + "name": { + "type": "string", + "description": "The source name", + "example": "ODS-AD-Source", + "nullable": true + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "description": "Simplified DTO for the owner object of the entitlement", + "properties": { + "id": { + "type": "string", + "description": "The owner id for the entitlement", + "example": "2a2fdacca5e345f18bf7970cfbb8fec2" + }, + "name": { + "type": "string", + "description": "The owner name for the entitlement", + "example": "identity 1" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the owner. Initially only type IDENTITY is supported", + "example": "IDENTITY" + } + } + }, + { + "nullable": true + } + ] + }, + "directPermissions": { + "type": "array", + "items": { + "type": "object", + "description": "Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.", + "properties": { + "rights": { + "type": "array", + "description": "All the rights (e.g. actions) that this permission allows on the target", + "readOnly": true, + "items": { + "type": "string", + "example": "SELECT" + } + }, + "target": { + "type": "string", + "description": "The target the permission would grants rights on.", + "readOnly": true, + "example": "SYS.GV_$TRANSACTION" + } + } + } + }, + "segments": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "List of IDs of segments, if any, to which this Entitlement is assigned.", + "example": [ + "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", + "29cb6c06-1da8-43ea-8be4-b3125f248f2a" + ] + }, + "manuallyUpdatedFields": { + "allOf": [ + { + "type": "object", + "properties": { + "DISPLAY_NAME": { + "type": "boolean", + "default": false, + "description": "True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property.", + "example": true + }, + "DESCRIPTION": { + "type": "boolean", + "default": false, + "description": "True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation.\nField refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property.", + "example": true + } + } + }, + { + "nullable": true, + "description": "Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.", + "example": { + "DISPLAY_NAME": true, + "DESCRIPTION": true + } + } + ] + }, + "accessModelMetadata": { + "allOf": [ + { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Technical name of the Attribute. This is unique and cannot be changed after creation.", + "example": "iscPrivacy" + }, + "name": { + "type": "string", + "description": "The display name of the key.", + "example": "Privacy" + }, + "multiselect": { + "type": "boolean", + "default": false, + "description": "Indicates whether the attribute can have multiple values.", + "example": false + }, + "status": { + "type": "string", + "description": "The status of the Attribute.", + "example": "active" + }, + "type": { + "type": "string", + "description": "The type of the Attribute. This can be either \"custom\" or \"governance\".", + "example": "governance" + }, + "objectTypes": { + "type": "array", + "items": { + "type": "string" + }, + "nullable": true, + "description": "An array of object types this attributes values can be applied to. Possible values are \"all\" or \"entitlement\". Value \"all\" means this attribute can be used with all object types that are supported.", + "example": [ + "entitlement" + ] + }, + "description": { + "type": "string", + "description": "The description of the Attribute.", + "example": "Specifies the level of privacy associated with an access item." + }, + "values": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Technical name of the Attribute value. This is unique and cannot be changed after creation.", + "example": "public" + }, + "name": { + "type": "string", + "description": "The display name of the Attribute value.", + "example": "Public" + }, + "status": { + "type": "string", + "description": "The status of the Attribute value.", + "example": "active" + } + } + } + } + } + }, + "example": [ + { + "key": "iscPrivacy", + "name": "Privacy", + "multiselect": false, + "status": "active", + "type": "governance", + "objectTypes": [ + "all" + ], + "description": "Specifies the level of privacy associated with an access item.", + "values": [ + { + "value": "public", + "name": "Public", + "status": "active" + } + ] + } + ] + } + } + }, + { + "nullable": true, + "description": "Access Model Metadata (beta)." + } + ] + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:role-unchecked:read", + "idn:role-unchecked:manage", + "idn:role-checked:manage", + "idn:role-checked:read" + ] + } + ] + } + }, + "/send-test-notification": { + "post": { + "operationId": "sendTestNotification", + "tags": [ + "Notifications" + ], + "summary": "Send Test Notification", + "description": "Send a Test Notification", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The template notification key.", + "example": "cloud_manual_work_item_summary" + }, + "medium": { + "type": "string", + "description": "The notification medium. Has to be one of the following enum values.", + "enum": [ + "EMAIL", + "SLACK", + "TEAMS" + ] + }, + "context": { + "type": "object", + "description": "A Json object that denotes the context specific to the template." + } + } + }, + "example": { + "key": "cloud_manual_work_item_summary", + "medium": "EMAIL", + "context": { + "numberOfPendingTasks": "4", + "ownerId": "201327fda1c44704ac01181e963d463c" + } + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/sim-integrations/{id}": { + "put": { + "tags": [ + "SIM Integrations" + ], + "summary": "Update an existing SIM integration", + "description": "Update an existing SIM integration. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "putSIMIntegration", + "requestBody": { + "description": "The full DTO of the integration containing the updated model", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Sim Integration Details", + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "format": "date-time", + "readOnly": true, + "example": "2023-01-03T21:16:22.432Z" + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "format": "date-time", + "readOnly": true, + "example": "2023-01-03T21:16:22.432Z" + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of the integration", + "example": "Integration description", + "nullable": false + }, + "type": { + "type": "string", + "description": "The integration type", + "example": "ServiceNow Service Desk", + "nullable": false + }, + "attributes": { + "type": "object", + "description": "The attributes map containing the credentials used to configure the integration.", + "nullable": true, + "example": "{\"uid\":\"Walter White\",\"firstname\":\"walter\",\"cloudStatus\":\"UNREGISTERED\",\"displayName\":\"Walter White\",\"identificationNumber\":\"942\",\"lastSyncDate\":1470348809380,\"email\":\"walter@gmail.com\",\"lastname\":\"white\"}" + }, + "sources": { + "type": "array", + "description": "The list of sources (managed resources)", + "items": { + "type": "string" + }, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ], + "nullable": false + }, + "cluster": { + "type": "string", + "description": "The cluster/proxy", + "example": "xyzzy999", + "nullable": false + }, + "statusMap": { + "type": "object", + "description": "Custom mapping between the integration result and the provisioning result", + "example": { + "closed_cancelled": "Failed", + "closed_complete": "Committed", + "closed_incomplete": "Failed", + "closed_rejected": "Failed", + "in_process": "Queued", + "requested": "Queued" + } + }, + "request": { + "type": "object", + "description": "Request data to customize desc and body of the created ticket", + "example": { + "description": "SailPoint Access Request,", + "req_description": "The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,", + "req_short_description": "SailPoint New Access Request Created from IdentityNow,", + "short_description": "SailPoint Access Request $!plan.arguments.identityRequestId" + } + }, + "beforeProvisioningRule": { + "description": "Before provisioning rule of integration", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the rule", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the rule", + "example": "Example Rule" + } + } + } + } + } + ] + } + } + }, + "required": true + }, + "parameters": [ + { + "name": "id", + "in": "path", + "description": "The id of the integration.", + "schema": { + "type": "string" + }, + "example": 12345, + "required": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "details of the updated integration", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ], + "properties": { + "type": { + "description": "The type of object being referenced", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "description": "Human-readable display name of the source", + "example": "My Source" + } + } + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:create" + ] + } + ] + }, + "get": { + "tags": [ + "SIM Integrations" + ], + "summary": "Get a SIM integration details.", + "description": "Get the details of a SIM integration. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "getSIMIntegration", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "The id of the integration.", + "schema": { + "type": "string" + }, + "example": 12345, + "required": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The DTO containing the details of the SIM integration", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ], + "properties": { + "type": { + "description": "The type of object being referenced", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "description": "Human-readable display name of the source", + "example": "My Source" + } + } + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:read" + ] + } + ] + }, + "delete": { + "tags": [ + "SIM Integrations" + ], + "summary": "Delete a SIM integration", + "description": "Get the details of a SIM integration. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "deleteSIMIntegration", + "parameters": [ + { + "name": "id", + "description": "The id of the integration to delete.", + "in": "path", + "schema": { + "type": "string" + }, + "example": 12345, + "required": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "No content response" + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:write" + ] + } + ] + }, + "patch": { + "tags": [ + "SIM Integrations" + ], + "summary": "Patch a SIM attribute.", + "description": "Patch a SIM attribute given a JsonPatch object. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "patchSIMAttributes", + "requestBody": { + "required": true, + "description": "The JsonPatch object that describes the changes of SIM", + "content": { + "application/json-patch+json": { + "schema": { + "type": "object", + "description": "A JSONPatch document as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "properties": { + "operations": { + "description": "Operations to be applied", + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + } + }, + "example": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]" + } + } + } + }, + "parameters": [ + { + "name": "id", + "description": "SIM integration id", + "in": "path", + "schema": { + "type": "string" + }, + "example": 12345, + "required": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The updated DTO containing the details of the SIM integration.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ], + "properties": { + "type": { + "description": "The type of object being referenced", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "description": "Human-readable display name of the source", + "example": "My Source" + } + } + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:write" + ] + } + ] + } + }, + "/sim-integrations/{id}/beforeProvisioningRule": { + "patch": { + "tags": [ + "SIM Integrations" + ], + "summary": "Patch a SIM beforeProvisioningRule attribute.", + "description": "Patch a SIM beforeProvisioningRule attribute given a JsonPatch object. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "patchBeforeProvisioningRule", + "requestBody": { + "required": true, + "description": "The JsonPatch object that describes the changes of SIM beforeProvisioningRule.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "object", + "description": "A JSONPatch document as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "properties": { + "operations": { + "description": "Operations to be applied", + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + } + }, + "example": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]" + } + } + } + }, + "parameters": [ + { + "name": "id", + "in": "path", + "description": "SIM integration id", + "schema": { + "type": "string" + }, + "example": 12345, + "required": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The updated DTO containing the details of the SIM integration.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ], + "properties": { + "type": { + "description": "The type of object being referenced", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "description": "Human-readable display name of the source", + "example": "My Source" + } + } + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:write" + ] + } + ] + } + }, + "/sim-integrations": { + "get": { + "tags": [ + "SIM Integrations" + ], + "summary": "List the existing SIM integrations.", + "description": "List the existing SIM integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "getSIMIntegrations", + "responses": { + "200": { + "description": "The DTO containing the details of the SIM integration", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ], + "properties": { + "type": { + "description": "The type of object being referenced", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "description": "Human-readable display name of the source", + "example": "My Source" + } + } + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:read" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "post": { + "tags": [ + "SIM Integrations" + ], + "summary": "Create new SIM integration", + "description": "Create a new SIM Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "operationId": "createSIMIntegration", + "requestBody": { + "description": "DTO containing the details of the SIM integration", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Sim Integration Details", + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "format": "date-time", + "readOnly": true, + "example": "2023-01-03T21:16:22.432Z" + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "format": "date-time", + "readOnly": true, + "example": "2023-01-03T21:16:22.432Z" + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of the integration", + "example": "Integration description", + "nullable": false + }, + "type": { + "type": "string", + "description": "The integration type", + "example": "ServiceNow Service Desk", + "nullable": false + }, + "attributes": { + "type": "object", + "description": "The attributes map containing the credentials used to configure the integration.", + "nullable": true, + "example": "{\"uid\":\"Walter White\",\"firstname\":\"walter\",\"cloudStatus\":\"UNREGISTERED\",\"displayName\":\"Walter White\",\"identificationNumber\":\"942\",\"lastSyncDate\":1470348809380,\"email\":\"walter@gmail.com\",\"lastname\":\"white\"}" + }, + "sources": { + "type": "array", + "description": "The list of sources (managed resources)", + "items": { + "type": "string" + }, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ], + "nullable": false + }, + "cluster": { + "type": "string", + "description": "The cluster/proxy", + "example": "xyzzy999", + "nullable": false + }, + "statusMap": { + "type": "object", + "description": "Custom mapping between the integration result and the provisioning result", + "example": { + "closed_cancelled": "Failed", + "closed_complete": "Committed", + "closed_incomplete": "Failed", + "closed_rejected": "Failed", + "in_process": "Queued", + "requested": "Queued" + } + }, + "request": { + "type": "object", + "description": "Request data to customize desc and body of the created ticket", + "example": { + "description": "SailPoint Access Request,", + "req_description": "The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,", + "req_short_description": "SailPoint New Access Request Created from IdentityNow,", + "short_description": "SailPoint Access Request $!plan.arguments.identityRequestId" + } + }, + "beforeProvisioningRule": { + "description": "Before provisioning rule of integration", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the rule", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the rule", + "example": "Example Rule" + } + } + } + } + } + ] + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "details of the created integration", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ], + "properties": { + "type": { + "description": "The type of object being referenced", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "description": "Human-readable display name of the source", + "example": "My Source" + } + } + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:service-desk-admin:create" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/sp-config/export": { + "post": { + "operationId": "exportSpConfig", + "security": [ + { + "UserContextAuth": [ + "sp:config:read", + "sp:config:manage" + ] + } + ], + "tags": [ + "SP-Config" + ], + "summary": "Initiates configuration objects export job", + "description": "This post will export objects from the tenant to a JSON configuration file.\nFor more information about the object types that currently support export functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).", + "requestBody": { + "description": "Export options control what will be included in the export.", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "excludeTypes": { + "description": "Object type names to be excluded from an sp-config export command.", + "type": "array", + "items": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ], + "example": "SOURCE" + } + }, + "includeTypes": { + "description": "Object type names to be included in an sp-config export command. IncludeTypes takes precedence over excludeTypes.", + "type": "array", + "items": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ], + "example": "TRIGGER_SUBSCRIPTION" + } + }, + "objectOptions": { + "description": "Additional options targeting specific objects related to each item in the includeTypes field", + "type": "object", + "additionalProperties": { + "type": "object", + "properties": { + "includedIds": { + "description": "Object ids to be included in an import or export.", + "type": "array", + "items": { + "type": "string", + "example": "be9e116d-08e1-49fc-ab7f-fa585e96c9e4" + } + }, + "includedNames": { + "description": "Object names to be included in an import or export.", + "type": "array", + "items": { + "type": "string", + "example": "Test Object" + } + } + } + }, + "example": { + "TRIGGER_SUBSCRIPTION": { + "includedIds": [ + "be9e116d-08e1-49fc-ab7f-fa585e96c9e4" + ], + "includedNames": [ + "Test 2" + ] + } + } + } + } + } + ], + "properties": { + "description": { + "type": "string", + "description": "Optional user defined description/name for export job.", + "example": "Export Job 1 Test" + } + } + }, + "examples": { + "Export all objects available": { + "description": "Export all object types available in IDN.", + "value": { + "description": "Export all available objects", + "excludeTypes": [], + "includeTypes": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ], + "objectOptions": {} + } + }, + "Export sources by ID": { + "description": "Export only sources that match the IDs specified in the export options.", + "value": { + "description": "Export sources by ID", + "excludeTypes": [], + "includeTypes": [ + "SOURCE" + ], + "objectOptions": { + "SOURCE": { + "includedIds": [ + "be9e116d-08e1-49fc-ab7f-fa585e96c9e4", + "be9p119e-90e1-49pk-ac9f-fa576e96c9e4" + ], + "includedNames": [] + } + } + } + }, + "Export transforms by name": { + "description": "Export only transforms that match the names specified in the export options.", + "value": { + "description": "Export transforms by name", + "excludeTypes": [], + "includeTypes": [ + "TRANSFORM" + ], + "objectOptions": { + "TRANSFORM": { + "includedIds": [], + "includedNames": [ + "Remove Diacritical Marks", + "Common - Location Lookup" + ] + } + } + } + }, + "Export trigger subscriptions triggers and transforms with custom options": { + "description": "Export trigger subscriptions and transforms that match the export options.", + "value": { + "description": "Export trigger subscriptions and transforms with custom filter options", + "excludeTypes": [], + "includeTypes": [ + "TRANSFORM", + "TRIGGER_SUBSCRIPTION" + ], + "objectOptions": { + "TRANSFORM": { + "includedIds": [], + "includedNames": [ + "Remove Diacritical Marks", + "Common - Location Lookup" + ] + }, + "TRIGGER_SUBSCRIPTION": { + "includedIds": [ + "be9e116d-08e1-49fc-ab7f-fa585e96c9e4", + "be9p119e-90e1-49pk-ac9f-fa576e96c9e4" + ], + "includedNames": [ + "NGROK Test: fire and forget", + "Manager Certification" + ] + } + } + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Export job accepted and queued for processing.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "Unique id assigned to this job.", + "example": "3469b87d-48ca-439a-868f-2160001da8c1" + }, + "status": { + "type": "string", + "description": "Status of the job.", + "enum": [ + "NOT_STARTED", + "IN_PROGRESS", + "COMPLETE", + "CANCELLED", + "FAILED" + ], + "example": "COMPLETE" + }, + "type": { + "type": "string", + "description": "Type of the job, either export or import.", + "enum": [ + "EXPORT", + "IMPORT" + ], + "example": "IMPORT" + }, + "expiration": { + "type": "string", + "format": "date-time", + "description": "The time until which the artifacts will be available for download.", + "example": "2021-05-11T22:23:16Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time the job was started.", + "example": "2021-05-11T22:23:16Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time of the last update to the job.", + "example": "2021-05-11T22:23:16Z" + } + }, + "required": [ + "jobId", + "status", + "type", + "expiration", + "created", + "modified" + ] + }, + { + "type": "object", + "required": [ + "description" + ], + "properties": { + "description": { + "type": "string", + "description": "Optional user defined description/name for export job.", + "example": "ETS configuration objects from Acme-Solar sandbox" + } + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.\n", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/sp-config/export/{id}": { + "get": { + "operationId": "getSpConfigExportStatus", + "security": [ + { + "UserContextAuth": [ + "sp:config:read", + "sp:config:manage" + ] + } + ], + "tags": [ + "SP-Config" + ], + "summary": "Get export job status", + "description": "This gets the status of the export job identified by the `id` parameter.\nThe request will need one of the following security scopes:\n- sp:config:read - sp:config:manage", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the export job whose status will be returned.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Export job status successfully returned.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "Unique id assigned to this job.", + "example": "3469b87d-48ca-439a-868f-2160001da8c1" + }, + "status": { + "type": "string", + "description": "Status of the job.", + "enum": [ + "NOT_STARTED", + "IN_PROGRESS", + "COMPLETE", + "CANCELLED", + "FAILED" + ], + "example": "COMPLETE" + }, + "type": { + "type": "string", + "description": "Type of the job, either export or import.", + "enum": [ + "EXPORT", + "IMPORT" + ], + "example": "IMPORT" + }, + "expiration": { + "type": "string", + "format": "date-time", + "description": "The time until which the artifacts will be available for download.", + "example": "2021-05-11T22:23:16Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time the job was started.", + "example": "2021-05-11T22:23:16Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time of the last update to the job.", + "example": "2021-05-11T22:23:16Z" + } + }, + "required": [ + "jobId", + "status", + "type", + "expiration", + "created", + "modified" + ] + }, + { + "type": "object", + "required": [ + "description" + ], + "properties": { + "description": { + "type": "string", + "description": "Optional user defined description/name for export job.", + "example": "ETS configuration objects from Acme-Solar sandbox" + } + } + } + ] + }, + { + "type": "object", + "required": [ + "completed" + ], + "properties": { + "completed": { + "type": "string", + "format": "date-time", + "description": "The time the job was completed.", + "example": "2021-05-11T22:23:16Z" + } + } + } + ] + }, + "example": { + "jobId": "1e824aa0-4c6e-4f14-95e9-e7dc5234aa51", + "status": "COMPLETE", + "type": "EXPORT", + "message": null, + "description": "Export Job 1 Test", + "expiration": "2021-05-20T15:04:24Z", + "created": "2021-05-13T15:04:24.112Z", + "modified": "2021-05-13T15:04:27.363Z", + "completed": "2021-05-13T15:04:27.358Z" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sp-config/export/{id}/download": { + "get": { + "operationId": "getSpConfigExport", + "tags": [ + "SP-Config" + ], + "summary": "Download export job result.", + "description": "This endpoint gets the export file resulting from the export job with the requested `id` and downloads it to a file.\nThe request will need one of the following security scopes:\n- sp:config:read - sp:config:manage", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the export job whose results will be downloaded.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Exported JSON objects.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Config Export Response Body", + "description": "Response model for config export download response.", + "properties": { + "version": { + "type": "integer", + "description": "Current version of the export results object.", + "example": 1 + }, + "timestamp": { + "type": "string", + "format": "date-time", + "description": "Time the export was completed.", + "example": "2021-05-11T22:23:16Z" + }, + "tenant": { + "type": "string", + "description": "Name of the tenant where this export originated.", + "example": "sample-tenant" + }, + "description": { + "type": "string", + "description": "Optional user defined description/name for export job.", + "example": "Export Job 1 Test" + }, + "options": { + "description": "Options used to create this export.", + "type": "object", + "properties": { + "excludeTypes": { + "description": "Object type names to be excluded from an sp-config export command.", + "type": "array", + "items": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ], + "example": "SOURCE" + } + }, + "includeTypes": { + "description": "Object type names to be included in an sp-config export command. IncludeTypes takes precedence over excludeTypes.", + "type": "array", + "items": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ], + "example": "TRIGGER_SUBSCRIPTION" + } + }, + "objectOptions": { + "description": "Additional options targeting specific objects related to each item in the includeTypes field", + "type": "object", + "additionalProperties": { + "type": "object", + "properties": { + "includedIds": { + "description": "Object ids to be included in an import or export.", + "type": "array", + "items": { + "type": "string", + "example": "be9e116d-08e1-49fc-ab7f-fa585e96c9e4" + } + }, + "includedNames": { + "description": "Object names to be included in an import or export.", + "type": "array", + "items": { + "type": "string", + "example": "Test Object" + } + } + } + }, + "example": { + "TRIGGER_SUBSCRIPTION": { + "includedIds": [ + "be9e116d-08e1-49fc-ab7f-fa585e96c9e4" + ], + "includedNames": [ + "Test 2" + ] + } + } + } + } + }, + "objects": { + "type": "array", + "items": { + "type": "object", + "title": "Config Object for Export and Import", + "description": "Config export and import format for individual object configurations.", + "properties": { + "version": { + "type": "integer", + "description": "Current version of configuration object.", + "example": 1 + }, + "self": { + "type": "object", + "description": "Self block for imported/exported object.", + "properties": { + "type": { + "type": "string", + "description": "Imported/exported object's DTO type. Import is currently only possible with the IDENTITY_OBJECT_CONFIG, IDENTITY_PROFILE, RULE, SOURCE, TRANSFORM, and TRIGGER_SUBSCRIPTION object types.", + "enum": [ + "ACCESS_PROFILE", + "ACCESS_REQUEST_CONFIG", + "ATTR_SYNC_SOURCE_CONFIG", + "AUTH_ORG", + "CAMPAIGN_FILTER", + "FORM_DEFINITION", + "GOVERNANCE_GROUP", + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "LIFECYCLE_STATE", + "NOTIFICATION_TEMPLATE", + "PASSWORD_POLICY", + "PASSWORD_SYNC_GROUP", + "PUBLIC_IDENTITIES_CONFIG", + "ROLE", + "RULE", + "SEGMENT", + "SERVICE_DESK_INTEGRATION", + "SOD_POLICY", + "SOURCE", + "TAG", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION", + "WORKFLOW" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "Imported/exported object's ID.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Imported/exported object's display name.", + "example": "HR Active Directory" + } + } + }, + "object": { + "description": "Object details. Format dependant on the object type.", + "additionalProperties": true + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sp-config/import": { + "post": { + "operationId": "importSpConfig", + "tags": [ + "SP-Config" + ], + "summary": "Initiates configuration objects import job", + "description": "This post will import objects from a JSON configuration file into a tenant. By default, every import will first export all existing objects supported by sp-config as a backup before the import is attempted. The backup is provided so that the state of the configuration prior to the import is available for inspection or restore if needed. The backup can be skipped by setting \"excludeBackup\" to true in the import options. If a backup is performed, the id of the backup will be provided in the ImportResult as the \"exportJobId\". This can be downloaded using the /sp-config/export/{exportJobId}/download endpoint.\nYou cannot currently import from the Non-Employee Lifecycle Management (NELM) source. You cannot use this endpoint to back up or store NELM data. \nFor more information about the object types that currently support import functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).\nThe request will need the following security scope:\n- sp:config:manage", + "parameters": [ + { + "in": "query", + "name": "preview", + "schema": { + "type": "boolean", + "default": false + }, + "required": false, + "description": "This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is \"true\", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.", + "example": "true" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "The form-data \"name\" attribute for the file content must be \"data\".\n\n__Example__\n\n data: \"config_export_0340b957-5caa-44f6-ada2-d3c4c5bd0b19.json\",\n options: {\n \"excludeTypes\": [],\n \"includeTypes\": [\"TRIGGER_SUBSCRIPTION\"],\n \"objectOptions\": {\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [ \"193446a1-c431-4326-8ba7-d6eebf922948\"],\n \"includedNames\":[]\n }\n },\n \"defaultReferences\": [\n {\n \"type\": \"TRIGGER_SUBSCRIPTION\",\n \"id\": \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"name\": \"Test Trigger\"\n }\n ],\n \"excludeBackup\": false\n }\n\n__Sample Import File__\n\n {\n \t\"version\": 1,\n \t\"timestamp\": \"2021-05-10T15:19:23.425041-05:00\",\n \t\"tenant\": \"sampleTenant\",\n \t\"options\": {\n \t\t\"excludeTypes\": [],\n \t\t\"includeTypes\": [\"TRIGGER_SUBSCRIPTION\"],\n \t\t\"objectOptions\": null\n \t},\n \t\"objects\": [{\n \t\t\t\"version\": 1,\n \t\t\t\"self\": {\n \t\t\t\t\"type\": \"TRIGGER_SUBSCRIPTION\",\n \t\t\t\t\"name\": \"test trigger\",\n \t\t\t\t\"id\": \"193446a1-c431-4326-8ba7-d6eebf922948\"\n \t\t\t},\n \t\t\t\"object\": {\n \t\t\t\t\"type\": \"HTTP\",\n \t\t\t\t\"enabled\": true,\n \t\t\t\t\"httpConfig\": {\n \t\t\t\t\t\"url\": \"https://localhost\",\n \t\t\t\t\t\"httpAuthenticationType\": \"NO_AUTH\",\n \t\t\t\t\t\"basicAuthConfig\": null,\n \t\t\t\t\t\"bearerTokenAuthConfig\": null,\n \t\t\t\t\t\"httpDispatchMode\": \"SYNC\"\n \t\t\t\t},\n \t\t\t\t\"triggerName\": \"Access Request Submitted\",\n \t\t\t\t\"responseDeadline\": \"PT1H\",\n \t\t\t\t\"name\": \"test trigger\",\n \t\t\t\t\"triggerId\": \"idn:access-request-pre-approval\"\n \t\t\t}\n \t\t}\n \t]\n }\n", + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "data": { + "type": "string", + "format": "binary", + "description": "JSON file containing the objects to be imported." + }, + "options": { + "type": "object", + "properties": { + "excludeTypes": { + "description": "Object type names to be excluded from an sp-config export command.", + "type": "array", + "items": { + "type": "string", + "enum": [ + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "RULE", + "SOURCE", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION" + ], + "example": "SOURCE" + } + }, + "includeTypes": { + "description": "Object type names to be included in an sp-config export command. IncludeTypes takes precedence over excludeTypes.", + "type": "array", + "items": { + "type": "string", + "enum": [ + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "RULE", + "SOURCE", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION" + ], + "example": "TRIGGER_SUBSCRIPTION" + } + }, + "objectOptions": { + "description": "Additional options targeting specific objects related to each item in the includeTypes field", + "type": "object", + "additionalProperties": { + "type": "object", + "properties": { + "includedIds": { + "description": "Object ids to be included in an import or export.", + "type": "array", + "items": { + "type": "string", + "example": "be9e116d-08e1-49fc-ab7f-fa585e96c9e4" + } + }, + "includedNames": { + "description": "Object names to be included in an import or export.", + "type": "array", + "items": { + "type": "string", + "example": "Test Object" + } + } + } + }, + "example": { + "TRIGGER_SUBSCRIPTION": { + "includedIds": [ + "be9e116d-08e1-49fc-ab7f-fa585e96c9e4" + ], + "includedNames": [ + "Test 2" + ] + } + } + }, + "defaultReferences": { + "description": "List of object types that can be used to resolve references on import.", + "type": "array", + "items": { + "type": "string", + "enum": [ + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "RULE", + "SOURCE", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION" + ], + "example": "TRIGGER_SUBSCRIPTION" + } + }, + "excludeBackup": { + "description": "By default, every import will first export all existing objects supported by sp-config as a backup before the import is attempted. If excludeBackup is true, the backup will not be performed.", + "type": "boolean", + "default": false, + "example": "false" + } + } + } + }, + "required": [ + "data" + ] + }, + "example": { + "data": "config_export_0340b957-5caa-44f6-ada2-d3c4c5bd0b19.json", + "options": { + "excludeTypes": [], + "includeTypes": [ + "TRIGGER_SUBSCRIPTION" + ], + "objectOptions": { + "TRIGGER_SUBSCRIPTION": { + "includedIds": [ + "be9e116d-08e1-49fc-ab7f-fa585e96c9e4" + ], + "includedNames": [ + "Lori Test 2" + ] + } + }, + "defaultReferences": [ + { + "type": "TRIGGER_SUBSCRIPTION", + "id": "be9e116d-08e1-49fc-ab7f-fa585e96c9e4", + "name": "Test Trigger" + } + ], + "excludeBackup": false + } + } + } + } + }, + "responses": { + "202": { + "description": "Import job accepted and queued for processing.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "Unique id assigned to this job.", + "example": "3469b87d-48ca-439a-868f-2160001da8c1" + }, + "status": { + "type": "string", + "description": "Status of the job.", + "enum": [ + "NOT_STARTED", + "IN_PROGRESS", + "COMPLETE", + "CANCELLED", + "FAILED" + ], + "example": "COMPLETE" + }, + "type": { + "type": "string", + "description": "Type of the job, either export or import.", + "enum": [ + "EXPORT", + "IMPORT" + ], + "example": "IMPORT" + }, + "expiration": { + "type": "string", + "format": "date-time", + "description": "The time until which the artifacts will be available for download.", + "example": "2021-05-11T22:23:16Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time the job was started.", + "example": "2021-05-11T22:23:16Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time of the last update to the job.", + "example": "2021-05-11T22:23:16Z" + } + }, + "required": [ + "jobId", + "status", + "type", + "expiration", + "created", + "modified" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.\n", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sp-config/import/{id}": { + "get": { + "operationId": "getSpConfigImportStatus", + "security": [ + { + "UserContextAuth": [ + "sp:config:manage" + ] + } + ], + "tags": [ + "SP-Config" + ], + "summary": "Get import job status", + "description": "This gets the status of the import job identified by the `id` parameter.\nFor more information about the object types that currently support import functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).\nThe request will need the following security scope:\n- sp:config:manage", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the import job whose status will be returned.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Import job status successfully returned.", + "content": { + "application/json": { + "schema": { + "allOf": [ + { + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "Unique id assigned to this job.", + "example": "3469b87d-48ca-439a-868f-2160001da8c1" + }, + "status": { + "type": "string", + "description": "Status of the job.", + "enum": [ + "NOT_STARTED", + "IN_PROGRESS", + "COMPLETE", + "CANCELLED", + "FAILED" + ], + "example": "COMPLETE" + }, + "type": { + "type": "string", + "description": "Type of the job, either export or import.", + "enum": [ + "EXPORT", + "IMPORT" + ], + "example": "IMPORT" + }, + "expiration": { + "type": "string", + "format": "date-time", + "description": "The time until which the artifacts will be available for download.", + "example": "2021-05-11T22:23:16Z" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The time the job was started.", + "example": "2021-05-11T22:23:16Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The time of the last update to the job.", + "example": "2021-05-11T22:23:16Z" + } + }, + "required": [ + "jobId", + "status", + "type", + "expiration", + "created", + "modified" + ] + }, + { + "type": "object", + "required": [ + "completed", + "message" + ], + "properties": { + "message": { + "type": "string", + "description": "This message contains additional information about the overall status of the job.", + "example": "Download import results for details." + }, + "completed": { + "type": "string", + "format": "date-time", + "description": "The time the job was completed.", + "example": "2021-05-11T22:23:16Z" + } + } + } + ] + }, + "example": { + "jobId": "4fb10503-1c49-4603-8f8d-886e1f6aa47b", + "status": "COMPLETE", + "type": "IMPORT", + "message": "Download import results for details.", + "description": null, + "expiration": "2021-05-20T16:42:39Z", + "created": "2021-05-13T16:42:39.333Z", + "modified": "2021-05-13T16:42:40.71Z", + "completed": "2021-05-13T16:42:40.705Z" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sp-config/import/{id}/download": { + "get": { + "operationId": "getSpConfigImport", + "tags": [ + "SP-Config" + ], + "summary": "Download import job result", + "description": "This gets import file resulting from the import job with the requested id and downloads it to a file. The downloaded file will contain the results of the import operation, including any error, warning or informational messages associated with the import.\nThe request will need the following security scope:\n- sp:config:manage", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the import job whose results will be downloaded.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Import results JSON object, containing detailed results of the import operation.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Config Import Response Body", + "description": "Response Body for Config Import command.", + "properties": { + "results": { + "type": "object", + "additionalProperties": { + "type": "object", + "title": "Import Object Response Body", + "description": "Response model for import of a single object.", + "properties": { + "infos": { + "description": "Informational messages returned from the target service on import.", + "type": "array", + "items": { + "type": "object", + "title": "Config Import/Export Message", + "description": "Message model for Config Import/Export.", + "properties": { + "key": { + "type": "string", + "description": "Message key.", + "example": "UNKNOWN_REFERENCE_RESOLVER" + }, + "text": { + "type": "string", + "description": "Message text.", + "example": "Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]" + }, + "details": { + "type": "object", + "description": "Message details if any, in key:value pairs.", + "additionalProperties": { + "type": "object" + }, + "example": { + "details": "message details" + } + } + }, + "required": [ + "key", + "text", + "details" + ] + } + }, + "warnings": { + "description": "Warning messages returned from the target service on import.", + "type": "array", + "items": { + "type": "object", + "title": "Config Import/Export Message", + "description": "Message model for Config Import/Export.", + "properties": { + "key": { + "type": "string", + "description": "Message key.", + "example": "UNKNOWN_REFERENCE_RESOLVER" + }, + "text": { + "type": "string", + "description": "Message text.", + "example": "Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]" + }, + "details": { + "type": "object", + "description": "Message details if any, in key:value pairs.", + "additionalProperties": { + "type": "object" + }, + "example": { + "details": "message details" + } + } + }, + "required": [ + "key", + "text", + "details" + ] + } + }, + "errors": { + "description": "Error messages returned from the target service on import.", + "type": "array", + "items": { + "type": "object", + "title": "Config Import/Export Message", + "description": "Message model for Config Import/Export.", + "properties": { + "key": { + "type": "string", + "description": "Message key.", + "example": "UNKNOWN_REFERENCE_RESOLVER" + }, + "text": { + "type": "string", + "description": "Message text.", + "example": "Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]" + }, + "details": { + "type": "object", + "description": "Message details if any, in key:value pairs.", + "additionalProperties": { + "type": "object" + }, + "example": { + "details": "message details" + } + } + }, + "required": [ + "key", + "text", + "details" + ] + } + }, + "importedObjects": { + "description": "References to objects that were created or updated by the import.", + "type": "array", + "items": { + "type": "object", + "description": "Object created or updated by import.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of object created or updated by import.", + "enum": [ + "IDENTITY_OBJECT_CONFIG", + "IDENTITY_PROFILE", + "RULE", + "SOURCE", + "TRANSFORM", + "TRIGGER_SUBSCRIPTION" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of object created or updated by import.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Display name of object created or updated by import.", + "example": "HR Active Directory" + } + } + } + } + }, + "required": [ + "infos", + "warnings", + "errors", + "importedObjects" + ] + }, + "description": "The results of an object configuration import job.", + "example": { + "results": { + "TRIGGER_SUBSCRIPTION": { + "infos": [ + { + "key": "IMPORT_PREVIEW", + "text": "Object to be imported: [c953134c-2224-42f2-a84e-fa5cbb395904, Test 2]", + "detail": null + }, + { + "key": "IMPORT_PREVIEW", + "text": "Object to be imported: [be9e116d-08e1-49fc-ab7f-fa585e96c9e4, Test 1]", + "detail": null + } + ], + "warnings": [], + "errors": [], + "importedObjects": [] + } + } + } + }, + "exportJobId": { + "type": "string", + "description": "If a backup was performed before the import, this will contain the jobId of the backup job. This id can be used to retrieve the json file of the backup export.", + "example": "be9e116d-08e1-49fc-ab7f-fa585e96c9e4" + } + }, + "required": [ + "results" + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sp-config/config-objects": { + "get": { + "operationId": "listSpConfigObjects", + "security": [ + { + "UserContextAuth": [ + "sp:config:read", + "sp:config:manage" + ] + } + ], + "tags": [ + "SP-Config" + ], + "summary": "Get config object details", + "description": "This gets the list of object configurations which are known to the tenant export/import service. Object configurations that contain \"importUrl\" and \"exportUrl\" are available for export/import.", + "responses": { + "200": { + "description": "Object configurations returned successfully.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "title": "Object Configuration Model", + "description": "Response model for get object configuration.", + "type": "object", + "properties": { + "objectType": { + "type": "string", + "description": "The object type this configuration is for.", + "example": "TRIGGER_SUBSCRIPTION" + }, + "resolveByIdUrl": { + "description": "Url and query parameters to be used to resolve this type of object by Id.", + "type": "object", + "title": "Resolver URL Format for Object Configuration.", + "properties": { + "url": { + "description": "URL for the target object endpoint.", + "type": "string", + "example": "ets://trigger-subscriptions/$id" + }, + "query": { + "description": "Any query parameters that are needed for the URL.", + "type": "object", + "nullable": true, + "example": null + } + } + }, + "resolveByNameUrl": { + "type": "array", + "items": { + "type": "object", + "title": "Resolver URL Format for Object Configuration.", + "description": "Format of resolver URLs for Object Configurations", + "properties": { + "url": { + "description": "URL for the target object endpoint.", + "type": "string", + "example": "ets://trigger-subscriptions/$id" + }, + "query": { + "description": "Any query parameters that are needed for the URL.", + "type": "object", + "nullable": true, + "example": null + } + } + }, + "description": "Url and query parameters to be used to resolve this type of object by name." + }, + "exportUrl": { + "type": "object", + "title": "Resolver URL Format for Object Configuration.", + "description": "Format of resolver URLs for Object Configurations", + "properties": { + "url": { + "description": "URL for the target object endpoint.", + "type": "string", + "example": "ets://trigger-subscriptions/$id" + }, + "query": { + "description": "Any query parameters that are needed for the URL.", + "type": "object", + "nullable": true, + "example": null + } + } + }, + "exportRight": { + "type": "string", + "description": "Rights needed by the invoker of sp-config/export in order to export this type of object.", + "example": "idn:trigger-service-subscriptions:read" + }, + "exportLimit": { + "type": "integer", + "format": "int32", + "description": "Pagination limit imposed by the target service for this object type.", + "example": 10 + }, + "importUrl": { + "type": "object", + "title": "Resolver URL Format for Object Configuration.", + "description": "Format of resolver URLs for Object Configurations", + "properties": { + "url": { + "description": "URL for the target object endpoint.", + "type": "string", + "example": "ets://trigger-subscriptions/$id" + }, + "query": { + "description": "Any query parameters that are needed for the URL.", + "type": "object", + "nullable": true, + "example": null + } + } + }, + "importRight": { + "type": "string", + "description": "Rights needed by the invoker of sp-config/import in order to import this type of object.", + "example": "idn:trigger-service-subscriptions:create" + }, + "importLimit": { + "type": "integer", + "format": "int32", + "description": "Pagination limit imposed by the target service for this object type.", + "example": 10 + }, + "referenceExtractors": { + "type": "array", + "nullable": true, + "description": "List of json paths within an exported object of this type that represent references that need to be resolved.", + "items": { + "type": "string" + }, + "example": [ + "$.owner" + ] + }, + "signatureRequired": { + "type": "boolean", + "default": false, + "description": "If true, this type of object will be JWS signed and cannot be modified before import.", + "example": false + }, + "legacyObject": { + "type": "boolean", + "default": false, + "example": false + }, + "onePerTenant": { + "type": "boolean", + "default": false, + "example": false + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/sources/{id}/attribute-sync-config": { + "get": { + "operationId": "getSourceAttrSyncConfig", + "tags": [ + "Sources" + ], + "summary": "Attribute Sync Config", + "description": "This API returns the existing attribute synchronization configuration for a source specified by the given ID. The response contains all attributes, regardless of whether they enabled or not.\nA token with ORG_ADMIN or HELPDESK authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:attr-sync-source-config:read", + "idn:attr-sync-source-config:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "The source id", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Attribute synchronization configuration for a source", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Specification of attribute sync configuration for a source", + "required": [ + "source", + "attributes" + ], + "properties": { + "source": { + "type": "object", + "description": "Target source for attribute synchronization.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of target source for attribute synchronization.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of target source for attribute synchronization.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of target source for attribute synchronization.", + "example": "HR Active Directory" + } + } + }, + "attributes": { + "type": "array", + "description": "Attribute synchronization configuration for specific identity attributes in the context of a source", + "items": { + "type": "object", + "description": "Specification of source attribute sync mapping configuration for an identity attribute", + "required": [ + "name", + "displayName", + "enabled", + "target" + ], + "properties": { + "name": { + "type": "string", + "description": "Name of the identity attribute", + "example": "email" + }, + "displayName": { + "type": "string", + "description": "Display name of the identity attribute", + "example": "Email" + }, + "enabled": { + "type": "boolean", + "description": "Determines whether or not the attribute is enabled for synchronization", + "example": true + }, + "target": { + "type": "string", + "description": "Name of the source account attribute to which the identity attribute value will be synchronized if enabled", + "example": "mail" + } + } + }, + "example": [ + { + "name": "email", + "displayName": "Email", + "enabled": true, + "target": "mail" + }, + { + "name": "firstname", + "displayName": "First Name", + "enabled": false, + "target": "givenName" + } + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putSourceAttrSyncConfig", + "tags": [ + "Sources" + ], + "summary": "Update Attribute Sync Config", + "description": "Replaces the attribute synchronization configuration for the source specified by the given ID with the configuration provided in the request body. Only the \"enabled\" field of the values in the \"attributes\" array is mutable. Attempting to change other attributes or add new values to the \"attributes\" array will result in an error.\n \nA token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:attr-sync-source-config:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "The source id", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Specification of attribute sync configuration for a source", + "required": [ + "source", + "attributes" + ], + "properties": { + "source": { + "type": "object", + "description": "Target source for attribute synchronization.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of target source for attribute synchronization.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of target source for attribute synchronization.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of target source for attribute synchronization.", + "example": "HR Active Directory" + } + } + }, + "attributes": { + "type": "array", + "description": "Attribute synchronization configuration for specific identity attributes in the context of a source", + "items": { + "type": "object", + "description": "Specification of source attribute sync mapping configuration for an identity attribute", + "required": [ + "name", + "displayName", + "enabled", + "target" + ], + "properties": { + "name": { + "type": "string", + "description": "Name of the identity attribute", + "example": "email" + }, + "displayName": { + "type": "string", + "description": "Display name of the identity attribute", + "example": "Email" + }, + "enabled": { + "type": "boolean", + "description": "Determines whether or not the attribute is enabled for synchronization", + "example": true + }, + "target": { + "type": "string", + "description": "Name of the source account attribute to which the identity attribute value will be synchronized if enabled", + "example": "mail" + } + } + }, + "example": [ + { + "name": "email", + "displayName": "Email", + "enabled": true, + "target": "mail" + }, + { + "name": "firstname", + "displayName": "First Name", + "enabled": false, + "target": "givenName" + } + ] + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Updated attribute synchronization configuration for a source", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Specification of attribute sync configuration for a source", + "required": [ + "source", + "attributes" + ], + "properties": { + "source": { + "type": "object", + "description": "Target source for attribute synchronization.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of target source for attribute synchronization.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of target source for attribute synchronization.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of target source for attribute synchronization.", + "example": "HR Active Directory" + } + } + }, + "attributes": { + "type": "array", + "description": "Attribute synchronization configuration for specific identity attributes in the context of a source", + "items": { + "type": "object", + "description": "Specification of source attribute sync mapping configuration for an identity attribute", + "required": [ + "name", + "displayName", + "enabled", + "target" + ], + "properties": { + "name": { + "type": "string", + "description": "Name of the identity attribute", + "example": "email" + }, + "displayName": { + "type": "string", + "description": "Display name of the identity attribute", + "example": "Email" + }, + "enabled": { + "type": "boolean", + "description": "Determines whether or not the attribute is enabled for synchronization", + "example": true + }, + "target": { + "type": "string", + "description": "Name of the source account attribute to which the identity attribute value will be synchronized if enabled", + "example": "mail" + } + } + }, + "example": [ + { + "name": "email", + "displayName": "Email", + "enabled": true, + "target": "mail" + }, + { + "name": "firstname", + "displayName": "First Name", + "enabled": false, + "target": "givenName" + } + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/connector/check-connection": { + "post": { + "operationId": "testSourceConnection", + "tags": [ + "Sources" + ], + "summary": "Check connection for source connector.", + "description": "This endpoint validates that the configured credentials are valid and will properly authenticate with the source identified by the sourceId path parameter.\nA token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:source-connector:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the Source.", + "example": "cef3ee201db947c5912551015ba0c679" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The result of checking connection to the source connector with response from it.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Status Response", + "description": "Response model for connection check, configuration test and ping of source connectors.", + "properties": { + "id": { + "type": "string", + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "ODS-AD-Test [source-999999]", + "readOnly": true + }, + "status": { + "type": "string", + "enum": [ + "SUCCESS", + "FAILURE" + ], + "description": "The status of the health check.", + "example": "SUCCESS", + "readOnly": true + }, + "elapsedMillis": { + "type": "integer", + "description": "The number of milliseconds spent on the entire request.", + "example": 1000, + "readOnly": true + }, + "details": { + "type": "object", + "description": "The document contains the results of the health check.\nThe schema of this document depends on the type of source used.\n", + "readOnly": true, + "example": { + "useTLSForIQService": false, + "IQService": { + "TLS Port": 0, + ".NET CLR Version": "4.0.30319.42000", + "SecondaryServiceStatus": "Running", + "Port": 5050, + "Host": "AUTOMATION-AD", + "Name": "IQService", + "IQServiceStatus": "Running", + "SecondaryService": "IQService-Instance1-Secondary", + "Version": "IQService Sep-2020", + "secondaryPort": 5051, + "OS Architecture": "AMD64", + "Operating System": "Microsoft Windows Server 2012 R2 Standard", + "highestDotNetVersion": "4.8 or later", + "Build Time": "09/22/2020 06:34 AM -0500" + }, + "IQServiceClientAuthEnabled": false, + "requestProcessedOn": "1/19/2021 1:47:14 PM" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/connector/peek-resource-objects": { + "post": { + "operationId": "peekResourceObjects", + "tags": [ + "Sources" + ], + "summary": "Peek source connector's resource objects", + "description": "Retrieves a sample of data returned from account and group aggregation requests.\nA token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:source-connector:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the Source", + "example": "cef3ee201db947c5912551015ba0c679" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "example": { + "objectType": "resource", + "maxCount": 50 + }, + "type": "object", + "title": "Resource Objects Request", + "description": "Request model for peek resource objects from source connectors.", + "properties": { + "objectType": { + "type": "string", + "description": "The type of resource objects to iterate over.", + "default": "account", + "example": "group" + }, + "maxCount": { + "type": "integer", + "description": "The maximum number of resource objects to iterate over and return.", + "default": 25, + "example": 100 + } + } + } + } + } + }, + "responses": { + "200": { + "description": "List of resource objects that was fetched from the source connector.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Resource Objects Response", + "description": "Response model for peek resource objects from source connectors.", + "properties": { + "id": { + "type": "string", + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "ODS-AD-Test [source-999999]", + "readOnly": true + }, + "objectCount": { + "type": "integer", + "description": "The number of objects that were fetched by the connector.", + "example": 25, + "readOnly": true + }, + "elapsedMillis": { + "type": "integer", + "description": "The number of milliseconds spent on the entire request.", + "example": 1055, + "readOnly": true + }, + "resourceObjects": { + "type": "array", + "items": { + "type": "object", + "title": "Resource Object", + "description": "Representation of the object which is returned from source connectors.", + "properties": { + "instance": { + "description": "Identifier of the specific instance where this object resides.", + "type": "string", + "readOnly": true + }, + "identity": { + "description": "Native identity of the object in the Source.", + "type": "string", + "example": "CN=Aaron Carr,OU=test1,DC=test2,DC=test", + "readOnly": true + }, + "uuid": { + "description": "Universal unique identifier of the object in the Source.", + "type": "string", + "example": "{abf7bd9b-68b4-4d21-9b70-870c58ebf844}", + "readOnly": true + }, + "previousIdentity": { + "description": "Native identity that the object has previously.", + "type": "string", + "readOnly": true + }, + "name": { + "description": "Display name for this object.", + "type": "string", + "example": "Aaron Carr", + "readOnly": true + }, + "objectType": { + "description": "Type of object.", + "type": "string", + "example": "account", + "readOnly": true + }, + "incomplete": { + "description": "A flag indicating that this is an incomplete object. Used in special cases where the connector has to return account information in several phases and the objects might not have a complete set of all account attributes. The attributes in this object will replace the corresponding attributes in the Link, but no other Link attributes will be changed.", + "type": "boolean", + "example": false, + "readOnly": true + }, + "incremental": { + "description": "A flag indicating that this is an incremental change object. This is similar to incomplete but it also means that the values of any multi-valued attributes in this object should be merged with the existing values in the Link rather than replacing the existing Link value.", + "type": "boolean", + "example": false, + "readOnly": true + }, + "delete": { + "description": "A flag indicating that this object has been deleted. This is set only when doing delta aggregation and the connector supports detection of native deletes.", + "type": "boolean", + "example": false, + "readOnly": true + }, + "remove": { + "description": "A flag set indicating that the values in the attributes represent things to remove rather than things to add. Setting this implies incremental. The values which are always for multi-valued attributes are removed from the current values.", + "type": "boolean", + "example": false, + "readOnly": true + }, + "missing": { + "description": "A list of attribute names that are not included in this object. This is only used with SMConnector and will only contain \"groups\".", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "missFieldOne", + "missFieldTwo" + ], + "readOnly": true + }, + "attributes": { + "description": "Attributes of this ResourceObject.", + "type": "object", + "example": { + "telephoneNumber": "12-(345)678-9012", + "mail": "example@test.com", + "displayName": "Aaron Carr" + }, + "readOnly": true + }, + "finalUpdate": { + "description": "In Aggregation, for sparse object the count for total accounts scanned identities updated is not incremented.", + "type": "boolean", + "example": false, + "readOnly": true + } + } + }, + "description": "Fetched objects from the source connector.", + "readOnly": true + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/connector/ping-cluster": { + "post": { + "operationId": "pingCluster", + "tags": [ + "Sources" + ], + "summary": "Ping cluster for source connector", + "description": "This endpoint validates that the cluster being used by the source is reachable from IdentityNow.\nA token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:source-connector:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the Source", + "example": "cef3ee201db947c5912551015ba0c679" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The result of pinging connection with the source connector.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Status Response", + "description": "Response model for connection check, configuration test and ping of source connectors.", + "properties": { + "id": { + "type": "string", + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "ODS-AD-Test [source-999999]", + "readOnly": true + }, + "status": { + "type": "string", + "enum": [ + "SUCCESS", + "FAILURE" + ], + "description": "The status of the health check.", + "example": "SUCCESS", + "readOnly": true + }, + "elapsedMillis": { + "type": "integer", + "description": "The number of milliseconds spent on the entire request.", + "example": 1000, + "readOnly": true + }, + "details": { + "type": "object", + "description": "The document contains the results of the health check.\nThe schema of this document depends on the type of source used.\n", + "readOnly": true, + "example": { + "useTLSForIQService": false, + "IQService": { + "TLS Port": 0, + ".NET CLR Version": "4.0.30319.42000", + "SecondaryServiceStatus": "Running", + "Port": 5050, + "Host": "AUTOMATION-AD", + "Name": "IQService", + "IQServiceStatus": "Running", + "SecondaryService": "IQService-Instance1-Secondary", + "Version": "IQService Sep-2020", + "secondaryPort": 5051, + "OS Architecture": "AMD64", + "Operating System": "Microsoft Windows Server 2012 R2 Standard", + "highestDotNetVersion": "4.8 or later", + "Build Time": "09/22/2020 06:34 AM -0500" + }, + "IQServiceClientAuthEnabled": false, + "requestProcessedOn": "1/19/2021 1:47:14 PM" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/connector/test-configuration": { + "post": { + "operationId": "testSourceConfiguration", + "tags": [ + "Sources" + ], + "summary": "Test configuration for source connector", + "description": "This endpoint performs a more detailed validation of the source's configuration that can take longer than the lighter weight credential validation performed by the checkConnection API.\nA token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:source-connector:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "sourceId", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the Source", + "example": "cef3ee201db947c5912551015ba0c679" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "The result of testing source connector configuration with response from it.", + "content": { + "application/json": { + "schema": { + "type": "object", + "title": "Status Response", + "description": "Response model for connection check, configuration test and ping of source connectors.", + "properties": { + "id": { + "type": "string", + "description": "ID of the source", + "example": "2c91808568c529c60168cca6f90c1313", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Name of the source", + "example": "ODS-AD-Test [source-999999]", + "readOnly": true + }, + "status": { + "type": "string", + "enum": [ + "SUCCESS", + "FAILURE" + ], + "description": "The status of the health check.", + "example": "SUCCESS", + "readOnly": true + }, + "elapsedMillis": { + "type": "integer", + "description": "The number of milliseconds spent on the entire request.", + "example": 1000, + "readOnly": true + }, + "details": { + "type": "object", + "description": "The document contains the results of the health check.\nThe schema of this document depends on the type of source used.\n", + "readOnly": true, + "example": { + "useTLSForIQService": false, + "IQService": { + "TLS Port": 0, + ".NET CLR Version": "4.0.30319.42000", + "SecondaryServiceStatus": "Running", + "Port": 5050, + "Host": "AUTOMATION-AD", + "Name": "IQService", + "IQServiceStatus": "Running", + "SecondaryService": "IQService-Instance1-Secondary", + "Version": "IQService Sep-2020", + "secondaryPort": 5051, + "OS Architecture": "AMD64", + "Operating System": "Microsoft Windows Server 2012 R2 Standard", + "highestDotNetVersion": "4.8 or later", + "Build Time": "09/22/2020 06:34 AM -0500" + }, + "IQServiceClientAuthEnabled": false, + "requestProcessedOn": "1/19/2021 1:47:14 PM" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{id}/connectors/source-config": { + "get": { + "operationId": "getSourceConfig", + "tags": [ + "Sources" + ], + "summary": "Gets source config with language translations", + "description": "Looks up and returns the source config for the requested source id after populating the source config values and applying language translations.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Source id" + }, + { + "in": "query", + "name": "locale", + "schema": { + "type": "string", + "enum": [ + "de", + false, + "fi", + "sv", + "ru", + "pt", + "ko", + "zh-TW", + "en", + "it", + "fr", + "zh-CN", + "hu", + "es", + "cs", + "ja", + "pl", + "da", + "nl" + ] + }, + "description": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A Connector Detail object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The connector name", + "example": "JDBC" + }, + "sourceConfigXml": { + "type": "string", + "description": "XML representation of the source config data", + "example": "
\n\t
" + }, + "sourceConfig": { + "type": "string", + "description": "JSON representation of the source config data", + "example": { + "Form": { + "Field": { + "_defaultValue": "true", + "_hidden": "true", + "_name": "cloudAuthEnabled", + "_type": "boolean", + "_value": "true" + }, + "_xmlns": "http://www.sailpoint.com/xsd/sailpoint_form_1_0.xsd", + "_connectorName": "Active Directory - Direct", + "_directConnect": "true", + "_name": "Active Directory", + "_status": "released", + "_type": "SourceConfig", + "__text": "\\n\\t" + } + } + }, + "directConnect": { + "type": "boolean", + "description": "true if the source is a direct connect source", + "example": true + }, + "fileUpload": { + "type": "boolean", + "description": "Connector config's file upload attribute, false if not there", + "example": false + }, + "uploadedFiles": { + "type": "string", + "description": "List of uploaded file strings for the connector", + "example": [] + }, + "connectorMetadata": { + "type": "object", + "description": "Object containing metadata pertinent to the UI to be used", + "example": { + "supportedUI": "EXTJS" + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{sourceId}/native-change-detection-config": { + "get": { + "operationId": "getNativeChangeDetectionConfig", + "tags": [ + "Sources" + ], + "summary": "Native Change Detection Configuration", + "security": [ + { + "UserContextAuth": [ + "idn:sources:read" + ] + } + ], + "description": "This API returns the existing native change detection configuration for a source specified by the given ID.\nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "The source id", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Native change detection configuration for a source", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Source configuration information for Native Change Detection that is read and used by account aggregation process.", + "properties": { + "enabled": { + "description": "A flag indicating if Native Change Detection is enabled for a source.", + "type": "boolean", + "example": true, + "default": false + }, + "operations": { + "type": "array", + "description": "Operation types for which Native Change Detection is enabled for a source.", + "items": { + "type": "string", + "enum": [ + "ACCOUNT_UPDATED", + "ACCOUNT_CREATED", + "ACCOUNT_DELETED" + ] + }, + "example": [ + "ACCOUNT_UPDATED", + "ACCOUNT_DELETED" + ] + }, + "allEntitlements": { + "description": "A flag indicating that all entitlements participate in Native Change Detection.", + "type": "boolean", + "example": false, + "default": false + }, + "allNonEntitlementAttributes": { + "description": "A flag indicating that all non-entitlement account attributes participate in Native Change Detection.", + "type": "boolean", + "example": false, + "default": false + }, + "selectedEntitlements": { + "description": "If allEntitlements flag is off this field lists entitlements that participate in Native Change Detection.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "memberOf", + "memberOfSharedMailbox" + ] + }, + "selectedNonEntitlementAttributes": { + "description": "If allNonEntitlementAttributes flag is off this field lists non-entitlement account attributes that participate in Native Change Detection.", + "externalDocs": { + "description": "Learn more about account attributes here.", + "url": "https://documentation.sailpoint.com/saas/help/accounts/schema.html" + }, + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "lastName", + "phoneNumber", + "objectType", + "servicePrincipalName" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "put": { + "operationId": "putNativeChangeDetectionConfig", + "tags": [ + "Sources" + ], + "summary": "Update Native Change Detection Configuration", + "security": [ + { + "UserContextAuth": [ + "idn:sources:update" + ] + } + ], + "description": "Replaces the native change detection configuration for the source specified by the given ID with the configuration provided in the request body.\n \nA token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "The source id", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Source configuration information for Native Change Detection that is read and used by account aggregation process.", + "properties": { + "enabled": { + "description": "A flag indicating if Native Change Detection is enabled for a source.", + "type": "boolean", + "example": true, + "default": false + }, + "operations": { + "type": "array", + "description": "Operation types for which Native Change Detection is enabled for a source.", + "items": { + "type": "string", + "enum": [ + "ACCOUNT_UPDATED", + "ACCOUNT_CREATED", + "ACCOUNT_DELETED" + ] + }, + "example": [ + "ACCOUNT_UPDATED", + "ACCOUNT_DELETED" + ] + }, + "allEntitlements": { + "description": "A flag indicating that all entitlements participate in Native Change Detection.", + "type": "boolean", + "example": false, + "default": false + }, + "allNonEntitlementAttributes": { + "description": "A flag indicating that all non-entitlement account attributes participate in Native Change Detection.", + "type": "boolean", + "example": false, + "default": false + }, + "selectedEntitlements": { + "description": "If allEntitlements flag is off this field lists entitlements that participate in Native Change Detection.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "memberOf", + "memberOfSharedMailbox" + ] + }, + "selectedNonEntitlementAttributes": { + "description": "If allNonEntitlementAttributes flag is off this field lists non-entitlement account attributes that participate in Native Change Detection.", + "externalDocs": { + "description": "Learn more about account attributes here.", + "url": "https://documentation.sailpoint.com/saas/help/accounts/schema.html" + }, + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "lastName", + "phoneNumber", + "objectType", + "servicePrincipalName" + ] + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Updated native change detection configuration for a source", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Source configuration information for Native Change Detection that is read and used by account aggregation process.", + "properties": { + "enabled": { + "description": "A flag indicating if Native Change Detection is enabled for a source.", + "type": "boolean", + "example": true, + "default": false + }, + "operations": { + "type": "array", + "description": "Operation types for which Native Change Detection is enabled for a source.", + "items": { + "type": "string", + "enum": [ + "ACCOUNT_UPDATED", + "ACCOUNT_CREATED", + "ACCOUNT_DELETED" + ] + }, + "example": [ + "ACCOUNT_UPDATED", + "ACCOUNT_DELETED" + ] + }, + "allEntitlements": { + "description": "A flag indicating that all entitlements participate in Native Change Detection.", + "type": "boolean", + "example": false, + "default": false + }, + "allNonEntitlementAttributes": { + "description": "A flag indicating that all non-entitlement account attributes participate in Native Change Detection.", + "type": "boolean", + "example": false, + "default": false + }, + "selectedEntitlements": { + "description": "If allEntitlements flag is off this field lists entitlements that participate in Native Change Detection.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "memberOf", + "memberOfSharedMailbox" + ] + }, + "selectedNonEntitlementAttributes": { + "description": "If allNonEntitlementAttributes flag is off this field lists non-entitlement account attributes that participate in Native Change Detection.", + "externalDocs": { + "description": "Learn more about account attributes here.", + "url": "https://documentation.sailpoint.com/saas/help/accounts/schema.html" + }, + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "lastName", + "phoneNumber", + "objectType", + "servicePrincipalName" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteNativeChangeDetectionConfig", + "tags": [ + "Sources" + ], + "summary": "Delete Native Change Detection Configuration", + "description": "Deletes the native change detection configuration for the source specified by the given ID.\nA token with API, or ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:sources:update" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "The source id", + "example": "2c9180835d191a86015d28455b4a2329" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{id}/remove-accounts": { + "post": { + "operationId": "deleteAccountsAsync", + "summary": "Remove All Accounts in a Source", + "tags": [ + "Sources" + ], + "description": "Use this endpoint to remove all accounts from the system without provisioning changes to the source. Accounts that are removed could be re-created during the next aggregation.\n\nThis endpoint is good for:\n* Removing accounts that no longer exist on the source.\n* Removing accounts that won't be aggregated following updates to the source configuration.\n* Forcing accounts to be re-created following the next aggregation to re-run account processing, support testing, etc.\n", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The source id", + "example": "ebbf35756e1140699ce52b233121384a" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "202": { + "description": "Accepted. Returns task result details of removal request.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Task result.", + "properties": { + "type": { + "type": "string", + "description": "Task result DTO type.", + "enum": [ + "TASK_RESULT" + ], + "example": "TASK_RESULT" + }, + "id": { + "type": "string", + "description": "Task result ID.", + "example": "464ae7bf791e49fdb74606a2e4a89635" + }, + "name": { + "type": "string", + "description": "Task result display name.", + "nullable": true, + "example": null + } + } + }, + "example": { + "type": "TASK_RESULT", + "id": "464ae7bf791e49fdb74606a2e4a89635", + "name": null + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:account:remove" + ] + } + ] + } + }, + "/sources/{id}/synchronize-attributes": { + "post": { + "operationId": "syncAttributesForSource", + "tags": [ + "Sources" + ], + "summary": "Synchronize single source attributes.", + "description": "This end-point performs attribute synchronization for a selected source.\nA token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The Source id" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "202": { + "description": "A Source Sync job", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Job ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "status": { + "type": "string", + "description": "The job status.", + "enum": [ + "QUEUED", + "IN_PROGRESS", + "SUCCESS", + "ERROR" + ], + "example": "IN_PROGRESS" + }, + "payload": { + "description": "Job payload.", + "example": { + "type": "SYNCHRONIZE_SOURCE_ATTRIBUTES", + "dataJson": "{\"sourceId\":\"2c918083746f642c01746f990884012a\"}" + }, + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Payload type.", + "example": "SYNCHRONIZE_SOURCE_ATTRIBUTES" + }, + "dataJson": { + "type": "string", + "description": "Payload type.", + "example": "{\"sourceId\":\"2c918083746f642c01746f990884012a\"}" + } + }, + "required": [ + "type", + "dataJson" + ] + } + }, + "required": [ + "id", + "status", + "payload" + ] + }, + "example": { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "status": "IN_PROGRESS", + "payload": { + "type": "SYNCHRONIZE_SOURCE_ATTRIBUTES", + "dataJson": "{\"sourceId\":\"2c918083746f642c01746f990884012a\"}" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{id}/entitlement-request-config": { + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:sources:read", + "idn:sources:manage" + ] + } + ], + "operationId": "getSourceEntitlementRequestConfig", + "summary": "Get Source Entitlement Request Configuration", + "tags": [ + "Sources" + ], + "description": "This API gets the current entitlement request configuration for a source. This source-level configuration should apply for all the entitlements in the source.\n\nAccess request to any entitlements in the source should follow this configuration unless a separate entitlement-level configuration is defined.\n- During access request, this source-level entitlement request configuration overrides the global organization-level configuration.\n- However, the entitlement-level configuration (if defined) overrides this source-level configuration.\n\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "responses": { + "200": { + "description": "Source Entitlement Request Configuration Details.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Entitlement Request Configuration", + "properties": { + "accessRequestConfig": { + "description": "Configuration for requesting access to entitlements", + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "description": "Ordered list of approval steps for the access request. Empty when no approval is required.", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "ENTITLEMENT_OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**ENTITLEMENT_OWNER**: Owner of the associated Entitlement\n\n**SOURCE_OWNER**: Owner of the associated Source\n\n**MANAGER**: Manager of the Identity for whom the request is being made\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "e3eab852-8315-467f-9de7-70eda97f63c8" + } + } + } + }, + "requestCommentRequired": { + "type": "boolean", + "description": "If the requester must provide a comment during access request.", + "default": false, + "example": true + }, + "denialCommentRequired": { + "type": "boolean", + "description": "If the reviewer must provide a comment when denying the access request.", + "default": false, + "example": false + } + } + } + } + }, + "examples": { + "Get default config": { + "description": "The default config for a source should look like the following where the empty approvalSchemes indicates that no approvals are required.", + "value": { + "accessRequestConfig": { + "approvalSchemes": [], + "requestCommentRequired": false, + "denialCommentRequired": false + } + } + }, + "Get config with one approval": { + "description": "In case of a single approval, the config could look like the following.", + "value": { + "accessRequestConfig": { + "approvalSchemes": [ + { + "approverId": null, + "approverType": "SOURCE_OWNER" + } + ], + "requestCommentRequired": true, + "denialCommentRequired": false + } + } + }, + "Get config with multiple approvals": { + "description": "In case of multiple levels of approvals the config could look like the following. In this scenario, access request review process should go through all the approvers sequentially.", + "value": { + "accessRequestConfig": { + "approvalSchemes": [ + { + "approverId": null, + "approverType": "ENTITLEMENT_OWNER" + }, + { + "approverId": null, + "approverType": "SOURCE_OWNER" + }, + { + "approverId": "95e538a3-30c1-433a-af05-4bed973bbc22", + "approverType": "GOVERNANCE_GROUP" + } + ], + "requestCommentRequired": true, + "denialCommentRequired": false + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "put": { + "security": [ + { + "UserContextAuth": [ + "idn:sources:manage" + ] + } + ], + "operationId": "updateSourceEntitlementRequestConfig", + "summary": "Update Source Entitlement Request Configuration", + "tags": [ + "Sources" + ], + "description": "This API replaces the current entitlement request configuration for a source. This source-level configuration should apply for all the entitlements in the source.\n\nAccess request to any entitlements in the source should follow this configuration unless a separate entitlement-level configuration is defined.\n- During access request, this source-level entitlement request configuration overrides the global organization-level configuration.\n- However, the entitlement-level configuration (if defined) overrides this source-level configuration.\n\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Entitlement Request Configuration", + "properties": { + "accessRequestConfig": { + "description": "Configuration for requesting access to entitlements", + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "description": "Ordered list of approval steps for the access request. Empty when no approval is required.", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "ENTITLEMENT_OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**ENTITLEMENT_OWNER**: Owner of the associated Entitlement\n\n**SOURCE_OWNER**: Owner of the associated Source\n\n**MANAGER**: Manager of the Identity for whom the request is being made\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "e3eab852-8315-467f-9de7-70eda97f63c8" + } + } + } + }, + "requestCommentRequired": { + "type": "boolean", + "description": "If the requester must provide a comment during access request.", + "default": false, + "example": true + }, + "denialCommentRequired": { + "type": "boolean", + "description": "If the reviewer must provide a comment when denying the access request.", + "default": false, + "example": false + } + } + } + } + }, + "examples": { + "Set config with no approvals": { + "description": "If no approvals are required, the following config can be set.", + "value": { + "accessRequestConfig": { + "approvalSchemes": [] + } + } + }, + "Set config with one approval": { + "description": "In case of single approval the following config can be set.", + "value": { + "accessRequestConfig": { + "approvalSchemes": [ + { + "approverType": "SOURCE_OWNER" + } + ], + "requestCommentRequired": true, + "denialCommentRequired": false + } + } + }, + "Set config with multiple approvals": { + "description": "In case of multiple levels of approvals the following config can be set. In this scenario, access request review process should go through all the approvers sequentially.", + "value": { + "accessRequestConfig": { + "approvalSchemes": [ + { + "approverType": "ENTITLEMENT_OWNER" + }, + { + "approverType": "SOURCE_OWNER" + }, + { + "approverType": "GOVERNANCE_GROUP", + "approverId": "95e538a3-30c1-433a-af05-4bed973bbc22" + } + ], + "requestCommentRequired": true, + "denialCommentRequired": false + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Source Entitlement Request Configuration Details.", + "content": { + "application/json": { + "schema": { + "type": "object", + "description": "Entitlement Request Configuration", + "properties": { + "accessRequestConfig": { + "description": "Configuration for requesting access to entitlements", + "type": "object", + "properties": { + "approvalSchemes": { + "type": "array", + "description": "Ordered list of approval steps for the access request. Empty when no approval is required.", + "items": { + "type": "object", + "properties": { + "approverType": { + "type": "string", + "enum": [ + "ENTITLEMENT_OWNER", + "SOURCE_OWNER", + "MANAGER", + "GOVERNANCE_GROUP" + ], + "description": "Describes the individual or group that is responsible for an approval step. Values are as follows.\n\n**ENTITLEMENT_OWNER**: Owner of the associated Entitlement\n\n**SOURCE_OWNER**: Owner of the associated Source\n\n**MANAGER**: Manager of the Identity for whom the request is being made\n\n**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field", + "example": "GOVERNANCE_GROUP" + }, + "approverId": { + "type": "string", + "nullable": true, + "description": "Id of the specific approver, used only when approverType is GOVERNANCE_GROUP", + "example": "e3eab852-8315-467f-9de7-70eda97f63c8" + } + } + } + }, + "requestCommentRequired": { + "type": "boolean", + "description": "If the requester must provide a comment during access request.", + "default": false, + "example": true + }, + "denialCommentRequired": { + "type": "boolean", + "description": "If the reviewer must provide a comment when denying the access request.", + "default": false, + "example": false + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/sources/{id}/load-accounts": { + "post": { + "tags": [ + "Sources" + ], + "summary": "Account Aggregation", + "operationId": "importAccounts", + "description": "Starts an account aggregation on the specified source. \nIf the target source is a delimited file source, then the CSV file needs to be included in the request body.\nYou will also need to set the Content-Type header to `multipart/form-data`.\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:sources:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Source Id", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "file": { + "type": "string", + "format": "binary", + "description": "The CSV file containing the source accounts to aggregate." + }, + "disableOptimization": { + "type": "string", + "example": "true", + "description": "Use this flag to reprocess every account whether or not the data has changed." + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Aggregate Accounts Task", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "success": { + "type": "boolean", + "description": "The status of the result", + "default": "true", + "example": "true" + }, + "task": { + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the task this taskStatus represents", + "type": "string", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "type": { + "description": "Type of task this task represents", + "type": "string", + "example": "QUARTZ" + }, + "name": { + "description": "The name of the aggregation process", + "type": "string", + "example": "Cloud Account Aggregation" + }, + "description": { + "description": "The description of the task", + "type": "string", + "example": "Aggregate from the specified application" + }, + "launcher": { + "description": "The user who initiated the task", + "type": "string", + "example": "John Doe" + }, + "created": { + "type": "string", + "description": "The Task creation date", + "format": "date-time", + "example": "2020-09-07T42:14:00.364Z" + }, + "launched": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "The task start date", + "example": "2020-09-07T42:14:00.521Z" + }, + "completed": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "The task completion date", + "example": "2020-09-07T42:14:01.137Z" + }, + "completionStatus": { + "type": "string", + "nullable": true, + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR" + ], + "description": "Task completion status.", + "example": "Success" + }, + "parentName": { + "type": "string", + "nullable": true, + "description": "Name of the parent task if exists.", + "example": "Audit Report" + }, + "messages": { + "type": "array", + "description": "List of the messages dedicated to the report. From task definition perspective here usually should be warnings or errors.", + "example": [], + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Type of the message.", + "enum": [ + "INFO", + "WARN", + "ERROR" + ], + "example": "WARN" + }, + "error": { + "type": "boolean", + "default": false, + "description": "Flag whether message is an error.", + "example": false + }, + "warning": { + "type": "boolean", + "default": false, + "description": "Flag whether message is a warning.", + "example": true + }, + "key": { + "type": "string", + "description": "Message string identifier.", + "example": "This aggregation failed because the currently running aggregation must complete before the next one can start." + }, + "localizedText": { + "type": "string", + "description": "Message context with the locale based language.", + "example": "This aggregation failed because the currently running aggregation must complete before the next one can start." + } + } + } + }, + "progress": { + "type": "string", + "nullable": true, + "description": "Current task state.", + "example": "Initializing..." + }, + "attributes": { + "type": "object", + "description": "Extra attributes map(dictionary) for the task.", + "properties": { + "appId": { + "description": "The id of the source", + "type": "string", + "example": "c31386cb18bb403cbb6df4c86294ff82" + }, + "optimizedAggregation": { + "description": "The indicator if the aggregation process was enabled/disabled for the aggregation job", + "type": "string", + "example": "enabled" + } + }, + "additionalProperties": { + "type": "object" + } + }, + "returns": { + "type": "array", + "description": "Return values from the task", + "items": { + "type": "object", + "properties": { + "displayLabel": { + "type": "string", + "description": "The display label of the return value", + "example": "TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS" + }, + "attributeName": { + "type": "string", + "description": "The attribute name of the return value", + "example": "applications" + } + }, + "example": [ + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS", + "attributeName": "applications" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_TOTAL", + "attributeName": "total" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_OPTIMIZED", + "attributeName": "optimizedAggregation" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_IGNORED", + "attributeName": "ignored" + }, + { + "displayLabel": "TASK_OUT_UNCHANGED_ACCOUNTS", + "attributeName": "optimized" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_CREATED", + "attributeName": "created" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_UPDATED", + "attributeName": "updated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_DELETED", + "attributeName": "deleted" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_MANAGER_CHANGES", + "attributeName": "managerChanges" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_BUSINESS_ROLE_CHANGES", + "attributeName": "detectedRoleChanges" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_EXCEPTION_CHANGES", + "attributeName": "exceptionChanges" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_POLICIES", + "attributeName": "policies" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_POLICY_VIOLATIONS", + "attributeName": "policyViolations" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_POLICY_NOTIFICATIONS", + "attributeName": "policyNotifications" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCORES_CHANGED", + "attributeName": "scoresChanged" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SNAPSHOTS_CREATED", + "attributeName": "snapshotsCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_CREATED", + "attributeName": "scopesCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_CORRELATED", + "attributeName": "scopesCorrelated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_SELECTED", + "attributeName": "scopesSelected" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_DORMANT", + "attributeName": "scopesDormant" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_UNSCOPED_IDENTITIES", + "attributeName": "unscopedIdentities" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_CERTIFICATIONS_CREATED", + "attributeName": "certificationsCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_CERTIFICATIONS_DELETED", + "attributeName": "certificationsDeleted" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS_GENERATED", + "attributeName": "applicationsGenerated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_MANAGED_ATTRIBUTES_PROMOTED", + "attributeName": "managedAttributesCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_MANAGED_ATTRIBUTES_PROMOTED_BY_APP", + "attributeName": "managedAttributesCreatedByApplication" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_IDENTITYENTITLEMENTS_CREATED", + "attributeName": "identityEntitlementsCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_GROUPS_CREATED", + "attributeName": "groupsCreated" + } + ] + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/sources/{id}/load-uncorrelated-accounts": { + "post": { + "tags": [ + "Sources" + ], + "summary": "Process Uncorrelated Accounts", + "operationId": "importUncorrelatedAccounts", + "description": "File is required for upload. You will also need to set the Content-Type header to `multipart/form-data`", + "security": [ + { + "UserContextAuth": [ + "idn:sources:manage" + ] + } + ], + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Source Id", + "example": "75dbec1ebe154d5785da27b95e1dd5d7" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "file": { + "type": "string", + "format": "binary" + } + } + } + } + } + }, + "responses": { + "202": { + "description": "Uncorrelated Accounts Task", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "success": { + "type": "boolean", + "description": "The status of the result", + "default": "true", + "example": "true" + }, + "task": { + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the task this taskStatus represents", + "type": "string", + "example": "90b83a6bb737489494794f84cd3a51e6" + }, + "type": { + "description": "Type of task this task represents", + "type": "string", + "example": "QUARTZ" + }, + "name": { + "description": "The name of uncorrelated accounts process", + "type": "string", + "example": "Cloud Process Uncorrelated Accounts" + }, + "description": { + "description": "The description of the task", + "type": "string", + "example": "Processes uncorrelated accounts for the specified application." + }, + "launcher": { + "description": "The user who initiated the task", + "type": "string", + "example": "John Doe" + }, + "created": { + "type": "string", + "description": "The Task creation date", + "format": "date-time", + "example": "2020-09-07T42:14:00.364Z" + }, + "launched": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "The task start date", + "example": "2020-09-07T42:14:00.521Z" + }, + "completed": { + "type": "string", + "nullable": true, + "format": "date-time", + "description": "The task completion date", + "example": "2020-09-07T42:14:01.137Z" + }, + "completionStatus": { + "type": "string", + "nullable": true, + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMP_ERROR" + ], + "description": "Task completion status.", + "example": "Success" + }, + "parentName": { + "type": "string", + "nullable": true, + "description": "Name of the parent task if exists.", + "example": "Audit Report" + }, + "messages": { + "type": "array", + "description": "List of the messages dedicated to the report. From task definition perspective here usually should be warnings or errors.", + "example": [], + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Type of the message.", + "enum": [ + "INFO", + "WARN", + "ERROR" + ], + "example": "WARN" + }, + "error": { + "type": "boolean", + "default": false, + "description": "Flag whether message is an error.", + "example": false + }, + "warning": { + "type": "boolean", + "default": false, + "description": "Flag whether message is a warning.", + "example": true + }, + "key": { + "type": "string", + "description": "Message string identifier.", + "example": "This correlation failed because the currently running correlation must complete before the next one can start." + }, + "localizedText": { + "type": "string", + "description": "Message context with the locale based language.", + "example": "This correlation failed because the currently running correlation must complete before the next one can start." + } + } + } + }, + "progress": { + "type": "string", + "nullable": true, + "description": "Current task state.", + "example": "Initializing..." + }, + "attributes": { + "type": "object", + "description": "Extra attributes map(dictionary) for the task.", + "properties": { + "qpocJobId": { + "description": "The id of qpoc job", + "type": "string", + "example": "5d303d46-fc51-48cd-9c6d-4e211e3ab63c" + }, + "taskStartDelay": { + "description": "the task start delay value", + "example": "" + } + } + }, + "returns": { + "description": "Return values from the task", + "type": "object", + "example": [ + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_APPLICATIONS", + "attributeName": "applications" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_TOTAL", + "attributeName": "total" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_IGNORED", + "attributeName": "correlationFailures" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_FAILURES", + "attributeName": "ignored" + }, + { + "displayLabel": "TASK_OUT_UNCHANGED_ACCOUNTS", + "attributeName": "optimized" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION__CREATED", + "attributeName": "created" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_UPDATED", + "attributeName": "updated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_DELETED", + "attributeName": "deleted" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_MANAGER_CHANGES", + "attributeName": "managerChanges" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_BUSINESS_ROLE_CHANGES", + "attributeName": "detectedRoleChanges" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_EXCEPTION_CHANGES", + "attributeName": "exceptionChanges" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_POLICIES", + "attributeName": "policies" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_POLICY_VIOLATIONS", + "attributeName": "policyViolations" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_POLICY_NOTIFICATIONS", + "attributeName": "policyNotifications" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_SCORES_CHANGED", + "attributeName": "scoresChanged" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_SNAPSHOTS_CREATED", + "attributeName": "snapshotsCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_SCOPES_CREATED", + "attributeName": "scopesCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_SCOPES_CORRELATED", + "attributeName": "scopesCorrelated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_SCOPES_SELECTED", + "attributeName": "scopesSelected" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_SCOPES_DORMANT", + "attributeName": "scopesDormant" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_UNSCOPED_IDENTITIES", + "attributeName": "unscopedIdentities" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_CERTIFICATIONS_CREATED", + "attributeName": "certificationsCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_CERTIFICATIONS_DELETED", + "attributeName": "certificationsDeleted" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_APPLICATIONS_GENERATED", + "attributeName": "applicationsGenerated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_MANAGED_ATTRIBUTES_PROMOTED", + "attributeName": "managedAttributesCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_MANAGED_ATTRIBUTES_PROMOTED_BY_APP", + "attributeName": "managedAttributesCreatedByApplication" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_IDENTITYENTITLEMENTS_CREATED", + "attributeName": "identityEntitlementsCreated" + }, + { + "displayLabel": "TASK_OUT_ACCOUNT_CORRELATION_GROUPS_CREATED", + "attributeName": "groupsCreated" + } + ] + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/task-status/{id}": { + "get": { + "tags": [ + "Task Management" + ], + "summary": "Get task status by ID.", + "description": "Get a TaskStatus for a task by task ID.", + "operationId": "getTaskStatus", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Task ID.", + "required": true, + "example": "00eebcf881994e419d72e757fd30dc0e", + "style": "simple", + "explode": false, + "schema": { + "type": "string" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Responds with a TaskStatus for the task with the given task ID.", + "content": { + "application/json": { + "schema": { + "description": "Details and current status of a specific task", + "required": [ + "id", + "type", + "uniqueName", + "description", + "parentName", + "attributes", + "created", + "modified", + "launched", + "launcher", + "completed", + "completionStatus", + "messages", + "progress", + "percentComplete", + "returns" + ], + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the task this TaskStatus represents", + "type": "string", + "example": "id12345" + }, + "type": { + "description": "Type of task this TaskStatus represents", + "type": "string", + "enum": [ + "QUARTZ", + "QPOC", + "QUEUED_TASK" + ], + "example": "QUARTZ" + }, + "uniqueName": { + "description": "Name of the task this TaskStatus represents", + "type": "string", + "example": "Big Task" + }, + "description": { + "description": "Description of the task this TaskStatus represents", + "type": "string", + "example": "A Really Big Task" + }, + "parentName": { + "description": "Name of the parent of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "example": "Parent Task" + }, + "launcher": { + "description": "Service to execute the task this TaskStatus represents", + "type": "string", + "example": "sweep" + }, + "target": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "description": "Target ID", + "type": "string", + "example": "c6dc37bf508149b28ce5b7d90ca4bbf9" + }, + "type": { + "description": "Target type", + "type": "string", + "nullable": true, + "enum": [ + "APPLICATION", + "IDENTITY", + null + ], + "example": "APPLICATION" + }, + "name": { + "description": "Target name", + "type": "string", + "example": "Active Directory [source]" + } + } + }, + "created": { + "description": "Creation date of the task this TaskStatus represents", + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "modified": { + "description": "Last modification date of the task this TaskStatus represents", + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "launched": { + "description": "Launch date of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "completed": { + "description": "Completion date of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "completionStatus": { + "description": "Completion status of the task this TaskStatus represents", + "type": "string", + "nullable": true, + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMPERROR", + null + ], + "example": "SUCCESS" + }, + "messages": { + "description": "Messages associated with the task this TaskStatus represents", + "type": "array", + "items": { + "description": "TaskStatus Message", + "required": [ + "key", + "localizedText", + "type", + "parameters" + ], + "type": "object", + "properties": { + "type": { + "description": "Type of the message", + "type": "string", + "enum": [ + "INFO", + "WARN", + "ERROR" + ], + "example": "INFO" + }, + "localizedText": { + "description": "Localized form of the message", + "type": "object", + "nullable": true, + "required": [ + "locale", + "message" + ], + "properties": { + "locale": { + "description": "Message locale", + "type": "string", + "example": "An error has occurred!" + }, + "message": { + "description": "Message text", + "type": "string", + "example": "Error has occurred!" + } + } + }, + "key": { + "description": "Key of the message", + "type": "string", + "example": "akey" + }, + "parameters": { + "description": "Message parameters for internationalization", + "nullable": true, + "type": "array", + "items": { + "type": "object" + }, + "example": [ + { + "name": "value" + } + ] + } + } + } + }, + "returns": { + "description": "Return values from the task this TaskStatus represents", + "type": "array", + "items": { + "description": "Task return details", + "required": [ + "name", + "attributeName" + ], + "type": "object", + "properties": { + "name": { + "description": "Display name of the TaskReturnDetails", + "type": "string", + "example": "label" + }, + "attributeName": { + "description": "Attribute the TaskReturnDetails is for", + "type": "string", + "example": "identityCount" + } + } + } + }, + "attributes": { + "description": "Attributes of the task this TaskStatus represents", + "type": "object", + "additionalProperties": true, + "example": { + "identityCount": 0 + } + }, + "progress": { + "description": "Current progress of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "example": "Started" + }, + "percentComplete": { + "description": "Current percentage completion of the task this TaskStatus represents", + "type": "integer", + "example": 100 + }, + "taskDefinitionSummary": { + "description": "Definition of a type of task, used to invoke tasks", + "required": [ + "arguments", + "description", + "executor", + "id", + "uniqueName", + "parentName" + ], + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the TaskDefinition", + "type": "string", + "example": "2c91808475b4334b0175e1dff64b63c5" + }, + "uniqueName": { + "description": "Name of the TaskDefinition", + "type": "string", + "example": "Cloud Account Aggregation" + }, + "description": { + "description": "Description of the TaskDefinition", + "type": "string", + "example": "Aggregates from the specified application." + }, + "parentName": { + "description": "Name of the parent of the TaskDefinition", + "type": "string", + "example": "Cloud Account Aggregation" + }, + "executor": { + "description": "Executor of the TaskDefinition", + "nullable": true, + "type": "string", + "example": "sailpoint.task.ServiceTaskExecutor" + }, + "arguments": { + "description": "Formal parameters of the TaskDefinition, without values", + "type": "object", + "additionalProperties": true + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden, generally due to a lack of security rights" + }, + "404": { + "description": "TaskStatus with the given id was not found." + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:task-management:read" + ] + } + ] + }, + "patch": { + "operationId": "updateTaskStatus", + "tags": [ + "Task Management" + ], + "summary": "Update task status by ID", + "description": "Update a current task status by task ID. Use this API to clear a pending task by updating the completionStatus and completed attributes.", + "parameters": [ + { + "name": "id", + "in": "path", + "description": "Task ID.", + "example": "00eebcf881994e419d72e757fd30dc0e", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "string" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "description": "The JSONPatch payload used to update the object.", + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + }, + "example": [ + { + "op": "replace", + "path": "/completionStatus", + "value": "Error" + }, + { + "op": "replace", + "path": "/completed", + "value": "2024-05-17T19:33:16.470Z" + } + ] + } + } + } + }, + "responses": { + "200": { + "description": "This response indicates the PATCH operation succeeded, and the API returns the updated task object.", + "content": { + "application/json": { + "schema": { + "description": "Details and current status of a specific task", + "required": [ + "id", + "type", + "uniqueName", + "description", + "parentName", + "attributes", + "created", + "modified", + "launched", + "launcher", + "completed", + "completionStatus", + "messages", + "progress", + "percentComplete", + "returns" + ], + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the task this TaskStatus represents", + "type": "string", + "example": "id12345" + }, + "type": { + "description": "Type of task this TaskStatus represents", + "type": "string", + "enum": [ + "QUARTZ", + "QPOC", + "QUEUED_TASK" + ], + "example": "QUARTZ" + }, + "uniqueName": { + "description": "Name of the task this TaskStatus represents", + "type": "string", + "example": "Big Task" + }, + "description": { + "description": "Description of the task this TaskStatus represents", + "type": "string", + "example": "A Really Big Task" + }, + "parentName": { + "description": "Name of the parent of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "example": "Parent Task" + }, + "launcher": { + "description": "Service to execute the task this TaskStatus represents", + "type": "string", + "example": "sweep" + }, + "target": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "description": "Target ID", + "type": "string", + "example": "c6dc37bf508149b28ce5b7d90ca4bbf9" + }, + "type": { + "description": "Target type", + "type": "string", + "nullable": true, + "enum": [ + "APPLICATION", + "IDENTITY", + null + ], + "example": "APPLICATION" + }, + "name": { + "description": "Target name", + "type": "string", + "example": "Active Directory [source]" + } + } + }, + "created": { + "description": "Creation date of the task this TaskStatus represents", + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "modified": { + "description": "Last modification date of the task this TaskStatus represents", + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "launched": { + "description": "Launch date of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "completed": { + "description": "Completion date of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "completionStatus": { + "description": "Completion status of the task this TaskStatus represents", + "type": "string", + "nullable": true, + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMPERROR", + null + ], + "example": "SUCCESS" + }, + "messages": { + "description": "Messages associated with the task this TaskStatus represents", + "type": "array", + "items": { + "description": "TaskStatus Message", + "required": [ + "key", + "localizedText", + "type", + "parameters" + ], + "type": "object", + "properties": { + "type": { + "description": "Type of the message", + "type": "string", + "enum": [ + "INFO", + "WARN", + "ERROR" + ], + "example": "INFO" + }, + "localizedText": { + "description": "Localized form of the message", + "type": "object", + "nullable": true, + "required": [ + "locale", + "message" + ], + "properties": { + "locale": { + "description": "Message locale", + "type": "string", + "example": "An error has occurred!" + }, + "message": { + "description": "Message text", + "type": "string", + "example": "Error has occurred!" + } + } + }, + "key": { + "description": "Key of the message", + "type": "string", + "example": "akey" + }, + "parameters": { + "description": "Message parameters for internationalization", + "nullable": true, + "type": "array", + "items": { + "type": "object" + }, + "example": [ + { + "name": "value" + } + ] + } + } + } + }, + "returns": { + "description": "Return values from the task this TaskStatus represents", + "type": "array", + "items": { + "description": "Task return details", + "required": [ + "name", + "attributeName" + ], + "type": "object", + "properties": { + "name": { + "description": "Display name of the TaskReturnDetails", + "type": "string", + "example": "label" + }, + "attributeName": { + "description": "Attribute the TaskReturnDetails is for", + "type": "string", + "example": "identityCount" + } + } + } + }, + "attributes": { + "description": "Attributes of the task this TaskStatus represents", + "type": "object", + "additionalProperties": true, + "example": { + "identityCount": 0 + } + }, + "progress": { + "description": "Current progress of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "example": "Started" + }, + "percentComplete": { + "description": "Current percentage completion of the task this TaskStatus represents", + "type": "integer", + "example": 100 + }, + "taskDefinitionSummary": { + "description": "Definition of a type of task, used to invoke tasks", + "required": [ + "arguments", + "description", + "executor", + "id", + "uniqueName", + "parentName" + ], + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the TaskDefinition", + "type": "string", + "example": "2c91808475b4334b0175e1dff64b63c5" + }, + "uniqueName": { + "description": "Name of the TaskDefinition", + "type": "string", + "example": "Cloud Account Aggregation" + }, + "description": { + "description": "Description of the TaskDefinition", + "type": "string", + "example": "Aggregates from the specified application." + }, + "parentName": { + "description": "Name of the parent of the TaskDefinition", + "type": "string", + "example": "Cloud Account Aggregation" + }, + "executor": { + "description": "Executor of the TaskDefinition", + "nullable": true, + "type": "string", + "example": "sailpoint.task.ServiceTaskExecutor" + }, + "arguments": { + "description": "Formal parameters of the TaskDefinition, without values", + "type": "object", + "additionalProperties": true + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:task-management:write" + ] + } + ] + } + }, + "/task-status": { + "get": { + "tags": [ + "Task Management" + ], + "summary": "Retrieve a task status list.", + "description": "Use this endpoint to get a list of **completed** tasks. To get a list of tasks **in-progress**, please use the [get pending tasks](https://developer.sailpoint.com/docs/api/beta/get-pending-tasks) endpoint.\n", + "operationId": "getTaskStatusList", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "example": "completionStatus eq \"Success\"", + "required": false, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**sourceId**: *eq, in*\n\n**completionStatus**: *eq, in*\n\n**type**: *eq, in*" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "example": "-created", + "required": false, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created**" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Responds with a TaskStatus for the task with the given task ID.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "description": "Details and current status of a specific task", + "required": [ + "id", + "type", + "uniqueName", + "description", + "parentName", + "attributes", + "created", + "modified", + "launched", + "launcher", + "completed", + "completionStatus", + "messages", + "progress", + "percentComplete", + "returns" + ], + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the task this TaskStatus represents", + "type": "string", + "example": "id12345" + }, + "type": { + "description": "Type of task this TaskStatus represents", + "type": "string", + "enum": [ + "QUARTZ", + "QPOC", + "QUEUED_TASK" + ], + "example": "QUARTZ" + }, + "uniqueName": { + "description": "Name of the task this TaskStatus represents", + "type": "string", + "example": "Big Task" + }, + "description": { + "description": "Description of the task this TaskStatus represents", + "type": "string", + "example": "A Really Big Task" + }, + "parentName": { + "description": "Name of the parent of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "example": "Parent Task" + }, + "launcher": { + "description": "Service to execute the task this TaskStatus represents", + "type": "string", + "example": "sweep" + }, + "target": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "description": "Target ID", + "type": "string", + "example": "c6dc37bf508149b28ce5b7d90ca4bbf9" + }, + "type": { + "description": "Target type", + "type": "string", + "nullable": true, + "enum": [ + "APPLICATION", + "IDENTITY", + null + ], + "example": "APPLICATION" + }, + "name": { + "description": "Target name", + "type": "string", + "example": "Active Directory [source]" + } + } + }, + "created": { + "description": "Creation date of the task this TaskStatus represents", + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "modified": { + "description": "Last modification date of the task this TaskStatus represents", + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "launched": { + "description": "Launch date of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "completed": { + "description": "Completion date of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "completionStatus": { + "description": "Completion status of the task this TaskStatus represents", + "type": "string", + "nullable": true, + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMPERROR", + null + ], + "example": "SUCCESS" + }, + "messages": { + "description": "Messages associated with the task this TaskStatus represents", + "type": "array", + "items": { + "description": "TaskStatus Message", + "required": [ + "key", + "localizedText", + "type", + "parameters" + ], + "type": "object", + "properties": { + "type": { + "description": "Type of the message", + "type": "string", + "enum": [ + "INFO", + "WARN", + "ERROR" + ], + "example": "INFO" + }, + "localizedText": { + "description": "Localized form of the message", + "type": "object", + "nullable": true, + "required": [ + "locale", + "message" + ], + "properties": { + "locale": { + "description": "Message locale", + "type": "string", + "example": "An error has occurred!" + }, + "message": { + "description": "Message text", + "type": "string", + "example": "Error has occurred!" + } + } + }, + "key": { + "description": "Key of the message", + "type": "string", + "example": "akey" + }, + "parameters": { + "description": "Message parameters for internationalization", + "nullable": true, + "type": "array", + "items": { + "type": "object" + }, + "example": [ + { + "name": "value" + } + ] + } + } + } + }, + "returns": { + "description": "Return values from the task this TaskStatus represents", + "type": "array", + "items": { + "description": "Task return details", + "required": [ + "name", + "attributeName" + ], + "type": "object", + "properties": { + "name": { + "description": "Display name of the TaskReturnDetails", + "type": "string", + "example": "label" + }, + "attributeName": { + "description": "Attribute the TaskReturnDetails is for", + "type": "string", + "example": "identityCount" + } + } + } + }, + "attributes": { + "description": "Attributes of the task this TaskStatus represents", + "type": "object", + "additionalProperties": true, + "example": { + "identityCount": 0 + } + }, + "progress": { + "description": "Current progress of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "example": "Started" + }, + "percentComplete": { + "description": "Current percentage completion of the task this TaskStatus represents", + "type": "integer", + "example": 100 + }, + "taskDefinitionSummary": { + "description": "Definition of a type of task, used to invoke tasks", + "required": [ + "arguments", + "description", + "executor", + "id", + "uniqueName", + "parentName" + ], + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the TaskDefinition", + "type": "string", + "example": "2c91808475b4334b0175e1dff64b63c5" + }, + "uniqueName": { + "description": "Name of the TaskDefinition", + "type": "string", + "example": "Cloud Account Aggregation" + }, + "description": { + "description": "Description of the TaskDefinition", + "type": "string", + "example": "Aggregates from the specified application." + }, + "parentName": { + "description": "Name of the parent of the TaskDefinition", + "type": "string", + "example": "Cloud Account Aggregation" + }, + "executor": { + "description": "Executor of the TaskDefinition", + "nullable": true, + "type": "string", + "example": "sailpoint.task.ServiceTaskExecutor" + }, + "arguments": { + "description": "Formal parameters of the TaskDefinition, without values", + "type": "object", + "additionalProperties": true + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:task-management:read" + ] + } + ] + } + }, + "/task-status/pending-tasks": { + "get": { + "tags": [ + "Task Management" + ], + "summary": "Retrieve a pending task list.", + "description": "Retrieve a list of TaskStatus for pending tasks.", + "operationId": "getPendingTasks", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Responds with a list of TaskStatus for pending tasks.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "description": "Details and current status of a specific task", + "required": [ + "id", + "type", + "uniqueName", + "description", + "parentName", + "attributes", + "created", + "modified", + "launched", + "launcher", + "completed", + "completionStatus", + "messages", + "progress", + "percentComplete", + "returns" + ], + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the task this TaskStatus represents", + "type": "string", + "example": "id12345" + }, + "type": { + "description": "Type of task this TaskStatus represents", + "type": "string", + "enum": [ + "QUARTZ", + "QPOC", + "QUEUED_TASK" + ], + "example": "QUARTZ" + }, + "uniqueName": { + "description": "Name of the task this TaskStatus represents", + "type": "string", + "example": "Big Task" + }, + "description": { + "description": "Description of the task this TaskStatus represents", + "type": "string", + "example": "A Really Big Task" + }, + "parentName": { + "description": "Name of the parent of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "example": "Parent Task" + }, + "launcher": { + "description": "Service to execute the task this TaskStatus represents", + "type": "string", + "example": "sweep" + }, + "target": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "description": "Target ID", + "type": "string", + "example": "c6dc37bf508149b28ce5b7d90ca4bbf9" + }, + "type": { + "description": "Target type", + "type": "string", + "nullable": true, + "enum": [ + "APPLICATION", + "IDENTITY", + null + ], + "example": "APPLICATION" + }, + "name": { + "description": "Target name", + "type": "string", + "example": "Active Directory [source]" + } + } + }, + "created": { + "description": "Creation date of the task this TaskStatus represents", + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "modified": { + "description": "Last modification date of the task this TaskStatus represents", + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "launched": { + "description": "Launch date of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "completed": { + "description": "Completion date of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + }, + "completionStatus": { + "description": "Completion status of the task this TaskStatus represents", + "type": "string", + "nullable": true, + "enum": [ + "SUCCESS", + "WARNING", + "ERROR", + "TERMINATED", + "TEMPERROR", + null + ], + "example": "SUCCESS" + }, + "messages": { + "description": "Messages associated with the task this TaskStatus represents", + "type": "array", + "items": { + "description": "TaskStatus Message", + "required": [ + "key", + "localizedText", + "type", + "parameters" + ], + "type": "object", + "properties": { + "type": { + "description": "Type of the message", + "type": "string", + "enum": [ + "INFO", + "WARN", + "ERROR" + ], + "example": "INFO" + }, + "localizedText": { + "description": "Localized form of the message", + "type": "object", + "nullable": true, + "required": [ + "locale", + "message" + ], + "properties": { + "locale": { + "description": "Message locale", + "type": "string", + "example": "An error has occurred!" + }, + "message": { + "description": "Message text", + "type": "string", + "example": "Error has occurred!" + } + } + }, + "key": { + "description": "Key of the message", + "type": "string", + "example": "akey" + }, + "parameters": { + "description": "Message parameters for internationalization", + "nullable": true, + "type": "array", + "items": { + "type": "object" + }, + "example": [ + { + "name": "value" + } + ] + } + } + } + }, + "returns": { + "description": "Return values from the task this TaskStatus represents", + "type": "array", + "items": { + "description": "Task return details", + "required": [ + "name", + "attributeName" + ], + "type": "object", + "properties": { + "name": { + "description": "Display name of the TaskReturnDetails", + "type": "string", + "example": "label" + }, + "attributeName": { + "description": "Attribute the TaskReturnDetails is for", + "type": "string", + "example": "identityCount" + } + } + } + }, + "attributes": { + "description": "Attributes of the task this TaskStatus represents", + "type": "object", + "additionalProperties": true, + "example": { + "identityCount": 0 + } + }, + "progress": { + "description": "Current progress of the task this TaskStatus represents", + "nullable": true, + "type": "string", + "example": "Started" + }, + "percentComplete": { + "description": "Current percentage completion of the task this TaskStatus represents", + "type": "integer", + "example": 100 + }, + "taskDefinitionSummary": { + "description": "Definition of a type of task, used to invoke tasks", + "required": [ + "arguments", + "description", + "executor", + "id", + "uniqueName", + "parentName" + ], + "type": "object", + "properties": { + "id": { + "description": "System-generated unique ID of the TaskDefinition", + "type": "string", + "example": "2c91808475b4334b0175e1dff64b63c5" + }, + "uniqueName": { + "description": "Name of the TaskDefinition", + "type": "string", + "example": "Cloud Account Aggregation" + }, + "description": { + "description": "Description of the TaskDefinition", + "type": "string", + "example": "Aggregates from the specified application." + }, + "parentName": { + "description": "Name of the parent of the TaskDefinition", + "type": "string", + "example": "Cloud Account Aggregation" + }, + "executor": { + "description": "Executor of the TaskDefinition", + "nullable": true, + "type": "string", + "example": "sailpoint.task.ServiceTaskExecutor" + }, + "arguments": { + "description": "Formal parameters of the TaskDefinition, without values", + "type": "object", + "additionalProperties": true + } + } + } + } + } + } + } + } + }, + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:task-management:read" + ] + } + ] + }, + "head": { + "tags": [ + "Task Management" + ], + "summary": "Retrieve headers only for pending task list.", + "description": "Retrieve headers for a list of TaskStatus for pending tasks.", + "operationId": "getPendingTaskHeaders", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Responds with headers for List of TaskStatus for pending tasks." + }, + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:task-management:read" + ] + } + ] + } + }, + "/tenant": { + "get": { + "operationId": "getTenant", + "tags": [ + "Tenant" + ], + "summary": "Get Tenant Information.", + "description": "This rest endpoint can be used to retrieve tenant details.", + "security": [ + { + "UserContextAuth": [ + "sp:tenant:read" + ] + } + ], + "responses": { + "200": { + "description": "Tenant Info", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The unique identifier for the Tenant", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Abbreviated name of the Tenant", + "example": "acme" + }, + "fullName": { + "type": "string", + "description": "Human-readable name of the Tenant", + "example": "Acme, Inc" + }, + "pod": { + "type": "string", + "description": "Deployment pod for the Tenant", + "example": "example-pod" + }, + "region": { + "type": "string", + "description": "Deployment region for the Tenant", + "example": "us-east-1" + }, + "description": { + "type": "string", + "description": "Description of the Tenant", + "example": "Description of the Tenant" + }, + "products": { + "type": "array", + "items": { + "type": "object", + "properties": { + "productName": { + "type": "string", + "description": "Name of the Product", + "example": "idn" + }, + "url": { + "type": "string", + "description": "URL of the Product", + "example": "https://tenant-name.identitynow.com" + }, + "productTenantId": { + "type": "string", + "description": "An identifier for a specific product-tenant combination", + "example": "tenant#product" + }, + "productRegion": { + "type": "string", + "description": "Product region", + "example": "us-east-1" + }, + "productRight": { + "type": "string", + "description": "Right needed for the Product", + "example": "idn:ui:view" + }, + "apiUrl": { + "nullable": true, + "type": "string", + "description": "API URL of the Product", + "example": "https://tenant-name.api.identitynow.com" + }, + "licenses": { + "type": "array", + "items": { + "type": "object", + "properties": { + "licenseId": { + "type": "string", + "description": "Name of the license", + "example": "idn:access-request" + }, + "legacyFeatureName": { + "type": "string", + "description": "Legacy name of the license", + "example": "ACCESS_REQUEST" + } + } + } + }, + "attributes": { + "type": "object", + "additionalProperties": true, + "description": "Additional attributes for a product", + "example": { + "domain": "https://tenant-name.identitynow.com", + "maxRegisteredUsers": 250 + } + }, + "zone": { + "type": "string", + "description": "Zone", + "example": "Deployment zone for the Product" + }, + "status": { + "type": "string", + "description": "Status of the product", + "example": "active" + }, + "statusDateTime": { + "type": "string", + "format": "date-time", + "description": "Status datetime", + "example": "2020-05-19T13:49:37.385Z" + }, + "reason": { + "type": "string", + "description": "If there's a tenant provisioning failure then reason will have the description of error", + "example": "Reason" + }, + "notes": { + "type": "string", + "description": "Product could have additional notes added during tenant provisioning.", + "example": "Example notes" + }, + "dateCreated": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "Date when the product was created", + "example": "2020-05-19T13:49:37.385Z" + }, + "lastUpdated": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "Date when the product was last updated", + "example": "2020-05-19T13:49:37.385Z" + }, + "orgType": { + "nullable": true, + "type": "string", + "enum": [ + "development", + "staging", + "production", + "test", + "partner", + "training", + "demonstration", + "sandbox", + null + ], + "description": "Type of org", + "example": "test" + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/triggers": { + "get": { + "operationId": "listTriggers", + "tags": [ + "Triggers" + ], + "summary": "List Triggers", + "description": "Gets a list of triggers that are available in the tenant.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ge, le*", + "example": "id eq \"idn:access-request-post-approval\"" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name**", + "example": "name" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of triggers.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "required": [ + "id", + "name", + "type", + "inputSchema", + "exampleInput" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique identifier of the trigger.", + "example": "idn:access-request-dynamic-approver" + }, + "name": { + "type": "string", + "description": "Trigger Name.", + "example": "Access Request Dynamic Approver" + }, + "type": { + "example": "REQUEST_RESPONSE", + "type": "string", + "description": "The type of trigger.", + "enum": [ + "REQUEST_RESPONSE", + "FIRE_AND_FORGET" + ] + }, + "description": { + "type": "string", + "description": "Trigger Description.", + "example": "Trigger for getting a dynamic approver." + }, + "inputSchema": { + "type": "string", + "description": "The JSON schema of the payload that will be sent by the trigger to the subscribed service.", + "example": "{\"definitions\":{\"record:AccessRequestDynamicApproverInput\":{\"type\":\"object\",\"required\":[\"accessRequestId\",\"requestedFor\",\"requestedItems\",\"requestedBy\"],\"additionalProperties\":true,\"properties\":{\"accessRequestId\":{\"type\":\"string\"},\"requestedFor\":{\"$ref\":\"#/definitions/record:requestedForIdentityRef\"},\"requestedItems\":{\"type\":\"array\",\"items\":{\"$ref\":\"#/definitions/record:requestedObjectRef\"}},\"requestedBy\":{\"$ref\":\"#/definitions/record:requestedByIdentityRef\"}}},\"record:requestedForIdentityRef\":{\"type\":\"object\",\"required\":[\"id\",\"name\",\"type\"],\"additionalProperties\":true,\"properties\":{\"id\":{\"type\":\"string\"},\"name\":{\"type\":\"string\"},\"type\":{\"type\":\"string\"}}},\"record:requestedObjectRef\":{\"type\":\"object\",\"optional\":[\"description\",\"comment\"],\"required\":[\"id\",\"name\",\"type\",\"operation\"],\"additionalProperties\":true,\"properties\":{\"id\":{\"type\":\"string\"},\"name\":{\"type\":\"string\"},\"description\":{\"oneOf\":[{\"type\":\"null\"},{\"type\":\"string\"}]},\"type\":{\"type\":\"string\"},\"operation\":{\"type\":\"string\"},\"comment\":{\"oneOf\":[{\"type\":\"null\"},{\"type\":\"string\"}]}}},\"record:requestedByIdentityRef\":{\"type\":\"object\",\"required\":[\"type\",\"id\",\"name\"],\"additionalProperties\":true,\"properties\":{\"type\":{\"type\":\"string\"},\"id\":{\"type\":\"string\"},\"name\":{\"type\":\"string\"}}}},\"$ref\":\"#/definitions/record:AccessRequestDynamicApproverInput\"}" + }, + "exampleInput": { + "description": "An example of the JSON payload that will be sent by the trigger to the subscribed service.", + "oneOf": [ + { + "title": "Access Request Dynamic Approver", + "type": "object", + "required": [ + "accessRequestId", + "requestedFor", + "requestedItems", + "requestedBy" + ], + "properties": { + "accessRequestId": { + "type": "string", + "description": "The unique ID of the access request object. Can be used with the [access request status endpoint](https://developer.sailpoint.com/idn/api/beta/list-access-request-status) to get the status of the request.\n", + "example": "4b4d982dddff4267ab12f0f1e72b5a6d" + }, + "requestedFor": { + "type": "array", + "description": "Identities access was requested for.", + "items": { + "type": "object", + "description": "Identity the access item is requested for.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity the access item is requested for.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity the access item is requested for.", + "example": "2c4180a46faadee4016fb4e018c20626" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity the access item is requested for.", + "example": "Robert Robinson" + } + } + }, + "minItems": 1, + "maxItems": 10 + }, + "requestedItems": { + "description": "The access items that are being requested.", + "type": "array", + "items": { + "type": "object", + "required": [ + "id", + "name", + "type", + "operation" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the access item.", + "example": "2c91808b6ef1d43e016efba0ce470904" + }, + "name": { + "type": "string", + "description": "Human friendly name of the access item.", + "example": "Engineering Access" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Extended description of the access item.", + "example": "Engineering Access" + }, + "type": { + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The type of access item being requested.", + "example": "ACCESS_PROFILE" + }, + "operation": { + "enum": [ + "Add", + "Remove" + ], + "description": "Grant or revoke the access item", + "example": "Add" + }, + "comment": { + "nullable": true, + "type": "string", + "description": "A comment from the requestor on why the access is needed.", + "example": "William needs this access for his day to day job activities." + } + } + }, + "minItems": 1, + "maxItems": 25 + }, + "requestedBy": { + "allOf": [ + { + "type": "object", + "description": "Access item requester's identity.", + "properties": { + "type": { + "type": "string", + "description": "Access item requester's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Access item requester's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Access item owner's human-readable display name.", + "example": "William Wilson" + } + } + } + ] + } + } + }, + { + "title": "Access Request Post Approval", + "type": "object", + "required": [ + "accessRequestId", + "requestedFor", + "requestedItemsStatus", + "requestedBy" + ], + "properties": { + "accessRequestId": { + "type": "string", + "description": "The unique ID of the access request.", + "example": "2c91808b6ef1d43e016efba0ce470904" + }, + "requestedFor": { + "required": [ + "id", + "type", + "name" + ], + "type": "array", + "description": "Identities access was requested for.", + "items": { + "type": "object", + "description": "Identity the access item is requested for.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity the access item is requested for.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity the access item is requested for.", + "example": "2c4180a46faadee4016fb4e018c20626" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity the access item is requested for.", + "example": "Robert Robinson" + } + } + }, + "minItems": 1, + "maxItems": 10 + }, + "requestedItemsStatus": { + "description": "Details on the outcome of each access item.", + "type": "array", + "items": { + "type": "object", + "required": [ + "id", + "name", + "type", + "operation", + "approvalInfo" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the access item being requested.", + "example": "2c91808b6ef1d43e016efba0ce470904" + }, + "name": { + "type": "string", + "description": "The human friendly name of the access item.", + "example": "Engineering Access" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Detailed description of the access item.", + "example": "Access to engineering database" + }, + "type": { + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + }, + "operation": { + "enum": [ + "Add", + "Remove" + ], + "description": "The action to perform on the access item.", + "example": "Add" + }, + "comment": { + "nullable": true, + "type": "string", + "description": "A comment from the identity requesting the access.", + "example": "William needs this access to do his job." + }, + "clientMetadata": { + "description": "Additional customer defined metadata about the access item.", + "nullable": true, + "type": "object", + "additionalProperties": true, + "example": { + "applicationName": "My application" + } + }, + "approvalInfo": { + "description": "A list of one or more approvers for the access request.", + "type": "array", + "items": { + "type": "object", + "required": [ + "approvalDecision", + "approverName", + "approver" + ], + "properties": { + "approvalComment": { + "nullable": true, + "type": "string", + "description": "A comment left by the approver.", + "example": "This access looks good. Approved." + }, + "approvalDecision": { + "enum": [ + "APPROVED", + "DENIED" + ], + "description": "The final decision of the approver.", + "example": "APPROVED" + }, + "approverName": { + "type": "string", + "description": "The name of the approver", + "example": "Stephen.Austin" + }, + "approver": { + "required": [ + "id", + "type", + "name" + ], + "allOf": [ + { + "type": "object", + "description": "Identity who approved the access item request.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity who approved the access item request.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity who approved the access item request.", + "example": "2c3780a46faadee4016fb4e018c20652" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity who approved the access item request.", + "example": "Allen Albertson" + } + } + } + ], + "description": "The identity of the approver.", + "properties": { + "type": { + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "The type of object that is referenced" + } + } + } + } + } + } + } + } + }, + "requestedBy": { + "required": [ + "id", + "type", + "name" + ], + "allOf": [ + { + "type": "object", + "description": "Access item requester's identity.", + "properties": { + "type": { + "type": "string", + "description": "Access item requester's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Access item requester's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Access item owner's human-readable display name.", + "example": "William Wilson" + } + } + } + ] + } + } + }, + { + "title": "Access Request Pre Approval", + "type": "object", + "required": [ + "accessRequestId", + "requestedFor", + "requestedItems", + "requestedBy" + ], + "properties": { + "accessRequestId": { + "type": "string", + "description": "The unique ID of the access request.", + "example": "2c91808b6ef1d43e016efba0ce470904" + }, + "requestedFor": { + "required": [ + "id", + "type", + "name" + ], + "type": "array", + "description": "Identities access was requested for.", + "items": { + "type": "object", + "description": "Identity the access item is requested for.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity the access item is requested for.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity the access item is requested for.", + "example": "2c4180a46faadee4016fb4e018c20626" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity the access item is requested for.", + "example": "Robert Robinson" + } + } + }, + "minItems": 1, + "maxItems": 10 + }, + "requestedItems": { + "description": "Details of the access items being requested.", + "type": "array", + "items": { + "type": "object", + "required": [ + "id", + "name", + "type", + "operation" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the access item being requested.", + "example": "2c91808b6ef1d43e016efba0ce470904" + }, + "name": { + "type": "string", + "description": "The human friendly name of the access item.", + "example": "Engineering Access" + }, + "description": { + "nullable": true, + "type": "string", + "description": "Detailed description of the access item.", + "example": "Access to engineering database" + }, + "type": { + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The type of access item.", + "example": "ACCESS_PROFILE" + }, + "operation": { + "enum": [ + "Add", + "Remove" + ], + "description": "The action to perform on the access item.", + "example": "Add" + }, + "comment": { + "nullable": true, + "type": "string", + "description": "A comment from the identity requesting the access.", + "example": "William needs this access to do his job." + } + } + }, + "minItems": 1, + "maxItems": 25 + }, + "requestedBy": { + "required": [ + "id", + "type", + "name" + ], + "allOf": [ + { + "type": "object", + "description": "Access item requester's identity.", + "properties": { + "type": { + "type": "string", + "description": "Access item requester's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Access item requester's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Access item owner's human-readable display name.", + "example": "William Wilson" + } + } + } + ] + } + } + }, + { + "title": "Account Aggregation Completed", + "type": "object", + "required": [ + "source", + "status", + "started", + "completed", + "errors", + "warnings", + "stats" + ], + "properties": { + "source": { + "required": [ + "type", + "name", + "id" + ], + "type": "object", + "description": "The source the accounts are being aggregated from.", + "properties": { + "type": { + "type": "string", + "description": "The DTO type of the source the accounts are being aggregated from.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "The ID of the source the accounts are being aggregated from.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Display name of the source the accounts are being aggregated from.", + "example": "HR Active Directory" + } + } + }, + "status": { + "description": "The overall status of the aggregation.", + "enum": [ + "Success", + "Failed", + "Terminated" + ], + "example": "Success" + }, + "started": { + "type": "string", + "format": "date-time", + "description": "The date and time when the account aggregation started.", + "example": "2020-06-29T22:01:50.474Z" + }, + "completed": { + "type": "string", + "format": "date-time", + "description": "The date and time when the account aggregation finished.", + "example": "2020-06-29T22:02:04.090Z" + }, + "errors": { + "nullable": true, + "description": "A list of errors that occurred during the aggregation.", + "type": "array", + "items": { + "type": "string", + "description": "A descriptive error message.", + "example": "Accounts unable to be aggregated." + } + }, + "warnings": { + "nullable": true, + "description": "A list of warnings that occurred during the aggregation.", + "type": "array", + "items": { + "type": "string", + "description": "A descriptive warning message.", + "example": "Account Skipped" + } + }, + "stats": { + "type": "object", + "description": "Overall statistics about the account aggregation.", + "required": [ + "scanned", + "unchanged", + "changed", + "added", + "removed" + ], + "properties": { + "scanned": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "The number of accounts which were scanned / iterated over.", + "example": 200 + }, + "unchanged": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "The number of accounts which existed before, but had no changes.", + "example": 190 + }, + "changed": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "The number of accounts which existed before, but had changes.", + "example": 6 + }, + "added": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "The number of accounts which are new - have not existed before.", + "example": 4 + }, + "removed": { + "type": "integer", + "minimum": 0, + "maximum": 2147483647, + "format": "int32", + "description": "The number accounts which existed before, but no longer exist (thus getting removed).", + "example": 3 + } + } + } + } + }, + { + "title": "Account Attributes Changed", + "type": "object", + "required": [ + "identity", + "source", + "account", + "changes" + ], + "properties": { + "identity": { + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "The identity whose account attributes were updated.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of the identity whose account attributes were updated.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the identity whose account attributes were updated.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Display name of the identity whose account attributes were updated.", + "example": "Michael Michaels" + } + } + }, + "source": { + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "The source that contains the account.", + "properties": { + "id": { + "description": "ID of the object to which this reference applies", + "type": "string", + "example": "4e4d982dddff4267ab12f0f1e72b5a6d" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "example": "SOURCE", + "description": "The type of object that is referenced" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "Corporate Active Directory" + } + } + }, + "account": { + "type": "object", + "description": "Details of the account where the attributes changed.", + "required": [ + "id", + "uuid", + "name", + "nativeIdentity", + "type" + ], + "properties": { + "id": { + "type": "string", + "description": "SailPoint generated unique identifier.", + "example": "52170a74-ca89-11ea-87d0-0242ac130003" + }, + "uuid": { + "nullable": true, + "type": "string", + "description": "The source's unique identifier for the account. UUID is generated by the source system.", + "example": "1cb1f07d-3e5a-4431-becd-234fa4306108" + }, + "name": { + "type": "string", + "description": "Name of the account.", + "example": "john.doe" + }, + "nativeIdentity": { + "type": "string", + "description": "Unique ID of the account on the source.", + "example": "cn=john.doe,ou=users,dc=acme,dc=com" + }, + "type": { + "enum": [ + "ACCOUNT" + ], + "description": "The type of the account", + "example": "ACCOUNT" + } + } + }, + "changes": { + "type": "array", + "description": "A list of attributes that changed.", + "items": { + "type": "object", + "required": [ + "attribute", + "oldValue", + "newValue" + ], + "properties": { + "attribute": { + "type": "string", + "description": "The name of the attribute.", + "example": "sn" + }, + "oldValue": { + "description": "The previous value of the attribute.", + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "array", + "items": { + "nullable": true, + "type": "string" + } + } + ], + "example": "doe" + }, + "newValue": { + "description": "The new value of the attribute.", + "nullable": true, + "oneOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "array", + "items": { + "nullable": true, + "type": "string" + } + } + ], + "example": "ryans" + } + } + } + } + } + }, + { + "title": "Account Correlated", + "type": "object", + "required": [ + "identity", + "source", + "account", + "attributes" + ], + "properties": { + "identity": { + "required": [ + "type", + "name", + "id" + ], + "type": "object", + "description": "Identity the account is correlated with.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of the identity the account is correlated with.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the identity the account is correlated with.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Display name of the identity the account is correlated with.", + "example": "Michael Michaels" + } + } + }, + "source": { + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "The source the accounts are being correlated from.", + "properties": { + "type": { + "type": "string", + "description": "The DTO type of the source the accounts are being correlated from.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "The ID of the source the accounts are being correlated from.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Display name of the source the accounts are being correlated from.", + "example": "HR Active Directory" + } + } + }, + "account": { + "type": "object", + "description": "The correlated account.", + "required": [ + "id", + "name", + "nativeIdentity", + "type" + ], + "properties": { + "type": { + "type": "string", + "description": "The correlated account's DTO type.", + "enum": [ + "ACCOUNT" + ], + "example": "ACCOUNT" + }, + "id": { + "type": "string", + "description": "The correlated account's ID.", + "example": "98da47c31df444558c211f9b205184f6" + }, + "name": { + "type": "string", + "description": "The correlated account's display name.", + "example": "Brian Mendoza" + }, + "nativeIdentity": { + "type": "string", + "description": "Unique ID of the account on the source.", + "example": "cn=john.doe,ou=users,dc=acme,dc=com" + }, + "uuid": { + "nullable": true, + "type": "string", + "description": "The source's unique identifier for the account. UUID is generated by the source system.", + "example": "1cb1f07d-3e5a-4431-becd-234fa4306108" + } + } + }, + "attributes": { + "type": "object", + "description": "The attributes associated with the account. Attributes are unique per source.", + "additionalProperties": true, + "example": { + "sn": "doe", + "givenName": "john", + "memberOf": [ + "cn=g1,ou=groups,dc=acme,dc=com", + "cn=g2,ou=groups,dc=acme,dc=com", + "cn=g3,ou=groups,dc=acme,dc=com" + ] + } + }, + "entitlementCount": { + "type": "integer", + "format": "int32", + "description": "The number of entitlements associated with this account.", + "example": 0 + } + } + }, + { + "title": "Accounts Collected for Aggregation", + "type": "object", + "required": [ + "source", + "status", + "started", + "completed", + "errors", + "warnings", + "stats" + ], + "properties": { + "source": { + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "Reference to the source that has been aggregated.", + "properties": { + "id": { + "description": "ID of the object to which this reference applies", + "type": "string", + "example": "4e4d982dddff4267ab12f0f1e72b5a6d" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "example": "SOURCE", + "description": "The type of object that is referenced" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "Corporate Active Directory" + } + } + }, + "status": { + "description": "The overall status of the collection.", + "enum": [ + "Success", + "Failed", + "Terminated" + ], + "example": "Success" + }, + "started": { + "type": "string", + "format": "date-time", + "description": "The date and time when the account collection started.", + "example": "2020-06-29T22:01:50.474Z" + }, + "completed": { + "type": "string", + "format": "date-time", + "description": "The date and time when the account collection finished.", + "example": "2020-06-29T22:02:04.090Z" + }, + "errors": { + "nullable": true, + "description": "A list of errors that occurred during the collection.", + "type": "array", + "items": { + "type": "string", + "description": "A descriptive error message.", + "example": "Unable to collect accounts for aggregation." + } + }, + "warnings": { + "nullable": true, + "description": "A list of warnings that occurred during the collection.", + "type": "array", + "items": { + "type": "string", + "description": "A descriptive warning message.", + "example": "Account Skipped" + } + }, + "stats": { + "type": "object", + "description": "Overall statistics about the account collection.", + "required": [ + "scanned", + "unchanged", + "changed", + "added", + "removed" + ], + "properties": { + "scanned": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "The number of accounts which were scanned / iterated over.", + "example": 200 + }, + "unchanged": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "The number of accounts which existed before, but had no changes.", + "example": 190 + }, + "changed": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "The number of accounts which existed before, but had changes.", + "example": 6 + }, + "added": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 2147483647, + "description": "The number of accounts which are new - have not existed before.", + "example": 4 + }, + "removed": { + "type": "integer", + "minimum": 0, + "maximum": 2147483647, + "format": "int32", + "description": "The number accounts which existed before, but no longer exist (thus getting removed).", + "example": 3 + } + } + } + } + }, + { + "title": "Account Uncorrelated", + "type": "object", + "required": [ + "identity", + "source", + "account" + ], + "properties": { + "identity": { + "required": [ + "type", + "name", + "id" + ], + "type": "object", + "description": "Identity the account is uncorrelated with.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of the identity the account is uncorrelated with.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the identity the account is uncorrelated with.", + "example": "2c3780a46faadee4016fb4e018c20652" + }, + "name": { + "type": "string", + "description": "Display name of the identity the account is uncorrelated with.", + "example": "Allen Albertson" + } + } + }, + "source": { + "required": [ + "type", + "name", + "id" + ], + "type": "object", + "description": "The source the accounts are uncorrelated from.", + "properties": { + "type": { + "type": "string", + "description": "The DTO type of the source the accounts are uncorrelated from.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "The ID of the source the accounts are uncorrelated from.", + "example": "2c6180835d191a86015d28455b4b231b" + }, + "name": { + "type": "string", + "description": "Display name of the source the accounts are uncorrelated from.", + "example": "Corporate Directory" + } + } + }, + "account": { + "type": "object", + "description": "Uncorrelated account.", + "required": [ + "id", + "name", + "nativeIdentity", + "type" + ], + "properties": { + "type": { + "enum": [ + "ACCOUNT" + ], + "description": "Uncorrelated account's DTO type.", + "example": "ACCOUNT" + }, + "id": { + "type": "string", + "description": "Uncorrelated account's ID.", + "example": "4dd497e3723e439991cb6d0e478375dd" + }, + "name": { + "type": "string", + "description": "Uncorrelated account's display name.", + "example": "Sadie Jensen" + }, + "nativeIdentity": { + "type": "string", + "description": "Unique ID of the account on the source.", + "example": "cn=john.doe,ou=users,dc=acme,dc=com" + }, + "uuid": { + "nullable": true, + "type": "string", + "description": "The source's unique identifier for the account. UUID is generated by the source system.", + "example": "1cb1f07d-3e5a-4431-becd-234fa4306108" + } + } + }, + "entitlementCount": { + "type": "integer", + "format": "int32", + "description": "The number of entitlements associated with this account.", + "example": 0 + } + } + }, + { + "title": "Campaign Activated", + "type": "object", + "required": [ + "campaign" + ], + "properties": { + "campaign": { + "type": "object", + "description": "Details about the certification campaign that was activated.", + "required": [ + "id", + "name", + "description", + "created", + "deadline", + "type", + "campaignOwner", + "status" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique ID for the campaign.", + "example": "2c91808576f886190176f88cac5a0010" + }, + "name": { + "type": "string", + "description": "The human friendly name of the campaign.", + "example": "Manager Access Campaign" + }, + "description": { + "type": "string", + "description": "Extended description of the campaign.", + "example": "Audit access for all employees." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the campaign was created.", + "example": "2021-02-16T03:04:45.815Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "The date and time the campaign was last modified.", + "example": "2021-02-16T03:06:45.815Z" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The date and time the campaign is due.", + "example": "2021-03-16T03:04:45.815Z" + }, + "type": { + "description": "The type of campaign.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "campaignOwner": { + "type": "object", + "description": "Details of the identity that owns the campaign.", + "required": [ + "id", + "displayName", + "email" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the identity.", + "example": "37f080867702c1910177031320c40n27" + }, + "displayName": { + "type": "string", + "description": "The human friendly name of the identity.", + "example": "John Snow" + }, + "email": { + "type": "string", + "description": "The primary email address of the identity.", + "example": "john.snow@example.com" + } + } + }, + "status": { + "enum": [ + "ACTIVE" + ], + "description": "The current status of the campaign.", + "example": "ACTIVE" + } + } + } + } + }, + { + "title": "Campaign Ended", + "type": "object", + "required": [ + "campaign" + ], + "properties": { + "campaign": { + "type": "object", + "description": "Details about the certification campaign that ended.", + "required": [ + "id", + "name", + "description", + "created", + "deadline", + "type", + "campaignOwner", + "status" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique ID for the campaign.", + "example": "2c91808576f886190176f88cac5a0010" + }, + "name": { + "type": "string", + "description": "The human friendly name of the campaign.", + "example": "Manager Access Campaign" + }, + "description": { + "type": "string", + "description": "Extended description of the campaign.", + "example": "Audit access for all employees." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the campaign was created.", + "example": "2021-02-16T03:04:45.815Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "The date and time the campaign was last modified.", + "example": "2021-03-16T03:06:45.815Z" + }, + "deadline": { + "type": "string", + "format": "date-time", + "description": "The date and time the campaign is due.", + "example": "2021-03-16T03:04:45.815Z" + }, + "type": { + "description": "The type of campaign.", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "example": "MANAGER" + }, + "campaignOwner": { + "type": "object", + "description": "Details of the identity that owns the campaign.", + "required": [ + "id", + "displayName", + "email" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the identity.", + "example": "37f080867702c1910177031320c40n27" + }, + "displayName": { + "type": "string", + "description": "The human friendly name of the identity.", + "example": "John Snow" + }, + "email": { + "type": "string", + "description": "The primary email address of the identity.", + "example": "john.snow@example.com" + } + } + }, + "status": { + "enum": [ + "COMPLETED" + ], + "description": "The current status of the campaign.", + "example": "COMPLETED" + } + } + } + } + }, + { + "title": "Campaign Generated", + "type": "object", + "required": [ + "campaign" + ], + "properties": { + "campaign": { + "description": "Details about the campaign that was generated.", + "type": "object", + "required": [ + "id", + "name", + "description", + "created", + "type", + "campaignOwner", + "status" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "2c91808576f886190176f88cac5a0010" + }, + "name": { + "type": "string", + "description": "Human friendly name of the campaign.", + "example": "Manager Access Campaign" + }, + "description": { + "type": "string", + "description": "Extended description of the campaign.", + "example": "Audit access for all employees." + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the campaign was created.", + "example": "2021-02-16T03:04:45.815Z" + }, + "modified": { + "nullable": true, + "type": "string", + "description": "The date and time the campaign was last modified.", + "example": "2021-02-17T03:04:45.815Z" + }, + "deadline": { + "nullable": true, + "type": "string", + "description": "The date and time when the campaign must be finished by.", + "example": "2021-02-18T03:04:45.815Z" + }, + "type": { + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH", + "ROLE_COMPOSITION" + ], + "description": "The type of campaign that was generated.", + "example": "MANAGER" + }, + "campaignOwner": { + "type": "object", + "description": "The identity that owns the campaign.", + "required": [ + "id", + "displayName", + "email" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the identity.", + "example": "37f080867702c1910177031320c40n27" + }, + "displayName": { + "type": "string", + "description": "The display name of the identity.", + "example": "John Snow" + }, + "email": { + "type": "string", + "description": "The primary email address of the identity.", + "example": "john.snow@example.com" + } + } + }, + "status": { + "enum": [ + "STAGED", + "ACTIVATING", + "ACTIVE" + ], + "description": "The current status of the campaign.", + "example": "STAGED" + } + } + } + } + }, + { + "title": "Certification Signed Off", + "type": "object", + "required": [ + "certification" + ], + "properties": { + "certification": { + "description": "The certification campaign that was signed off on.", + "required": [ + "id", + "name", + "created" + ], + "allOf": [ + { + "type": "object", + "required": [ + "campaignRef", + "completed", + "decisionsMade", + "decisionsTotal", + "due", + "signed", + "reviewer", + "campaignOwner", + "hasErrors", + "phase", + "entitiesCompleted", + "entitiesTotal" + ], + "properties": { + "campaignRef": { + "type": "object", + "required": [ + "id", + "name", + "type", + "campaignType", + "description", + "correlatedStatus", + "mandatoryCommentRequirement" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the campaign.", + "example": "Campaign Name" + }, + "type": { + "type": "string", + "enum": [ + "CAMPAIGN" + ], + "description": "The type of object that is being referenced.", + "example": "CAMPAIGN" + }, + "campaignType": { + "type": "string", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH" + ], + "description": "The type of the campaign.", + "example": "MANAGER" + }, + "description": { + "type": "string", + "description": "The description of the campaign set by the admin who created it.", + "nullable": true, + "example": "A description of the campaign" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + }, + "phase": { + "type": "string", + "description": "The current phase of the campaign.\n* `STAGED`: The campaign is waiting to be activated.\n* `ACTIVE`: The campaign is active.\n* `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete.\n", + "enum": [ + "STAGED", + "ACTIVE", + "SIGNED" + ], + "example": "ACTIVE" + }, + "due": { + "type": "string", + "format": "date-time", + "description": "The due date of the certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "signed": { + "type": "string", + "format": "date-time", + "description": "The date the reviewer signed off on the certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "reviewer": { + "description": "A reference to the reviewer of the campaign.", + "type": "object", + "required": [ + "type", + "id", + "name" + ], + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "The reviewer's display name.", + "example": "Michael Michaels" + }, + "email": { + "type": "string", + "nullable": true, + "description": "The reviewing identity's email. Only applicable to `IDENTITY`.", + "example": "reviewer@test.com" + } + } + }, + "reassignment": { + "nullable": true, + "description": "A reference to a reviewer that this campaign has been reassigned to.", + "type": "object", + "properties": { + "from": { + "description": "Previous certification.", + "type": "object", + "allOf": [ + { + "type": "object", + "description": "Certification for review.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of certification for review.", + "enum": [ + "CERTIFICATION" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of certification for review.", + "example": "7589a83cec4b4f138ce56c1a5ef0756d" + }, + "name": { + "type": "string", + "description": "Display name of certification for review.", + "example": "Manager Access for Michael Michaels" + } + } + }, + { + "type": "object", + "properties": { + "reviewer": { + "description": "Certification reviewer", + "type": "object", + "required": [ + "type", + "id", + "name" + ], + "properties": { + "type": { + "type": "string", + "description": "The reviewer's DTO type.", + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The reviewer's ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "The reviewer's display name.", + "example": "Michael Michaels" + }, + "email": { + "type": "string", + "nullable": true, + "description": "The reviewing identity's email. Only applicable to `IDENTITY`.", + "example": "reviewer@test.com" + } + } + } + } + } + ] + }, + "comment": { + "type": "string", + "description": "Comments from the previous reviewer.", + "example": "Please review" + } + } + }, + "hasErrors": { + "type": "boolean", + "example": false, + "description": "Indicates it the certification has any errors." + }, + "errorMessage": { + "type": "string", + "nullable": true, + "example": "The certification has an error", + "description": "A message indicating what the error is." + }, + "completed": { + "type": "boolean", + "description": "Indicates if all certification decisions have been made.", + "example": false + }, + "decisionsMade": { + "type": "integer", + "description": "The number of approve/revoke/acknowledge decisions that have been made by the reviewer.", + "example": 20, + "format": "int32" + }, + "decisionsTotal": { + "type": "integer", + "description": "The total number of approve/revoke/acknowledge decisions for the certification.", + "example": 40, + "format": "int32" + }, + "entitiesCompleted": { + "type": "integer", + "description": "The number of entities (identities, access profiles, roles, etc.) for which all decisions have been made and are complete.", + "example": 5, + "format": "int32" + }, + "entitiesTotal": { + "type": "integer", + "format": "int32", + "description": "The total number of entities (identities, access profiles, roles, etc.) in the certification, both complete and incomplete.", + "example": 10 + } + } + } + ], + "properties": { + "id": { + "type": "string", + "description": "Unique ID of the certification.", + "example": "2c91808576f886190176f88caf0d0067" + }, + "name": { + "type": "string", + "description": "The name of the certification.", + "example": "Manager Access Review for Alice Baker" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the certification was created.", + "example": "2020-02-16T03:04:45.815Z" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "description": "The date and time the certification was last modified.", + "example": "2020-02-16T03:06:45.815Z" + } + } + } + } + }, + { + "title": "Identity Attributes Changed", + "type": "object", + "required": [ + "identity", + "changes" + ], + "properties": { + "identity": { + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "Identity whose attributes changed.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity whose attributes changed.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity whose attributes changed.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Display name of identity whose attributes changed.", + "example": "Michael Michaels" + } + } + }, + "changes": { + "description": "A list of one or more identity attributes that changed on the identity.", + "type": "array", + "items": { + "type": "object", + "required": [ + "attribute" + ], + "properties": { + "attribute": { + "type": "string", + "description": "The name of the identity attribute that changed.", + "example": "department" + }, + "oldValue": { + "description": "The value of the identity attribute before it changed.", + "nullable": true, + "example": "sales", + "oneOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "type": "object", + "nullable": true, + "additionalProperties": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "number" + }, + { + "type": "integer" + }, + { + "type": "boolean" + } + ] + } + } + ] + }, + "newValue": { + "description": "The value of the identity attribute after it changed.", + "example": "marketing", + "oneOf": [ + { + "type": "string" + }, + { + "type": "boolean" + }, + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "type": "object", + "nullable": true, + "additionalProperties": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "number" + }, + { + "type": "integer" + }, + { + "type": "boolean" + } + ] + } + } + ] + } + } + } + } + } + }, + { + "title": "Identity Created", + "type": "object", + "required": [ + "identity", + "attributes" + ], + "properties": { + "identity": { + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "Created identity.", + "properties": { + "type": { + "type": "string", + "description": "Created identity's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Created identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Created identity's display name.", + "example": "Michael Michaels" + } + } + }, + "attributes": { + "type": "object", + "description": "The attributes assigned to the identity. Attributes are determined by the identity profile.", + "additionalProperties": true, + "example": { + "firstname": "John" + } + } + } + }, + { + "title": "Identity Deleted", + "type": "object", + "required": [ + "identity", + "attributes" + ], + "properties": { + "identity": { + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "Deleted identity.", + "properties": { + "type": { + "type": "string", + "description": "Deleted identity's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Deleted identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Deleted identity's display name.", + "example": "Michael Michaels" + } + } + }, + "attributes": { + "type": "object", + "description": "The attributes assigned to the identity. Attributes are determined by the identity profile.", + "additionalProperties": true, + "example": { + "firstname": "John" + } + } + } + }, + { + "title": "Provisioning Completed", + "type": "object", + "required": [ + "trackingNumber", + "sources", + "recipient", + "accountRequests" + ], + "properties": { + "trackingNumber": { + "type": "string", + "description": "The reference number of the provisioning request. Useful for tracking status in the Account Activity search interface.", + "example": "4b4d982dddff4267ab12f0f1e72b5a6d" + }, + "sources": { + "type": "string", + "description": "One or more sources that the provisioning transaction(s) were done against. Sources are comma separated.", + "example": "Corp AD, Corp LDAP, Corp Salesforce" + }, + "action": { + "nullable": true, + "type": "string", + "description": "Origin of where the provisioning request came from.", + "example": "IdentityRefresh" + }, + "errors": { + "nullable": true, + "description": "A list of any accumulated error messages that occurred during provisioning.", + "type": "array", + "items": { + "type": "string", + "example": "Connector AD Failed" + } + }, + "warnings": { + "nullable": true, + "description": "A list of any accumulated warning messages that occurred during provisioning.", + "type": "array", + "items": { + "type": "string", + "example": "Notification Skipped due to invalid email" + } + }, + "recipient": { + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "Provisioning recpient.", + "properties": { + "type": { + "type": "string", + "description": "Provisioning recipient DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Provisioning recipient's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Provisioning recipient's display name.", + "example": "Michael Michaels" + } + } + }, + "requester": { + "nullable": true, + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "Provisioning requester's identity.", + "properties": { + "type": { + "type": "string", + "description": "Provisioning requester's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Provisioning requester's identity ID.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Provisioning owner's human-readable display name.", + "example": "William Wilson" + } + } + }, + "accountRequests": { + "type": "array", + "description": "A list of provisioning instructions to perform on an account-by-account basis.", + "items": { + "type": "object", + "required": [ + "source", + "accountOperation", + "provisioningResult", + "provisioningTarget" + ], + "properties": { + "source": { + "required": [ + "id", + "type", + "name" + ], + "type": "object", + "description": "Reference to the source being provisioned against.", + "properties": { + "id": { + "description": "ID of the object to which this reference applies", + "type": "string", + "example": "4e4d982dddff4267ab12f0f1e72b5a6d" + }, + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "example": "SOURCE", + "description": "The type of object that is referenced" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "Corporate Active Directory" + } + } + }, + "accountId": { + "type": "string", + "description": "The unique idenfier of the account being provisioned.", + "example": "CN=Chewy.Bacca,ou=hardcorefigter,ou=wookies,dc=starwars,dc=com" + }, + "accountOperation": { + "type": "string", + "description": "The provisioning operation; typically Create, Modify, Enable, Disable, Unlock, or Delete.", + "example": "Modify" + }, + "provisioningResult": { + "description": "The overall result of the provisioning transaction; this could be success, pending, failed, etc.", + "enum": [ + "SUCCESS", + "PENDING", + "FAILED" + ], + "example": "SUCCESS" + }, + "provisioningTarget": { + "type": "string", + "description": "The name of the provisioning channel selected; this could be the same as the source, or could be a Service Desk Integration Module (SDIM).", + "example": "Corp AD" + }, + "ticketId": { + "nullable": true, + "type": "string", + "description": "A reference to a tracking number, if this is sent to a Service Desk Integration Module (SDIM).", + "example": "72619262" + }, + "attributeRequests": { + "nullable": true, + "description": "A list of attributes as part of the provisioning transaction.", + "type": "array", + "items": { + "type": "object", + "required": [ + "attributeName", + "operation" + ], + "properties": { + "attributeName": { + "type": "string", + "description": "The name of the attribute being provisioned.", + "example": "memberOf" + }, + "attributeValue": { + "nullable": true, + "type": "string", + "description": "The value of the attribute being provisioned.", + "example": "CN=jedi,DC=starwars,DC=com" + }, + "operation": { + "enum": [ + "Add", + "Set", + "Remove" + ], + "description": "The operation to handle the attribute.", + "example": "Add" + } + } + } + } + } + } + } + } + }, + { + "title": "Saved Search Complete", + "type": "object", + "required": [ + "fileName", + "ownerEmail", + "ownerName", + "query", + "searchName", + "searchResults", + "signedS3Url" + ], + "properties": { + "fileName": { + "type": "string", + "description": "A name for the report file.", + "example": "Modified.zip" + }, + "ownerEmail": { + "type": "string", + "description": "The email address of the identity that owns the saved search.", + "example": "test@sailpoint.com" + }, + "ownerName": { + "type": "string", + "description": "The name of the identity that owns the saved search.", + "example": "Cloud Support" + }, + "query": { + "type": "string", + "description": "The search query that was used to generate the report.", + "example": "modified:[now-7y/d TO now]" + }, + "searchName": { + "type": "string", + "description": "The name of the saved search.", + "example": "Modified Activity" + }, + "searchResults": { + "type": "object", + "description": "A preview of the search results for each object type. This includes a count as well as headers, and the first several rows of data, per object type.", + "properties": { + "Account": { + "description": "A table of accounts that match the search criteria.", + "nullable": true, + "type": "object", + "required": [ + "count", + "noun", + "preview" + ], + "properties": { + "count": { + "type": "string", + "description": "The number of rows in the table.", + "example": 3 + }, + "noun": { + "type": "string", + "description": "The type of object represented in the table.", + "example": "accounts" + }, + "preview": { + "description": "A sample of the data in the table.", + "type": "array", + "items": { + "type": "array", + "items": { + "type": "string", + "example": "Robert.Chase" + }, + "example": [] + } + } + } + }, + "Entitlement": { + "description": "A table of entitlements that match the search criteria.", + "nullable": true, + "type": "object", + "required": [ + "count", + "noun", + "preview" + ], + "properties": { + "count": { + "type": "string", + "description": "The number of rows in the table.", + "example": 2 + }, + "noun": { + "type": "string", + "description": "The type of object represented in the table.", + "example": "entitlements" + }, + "preview": { + "description": "A sample of the data in the table.", + "type": "array", + "items": { + "type": "array", + "items": { + "type": "string", + "example": "Administrator" + }, + "example": [] + } + } + } + }, + "Identity": { + "description": "A table of identities that match the search criteria.", + "nullable": true, + "type": "object", + "required": [ + "count", + "noun", + "preview" + ], + "properties": { + "count": { + "type": "string", + "description": "The number of rows in the table.", + "example": 2 + }, + "noun": { + "type": "string", + "description": "The type of object represented in the table.", + "example": "identities" + }, + "preview": { + "description": "A sample of the data in the table.", + "type": "array", + "items": { + "type": "array", + "items": { + "type": "string", + "example": "Carol Shelby" + }, + "example": [] + } + } + } + } + } + }, + "signedS3Url": { + "type": "string", + "description": "The Amazon S3 URL to download the report from.", + "example": "https://sptcbu-org-data-useast1.s3.amazonaws.com/arsenal-john/reports/Events%20Export.2020-05-06%2018%2759%20GMT.3e580592-86e4-4953-8aea-49e6ef20a086.zip?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20200506T185919Z&X-Amz-SignedHeaders=host&X-Amz-Expires=899&X-Amz-Credential=AKIAV5E54XOGTS4Q4L7A%2F20200506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=2e732bb97a12a1fd8a215613e3c31fcdae8ba1fb6a25916843ab5b51d2ddefbc" + } + } + }, + { + "title": "Source Account Created", + "type": "object", + "required": [ + "id", + "nativeIdentifier", + "sourceId", + "sourceName", + "identityId", + "identityName", + "attributes" + ], + "properties": { + "uuid": { + "type": "string", + "description": "Source unique identifier for the identity. UUID is generated by the source system.", + "example": "b7264868-7201-415f-9118-b581d431c688" + }, + "id": { + "type": "string", + "description": "SailPoint generated unique identifier.", + "example": "ee769173319b41d19ccec35ba52f237b" + }, + "nativeIdentifier": { + "type": "string", + "description": "Unique ID of the account on the source.", + "example": "E009" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source.", + "example": "2c918082814e693601816e09471b29b6" + }, + "sourceName": { + "type": "string", + "description": "The name of the source.", + "example": "Active Directory" + }, + "identityId": { + "type": "string", + "description": "The ID of the identity that is correlated with this account.", + "example": "ee769173319b41d19ccec6c235423237b" + }, + "identityName": { + "type": "string", + "description": "The name of the identity that is correlated with this account.", + "example": "john.doe" + }, + "attributes": { + "type": "object", + "additionalProperties": true, + "description": "The attributes of the account. The contents of attributes depends on the account schema for the source.", + "example": { + "firstname": "John", + "lastname": "Doe", + "email": "john.doe@gmail.com", + "department": "Sales", + "displayName": "John Doe", + "created": "2020-04-27T16:48:33.597Z", + "employeeNumber": "E009", + "uid": "E009", + "inactive": "true", + "phone": null, + "identificationNumber": "E009" + } + } + } + }, + { + "title": "Source Account Deleted", + "type": "object", + "required": [ + "id", + "nativeIdentifier", + "sourceId", + "sourceName", + "identityId", + "identityName", + "attributes" + ], + "properties": { + "uuid": { + "type": "string", + "description": "Source unique identifier for the identity. UUID is generated by the source system.", + "example": "b7264868-7201-415f-9118-b581d431c688" + }, + "id": { + "type": "string", + "description": "SailPoint generated unique identifier.", + "example": "ee769173319b41d19ccec35ba52f237b" + }, + "nativeIdentifier": { + "type": "string", + "description": "Unique ID of the account on the source.", + "example": "E009" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source.", + "example": "2c918082814e693601816e09471b29b6" + }, + "sourceName": { + "type": "string", + "description": "The name of the source.", + "example": "Active Directory" + }, + "identityId": { + "type": "string", + "description": "The ID of the identity that is correlated with this account.", + "example": "ee769173319b41d19ccec6c235423237b" + }, + "identityName": { + "type": "string", + "description": "The name of the identity that is correlated with this account.", + "example": "john.doe" + }, + "attributes": { + "type": "object", + "additionalProperties": true, + "description": "The attributes of the account. The contents of attributes depends on the account schema for the source.", + "example": { + "firstname": "John", + "lastname": "Doe", + "email": "john.doe@gmail.com", + "department": "Sales", + "displayName": "John Doe", + "created": "2020-04-27T16:48:33.597Z", + "employeeNumber": "E009", + "uid": "E009", + "inactive": "true", + "phone": null, + "identificationNumber": "E009" + } + } + } + }, + { + "title": "Source Account Updated", + "type": "object", + "required": [ + "id", + "nativeIdentifier", + "sourceId", + "sourceName", + "identityId", + "identityName", + "attributes" + ], + "properties": { + "uuid": { + "type": "string", + "description": "Source unique identifier for the identity. UUID is generated by the source system.", + "example": "b7264868-7201-415f-9118-b581d431c688" + }, + "id": { + "type": "string", + "description": "SailPoint generated unique identifier.", + "example": "ee769173319b41d19ccec35ba52f237b" + }, + "nativeIdentifier": { + "type": "string", + "description": "Unique ID of the account on the source.", + "example": "E009" + }, + "sourceId": { + "type": "string", + "description": "The ID of the source.", + "example": "2c918082814e693601816e09471b29b6" + }, + "sourceName": { + "type": "string", + "description": "The name of the source.", + "example": "Active Directory" + }, + "identityId": { + "type": "string", + "description": "The ID of the identity that is correlated with this account.", + "example": "ee769173319b41d19ccec6c235423237b" + }, + "identityName": { + "type": "string", + "description": "The name of the identity that is correlated with this account.", + "example": "john.doe" + }, + "attributes": { + "type": "object", + "additionalProperties": true, + "description": "The attributes of the account. The contents of attributes depends on the account schema for the source.", + "example": { + "firstname": "John", + "lastname": "Doe", + "email": "john.doe@gmail.com", + "department": "Sales", + "displayName": "John Doe", + "created": "2020-04-27T16:48:33.597Z", + "employeeNumber": "E009", + "uid": "E009", + "inactive": "true", + "phone": null, + "identificationNumber": "E009" + } + } + } + }, + { + "title": "Source Created", + "type": "object", + "required": [ + "id", + "name", + "type", + "created", + "connector", + "actor" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the source.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Human friendly name of the source.", + "example": "Test source" + }, + "type": { + "type": "string", + "description": "The connection type.", + "example": "DIRECT_CONNECT" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the source was created.", + "example": "2021-03-29T22:01:50.474Z" + }, + "connector": { + "type": "string", + "description": "The connector type used to connect to the source.", + "example": "active-directory" + }, + "actor": { + "required": [ + "id", + "name", + "type" + ], + "type": "object", + "description": "Identity who created the source.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity who created the source.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity who created the source.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Display name of identity who created the source.", + "example": "William Wilson" + } + } + } + } + }, + { + "title": "Source Deleted", + "type": "object", + "required": [ + "id", + "name", + "type", + "deleted", + "connector", + "actor" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the source.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Human friendly name of the source.", + "example": "Test source" + }, + "type": { + "type": "string", + "description": "The connection type.", + "example": "DIRECT_CONNECT" + }, + "deleted": { + "type": "string", + "format": "date-time", + "description": "The date and time the source was deleted.", + "example": "2021-03-29T22:01:50.474Z" + }, + "connector": { + "type": "string", + "description": "The connector type used to connect to the source.", + "example": "active-directory" + }, + "actor": { + "required": [ + "id", + "name", + "type" + ], + "type": "object", + "description": "Identity who deleted the source.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity who deleted the source.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity who deleted the source.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Display name of identity who deleted the source.", + "example": "William Wilson" + } + } + } + } + }, + { + "title": "Source Updated", + "type": "object", + "required": [ + "id", + "name", + "type", + "modified", + "connector", + "actor" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the source.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "The user friendly name of the source.", + "example": "Corporate Active Directory" + }, + "type": { + "type": "string", + "description": "The connection type of the source.", + "example": "DIRECT_CONNECT" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the source was modified.", + "example": "2021-03-29T22:01:50.474Z" + }, + "connector": { + "type": "string", + "description": "The connector type used to connect to the source.", + "example": "active-directory" + }, + "actor": { + "required": [ + "type", + "name" + ], + "type": "object", + "description": "Identity who updated the source.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of identity who updated the source.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of identity who updated the source.", + "example": "2c7180a46faadee4016fb4e018c20648" + }, + "name": { + "type": "string", + "description": "Display name of identity who updated the source.", + "example": "William Wilson" + } + } + } + } + }, + { + "title": "VA Cluster Status Change Event", + "type": "object", + "required": [ + "created", + "type", + "application", + "healthCheckResult", + "previousHealthCheckResult" + ], + "properties": { + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the status change occurred.", + "example": "2020-06-29T22:01:50.474Z" + }, + "type": { + "enum": [ + "SOURCE", + "CLUSTER" + ], + "description": "The type of the object that initiated this event.", + "example": "CLUSTER" + }, + "application": { + "type": "object", + "description": "Details about the `CLUSTER` or `SOURCE` that initiated this event.", + "required": [ + "id", + "name", + "attributes" + ], + "properties": { + "id": { + "type": "string", + "description": "The GUID of the application", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "The name of the application", + "example": "Production VA Cluster" + }, + "attributes": { + "type": "object", + "description": "Custom map of attributes for a source. This will only be populated if type is `SOURCE` and the source has a proxy.", + "additionalProperties": true, + "nullable": true, + "example": null + } + } + }, + "healthCheckResult": { + "type": "object", + "description": "The results of the most recent health check.", + "required": [ + "message", + "resultType", + "status" + ], + "properties": { + "message": { + "type": "string", + "description": "Detailed message of the result of the health check.", + "example": "Test Connection failed with exception. Error message - java.lang Exception" + }, + "resultType": { + "type": "string", + "description": "The type of the health check result.", + "example": "SOURCE_STATE_ERROR_CLUSTER" + }, + "status": { + "enum": [ + "Succeeded", + "Failed" + ], + "description": "The status of the health check.", + "example": "Succeeded" + } + } + }, + "previousHealthCheckResult": { + "type": "object", + "description": "The results of the last health check.", + "required": [ + "message", + "resultType", + "status" + ], + "properties": { + "message": { + "type": "string", + "description": "Detailed message of the result of the health check.", + "example": "Test Connection failed with exception. Error message - java.lang Exception" + }, + "resultType": { + "type": "string", + "description": "The type of the health check result.", + "example": "SOURCE_STATE_ERROR_CLUSTER" + }, + "status": { + "enum": [ + "Succeeded", + "Failed" + ], + "description": "The status of the health check.", + "example": "Failed" + } + } + } + } + } + ] + }, + "outputSchema": { + "type": "string", + "description": "The JSON schema of the response that will be sent by the subscribed service to the trigger in response to an event. This only applies to a trigger type of `REQUEST_RESPONSE`.", + "nullable": true, + "example": "{\"definitions\":{\"record:AccessRequestDynamicApproverOutput\":{\"type\":[\"null\",\"object\"],\"required\":[\"id\",\"name\",\"type\"],\"additionalProperties\":true,\"properties\":{\"id\":{\"type\":\"string\"},\"name\":{\"type\":\"string\"},\"type\":{\"type\":\"string\"}}}},\"$ref\":\"#/definitions/record:AccessRequestDynamicApproverOutput\"}" + }, + "exampleOutput": { + "description": "An example of the JSON payload that will be sent by the subscribed service to the trigger in response to an event.", + "nullable": true, + "oneOf": [ + { + "title": "Access Request Dynamic Approver", + "type": "object", + "nullable": true, + "required": [ + "id", + "name", + "type" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the identity to add to the approver list for the access request.", + "example": "2c91808b6ef1d43e016efba0ce470906" + }, + "name": { + "type": "string", + "description": "The name of the identity to add to the approver list for the access request.", + "example": "Adam Adams" + }, + "type": { + "enum": [ + "IDENTITY", + "GOVERNANCE_GROUP" + ], + "description": "The type of object being referenced.", + "example": "IDENTITY" + } + } + }, + { + "title": "Access Request Pre Approval", + "type": "object", + "required": [ + "approved", + "comment", + "approver" + ], + "properties": { + "approved": { + "type": "boolean", + "description": "Whether or not to approve the access request.", + "example": false + }, + "comment": { + "type": "string", + "description": "A comment about the decision to approve or deny the request.", + "example": "This access should be denied, because this will cause an SOD violation." + }, + "approver": { + "type": "string", + "description": "The name of the entity that approved or denied the request.", + "example": "AcmeCorpExternalIntegration" + } + } + } + ] + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:trigger-service-subscriptions:read" + ] + } + ] + } + }, + "/trigger-subscriptions": { + "post": { + "operationId": "createSubscription", + "tags": [ + "Triggers" + ], + "summary": "Create a Subscription", + "description": "This API creates a new subscription to a trigger and defines trigger invocation details. The type of subscription determines which config object is required:\n* HTTP subscriptions require httpConfig\n* EventBridge subscriptions require eventBridgeConfig", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "triggerId", + "type", + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "Subscription name.", + "example": "Access request subscription" + }, + "description": { + "type": "string", + "description": "Subscription description.", + "example": "Access requested to site xyz" + }, + "triggerId": { + "type": "string", + "description": "ID of trigger subscribed to.", + "example": "idn:access-requested" + }, + "type": { + "type": "string", + "enum": [ + "HTTP", + "EVENTBRIDGE", + "INLINE", + "SCRIPT", + "WORKFLOW" + ], + "description": "Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.", + "example": "HTTP" + }, + "responseDeadline": { + "type": "string", + "description": "Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.", + "example": "PT1H", + "default": "PT1H" + }, + "httpConfig": { + "description": "Config required if HTTP subscription type is used.", + "type": "object", + "properties": { + "url": { + "type": "string", + "description": "URL of the external/custom integration.", + "example": "https://www.example.com" + }, + "httpDispatchMode": { + "type": "string", + "description": "HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.", + "enum": [ + "SYNC", + "ASYNC", + "DYNAMIC" + ], + "example": "SYNC" + }, + "httpAuthenticationType": { + "type": "string", + "description": "Defines the HTTP Authentication type. Additional values may be added in the future.\n\nIf *NO_AUTH* is selected, no extra information will be in HttpConfig.\n\nIf *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings.\n\nIf *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string.", + "enum": [ + "NO_AUTH", + "BASIC_AUTH", + "BEARER_TOKEN" + ], + "default": "NO_AUTH", + "example": "BASIC_AUTH" + }, + "basicAuthConfig": { + "type": "object", + "properties": { + "userName": { + "type": "string", + "description": "The username to authenticate.", + "example": "user@example.com" + }, + "password": { + "type": "string", + "nullable": true, + "description": "The password to authenticate. On response, this field is set to null as to not return secrets.", + "example": null + } + }, + "nullable": true, + "description": "Config required if BASIC_AUTH is used." + }, + "bearerTokenAuthConfig": { + "type": "object", + "properties": { + "bearerToken": { + "type": "string", + "nullable": true, + "description": "Bearer token", + "example": null + } + }, + "nullable": true, + "description": "Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets." + } + }, + "required": [ + "url", + "httpDispatchMode" + ] + }, + "eventBridgeConfig": { + "description": "Config required if EVENTBRIDGE subscription type is used.", + "type": "object", + "properties": { + "awsAccount": { + "type": "string", + "description": "AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource.", + "example": "123456789012" + }, + "awsRegion": { + "type": "string", + "description": "AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.", + "example": "us-west-1" + } + }, + "required": [ + "awsAccount", + "awsRegion" + ] + }, + "enabled": { + "type": "boolean", + "description": "Whether subscription should receive real-time trigger invocations or not.\n\nTest trigger invocations are always enabled regardless of this option.", + "default": true, + "example": true + }, + "filter": { + "type": "string", + "description": "JSONPath filter to conditionally invoke trigger when expression evaluates to true.", + "example": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]", + "externalDocs": { + "description": "JSONPath filter documentation", + "url": "https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events" + } + } + } + }, + "examples": { + "HTTP Subscription": { + "value": { + "name": "Access request subscription", + "description": "Access requested to site xyz", + "triggerId": "idn:access-requested", + "type": "HTTP", + "httpConfig": { + "url": "https://www.example.com", + "httpDispatchMode": "SYNC", + "httpAuthenticationType": "BASIC_AUTH", + "basicAuthConfig": { + "userName": "user@example.com", + "password": "eRtg4%6yuI!" + } + }, + "enabled": true, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + }, + "HTTP Async Subscription": { + "value": { + "name": "Access request subscription", + "description": "Access requested to site xyz", + "triggerId": "idn:access-requested", + "type": "HTTP", + "responseDeadline": "PT1H", + "httpConfig": { + "url": "https://www.example.com", + "httpDispatchMode": "ASYNC", + "httpAuthenticationType": "BASIC_AUTH", + "basicAuthConfig": { + "userName": "user@example.com", + "password": "eRtg4%6yuI!" + } + }, + "enabled": true, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + }, + "EventBridge Subscription": { + "value": { + "name": "Access request subscription", + "description": "Access requested to site xyz", + "triggerId": "idn:access-requested", + "type": "EVENTBRIDGE", + "eventBridgeConfig": { + "awsAccount": "123456789012", + "awsRegion": "us-west-1" + }, + "enabled": true, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "New subscription to a trigger. The trigger can now be invoked by the method defined in the subscription.", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "id", + "triggerId", + "type", + "name", + "triggerName", + "enabled" + ], + "properties": { + "id": { + "type": "string", + "description": "Subscription ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "Subscription name.", + "example": "Access request subscription" + }, + "description": { + "type": "string", + "description": "Subscription description.", + "example": "Access requested to site xyz" + }, + "triggerId": { + "type": "string", + "description": "ID of trigger subscribed to.", + "example": "idn:access-request-post-approval" + }, + "triggerName": { + "type": "string", + "description": "Trigger name of trigger subscribed to.", + "example": "Access Requested" + }, + "type": { + "type": "string", + "enum": [ + "HTTP", + "EVENTBRIDGE", + "INLINE", + "SCRIPT", + "WORKFLOW" + ], + "description": "Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.", + "example": "HTTP" + }, + "responseDeadline": { + "type": "string", + "description": "Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.", + "example": "PT1H", + "default": "PT1H" + }, + "httpConfig": { + "description": "Config required if HTTP subscription type is used.", + "type": "object", + "properties": { + "url": { + "type": "string", + "description": "URL of the external/custom integration.", + "example": "https://www.example.com" + }, + "httpDispatchMode": { + "type": "string", + "description": "HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.", + "enum": [ + "SYNC", + "ASYNC", + "DYNAMIC" + ], + "example": "SYNC" + }, + "httpAuthenticationType": { + "type": "string", + "description": "Defines the HTTP Authentication type. Additional values may be added in the future.\n\nIf *NO_AUTH* is selected, no extra information will be in HttpConfig.\n\nIf *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings.\n\nIf *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string.", + "enum": [ + "NO_AUTH", + "BASIC_AUTH", + "BEARER_TOKEN" + ], + "default": "NO_AUTH", + "example": "BASIC_AUTH" + }, + "basicAuthConfig": { + "type": "object", + "properties": { + "userName": { + "type": "string", + "description": "The username to authenticate.", + "example": "user@example.com" + }, + "password": { + "type": "string", + "nullable": true, + "description": "The password to authenticate. On response, this field is set to null as to not return secrets.", + "example": null + } + }, + "nullable": true, + "description": "Config required if BASIC_AUTH is used." + }, + "bearerTokenAuthConfig": { + "type": "object", + "properties": { + "bearerToken": { + "type": "string", + "nullable": true, + "description": "Bearer token", + "example": null + } + }, + "nullable": true, + "description": "Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets." + } + }, + "required": [ + "url", + "httpDispatchMode" + ] + }, + "eventBridgeConfig": { + "description": "Config required if EVENTBRIDGE subscription type is used.", + "type": "object", + "properties": { + "awsAccount": { + "type": "string", + "description": "AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource.", + "example": "123456789012" + }, + "awsRegion": { + "type": "string", + "description": "AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.", + "example": "us-west-1" + } + }, + "required": [ + "awsAccount", + "awsRegion" + ] + }, + "enabled": { + "type": "boolean", + "description": "Whether subscription should receive real-time trigger invocations or not.\nTest trigger invocations are always enabled regardless of this option.", + "default": true, + "example": true + }, + "filter": { + "type": "string", + "description": "JSONPath filter to conditionally invoke trigger when expression evaluates to true.", + "example": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]", + "externalDocs": { + "description": "JSONPath filter documentation", + "url": "https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:trigger-service-subscriptions:manage" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "get": { + "operationId": "listSubscriptions", + "tags": [ + "Triggers" + ], + "summary": "List Subscriptions", + "description": "Gets a list of all trigger subscriptions.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "required": false, + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "example": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "example": "triggerName" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of subscriptions.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "required": [ + "id", + "triggerId", + "type", + "name", + "triggerName", + "enabled" + ], + "properties": { + "id": { + "type": "string", + "description": "Subscription ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "Subscription name.", + "example": "Access request subscription" + }, + "description": { + "type": "string", + "description": "Subscription description.", + "example": "Access requested to site xyz" + }, + "triggerId": { + "type": "string", + "description": "ID of trigger subscribed to.", + "example": "idn:access-request-post-approval" + }, + "triggerName": { + "type": "string", + "description": "Trigger name of trigger subscribed to.", + "example": "Access Requested" + }, + "type": { + "type": "string", + "enum": [ + "HTTP", + "EVENTBRIDGE", + "INLINE", + "SCRIPT", + "WORKFLOW" + ], + "description": "Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.", + "example": "HTTP" + }, + "responseDeadline": { + "type": "string", + "description": "Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.", + "example": "PT1H", + "default": "PT1H" + }, + "httpConfig": { + "description": "Config required if HTTP subscription type is used.", + "type": "object", + "properties": { + "url": { + "type": "string", + "description": "URL of the external/custom integration.", + "example": "https://www.example.com" + }, + "httpDispatchMode": { + "type": "string", + "description": "HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.", + "enum": [ + "SYNC", + "ASYNC", + "DYNAMIC" + ], + "example": "SYNC" + }, + "httpAuthenticationType": { + "type": "string", + "description": "Defines the HTTP Authentication type. Additional values may be added in the future.\n\nIf *NO_AUTH* is selected, no extra information will be in HttpConfig.\n\nIf *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings.\n\nIf *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string.", + "enum": [ + "NO_AUTH", + "BASIC_AUTH", + "BEARER_TOKEN" + ], + "default": "NO_AUTH", + "example": "BASIC_AUTH" + }, + "basicAuthConfig": { + "type": "object", + "properties": { + "userName": { + "type": "string", + "description": "The username to authenticate.", + "example": "user@example.com" + }, + "password": { + "type": "string", + "nullable": true, + "description": "The password to authenticate. On response, this field is set to null as to not return secrets.", + "example": null + } + }, + "nullable": true, + "description": "Config required if BASIC_AUTH is used." + }, + "bearerTokenAuthConfig": { + "type": "object", + "properties": { + "bearerToken": { + "type": "string", + "nullable": true, + "description": "Bearer token", + "example": null + } + }, + "nullable": true, + "description": "Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets." + } + }, + "required": [ + "url", + "httpDispatchMode" + ] + }, + "eventBridgeConfig": { + "description": "Config required if EVENTBRIDGE subscription type is used.", + "type": "object", + "properties": { + "awsAccount": { + "type": "string", + "description": "AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource.", + "example": "123456789012" + }, + "awsRegion": { + "type": "string", + "description": "AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.", + "example": "us-west-1" + } + }, + "required": [ + "awsAccount", + "awsRegion" + ] + }, + "enabled": { + "type": "boolean", + "description": "Whether subscription should receive real-time trigger invocations or not.\nTest trigger invocations are always enabled regardless of this option.", + "default": true, + "example": true + }, + "filter": { + "type": "string", + "description": "JSONPath filter to conditionally invoke trigger when expression evaluates to true.", + "example": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]", + "externalDocs": { + "description": "JSONPath filter documentation", + "url": "https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events" + } + } + } + } + }, + "examples": { + "HTTP Subscription": { + "value": [ + { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "name": "Access request subscription", + "description": "Access requested to site xyz", + "triggerId": "idn:access-requested", + "triggerName": "Access Requested", + "type": "HTTP", + "httpConfig": { + "url": "https://www.example.com", + "httpDispatchMode": "SYNC", + "httpAuthenticationType": "BASIC_AUTH", + "basicAuthConfig": { + "userName": "user@example.com", + "password": null + } + }, + "enabled": true, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + ] + }, + "HTTP Async Subscription": { + "value": { + "name": "Access request subscription", + "description": "Access requested to site xyz", + "triggerId": "idn:access-requested", + "triggerName": "Access Requested", + "type": "HTTP", + "responseDeadline": "PT1H", + "httpConfig": { + "url": "https://www.example.com", + "httpDispatchMode": "ASYNC", + "httpAuthenticationType": "BASIC_AUTH", + "basicAuthConfig": { + "userName": "user@example.com", + "password": null + } + }, + "enabled": true, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + }, + "EventBridge Subscription": { + "value": [ + { + "id": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "name": "Access request subscription", + "description": "Access requested to site xyz", + "triggerId": "idn:access-requested", + "triggerName": "Access Requested", + "type": "EVENTBRIDGE", + "eventBridgeConfig": { + "awsAccount": "123456789012", + "awsRegion": "us-west-1" + }, + "enabled": true, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + ] + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:trigger-service-subscriptions:read" + ] + } + ] + } + }, + "/trigger-subscriptions/{id}": { + "put": { + "operationId": "updateSubscription", + "tags": [ + "Triggers" + ], + "summary": "Update a Subscription", + "description": "This API updates a trigger subscription in IdentityNow, using a full object representation. In other words, the existing\n Subscription is completely replaced. The following fields are immutable:\n\n\n * id\n\n * triggerId\n\n\n Attempts to modify these fields result in 400.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Subscription ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Subscription name.", + "example": "Access request subscription" + }, + "description": { + "type": "string", + "description": "Subscription description.", + "example": "Access requested to site xyz" + }, + "type": { + "type": "string", + "enum": [ + "HTTP", + "EVENTBRIDGE", + "INLINE", + "SCRIPT", + "WORKFLOW" + ], + "description": "Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.", + "example": "HTTP" + }, + "responseDeadline": { + "type": "string", + "description": "Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.", + "example": "PT1H", + "default": "PT1H" + }, + "httpConfig": { + "description": "Config required if HTTP subscription type is used.", + "type": "object", + "properties": { + "url": { + "type": "string", + "description": "URL of the external/custom integration.", + "example": "https://www.example.com" + }, + "httpDispatchMode": { + "type": "string", + "description": "HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.", + "enum": [ + "SYNC", + "ASYNC", + "DYNAMIC" + ], + "example": "SYNC" + }, + "httpAuthenticationType": { + "type": "string", + "description": "Defines the HTTP Authentication type. Additional values may be added in the future.\n\nIf *NO_AUTH* is selected, no extra information will be in HttpConfig.\n\nIf *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings.\n\nIf *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string.", + "enum": [ + "NO_AUTH", + "BASIC_AUTH", + "BEARER_TOKEN" + ], + "default": "NO_AUTH", + "example": "BASIC_AUTH" + }, + "basicAuthConfig": { + "type": "object", + "properties": { + "userName": { + "type": "string", + "description": "The username to authenticate.", + "example": "user@example.com" + }, + "password": { + "type": "string", + "nullable": true, + "description": "The password to authenticate. On response, this field is set to null as to not return secrets.", + "example": null + } + }, + "nullable": true, + "description": "Config required if BASIC_AUTH is used." + }, + "bearerTokenAuthConfig": { + "type": "object", + "properties": { + "bearerToken": { + "type": "string", + "nullable": true, + "description": "Bearer token", + "example": null + } + }, + "nullable": true, + "description": "Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets." + } + }, + "required": [ + "url", + "httpDispatchMode" + ] + }, + "eventBridgeConfig": { + "description": "Config required if EVENTBRIDGE subscription type is used.", + "type": "object", + "properties": { + "awsAccount": { + "type": "string", + "description": "AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource.", + "example": "123456789012" + }, + "awsRegion": { + "type": "string", + "description": "AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.", + "example": "us-west-1" + } + }, + "required": [ + "awsAccount", + "awsRegion" + ] + }, + "enabled": { + "type": "boolean", + "description": "Whether subscription should receive real-time trigger invocations or not.\n\nTest trigger invocations are always enabled regardless of this option.", + "default": true, + "example": true + }, + "filter": { + "type": "string", + "description": "JSONPath filter to conditionally invoke trigger when expression evaluates to true.", + "example": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]", + "externalDocs": { + "description": "JSONPath filter documentation", + "url": "https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events" + } + } + } + }, + "examples": { + "HTTP Subscription": { + "value": { + "name": "Access request subscription", + "description": "Access requested to site xyz", + "type": "HTTP", + "httpConfig": { + "url": "https://www.example.com", + "httpDispatchMode": "SYNC", + "httpAuthenticationType": "BASIC_AUTH", + "basicAuthConfig": { + "userName": "user@example.com", + "password": "eRtg4%6yuI!" + } + }, + "enabled": true, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + }, + "HTTP Async Subscription": { + "value": { + "name": "Access request subscription", + "description": "Access requested to site xyz", + "type": "HTTP", + "responseDeadline": "PT1H", + "httpConfig": { + "url": "https://www.example.com", + "httpDispatchMode": "ASYNC", + "httpAuthenticationType": "BASIC_AUTH", + "basicAuthConfig": { + "userName": "user@example.com", + "password": "eRtg4%6yuI!" + } + }, + "enabled": true, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + }, + "EventBridge Subscription": { + "value": { + "name": "Access request subscription", + "description": "Access requested to site xyz", + "type": "EVENTBRIDGE", + "eventBridgeConfig": { + "awsAccount": "123456789012", + "awsRegion": "us-west-1" + }, + "enabled": true, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Updated subscription.", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "id", + "triggerId", + "type", + "name", + "triggerName", + "enabled" + ], + "properties": { + "id": { + "type": "string", + "description": "Subscription ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "Subscription name.", + "example": "Access request subscription" + }, + "description": { + "type": "string", + "description": "Subscription description.", + "example": "Access requested to site xyz" + }, + "triggerId": { + "type": "string", + "description": "ID of trigger subscribed to.", + "example": "idn:access-request-post-approval" + }, + "triggerName": { + "type": "string", + "description": "Trigger name of trigger subscribed to.", + "example": "Access Requested" + }, + "type": { + "type": "string", + "enum": [ + "HTTP", + "EVENTBRIDGE", + "INLINE", + "SCRIPT", + "WORKFLOW" + ], + "description": "Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.", + "example": "HTTP" + }, + "responseDeadline": { + "type": "string", + "description": "Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.", + "example": "PT1H", + "default": "PT1H" + }, + "httpConfig": { + "description": "Config required if HTTP subscription type is used.", + "type": "object", + "properties": { + "url": { + "type": "string", + "description": "URL of the external/custom integration.", + "example": "https://www.example.com" + }, + "httpDispatchMode": { + "type": "string", + "description": "HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.", + "enum": [ + "SYNC", + "ASYNC", + "DYNAMIC" + ], + "example": "SYNC" + }, + "httpAuthenticationType": { + "type": "string", + "description": "Defines the HTTP Authentication type. Additional values may be added in the future.\n\nIf *NO_AUTH* is selected, no extra information will be in HttpConfig.\n\nIf *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings.\n\nIf *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string.", + "enum": [ + "NO_AUTH", + "BASIC_AUTH", + "BEARER_TOKEN" + ], + "default": "NO_AUTH", + "example": "BASIC_AUTH" + }, + "basicAuthConfig": { + "type": "object", + "properties": { + "userName": { + "type": "string", + "description": "The username to authenticate.", + "example": "user@example.com" + }, + "password": { + "type": "string", + "nullable": true, + "description": "The password to authenticate. On response, this field is set to null as to not return secrets.", + "example": null + } + }, + "nullable": true, + "description": "Config required if BASIC_AUTH is used." + }, + "bearerTokenAuthConfig": { + "type": "object", + "properties": { + "bearerToken": { + "type": "string", + "nullable": true, + "description": "Bearer token", + "example": null + } + }, + "nullable": true, + "description": "Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets." + } + }, + "required": [ + "url", + "httpDispatchMode" + ] + }, + "eventBridgeConfig": { + "description": "Config required if EVENTBRIDGE subscription type is used.", + "type": "object", + "properties": { + "awsAccount": { + "type": "string", + "description": "AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource.", + "example": "123456789012" + }, + "awsRegion": { + "type": "string", + "description": "AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.", + "example": "us-west-1" + } + }, + "required": [ + "awsAccount", + "awsRegion" + ] + }, + "enabled": { + "type": "boolean", + "description": "Whether subscription should receive real-time trigger invocations or not.\nTest trigger invocations are always enabled regardless of this option.", + "default": true, + "example": true + }, + "filter": { + "type": "string", + "description": "JSONPath filter to conditionally invoke trigger when expression evaluates to true.", + "example": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]", + "externalDocs": { + "description": "JSONPath filter documentation", + "url": "https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:trigger-service-subscriptions:manage" + ] + } + ] + }, + "patch": { + "operationId": "patchSubscription", + "tags": [ + "Triggers" + ], + "summary": "Patch a Subscription", + "description": "This API updates a trigger subscription in IdentityNow, using a set of instructions to modify a subscription partially. The following fields are patchable:\n\n**name**, **description**, **enabled**, **type**, **filter**, **responseDeadline**, **httpConfig**, **eventBridgeConfig**, **workflowConfig**", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "ID of the Subscription to patch", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json-patch+json": { + "schema": { + "description": "Operations to be applied", + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + }, + { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + }, + "example": [ + { + "op": "replace", + "path": "/description", + "value": "A new description" + }, + { + "op": "replace", + "path": "/name", + "value": "A new name" + } + ] + } + } + } + }, + "responses": { + "200": { + "description": "Updated subscription.", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "id", + "triggerId", + "type", + "name", + "triggerName", + "enabled" + ], + "properties": { + "id": { + "type": "string", + "description": "Subscription ID.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "name": { + "type": "string", + "description": "Subscription name.", + "example": "Access request subscription" + }, + "description": { + "type": "string", + "description": "Subscription description.", + "example": "Access requested to site xyz" + }, + "triggerId": { + "type": "string", + "description": "ID of trigger subscribed to.", + "example": "idn:access-request-post-approval" + }, + "triggerName": { + "type": "string", + "description": "Trigger name of trigger subscribed to.", + "example": "Access Requested" + }, + "type": { + "type": "string", + "enum": [ + "HTTP", + "EVENTBRIDGE", + "INLINE", + "SCRIPT", + "WORKFLOW" + ], + "description": "Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.", + "example": "HTTP" + }, + "responseDeadline": { + "type": "string", + "description": "Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.", + "example": "PT1H", + "default": "PT1H" + }, + "httpConfig": { + "description": "Config required if HTTP subscription type is used.", + "type": "object", + "properties": { + "url": { + "type": "string", + "description": "URL of the external/custom integration.", + "example": "https://www.example.com" + }, + "httpDispatchMode": { + "type": "string", + "description": "HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.", + "enum": [ + "SYNC", + "ASYNC", + "DYNAMIC" + ], + "example": "SYNC" + }, + "httpAuthenticationType": { + "type": "string", + "description": "Defines the HTTP Authentication type. Additional values may be added in the future.\n\nIf *NO_AUTH* is selected, no extra information will be in HttpConfig.\n\nIf *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings.\n\nIf *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string.", + "enum": [ + "NO_AUTH", + "BASIC_AUTH", + "BEARER_TOKEN" + ], + "default": "NO_AUTH", + "example": "BASIC_AUTH" + }, + "basicAuthConfig": { + "type": "object", + "properties": { + "userName": { + "type": "string", + "description": "The username to authenticate.", + "example": "user@example.com" + }, + "password": { + "type": "string", + "nullable": true, + "description": "The password to authenticate. On response, this field is set to null as to not return secrets.", + "example": null + } + }, + "nullable": true, + "description": "Config required if BASIC_AUTH is used." + }, + "bearerTokenAuthConfig": { + "type": "object", + "properties": { + "bearerToken": { + "type": "string", + "nullable": true, + "description": "Bearer token", + "example": null + } + }, + "nullable": true, + "description": "Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets." + } + }, + "required": [ + "url", + "httpDispatchMode" + ] + }, + "eventBridgeConfig": { + "description": "Config required if EVENTBRIDGE subscription type is used.", + "type": "object", + "properties": { + "awsAccount": { + "type": "string", + "description": "AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource.", + "example": "123456789012" + }, + "awsRegion": { + "type": "string", + "description": "AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.", + "example": "us-west-1" + } + }, + "required": [ + "awsAccount", + "awsRegion" + ] + }, + "enabled": { + "type": "boolean", + "description": "Whether subscription should receive real-time trigger invocations or not.\nTest trigger invocations are always enabled regardless of this option.", + "default": true, + "example": true + }, + "filter": { + "type": "string", + "description": "JSONPath filter to conditionally invoke trigger when expression evaluates to true.", + "example": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]", + "externalDocs": { + "description": "JSONPath filter documentation", + "url": "https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:trigger-service-subscriptions:manage" + ] + } + ] + }, + "delete": { + "operationId": "deleteSubscription", + "tags": [ + "Triggers" + ], + "summary": "Delete a Subscription", + "description": "Deletes an existing subscription to a trigger.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "Subscription ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "Subscription is deleted successfully." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:trigger-service-subscriptions:manage" + ] + } + ] + } + }, + "/trigger-subscriptions/validate-filter": { + "post": { + "operationId": "testSubscriptionFilter", + "tags": [ + "Triggers" + ], + "summary": "Validate a Subscription Filter", + "description": "Validates a JSONPath filter expression against a provided mock input.\nRequest requires a security scope of: ", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "required": [ + "input", + "filter" + ], + "type": "object", + "properties": { + "input": { + "type": "object", + "description": "Mock input to evaluate filter expression against.", + "example": { + "identityId": "201327fda1c44704ac01181e963d463c" + } + }, + "filter": { + "type": "string", + "description": "JSONPath filter to conditionally invoke trigger when expression evaluates to true.", + "example": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]", + "externalDocs": { + "description": "JSONPath filter documentation", + "url": "https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events" + } + } + } + }, + "example": { + "input": { + "identityId": "201327fda1c44704ac01181e963d463c" + }, + "filter": "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]" + } + } + } + }, + "responses": { + "200": { + "description": "Boolean whether specified filter expression is valid against the input.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "isValid": { + "type": "boolean", + "default": false, + "description": "When this field is true, the filter expression is valid against the input.", + "example": true + }, + "isValidJSONPath": { + "type": "boolean", + "default": false, + "description": "When this field is true, the filter expression is using a valid JSON path.", + "example": true + }, + "isPathExist": { + "type": "boolean", + "default": false, + "description": "When this field is true, the filter expression is using an existing path.", + "example": true + } + } + }, + "example": { + "isValid": true, + "isValidJSONPath": true, + "isPathExist": true + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:trigger-service-subscriptions:manage" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/trigger-invocations/status": { + "get": { + "operationId": "listTriggerInvocationStatus", + "tags": [ + "Triggers" + ], + "summary": "List Latest Invocation Statuses", + "description": "Gets a list of latest invocation statuses.\nStatuses of successful invocations are available for up to 24 hours. Statuses of failed invocations are available for up to 48 hours.\nThis endpoint may only fetch up to 2000 invocations, and should not be treated as a representation of the full history of invocations.", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "required": false, + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**triggerId**: *eq*\n\n**subscriptionId**: *eq*", + "example": "triggerId eq \"idn:access-request-dynamic-approver\"" + }, + { + "in": "query", + "name": "sorters", + "required": false, + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, subscriptionName, created, completed**", + "example": "created" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of latest invocation statuses.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "required": [ + "id", + "triggerId", + "subscriptionId", + "startInvocationInput", + "type", + "subscriptionName", + "created" + ], + "properties": { + "id": { + "type": "string", + "description": "Invocation ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "triggerId": { + "type": "string", + "description": "Trigger ID", + "example": "idn:access-request-post-approval" + }, + "subscriptionName": { + "type": "string", + "description": "Subscription name", + "example": "Access request subscription" + }, + "subscriptionId": { + "type": "string", + "description": "Subscription ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "type": { + "type": "string", + "description": "Defines the Invocation type.\n\n**TEST** The trigger was invocated as a test, either via the test subscription button in the UI or via the start test invocation API.\n\n**REAL_TIME** The trigger subscription is live and was invocated by a real event in IdentityNow.", + "enum": [ + "TEST", + "REAL_TIME" + ], + "example": "TEST" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "Invocation created timestamp. ISO-8601 in UTC.", + "example": "2020-03-27T20:40:10.738Z" + }, + "completed": { + "type": "string", + "format": "date-time", + "description": "Invocation completed timestamp; empty fields imply invocation is in-flight or not completed. ISO-8601 in UTC.", + "example": "2020-03-27T20:42:14.738Z" + }, + "startInvocationInput": { + "description": "Data related to start of trigger invocation.", + "type": "object", + "properties": { + "triggerId": { + "type": "string", + "description": "Trigger ID", + "example": "idn:access-requested" + }, + "input": { + "type": "object", + "example": { + "identityId": "201327fda1c44704ac01181e963d463c" + }, + "description": "Trigger input payload. Its schema is defined in the trigger definition." + }, + "contentJson": { + "type": "object", + "example": { + "workflowId": 1234 + }, + "description": "JSON map of invocation metadata" + } + } + }, + "completeInvocationInput": { + "description": "Data related to end of trigger invocation.", + "type": "object", + "properties": { + "localizedError": { + "type": "object", + "nullable": true, + "description": "Localized error message to indicate a failed invocation or error if any.", + "required": [ + "locale", + "message" + ], + "properties": { + "locale": { + "description": "Message locale", + "type": "string", + "example": "An error has occurred!" + }, + "message": { + "description": "Message text", + "type": "string", + "example": "Error has occurred!" + } + } + }, + "output": { + "type": "object", + "nullable": true, + "example": { + "approved": false + }, + "description": "Trigger output that completed the invocation. Its schema is defined in the trigger definition." + } + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:trigger-service-invocation-status:read", + "sp:trigger-service-invocation-status:manage" + ] + } + ] + } + }, + "/trigger-invocations/{id}/complete": { + "post": { + "operationId": "completeTriggerInvocation", + "tags": [ + "Triggers" + ], + "summary": "Complete Trigger Invocation", + "description": "Completes an invocation to a REQUEST_RESPONSE type trigger.", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true, + "description": "The ID of the invocation to complete.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "secret": { + "type": "string", + "description": "Unique invocation secret that was generated when the invocation was created. Required to authenticate to the endpoint.", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "error": { + "type": "string", + "description": "The error message to indicate a failed invocation or error if any.", + "example": "Access request is denied." + }, + "output": { + "type": "object", + "example": { + "approved": false + }, + "description": "Trigger output to complete the invocation. Its schema is defined in the trigger definition." + } + }, + "required": [ + "secret", + "output" + ] + }, + "example": { + "secret": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "output": { + "approved": false + } + } + } + } + }, + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/trigger-invocations/test": { + "post": { + "operationId": "startTestTriggerInvocation", + "tags": [ + "Triggers" + ], + "summary": "Start a Test Invocation", + "description": "Initiate a test event for all subscribers of the specified event trigger. If there are no subscribers to the specified trigger in the tenant, then no test event will be sent.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "triggerId": { + "type": "string", + "example": "idn:access-request-post-approval", + "description": "Trigger ID" + }, + "input": { + "type": "object", + "example": { + "identityId": "201327fda1c44704ac01181e963d463c" + }, + "description": "Mock input to use for test invocation. This must adhere to the input schema defined in the trigger being invoked. If this property is omitted, then the default trigger sample payload will be sent." + }, + "contentJson": { + "type": "object", + "example": { + "workflowId": 1234 + }, + "description": "JSON map of invocation metadata." + }, + "subscriptionIds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + ], + "description": "Only send the test event to the subscription IDs listed. If omitted, the test event will be sent to all subscribers." + } + }, + "required": [ + "triggerId", + "contentJson" + ] + }, + "examples": { + "Test Trigger with Mock Input": { + "value": { + "triggerId": "idn:access-requested", + "input": { + "identityId": "201327fda1c44704ac01181e963d463c" + }, + "contentJson": { + "workflowId": 1234 + } + } + }, + "Send Test to only One Subscriber": { + "value": { + "triggerId": "idn:access-requested", + "contentJson": { + "workflowId": 1234 + }, + "subscriptionIds": [ + "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + ] + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Test trigger invocations that have been started for specified subscription(s).", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Invocation ID", + "example": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" + }, + "triggerId": { + "type": "string", + "description": "Trigger ID", + "example": "idn:access-requested" + }, + "secret": { + "type": "string", + "description": "Unique invocation secret.", + "example": "0f979022-08be-44f2-b6f9-7393ec73ed9b" + }, + "contentJson": { + "type": "object", + "example": { + "workflowId": 1234 + }, + "description": "JSON map of invocation metadata." + } + } + } + } + } + } + }, + "204": { + "description": "Trigger invocation is skipped, because tenant has not subscribed to the specified trigger." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:trigger-service-invocation-status:manage" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/ui-metadata/tenant": { + "get": { + "operationId": "getTenantUiMetadata", + "tags": [ + "UI Metadata" + ], + "summary": "Get a tenant UI metadata", + "description": "This API endpoint retrieves UI metadata configured for your tenant.\nA token with ORG_ADMIN authority is required to call this API.", + "security": [ + { + "UserContextAuth": [ + "idn:ui-access-metadata-page:read" + ] + } + ], + "responses": { + "200": { + "description": "A tenant UI metadata object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "iframeWhiteList": { + "type": "string", + "nullable": true, + "description": "Parameter that organizational administrators can adjust to permit another domain to encapsulate IDN within an iframe. If you would like to reset the value use \"null\". It will only allow include into iframe non authenticated portions of the product, such as password reset.", + "example": "http://example.com http://example2.com" + }, + "usernameLabel": { + "type": "string", + "nullable": true, + "description": "Descriptor for the username input field. If you would like to reset the value use \"null\".", + "example": "Email" + }, + "usernameEmptyText": { + "type": "string", + "nullable": true, + "description": "Placeholder text displayed in the username input field. If you would like to reset the value use \"null\".", + "example": "Please provide your work email address..." + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "put": { + "operationId": "setTenantUiMetadata", + "tags": [ + "UI Metadata" + ], + "summary": "Update tenant UI metadata", + "description": "This API endpoint updates UI metadata for your tenant. These changes may require up to 5 minutes to take effect on the UI.\nA token with ORG_ADMIN authority is required to call this API.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "iframeWhiteList": { + "type": "string", + "nullable": true, + "description": "Parameter that organizational administrators can adjust to permit another domain to encapsulate IDN within an iframe. If you would like to reset the value use \"null\". It will only allow include into iframe non authenticated portions of the product, such as password reset.", + "example": "http://example.com http://example2.com" + }, + "usernameLabel": { + "type": "string", + "nullable": true, + "description": "Descriptor for the username input field. If you would like to reset the value use \"null\".", + "example": "Email" + }, + "usernameEmptyText": { + "type": "string", + "nullable": true, + "description": "Placeholder text displayed in the username input field. If you would like to reset the value use \"null\".", + "example": "Please provide your work email address..." + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:ui-access-metadata-page:manage" + ] + } + ], + "responses": { + "200": { + "description": "A tenant UI metadata object", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "iframeWhiteList": { + "type": "string", + "nullable": true, + "description": "Parameter that organizational administrators can adjust to permit another domain to encapsulate IDN within an iframe. If you would like to reset the value use \"null\". It will only allow include into iframe non authenticated portions of the product, such as password reset.", + "example": "http://example.com http://example2.com" + }, + "usernameLabel": { + "type": "string", + "nullable": true, + "description": "Descriptor for the username input field. If you would like to reset the value use \"null\".", + "example": "Email" + }, + "usernameEmptyText": { + "type": "string", + "nullable": true, + "description": "Placeholder text displayed in the username input field. If you would like to reset the value use \"null\".", + "example": "Please provide your work email address..." + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/verified-from-addresses": { + "get": { + "operationId": "listFromAddresses", + "tags": [ + "Notifications" + ], + "summary": "List From Addresses", + "description": "Retrieve a list of sender email addresses and their verification statuses", + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**email**: *eq, ge, le, sw*", + "example": "email eq \"john.doe@company.com\"" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **email**", + "example": "email" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of Email Status", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "nullable": true + }, + "email": { + "type": "string", + "example": "sender@example.com" + }, + "isVerifiedByDomain": { + "type": "boolean", + "example": false + }, + "verificationStatus": { + "type": "string", + "enum": [ + "PENDING", + "SUCCESS", + "FAILED" + ] + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "operationId": "createVerifiedFromAddress", + "tags": [ + "Notifications" + ], + "summary": "Create Verified From Address", + "description": "Create a new sender email address and initiate verification process.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "nullable": true + }, + "email": { + "type": "string", + "example": "sender@example.com" + }, + "isVerifiedByDomain": { + "type": "boolean", + "example": false + }, + "verificationStatus": { + "type": "string", + "enum": [ + "PENDING", + "SUCCESS", + "FAILED" + ] + } + } + }, + "example": { + "email": "sender@example.com" + } + } + } + }, + "responses": { + "201": { + "description": "New Verified Email Status", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "nullable": true + }, + "email": { + "type": "string", + "example": "sender@example.com" + }, + "isVerifiedByDomain": { + "type": "boolean", + "example": false + }, + "verificationStatus": { + "type": "string", + "enum": [ + "PENDING", + "SUCCESS", + "FAILED" + ] + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/verified-from-addresses/{id}": { + "delete": { + "operationId": "deleteVerifiedFromAddress", + "tags": [ + "Notifications" + ], + "summary": "Delete Verified From Address", + "description": "Delete a verified sender email address", + "parameters": [ + { + "in": "path", + "name": "id", + "schema": { + "type": "string" + }, + "required": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/verified-domains": { + "get": { + "security": [ + { + "UserContextAuth": [ + "sp:notification-dkim-attributes:read" + ] + } + ], + "operationId": "getDkimAttributes", + "tags": [ + "Notifications" + ], + "summary": "Get DKIM Attributes", + "description": "Retrieve DKIM (DomainKeys Identified Mail) attributes for all your tenants' AWS SES identities. Limits retrieval to 100 identities per call.", + "responses": { + "200": { + "description": "List of DKIM Attributes", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "123b45b0-aaaa-bbbb-a7db-123456a56abc", + "description": "UUID associated with domain to be verified" + }, + "address": { + "type": "string", + "example": "BobSmith@sailpoint.com", + "description": "The identity or domain address" + }, + "dkimEnabled": { + "type": "boolean", + "default": false, + "example": true, + "description": "Whether or not DKIM has been enabled for this domain / identity" + }, + "dkimTokens": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "uq1m3jjk25ckd3whl4n7y46c56r5l6aq", + "u7pm38jky9ckdawhlsn7y4dcj6f5lpgq", + "uhpm3jjkjjckdkwhlqn7yw6cjer5tpay" + ], + "description": "The tokens to be added to a DNS for verification" + }, + "dkimVerificationStatus": { + "type": "string", + "example": "Success", + "description": "The current status if the domain /identity has been verified. Ie Success, Failed, Pending" + } + }, + "description": "DKIM attributes for a domain or identity" + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "post": { + "security": [ + { + "UserContextAuth": [ + "sp:notification-verify-domain-dkim:write" + ] + } + ], + "operationId": "createDomainDkim", + "tags": [ + "Notifications" + ], + "summary": "Verify domain address via DKIM", + "description": "Create a domain to be verified via DKIM (DomainKeys Identified Mail)", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "domain": { + "type": "string", + "example": "sailpoint.com", + "description": "A domain address" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "List of DKIM tokens required for the verification process.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "123b45b0-aaaa-bbbb-a7db-123456a56abc", + "description": "New UUID associated with domain to be verified" + }, + "domain": { + "type": "string", + "example": "sailpoint.com", + "description": "A domain address" + }, + "dkimEnabled": { + "default": false, + "example": true, + "description": "DKIM is enabled for this domain" + }, + "dkimTokens": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "token1", + "token2", + "token3" + ], + "description": "DKIM tokens required for authentication" + }, + "dkimVerificationStatus": { + "type": "string", + "example": "PENDING", + "description": "Status of DKIM authentication" + } + }, + "description": "Domain status DTO containing everything required to verify via DKIM" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "405": { + "description": "Method Not Allowed - indicates that the server knows the request method, but the target resource doesn't support this method.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "errorName": { + "description": "A message describing the error", + "example": "NotSupportedException" + }, + "errorMessage": { + "description": "Description of the error", + "example": "Cannot consume content type" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/workgroups": { + "get": { + "operationId": "listWorkgroups", + "tags": [ + "Governance Groups" + ], + "summary": "List Governance Groups", + "description": "This API returns list of Governance Groups", + "parameters": [ + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 50, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 50, + "default": 50 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "filters", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**name**: *eq, sw, in*\n\n**memberships.identityId**: *eq, in*", + "example": "name sw \"Test\"", + "required": false + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified, id, description**", + "example": "name,-modified", + "required": false + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of Governance Groups", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "readOnly": true, + "description": "The display name of the identity", + "type": "string", + "example": "Support" + }, + "emailAddress": { + "readOnly": true, + "description": "The primary email address of the identity", + "type": "string", + "example": "support@sailpoint.com" + } + }, + "description": "Governance group owner." + } + ] + }, + "id": { + "type": "string", + "description": "Governance group ID.", + "example": "2c91808568c529c60168cca6f90c1313", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Governance group name.", + "example": "DB Access Governance Group" + }, + "description": { + "type": "string", + "description": "Governance group description.", + "example": "Description of the Governance Group" + }, + "memberCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "readOnly": true, + "description": "Number of members in the governance group." + }, + "connectionCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "description": "Number of connections in the governance group.", + "readOnly": true + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:read" + ] + } + ] + }, + "post": { + "operationId": "createWorkgroup", + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:write" + ] + } + ], + "tags": [ + "Governance Groups" + ], + "summary": "Create a new Governance Group.", + "description": "This API creates a new Governance Group.", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "readOnly": true, + "description": "The display name of the identity", + "type": "string", + "example": "Support" + }, + "emailAddress": { + "readOnly": true, + "description": "The primary email address of the identity", + "type": "string", + "example": "support@sailpoint.com" + } + }, + "description": "Governance group owner." + } + ] + }, + "id": { + "type": "string", + "description": "Governance group ID.", + "example": "2c91808568c529c60168cca6f90c1313", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Governance group name.", + "example": "DB Access Governance Group" + }, + "description": { + "type": "string", + "description": "Governance group description.", + "example": "Description of the Governance Group" + }, + "memberCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "readOnly": true, + "description": "Number of members in the governance group." + }, + "connectionCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "description": "Number of connections in the governance group.", + "readOnly": true + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Governance Group object created.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "readOnly": true, + "description": "The display name of the identity", + "type": "string", + "example": "Support" + }, + "emailAddress": { + "readOnly": true, + "description": "The primary email address of the identity", + "type": "string", + "example": "support@sailpoint.com" + } + }, + "description": "Governance group owner." + } + ] + }, + "id": { + "type": "string", + "description": "Governance group ID.", + "example": "2c91808568c529c60168cca6f90c1313", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Governance group name.", + "example": "DB Access Governance Group" + }, + "description": { + "type": "string", + "description": "Governance group description.", + "example": "Description of the Governance Group" + }, + "memberCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "readOnly": true, + "description": "Number of members in the governance group." + }, + "connectionCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "description": "Number of connections in the governance group.", + "readOnly": true + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/workgroups/{id}": { + "get": { + "operationId": "getWorkgroup", + "tags": [ + "Governance Groups" + ], + "summary": "Get Governance Group by Id", + "description": "This API returns a Governance Groups by its ID.", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "ID of the Governance Group", + "example": "2c9180837ca6693d017ca8d097500149" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "A Governance Group", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "readOnly": true, + "description": "The display name of the identity", + "type": "string", + "example": "Support" + }, + "emailAddress": { + "readOnly": true, + "description": "The primary email address of the identity", + "type": "string", + "example": "support@sailpoint.com" + } + }, + "description": "Governance group owner." + } + ] + }, + "id": { + "type": "string", + "description": "Governance group ID.", + "example": "2c91808568c529c60168cca6f90c1313", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Governance group name.", + "example": "DB Access Governance Group" + }, + "description": { + "type": "string", + "description": "Governance group description.", + "example": "Description of the Governance Group" + }, + "memberCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "readOnly": true, + "description": "Number of members in the governance group." + }, + "connectionCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "description": "Number of connections in the governance group.", + "readOnly": true + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:read" + ] + } + ] + }, + "delete": { + "operationId": "deleteWorkgroup", + "tags": [ + "Governance Groups" + ], + "summary": "Delete a Governance Group", + "description": "This API deletes a Governance Group by its ID.", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "ID of the Governance Group", + "example": "2c9180837ca6693d017ca8d097500149" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:write" + ] + } + ] + }, + "patch": { + "operationId": "patchWorkgroup", + "tags": [ + "Governance Groups" + ], + "summary": "Patch a Governance Group", + "description": "This API updates an existing governance group by ID. \nThe following fields and objects are patchable:\n * name\n * description\n * owner\n\nA token with API or ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + }, + "description": "ID of the Governance Group", + "example": "2c9180837ca6693d017ca8d097500149" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "content": { + "application/json-patch+json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)", + "required": [ + "op", + "path" + ], + "properties": { + "op": { + "type": "string", + "description": "The operation to be performed", + "enum": [ + "add", + "remove", + "replace", + "move", + "copy", + "test" + ], + "example": "replace" + }, + "path": { + "type": "string", + "description": "A string JSON Pointer representing the target path to an element to be affected by the operation", + "example": "/description" + }, + "value": { + "oneOf": [ + { + "type": "string", + "example": "New description", + "title": "string" + }, + { + "type": "boolean", + "example": true, + "title": "boolean" + }, + { + "type": "integer", + "example": 300, + "title": "integer" + }, + { + "type": "object", + "title": "object", + "example": { + "attributes": { + "name": "philip" + } + } + }, + { + "type": "array", + "title": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "object" + } + ], + "example": [ + "001", + "002", + "003" + ] + } + } + ], + "description": "The value to be used for the operation, required for \"add\" and \"replace\" operations", + "example": "New description" + } + } + } + }, + "examples": { + "Replace Description": { + "description": "Replace description of a Governance Group.", + "value": [ + { + "op": "replace", + "path": "/description", + "value": "Governance Group new description." + } + ] + } + } + } + } + }, + "responses": { + "200": { + "description": "A Governance Group.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "readOnly": true, + "description": "The display name of the identity", + "type": "string", + "example": "Support" + }, + "emailAddress": { + "readOnly": true, + "description": "The primary email address of the identity", + "type": "string", + "example": "support@sailpoint.com" + } + }, + "description": "Governance group owner." + } + ] + }, + "id": { + "type": "string", + "description": "Governance group ID.", + "example": "2c91808568c529c60168cca6f90c1313", + "readOnly": true + }, + "name": { + "type": "string", + "description": "Governance group name.", + "example": "DB Access Governance Group" + }, + "description": { + "type": "string", + "description": "Governance group description.", + "example": "Description of the Governance Group" + }, + "memberCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "readOnly": true, + "description": "Number of members in the governance group." + }, + "connectionCount": { + "type": "integer", + "format": "int64", + "example": 1641498673000, + "description": "Number of connections in the governance group.", + "readOnly": true + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2022-01-06T19:51:13Z" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:write" + ] + } + ] + } + }, + "/workgroups/bulk-delete": { + "post": { + "operationId": "deleteWorkgroupsInBulk", + "summary": "Delete Governance Group(s)", + "tags": [ + "Governance Groups" + ], + "description": "\nThis API initiates a bulk deletion of one or more Governance Groups.\n\n> If any of the indicated Governance Groups have one or more connections associated with it,then those Governance Groups will be added in **inUse** list of the response. Governance Group(s) marked as **inUse** can not be deleted.\n\n> If any of the indicated Governance Groups is not does not exists in Organization,then those Governance Groups will be added in **notFound** list of the response. Governance Groups marked as **notFound** will not be deleted.\n\n> If any of the indicated Governance Groups does not have any connections associated with it,then those Governance Groups will be added in **deleted** list of the response. A Governance Group marked as **deleted** will be deleted from current Organization.\n\n> If the request contains any **inUse** or **notFound** Governance Group IDs then it skips only these Governance Groups for deletion and deletes the rest of Governance Groups which have no connections associated with it. \n\n> **This API has limit number of Governance Groups can be deleted at one time. If the request contains more then 100 Governance Groups IDs to be deleted then the API will throw an exception.**", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "ids": { + "description": "List of IDs of Governance Groups to be deleted.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "567a697e-885b-495a-afc5-d55e1c23a302", + "c7b0f7b2-1e78-4063-b294-a555333dacd2" + ] + } + } + }, + "example": { + "ids": [ + "567a697e-885b-495a-afc5-d55e1c23a302", + "c7b0f7b2-1e78-4063-b294-a555333dacd2" + ] + } + } + } + }, + "responses": { + "207": { + "description": "Governance Group bulk delete response.", + "content": { + "application/json": { + "schema": { + "description": "Bulk remove Governance Groups Response.", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "description": "Id of the Governance Group.", + "type": "string", + "example": "464ae7bf791e49fdb74606a2e4a89635" + }, + "status": { + "type": "string", + "description": "\nThe HTTP response status code returned for an individual Governance Group that is requested for deletion during a bulk delete operation.\n\n> 204 - Governance Group deleted successfully.\n\n> 409 - Governance Group is in use,hence can not be deleted.\n\n> 404 - Governance Group not found.\n", + "example": 204 + }, + "description": { + "description": "Human readable status description and containing additional context information about success or failures etc.\n", + "example": "\n> Governance Group deleted successfully.\n\n> Unable to delete Governance Group f80bba83-98c4-4ec2-81c8-373c00e9663b because it is in use.\n\n> Referenced Governance Group 2b711763-ed35-42a2-a80c-8f1ce0dc4a7f was not found.\n", + "type": "string" + } + }, + "required": [ + "id", + "status" + ] + }, + "example": [ + { + "id": "464ae7bf791e49fdb74606a2e4a89635", + "status": "204", + "description": "Governance Group deleted successfully." + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:write" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/workgroups/{workgroupId}/connections": { + "get": { + "operationId": "listConnections", + "tags": [ + "Governance Groups" + ], + "summary": "List connections for Governance Group", + "description": "This API returns list of connections associated with a Governance Group.", + "parameters": [ + { + "name": "workgroupId", + "in": "path", + "description": "ID of the Governance Group.", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 50, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 50, + "default": 50 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "example": "name,-modified", + "required": false + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List all connections associated with a Governance Group.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "object": { + "description": "Connected object to Governance Group", + "type": "object", + "properties": { + "type": { + "description": "Connection Object type", + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "SOD_POLICY", + "SOURCE" + ], + "example": "ACCESS_PROFILE" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable name of Connected object", + "example": "Employee-database-read-write" + }, + "description": { + "type": "string", + "description": "Description of the Connected object.", + "example": "Collection of entitlements to read/write the employee database." + } + } + }, + "connectionType": { + "description": "Connection Type.", + "type": "string", + "enum": [ + "AccessRequestReviewer", + "Owner", + "ManagementWorkgroup" + ], + "example": "AccessRequestReviewer" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:read" + ] + } + ] + } + }, + "/workgroups/{workgroupId}/members": { + "get": { + "operationId": "listWorkgroupMembers", + "tags": [ + "Governance Groups" + ], + "summary": "List Governance Group Members", + "description": "This API returns list of members associated with a Governance Group.", + "parameters": [ + { + "name": "workgroupId", + "in": "path", + "description": "ID of the Governance Group.", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "limit", + "description": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 50, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 50, + "default": 50 + } + }, + { + "in": "query", + "name": "count", + "description": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": true, + "schema": { + "type": "boolean", + "default": false + } + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "example": "name,-modified", + "required": false + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List all members associated with a Governance Group.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Identity of workgroup member.", + "properties": { + "type": { + "type": "string", + "description": "Workgroup member identity DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Workgroup member identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Workgroup member identity display name.", + "example": "Michael Michaels" + }, + "email": { + "type": "string", + "description": "Workgroup member identity email.", + "example": "michael.michaels@sailpoint.com" + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:read" + ] + } + ] + } + }, + "/workgroups/{workgroupId}/members/bulk-add": { + "post": { + "operationId": "updateWorkgroupMembers", + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:write" + ] + } + ], + "tags": [ + "Governance Groups" + ], + "summary": "Add members to Governance Group", + "description": "This API adds one or more members to a Governance Group. A token with API, ORG_ADMIN authority is required to call this API.\n\n> **Following field of Identity is an optional field in the request.**\n\n> **name**", + "parameters": [ + { + "name": "workgroupId", + "in": "path", + "description": "ID of the Governance Group.", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "List of identities to be added to a Governance Group members list.", + "required": true, + "content": { + "application/json": { + "schema": { + "description": "List of identities to be added or removed to a Governance Group members list.", + "type": "array", + "items": { + "type": "object", + "description": "Identity's basic details.", + "properties": { + "type": { + "type": "string", + "description": "Identity's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Identity's display name.", + "example": "Michael Michaels" + } + } + }, + "example": [ + { + "type": "IDENTITY", + "id": "464ae7bf791e49fdb74606a2e4a89635", + "name": "Addie Smith" + } + ] + } + } + } + }, + "responses": { + "207": { + "description": "List of added and not added identities into Governance Group members list.", + "content": { + "application/json": { + "schema": { + "description": "Bulk add Governance Group members Response.", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "description": "Identifier of identity in bulk member add request.", + "type": "string", + "example": "464ae7bf791e49fdb74606a2e4a89635" + }, + "status": { + "description": "\nThe HTTP response status code returned for an individual member that is requested for addition during a bulk add operation.\n\n The HTTP response status code returned for an individual Governance Group is requested for deletion.\n\n\n> 201 - Identity is added into Governance Group members list.\n\n> 409 - Identity is already member of Governance Group.\n", + "type": "string", + "example": "201" + }, + "description": { + "description": "Human readable status description and containing additional context information about success or failures etc.\n", + "type": "string", + "example": "\n> Identity is added into Governance Group members list.\n\n> Unable to set Membership of Identity \"3244d5f2d04447498520f54c6789ae33\" to Governance Group \"f80bba83-98c4-4ec2-81c8-373c00e9663b\"; the relationship already exists.\n" + } + }, + "required": [ + "id", + "status" + ] + }, + "example": [ + { + "id": "464ae7bf791e49fdb74606a2e4a89635", + "status": "201", + "description": "Identity added to Governance Group members list." + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/workgroups/{workgroupId}/members/bulk-delete": { + "post": { + "operationId": "deleteWorkgroupMembers", + "security": [ + { + "UserContextAuth": [ + "idn:workgroup:write" + ] + } + ], + "tags": [ + "Governance Groups" + ], + "summary": "Remove members from Governance Group", + "description": "This API removes one or more members from a Governance Group. A token with API, ORG_ADMIN authority is required to call this API.\n\n> **Following field of Identity is an optional field in the request.**\n\n> **name**", + "parameters": [ + { + "name": "workgroupId", + "in": "path", + "description": "ID of the Governance Group.", + "required": true, + "schema": { + "type": "string", + "example": "2c91808a7813090a017814121919ecca" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "List of identities to be removed from a Governance Group members list.", + "required": true, + "content": { + "application/json": { + "schema": { + "description": "List of identities to be added or removed to a Governance Group members list.", + "type": "array", + "items": { + "type": "object", + "description": "Identity's basic details.", + "properties": { + "type": { + "type": "string", + "description": "Identity's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "2c7180a46faadee4016fb4e018c20642" + }, + "name": { + "type": "string", + "description": "Identity's display name.", + "example": "Michael Michaels" + } + } + }, + "example": [ + { + "type": "IDENTITY", + "id": "464ae7bf791e49fdb74606a2e4a89635", + "name": "Addie Smith" + } + ] + } + } + } + }, + "responses": { + "207": { + "description": "List of deleted and not deleted identities from Governance Group members list.", + "content": { + "application/json": { + "schema": { + "description": "Bulk add Governance Group members Response.", + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "description": "Identifier of identity in bulk member add /remove request.", + "type": "string", + "example": "464ae7bf791e49fdb74606a2e4a89635" + }, + "status": { + "description": "\nThe HTTP response status code returned for an individual member that is requested for deletion during a bulk delete operation.\n\n> 204 - Identity is removed from Governance Group members list.\n\n> 404 - Identity is not member of Governance Group.\n", + "type": "string", + "example": "204" + }, + "description": { + "description": "Human readable status description and containing additional context information about success or failures etc.\n", + "type": "string", + "example": "\n> Identity deleted from Governance Group members list.\n\n> Referenced Governance Group Member with Identity Id \"bc3a744678534eb78a8002ee2085df64\" was not found.\n" + } + }, + "required": [ + "id", + "status" + ] + }, + "example": [ + { + "id": "464ae7bf791e49fdb74606a2e4a89635", + "status": "204", + "description": "Identity deleted from Governance Group members list." + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/form-definitions": { + "get": { + "tags": [ + "Custom Forms" + ], + "summary": "Export form definitions by tenant.", + "description": "No parameters required.", + "operationId": "searchFormDefinitionsByTenant", + "parameters": [ + { + "name": "offset", + "in": "query", + "description": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "schema": { + "type": "integer", + "format": "int64", + "default": 0, + "x-go-name": "Offset" + }, + "example": 250, + "required": false, + "x-go-name": "Offset" + }, + { + "name": "limit", + "in": "query", + "description": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "schema": { + "type": "integer", + "format": "int64", + "maxLength": 250, + "minLength": 0, + "default": 250, + "x-go-name": "Limit" + }, + "example": 250, + "required": false, + "x-go-name": "Limit" + }, + { + "name": "filters", + "in": "query", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "schema": { + "type": "string", + "x-go-name": "Filters" + }, + "example": "name sw \"my form\"", + "required": false, + "x-go-name": "Filters" + }, + { + "name": "sorters", + "in": "query", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "schema": { + "type": "string", + "default": "name", + "x-go-name": "Sorters" + }, + "example": "name", + "required": false, + "x-go-name": "Sorters" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns a list of form definitions by tenant", + "content": { + "application/json": { + "schema": { + "properties": { + "count": { + "description": "Count number of results.", + "example": 1, + "format": "int64", + "type": "integer" + }, + "results": { + "description": "List of FormDefinitionResponse items.", + "items": { + "properties": { + "id": { + "description": "Unique guid identifying the form definition.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "name": { + "description": "Name of the form definition.", + "example": "My form", + "type": "string", + "x-go-name": "Name" + }, + "description": { + "description": "Form definition's description.", + "example": "My form description", + "type": "string", + "x-go-name": "Description" + }, + "owner": { + "properties": { + "type": { + "description": "FormOwnerType value.\nIDENTITY FormOwnerTypeIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormOwnerTypeIdentity", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the form's owner.", + "example": "2c9180867624cbd7017642d8c8c81f67", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the form's owner.", + "example": "Grant Smith", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "usedBy": { + "description": "List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.", + "items": { + "properties": { + "type": { + "description": "FormUsedByType value. \nWORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource\nMySailPoint FormUsedByType", + "enum": [ + "WORKFLOW", + "SOURCE", + "MySailPoint" + ], + "example": "WORKFLOW", + "type": "string", + "x-go-enum-desc": "WORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the system using the form.", + "example": "61940a92-5484-42bc-bc10-b9982b218cdf", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the system using the form.", + "example": "Access Request Form", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "UsedBy" + }, + "formInput": { + "description": "List of form inputs required to create a form-instance object.", + "items": { + "properties": { + "id": { + "description": "Unique identifier for the form input.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "FormDefinitionInputType value.\nSTRING FormDefinitionInputTypeString", + "enum": [ + "STRING" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING FormDefinitionInputTypeString", + "x-go-name": "Type" + }, + "label": { + "description": "Name for the form input.", + "example": "input1", + "type": "string", + "x-go-name": "Label" + }, + "description": { + "description": "Form input's description.", + "example": "A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic", + "type": "string", + "x-go-name": "Description" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormInput" + }, + "formElements": { + "description": "List of nested form elements.", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formConditions": { + "description": "Conditional logic that can dynamically modify the form as the recipient is interacting with it.", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "created": { + "description": "Created is the date the form definition was created", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "modified": { + "description": "Modified is the last date the form definition was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array" + } + }, + "type": "object" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ] + }, + "post": { + "tags": [ + "Custom Forms" + ], + "summary": "Creates a form definition.", + "operationId": "createFormDefinition", + "requestBody": { + "description": "Body is the request payload to create form definition request", + "content": { + "application/json": { + "schema": { + "properties": { + "description": { + "description": "Description is the form definition description", + "example": "My form description", + "maxLength": 2000, + "minLength": 0, + "type": "string", + "x-go-name": "Description" + }, + "formConditions": { + "description": "FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "formElements": { + "description": "FormElements is a list of nested form elements", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formInput": { + "description": "FormInput is a list of form inputs that are required when creating a form-instance object", + "items": { + "properties": { + "id": { + "description": "Unique identifier for the form input.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "FormDefinitionInputType value.\nSTRING FormDefinitionInputTypeString", + "enum": [ + "STRING" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING FormDefinitionInputTypeString", + "x-go-name": "Type" + }, + "label": { + "description": "Name for the form input.", + "example": "input1", + "type": "string", + "x-go-name": "Label" + }, + "description": { + "description": "Form input's description.", + "example": "A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic", + "type": "string", + "x-go-name": "Description" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormInput" + }, + "name": { + "description": "Name is the form definition name", + "example": "My form", + "maxLength": 255, + "type": "string", + "x-go-name": "Name" + }, + "owner": { + "properties": { + "type": { + "description": "FormOwnerType value.\nIDENTITY FormOwnerTypeIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormOwnerTypeIdentity", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the form's owner.", + "example": "2c9180867624cbd7017642d8c8c81f67", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the form's owner.", + "example": "Grant Smith", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "usedBy": { + "description": "UsedBy is a list of objects where when any system uses a particular form it reaches out to the form service to record it is currently being used", + "items": { + "properties": { + "type": { + "description": "FormUsedByType value. \nWORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource\nMySailPoint FormUsedByType", + "enum": [ + "WORKFLOW", + "SOURCE", + "MySailPoint" + ], + "example": "WORKFLOW", + "type": "string", + "x-go-enum-desc": "WORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the system using the form.", + "example": "61940a92-5484-42bc-bc10-b9982b218cdf", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the system using the form.", + "example": "Access Request Form", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "UsedBy" + } + }, + "required": [ + "name", + "owner" + ], + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "example": { + "name": "my form", + "description": "my form description", + "owner": { + "type": "IDENTITY", + "id": "00000000-0000-0000-0000-000000000000" + } + } + } + }, + "required": false + }, + "responses": { + "201": { + "description": "Returns a new form definition", + "content": { + "application/json": { + "schema": { + "properties": { + "id": { + "description": "Unique guid identifying the form definition.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "name": { + "description": "Name of the form definition.", + "example": "My form", + "type": "string", + "x-go-name": "Name" + }, + "description": { + "description": "Form definition's description.", + "example": "My form description", + "type": "string", + "x-go-name": "Description" + }, + "owner": { + "properties": { + "type": { + "description": "FormOwnerType value.\nIDENTITY FormOwnerTypeIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormOwnerTypeIdentity", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the form's owner.", + "example": "2c9180867624cbd7017642d8c8c81f67", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the form's owner.", + "example": "Grant Smith", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "usedBy": { + "description": "List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.", + "items": { + "properties": { + "type": { + "description": "FormUsedByType value. \nWORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource\nMySailPoint FormUsedByType", + "enum": [ + "WORKFLOW", + "SOURCE", + "MySailPoint" + ], + "example": "WORKFLOW", + "type": "string", + "x-go-enum-desc": "WORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the system using the form.", + "example": "61940a92-5484-42bc-bc10-b9982b218cdf", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the system using the form.", + "example": "Access Request Form", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "UsedBy" + }, + "formInput": { + "description": "List of form inputs required to create a form-instance object.", + "items": { + "properties": { + "id": { + "description": "Unique identifier for the form input.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "FormDefinitionInputType value.\nSTRING FormDefinitionInputTypeString", + "enum": [ + "STRING" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING FormDefinitionInputTypeString", + "x-go-name": "Type" + }, + "label": { + "description": "Name for the form input.", + "example": "input1", + "type": "string", + "x-go-name": "Label" + }, + "description": { + "description": "Form input's description.", + "example": "A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic", + "type": "string", + "x-go-name": "Description" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormInput" + }, + "formElements": { + "description": "List of nested form elements.", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formConditions": { + "description": "Conditional logic that can dynamically modify the form as the recipient is interacting with it.", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "created": { + "description": "Created is the date the form definition was created", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "modified": { + "description": "Modified is the last date the form definition was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "x-codegen-request-body-name": "Body", + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/form-definitions/{formDefinitionID}": { + "get": { + "tags": [ + "Custom Forms" + ], + "summary": "Return a form definition.", + "description": "Parameter `{formDefinitionID}` should match a form definition ID.", + "operationId": "getFormDefinitionByKey", + "parameters": [ + { + "name": "formDefinitionID", + "in": "path", + "description": "Form definition ID", + "required": true, + "schema": { + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "example": "00000000-0000-0000-0000-000000000000", + "x-go-name": "FormDefinitionID" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns a form definition", + "content": { + "application/json": { + "schema": { + "properties": { + "id": { + "description": "Unique guid identifying the form definition.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "name": { + "description": "Name of the form definition.", + "example": "My form", + "type": "string", + "x-go-name": "Name" + }, + "description": { + "description": "Form definition's description.", + "example": "My form description", + "type": "string", + "x-go-name": "Description" + }, + "owner": { + "properties": { + "type": { + "description": "FormOwnerType value.\nIDENTITY FormOwnerTypeIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormOwnerTypeIdentity", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the form's owner.", + "example": "2c9180867624cbd7017642d8c8c81f67", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the form's owner.", + "example": "Grant Smith", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "usedBy": { + "description": "List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.", + "items": { + "properties": { + "type": { + "description": "FormUsedByType value. \nWORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource\nMySailPoint FormUsedByType", + "enum": [ + "WORKFLOW", + "SOURCE", + "MySailPoint" + ], + "example": "WORKFLOW", + "type": "string", + "x-go-enum-desc": "WORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the system using the form.", + "example": "61940a92-5484-42bc-bc10-b9982b218cdf", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the system using the form.", + "example": "Access Request Form", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "UsedBy" + }, + "formInput": { + "description": "List of form inputs required to create a form-instance object.", + "items": { + "properties": { + "id": { + "description": "Unique identifier for the form input.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "FormDefinitionInputType value.\nSTRING FormDefinitionInputTypeString", + "enum": [ + "STRING" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING FormDefinitionInputTypeString", + "x-go-name": "Type" + }, + "label": { + "description": "Name for the form input.", + "example": "input1", + "type": "string", + "x-go-name": "Label" + }, + "description": { + "description": "Form input's description.", + "example": "A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic", + "type": "string", + "x-go-name": "Description" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormInput" + }, + "formElements": { + "description": "List of nested form elements.", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formConditions": { + "description": "Conditional logic that can dynamically modify the form as the recipient is interacting with it.", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "created": { + "description": "Created is the date the form definition was created", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "modified": { + "description": "Modified is the last date the form definition was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ] + }, + "delete": { + "tags": [ + "Custom Forms" + ], + "summary": "Deletes a form definition.", + "description": "Parameter `{formDefinitionID}` should match a form definition ID.", + "operationId": "deleteFormDefinition", + "parameters": [ + { + "name": "formDefinitionID", + "in": "path", + "description": "Form definition ID", + "required": true, + "schema": { + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "example": "00000000-0000-0000-0000-000000000000", + "x-go-name": "FormDefinitionID" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "204": { + "description": "Returns an empty body", + "content": { + "application/json": { + "schema": { + "title": "Nil represents the predeclared value nil.", + "type": "object", + "x-go-package": "go/types" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ] + }, + "patch": { + "tags": [ + "Custom Forms" + ], + "summary": "Patch a form definition.", + "description": "Parameter `{formDefinitionID}` should match a form definition ID.", + "operationId": "patchFormDefinition", + "parameters": [ + { + "name": "formDefinitionID", + "in": "path", + "description": "Form definition ID", + "required": true, + "schema": { + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "example": "00000000-0000-0000-0000-000000000000", + "x-go-name": "FormDefinitionID" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "Body is the request payload to patch a form definition, check: https://jsonpatch.com", + "content": { + "application/json": { + "schema": { + "title": "Patch is an ordered collection of Operations.", + "description": "Patch is an ordered collection of Operations.", + "type": "array", + "example": [ + { + "op": "replace", + "path": "/description", + "value": "a new description" + } + ], + "items": { + "title": "Operation is a single JSON-Patch step, such as a single 'add' operation.", + "type": "object", + "additionalProperties": { + "type": "object", + "properties": {} + }, + "x-go-package": "github.com/evanphx/json-patch" + }, + "x-go-package": "github.com/evanphx/json-patch" + }, + "example": [ + { + "op": "replace", + "path": "/description", + "value": "test-description" + } + ] + } + }, + "required": false + }, + "responses": { + "200": { + "description": "Returns the form definition updated", + "content": { + "application/json": { + "schema": { + "properties": { + "id": { + "description": "Unique guid identifying the form definition.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "name": { + "description": "Name of the form definition.", + "example": "My form", + "type": "string", + "x-go-name": "Name" + }, + "description": { + "description": "Form definition's description.", + "example": "My form description", + "type": "string", + "x-go-name": "Description" + }, + "owner": { + "properties": { + "type": { + "description": "FormOwnerType value.\nIDENTITY FormOwnerTypeIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormOwnerTypeIdentity", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the form's owner.", + "example": "2c9180867624cbd7017642d8c8c81f67", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the form's owner.", + "example": "Grant Smith", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "usedBy": { + "description": "List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.", + "items": { + "properties": { + "type": { + "description": "FormUsedByType value. \nWORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource\nMySailPoint FormUsedByType", + "enum": [ + "WORKFLOW", + "SOURCE", + "MySailPoint" + ], + "example": "WORKFLOW", + "type": "string", + "x-go-enum-desc": "WORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the system using the form.", + "example": "61940a92-5484-42bc-bc10-b9982b218cdf", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the system using the form.", + "example": "Access Request Form", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "UsedBy" + }, + "formInput": { + "description": "List of form inputs required to create a form-instance object.", + "items": { + "properties": { + "id": { + "description": "Unique identifier for the form input.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "FormDefinitionInputType value.\nSTRING FormDefinitionInputTypeString", + "enum": [ + "STRING" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING FormDefinitionInputTypeString", + "x-go-name": "Type" + }, + "label": { + "description": "Name for the form input.", + "example": "input1", + "type": "string", + "x-go-name": "Label" + }, + "description": { + "description": "Form input's description.", + "example": "A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic", + "type": "string", + "x-go-name": "Description" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormInput" + }, + "formElements": { + "description": "List of nested form elements.", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formConditions": { + "description": "Conditional logic that can dynamically modify the form as the recipient is interacting with it.", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "created": { + "description": "Created is the date the form definition was created", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "modified": { + "description": "Modified is the last date the form definition was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "x-codegen-request-body-name": "Body" + } + }, + "/form-definitions/{formDefinitionID}/data-source": { + "post": { + "tags": [ + "Custom Forms" + ], + "summary": "Preview form definition data source.", + "operationId": "showPreviewDataSource", + "parameters": [ + { + "name": "formDefinitionID", + "in": "path", + "description": "Form definition ID", + "required": true, + "schema": { + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "example": "00000000-0000-0000-0000-000000000000", + "x-go-name": "FormDefinitionID" + }, + { + "name": "limit", + "in": "query", + "description": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "schema": { + "type": "integer", + "format": "int64", + "maxLength": 250, + "minLength": 0, + "default": 10, + "x-go-name": "Limit" + }, + "example": 10, + "required": false, + "x-go-name": "Limit" + }, + { + "name": "filters", + "in": "query", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "schema": { + "type": "string", + "x-go-name": "Filters" + }, + "example": "value eq \"ID01\"", + "required": false, + "x-go-name": "Filters" + }, + { + "name": "query", + "in": "query", + "description": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "schema": { + "type": "string", + "x-go-name": "Query" + }, + "example": "ac", + "required": false, + "x-go-name": "Query" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "Body is the request payload to create a form definition dynamic schema", + "content": { + "application/json": { + "schema": { + "properties": { + "dataSource": { + "properties": { + "config": { + "properties": { + "aggregationBucketField": { + "description": "AggregationBucketField is the aggregation bucket field name", + "example": "attributes.cloudStatus.exact", + "type": "string", + "x-go-name": "AggregationBucketField" + }, + "indices": { + "description": "Indices is a list of indices to use", + "example": [ + "identities" + ], + "items": { + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "identities", + "events", + "roles", + "*" + ], + "type": "string", + "x-go-enum-desc": "accessprofiles SearchIndexAccessProfiles\naccountactivities SearchIndexAccountActivities\nentitlements SearchIndexEntitlements\nidentities SearchIndexIdentities\nevents SearchIndexEvents\nroles SearchIndexRoles\n* SearchIndexWildcard" + }, + "type": "array", + "x-go-name": "Indices" + }, + "objectType": { + "description": "ObjectType is a PreDefinedSelectOption value\nIDENTITY PreDefinedSelectOptionIdentity\nACCESS_PROFILE PreDefinedSelectOptionAccessProfile\nSOURCES PreDefinedSelectOptionSources\nROLE PreDefinedSelectOptionRole\nENTITLEMENT PreDefinedSelectOptionEntitlement", + "enum": [ + "IDENTITY", + "ACCESS_PROFILE", + "SOURCES", + "ROLE", + "ENTITLEMENT" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY PreDefinedSelectOptionIdentity\nACCESS_PROFILE PreDefinedSelectOptionAccessProfile\nSOURCES PreDefinedSelectOptionSources\nROLE PreDefinedSelectOptionRole\nENTITLEMENT PreDefinedSelectOptionEntitlement", + "x-go-name": "ObjectType" + }, + "query": { + "description": "Query is a text", + "example": "*", + "type": "string", + "x-go-name": "Query" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "dataSourceType": { + "description": "DataSourceType is a FormElementDataSourceType value\nSTATIC FormElementDataSourceTypeStatic\nINTERNAL FormElementDataSourceTypeInternal\nSEARCH FormElementDataSourceTypeSearch\nFORM_INPUT FormElementDataSourceTypeFormInput", + "enum": [ + "STATIC", + "INTERNAL", + "SEARCH", + "FORM_INPUT" + ], + "example": "STATIC", + "type": "string", + "x-go-enum-desc": "STATIC FormElementDataSourceTypeStatic\nINTERNAL FormElementDataSourceTypeInternal\nSEARCH FormElementDataSourceTypeSearch\nFORM_INPUT FormElementDataSourceTypeFormInput", + "x-go-name": "DataSourceType" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "required": false + }, + "responses": { + "200": { + "description": "Returns a preview of a form definition data source", + "content": { + "application/json": { + "schema": { + "description": "PreviewDataSourceResponse is the response sent by /form-definitions/{formDefinitionID}/data-source endpoint", + "properties": { + "results": { + "description": "Results holds a list of FormElementDataSourceConfigOptions items", + "example": "{\"results\":[{\"label\":\"Alfred 255e71dfc6e\",\"subLabel\":\"Alfred.255e71dfc6e@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2e16676\"},{\"label\":\"Alize eba9d4cd27da\",\"subLabel\":\"Alize.eba9d4cd27da@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2f1667c\"},{\"label\":\"Antonina 01f69c3ea\",\"subLabel\":\"Antonina.01f69c3ea@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2f9667e\"},{\"label\":\"Ardella 21e78ce155\",\"subLabel\":\"Ardella.21e78ce155@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2e6667a\"},{\"label\":\"Arnaldo d8582b6e17\",\"subLabel\":\"Arnaldo.d8582b6e17@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced3426686\"},{\"label\":\"Aurelia admin24828\",\"subLabel\":\"Aurelia.admin24828@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2e16674\"},{\"label\":\"Barbara 72ca418fdd\",\"subLabel\":\"Barbara.72ca418fdd@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2fb6680\"},{\"label\":\"Barbara ee1a2436ee\",\"subLabel\":\"Barbara.ee1a2436ee@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2e56678\"},{\"label\":\"Baylee 652d72432f3\",\"subLabel\":\"Baylee.652d72432f3@testmail.identitysoon.com\",\"value\":\"2c91808582184782018227ced28b6aee\"},{\"label\":\"Brock e76b56ae4d49\",\"subLabel\":\"Brock.e76b56ae4d49@testmail.identitysoon.com\",\"value\":\"2c91808582184782018227ced28b6aef\"}]}", + "items": { + "type": "object", + "properties": { + "label": { + "description": "Label is the main label to display to the user when selecting this option", + "type": "string", + "example": "regression-test-access-request-07c55dd6-3056-430a-86b5-fccc395bb6c5", + "x-go-name": "Label" + }, + "subLabel": { + "description": "SubLabel is the sub label to display below the label in diminutive styling to help describe or identify this option", + "type": "string", + "example": "", + "x-go-name": "SubLabel" + }, + "value": { + "description": "Value is the value to save as an entry when the user selects this option", + "type": "string", + "example": "e96674448eba4ca1ba04eee999a8f3cd", + "x-go-name": "Value" + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Results" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ] + } + }, + "/form-definitions/export": { + "get": { + "tags": [ + "Custom Forms" + ], + "summary": "List form definitions by tenant.", + "description": "No parameters required.", + "operationId": "exportFormDefinitionsByTenant", + "parameters": [ + { + "name": "offset", + "in": "query", + "description": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "schema": { + "type": "integer", + "format": "int64", + "default": 0, + "x-go-name": "Offset" + }, + "example": 0, + "required": false, + "x-go-name": "Offset" + }, + { + "name": "limit", + "in": "query", + "description": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "schema": { + "type": "integer", + "format": "int64", + "maxLength": 250, + "minLength": 0, + "default": 250, + "x-go-name": "Limit" + }, + "example": 250, + "required": false, + "x-go-name": "Limit" + }, + { + "name": "filters", + "in": "query", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "schema": { + "type": "string", + "x-go-name": "Filters" + }, + "example": "name sw \"my form\"", + "required": false, + "x-go-name": "Filters" + }, + { + "name": "sorters", + "in": "query", + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "schema": { + "type": "string", + "default": "name", + "x-go-name": "Sorters" + }, + "example": "name", + "required": false, + "x-go-name": "Sorters" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns a list of form definition objects by tenant used by SP-Config", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "object": { + "properties": { + "id": { + "description": "Unique guid identifying the form definition.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "name": { + "description": "Name of the form definition.", + "example": "My form", + "type": "string", + "x-go-name": "Name" + }, + "description": { + "description": "Form definition's description.", + "example": "My form description", + "type": "string", + "x-go-name": "Description" + }, + "owner": { + "properties": { + "type": { + "description": "FormOwnerType value.\nIDENTITY FormOwnerTypeIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormOwnerTypeIdentity", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the form's owner.", + "example": "2c9180867624cbd7017642d8c8c81f67", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the form's owner.", + "example": "Grant Smith", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "usedBy": { + "description": "List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.", + "items": { + "properties": { + "type": { + "description": "FormUsedByType value. \nWORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource\nMySailPoint FormUsedByType", + "enum": [ + "WORKFLOW", + "SOURCE", + "MySailPoint" + ], + "example": "WORKFLOW", + "type": "string", + "x-go-enum-desc": "WORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the system using the form.", + "example": "61940a92-5484-42bc-bc10-b9982b218cdf", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the system using the form.", + "example": "Access Request Form", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "UsedBy" + }, + "formInput": { + "description": "List of form inputs required to create a form-instance object.", + "items": { + "properties": { + "id": { + "description": "Unique identifier for the form input.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "FormDefinitionInputType value.\nSTRING FormDefinitionInputTypeString", + "enum": [ + "STRING" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING FormDefinitionInputTypeString", + "x-go-name": "Type" + }, + "label": { + "description": "Name for the form input.", + "example": "input1", + "type": "string", + "x-go-name": "Label" + }, + "description": { + "description": "Form input's description.", + "example": "A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic", + "type": "string", + "x-go-name": "Description" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormInput" + }, + "formElements": { + "description": "List of nested form elements.", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formConditions": { + "description": "Conditional logic that can dynamically modify the form as the recipient is interacting with it.", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "created": { + "description": "Created is the date the form definition was created", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "modified": { + "description": "Modified is the last date the form definition was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "self": { + "type": "string", + "x-go-name": "Self" + }, + "version": { + "type": "integer", + "format": "int8", + "x-go-name": "Version" + } + } + } + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ] + } + }, + "/form-definitions/forms-action-dynamic-schema": { + "post": { + "tags": [ + "Custom Forms" + ], + "summary": "Generate JSON Schema dynamically.", + "operationId": "createFormDefinitionDynamicSchema", + "requestBody": { + "description": "Body is the request payload to create a form definition dynamic schema", + "content": { + "application/json": { + "schema": { + "properties": { + "attributes": { + "properties": { + "formDefinitionId": { + "description": "FormDefinitionID is a unique guid identifying this form definition", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "FormDefinitionID" + } + }, + "type": "object", + "x-go-name": "Attributes" + }, + "description": { + "description": "Description is the form definition dynamic schema description text", + "example": "A description", + "type": "string", + "x-go-name": "Description" + }, + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is the form definition dynamic schema type", + "example": "action", + "type": "string", + "x-go-name": "Type" + }, + "versionNumber": { + "description": "VersionNumber is the form definition dynamic schema version number", + "example": 1, + "format": "int64", + "type": "integer", + "x-go-name": "VersionNumber" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "example": { + "id": "sp:forms", + "attributes": { + "formDefinitionId": "00000000-0000-0000-0000-000000000000" + }, + "description": "AnotherDescription", + "type": "action", + "versionNumber": 1 + } + } + }, + "required": false + }, + "responses": { + "200": { + "description": "Returns a form elements dynamic schema", + "content": { + "application/json": { + "schema": { + "properties": { + "outputSchema": { + "additionalProperties": {}, + "description": "OutputSchema holds a JSON schema generated dynamically", + "example": { + "outputSchema": { + "$schema": "https://json-schema.org/draft/2020-12/schema", + "additionalProperties": false, + "properties": { + "firstName": { + "title": "First Name", + "type": "string" + }, + "fullName": { + "title": "Full Name", + "type": "string" + }, + "lastName": { + "title": "Last Name", + "type": "string" + }, + "startDate": { + "format": "date-time", + "title": "Start Date", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object", + "x-go-name": "OutputSchema" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "x-codegen-request-body-name": "Body", + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/form-definitions/import": { + "post": { + "tags": [ + "Custom Forms" + ], + "summary": "Import form definitions from export.", + "operationId": "importFormDefinitions", + "requestBody": { + "description": "Body is the request payload to import form definitions", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "object": { + "properties": { + "id": { + "description": "Unique guid identifying the form definition.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "name": { + "description": "Name of the form definition.", + "example": "My form", + "type": "string", + "x-go-name": "Name" + }, + "description": { + "description": "Form definition's description.", + "example": "My form description", + "type": "string", + "x-go-name": "Description" + }, + "owner": { + "properties": { + "type": { + "description": "FormOwnerType value.\nIDENTITY FormOwnerTypeIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormOwnerTypeIdentity", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the form's owner.", + "example": "2c9180867624cbd7017642d8c8c81f67", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the form's owner.", + "example": "Grant Smith", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "usedBy": { + "description": "List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.", + "items": { + "properties": { + "type": { + "description": "FormUsedByType value. \nWORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource\nMySailPoint FormUsedByType", + "enum": [ + "WORKFLOW", + "SOURCE", + "MySailPoint" + ], + "example": "WORKFLOW", + "type": "string", + "x-go-enum-desc": "WORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the system using the form.", + "example": "61940a92-5484-42bc-bc10-b9982b218cdf", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the system using the form.", + "example": "Access Request Form", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "UsedBy" + }, + "formInput": { + "description": "List of form inputs required to create a form-instance object.", + "items": { + "properties": { + "id": { + "description": "Unique identifier for the form input.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "FormDefinitionInputType value.\nSTRING FormDefinitionInputTypeString", + "enum": [ + "STRING" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING FormDefinitionInputTypeString", + "x-go-name": "Type" + }, + "label": { + "description": "Name for the form input.", + "example": "input1", + "type": "string", + "x-go-name": "Label" + }, + "description": { + "description": "Form input's description.", + "example": "A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic", + "type": "string", + "x-go-name": "Description" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormInput" + }, + "formElements": { + "description": "List of nested form elements.", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formConditions": { + "description": "Conditional logic that can dynamically modify the form as the recipient is interacting with it.", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "created": { + "description": "Created is the date the form definition was created", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "modified": { + "description": "Modified is the last date the form definition was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "self": { + "type": "string", + "x-go-name": "Self" + }, + "version": { + "type": "integer", + "format": "int8", + "x-go-name": "Version" + } + } + } + }, + "example": [ + { + "version": 1, + "self": { + "name": "All fields not required", + "id": "05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa", + "type": "FORM_DEFINITION" + }, + "object": { + "id": "05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa", + "name": "All fields not required", + "description": "description", + "owner": { + "type": "IDENTITY", + "id": "3447d8ec2602455ab6f1e8408a0f0150" + }, + "usedBy": [ + { + "type": "WORKFLOW", + "id": "5008594c-dacc-4295-8fee-41df60477304" + }, + { + "type": "WORKFLOW", + "id": "97e75a75-c179-4fbc-a2da-b5fa4aaa8743" + } + ], + "formInput": [ + { + "type": "STRING", + "label": "input1", + "description": "A single dynamic scalar value (i.e. number, string, date, etc) that can be passed into the form for use in conditional logic" + } + ], + "formElements": [ + { + "id": "3069272797630701", + "elementType": "SECTION", + "config": { + "label": "First Section", + "formElements": [ + { + "id": "3069272797630700", + "elementType": "TEXT", + "key": "firstName", + "config": { + "label": "First Name" + } + }, + { + "id": "3498415402897539", + "elementType": "TEXT", + "key": "lastName", + "config": { + "label": "Last Name" + } + } + ] + } + } + ], + "formConditions": [ + { + "ruleOperator": "AND", + "rules": [ + { + "sourceType": "INPUT", + "source": "Department", + "operator": "EQ", + "valueType": "STRING", + "value": "Sales" + } + ], + "effects": [ + { + "effectType": "HIDE", + "config": { + "element": "2614088730489570" + } + } + ] + } + ], + "created": "2022-10-04T19:27:04.456Z", + "modified": "2022-11-16T20:45:02.172Z" + } + } + ] + } + }, + "required": false + }, + "responses": { + "202": { + "description": "Returns statuses of those form definition objects imported", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "errors": { + "type": "array", + "items": { + "type": "object", + "properties": { + "detail": { + "type": "object", + "additionalProperties": { + "type": "object" + }, + "x-go-name": "Detail" + }, + "key": { + "type": "string", + "x-go-name": "Key" + }, + "text": { + "type": "string", + "x-go-name": "Text" + } + } + }, + "x-go-name": "Errors" + }, + "importedObjects": { + "type": "array", + "items": { + "type": "object", + "properties": { + "object": { + "properties": { + "id": { + "description": "Unique guid identifying the form definition.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "name": { + "description": "Name of the form definition.", + "example": "My form", + "type": "string", + "x-go-name": "Name" + }, + "description": { + "description": "Form definition's description.", + "example": "My form description", + "type": "string", + "x-go-name": "Description" + }, + "owner": { + "properties": { + "type": { + "description": "FormOwnerType value.\nIDENTITY FormOwnerTypeIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormOwnerTypeIdentity", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the form's owner.", + "example": "2c9180867624cbd7017642d8c8c81f67", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the form's owner.", + "example": "Grant Smith", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "usedBy": { + "description": "List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.", + "items": { + "properties": { + "type": { + "description": "FormUsedByType value. \nWORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource\nMySailPoint FormUsedByType", + "enum": [ + "WORKFLOW", + "SOURCE", + "MySailPoint" + ], + "example": "WORKFLOW", + "type": "string", + "x-go-enum-desc": "WORKFLOW FormUsedByTypeWorkflow\nSOURCE FormUsedByTypeSource", + "x-go-name": "Type" + }, + "id": { + "description": "Unique identifier of the system using the form.", + "example": "61940a92-5484-42bc-bc10-b9982b218cdf", + "type": "string", + "x-go-name": "ID" + }, + "name": { + "description": "Name of the system using the form.", + "example": "Access Request Form", + "type": "string" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "UsedBy" + }, + "formInput": { + "description": "List of form inputs required to create a form-instance object.", + "items": { + "properties": { + "id": { + "description": "Unique identifier for the form input.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "FormDefinitionInputType value.\nSTRING FormDefinitionInputTypeString", + "enum": [ + "STRING" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING FormDefinitionInputTypeString", + "x-go-name": "Type" + }, + "label": { + "description": "Name for the form input.", + "example": "input1", + "type": "string", + "x-go-name": "Label" + }, + "description": { + "description": "Form input's description.", + "example": "A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic", + "type": "string", + "x-go-name": "Description" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormInput" + }, + "formElements": { + "description": "List of nested form elements.", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formConditions": { + "description": "Conditional logic that can dynamically modify the form as the recipient is interacting with it.", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "created": { + "description": "Created is the date the form definition was created", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "modified": { + "description": "Modified is the last date the form definition was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "self": { + "type": "string", + "x-go-name": "Self" + }, + "version": { + "type": "integer", + "format": "int8", + "x-go-name": "Version" + } + } + }, + "x-go-name": "ImportedObjects" + }, + "infos": { + "type": "array", + "items": { + "type": "object", + "properties": { + "detail": { + "type": "object", + "additionalProperties": { + "type": "object" + }, + "x-go-name": "Detail" + }, + "key": { + "type": "string", + "x-go-name": "Key" + }, + "text": { + "type": "string", + "x-go-name": "Text" + } + } + }, + "x-go-name": "Infos" + }, + "warnings": { + "type": "array", + "items": { + "type": "object", + "properties": { + "detail": { + "type": "object", + "additionalProperties": { + "type": "object" + }, + "x-go-name": "Detail" + }, + "key": { + "type": "string", + "x-go-name": "Key" + }, + "text": { + "type": "string", + "x-go-name": "Text" + } + } + }, + "x-go-name": "Warnings" + } + } + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "x-codegen-request-body-name": "Body", + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/form-definitions/{formDefinitionID}/upload": { + "post": { + "tags": [ + "Custom Forms" + ], + "summary": "Upload new form definition file.", + "description": "Parameter `{formDefinitionID}` should match a form definition ID.", + "operationId": "createFormDefinitionFileRequest", + "parameters": [ + { + "name": "formDefinitionID", + "in": "path", + "description": "FormDefinitionID\n\nString specifying FormDefinitionID", + "required": true, + "example": "00000000-0000-0000-0000-000000000000", + "schema": { + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "x-go-name": "FormDefinitionID" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "required": [ + "file" + ], + "properties": { + "file": { + "type": "string", + "description": "File specifying the multipart", + "format": "binary", + "x-go-name": "File" + } + } + }, + "encoding": { + "file": { + "contentType": "image/png, image/jpeg" + } + } + } + }, + "required": true + }, + "responses": { + "201": { + "description": "Returns a new form definition file", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "created": { + "type": "string", + "description": "Created is the date the file was uploaded", + "example": "2023-07-12T20:14:57.744Z", + "x-go-name": "Created" + }, + "fileId": { + "type": "string", + "description": "fileId is a unique ULID that serves as an identifier for the form definition file", + "example": "01FHZXHK8PTP9FVK99Z66GXQTX.png", + "x-go-name": "FileID" + }, + "formDefinitionId": { + "type": "string", + "description": "FormDefinitionID is a unique guid identifying this form definition", + "example": "00000000-0000-0000-0000-000000000000", + "x-go-name": "FormDefinitionID" + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/internal/rest/response" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "413": { + "description": "An error with payload size too large", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "415": { + "description": "An error with unsupported media type", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "503": { + "description": "An external service is not available", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "x-codegen-request-body-name": "Body" + } + }, + "/form-definitions/{formDefinitionID}/file/{fileID}": { + "get": { + "tags": [ + "Custom Forms" + ], + "summary": "Download definition file by fileId.", + "operationId": "getFileFromS3", + "parameters": [ + { + "name": "formDefinitionID", + "in": "path", + "description": "FormDefinitionID\n\nForm definition ID", + "required": true, + "example": "00000000-0000-0000-0000-000000000000", + "schema": { + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "x-go-name": "FormDefinitionID" + }, + { + "name": "fileID", + "in": "path", + "description": "FileID\n\nString specifying the hashed name of the uploaded file we are retrieving.", + "required": true, + "example": "00000031N0J7R2B57M8YG73J7M.png", + "schema": { + "type": "string", + "x-go-name": "FileID" + }, + "x-go-name": "FileID" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns a file that is referred to by fileID and associated with the formDefinitionID", + "content": { + "application/json": { + "schema": { + "type": "string", + "format": "binary" + } + }, + "image/jpeg": { + "schema": { + "type": "string", + "format": "binary" + } + }, + "image/png": { + "schema": { + "type": "string", + "format": "binary" + } + }, + "application/octet-stream": { + "schema": { + "type": "string", + "format": "binary" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "503": { + "description": "An external service is not available", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "x-codegen-request-body-name": "Body" + } + }, + "/form-instances": { + "get": { + "tags": [ + "Custom Forms" + ], + "summary": "List form instances by tenant.", + "description": "No parameters required.", + "operationId": "searchFormInstancesByTenant", + "responses": { + "200": { + "description": "Returns a list of form instances by tenant", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "count": { + "description": "Count number of Results", + "type": "integer", + "format": "int64", + "example": 1, + "x-go-name": "Count" + }, + "results": { + "description": "Results holds a list of FormInstanceResponse items", + "type": "array", + "items": { + "properties": { + "created": { + "description": "Created is the date the form instance was assigned", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "createdBy": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a form instance created by type enum value\nWORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "enum": [ + "WORKFLOW_EXECUTION", + "SOURCE" + ], + "example": "WORKFLOW_EXECUTION", + "type": "string", + "x-go-enum-desc": "WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "expire": { + "description": "Expire is the maximum amount of time that a form can be in progress. After this time is reached then the form will be moved to a CANCELED state automatically. The user will no longer be able to complete the submission. When a form instance is expires an audit log will be generated for that record", + "example": "2023-08-12T20:14:57.74486Z", + "type": "string", + "x-go-name": "Expire" + }, + "formConditions": { + "description": "FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "formData": { + "additionalProperties": {}, + "description": "FormData is the data provided by the form on submit. The data is in a key -> value map", + "example": { + "department": "Engineering" + }, + "type": "object", + "x-go-name": "FormData" + }, + "formDefinitionId": { + "description": "FormDefinitionID is the id of the form definition that created this form", + "example": "49841cb8-00a5-4fbd-9888-8bbb28d48331", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "formElements": { + "description": "FormElements is the configuration of the form, this would be a repeat of the fields from the form-config", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formErrors": { + "description": "FormErrors is an array of form validation errors from the last time the form instance was transitioned to the SUBMITTED state. If the form instance had validation errors then it would be moved to the IN PROGRESS state where the client can retrieve these errors", + "items": { + "properties": { + "key": { + "description": "Key is the technical key", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "messages": { + "description": "Messages is a list of web.ErrorMessage items", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "type": "array", + "x-go-name": "Messages" + }, + "value": { + "description": "Value is the value associated with a Key", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormErrors" + }, + "formInput": { + "additionalProperties": {}, + "nullable": true, + "description": "FormInput is an object of form input labels to value", + "example": { + "input1": "Sales" + }, + "type": "object", + "x-go-name": "FormInput" + }, + "id": { + "description": "Unique guid identifying this form instance", + "example": "06a2d961-07fa-44d1-8d0a-2f6470e30fd2", + "type": "string", + "x-go-name": "FormInstanceID" + }, + "modified": { + "description": "Modified is the last date the form instance was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + }, + "recipients": { + "description": "Recipients references to the recipient of a form. The recipients are those who are responsible for filling out a form and completing it", + "items": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a FormInstanceRecipientType value\nIDENTITY FormInstanceRecipientIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormInstanceRecipientIdentity", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Recipients" + }, + "standAloneForm": { + "default": false, + "description": "StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form", + "example": false, + "type": "boolean", + "x-go-name": "StandAloneForm" + }, + "standAloneFormUrl": { + "description": "StandAloneFormURL is the URL where this form may be completed by the designated recipients using the standalone form UI", + "example": "https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "StandAloneFormURL" + }, + "state": { + "description": "State the state of the form instance\nASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "enum": [ + "ASSIGNED", + "IN_PROGRESS", + "SUBMITTED", + "COMPLETED", + "CANCELLED" + ], + "example": "ASSIGNED", + "type": "string", + "x-go-enum-desc": "ASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "x-go-name": "State" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "x-go-name": "Results" + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "post": { + "tags": [ + "Custom Forms" + ], + "summary": "Creates a form instance.", + "operationId": "createFormInstance", + "requestBody": { + "description": "Body is the request payload to create a form instance", + "content": { + "application/json": { + "schema": { + "properties": { + "createdBy": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a form instance created by type enum value\nWORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "enum": [ + "WORKFLOW_EXECUTION", + "SOURCE" + ], + "example": "WORKFLOW_EXECUTION", + "type": "string", + "x-go-enum-desc": "WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "expire": { + "description": "Expire is required", + "example": "2023-08-12T20:14:57.74486Z", + "type": "string", + "x-go-name": "Expire" + }, + "formDefinitionId": { + "description": "FormDefinitionID is the id of the form definition that created this form", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "formInput": { + "additionalProperties": true, + "description": "FormInput is an object of form input labels to value", + "example": { + "input1": "Sales" + }, + "type": "object", + "x-go-name": "FormInput" + }, + "recipients": { + "description": "Recipients is required", + "items": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a FormInstanceRecipientType value\nIDENTITY FormInstanceRecipientIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormInstanceRecipientIdentity", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Recipients" + }, + "standAloneForm": { + "default": false, + "description": "StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form", + "example": false, + "type": "boolean", + "x-go-name": "StandAloneForm" + }, + "state": { + "description": "State is required, if not present initial state is FormInstanceStateAssigned\nASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "enum": [ + "ASSIGNED", + "IN_PROGRESS", + "SUBMITTED", + "COMPLETED", + "CANCELLED" + ], + "example": "ASSIGNED", + "type": "string", + "x-go-enum-desc": "ASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "x-go-name": "State" + }, + "ttl": { + "description": "TTL an epoch timestamp in seconds, it most be in seconds or dynamodb will ignore it\nSEE: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/time-to-live-ttl-before-you-start.html", + "example": 1571827560, + "format": "int64", + "type": "integer", + "x-go-name": "TTL" + } + }, + "required": [ + "expire", + "recipients", + "createdBy", + "formDefinitionId" + ], + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "example": { + "expire": "2023-06-20T15:57:55.332882Z", + "formDefinitionId": "00000000-0000-0000-0000-000000000000", + "recipients": [ + { + "type": "IDENTITY", + "id": "an-identity-id" + } + ], + "createdBy": { + "type": "WORKFLOW_EXECUTION", + "id": "a-workflow-execution-id" + } + } + } + }, + "required": false + }, + "responses": { + "201": { + "description": "Returns a new form instance", + "content": { + "application/json": { + "schema": { + "properties": { + "created": { + "description": "Created is the date the form instance was assigned", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "createdBy": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a form instance created by type enum value\nWORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "enum": [ + "WORKFLOW_EXECUTION", + "SOURCE" + ], + "example": "WORKFLOW_EXECUTION", + "type": "string", + "x-go-enum-desc": "WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "expire": { + "description": "Expire is the maximum amount of time that a form can be in progress. After this time is reached then the form will be moved to a CANCELED state automatically. The user will no longer be able to complete the submission. When a form instance is expires an audit log will be generated for that record", + "example": "2023-08-12T20:14:57.74486Z", + "type": "string", + "x-go-name": "Expire" + }, + "formConditions": { + "description": "FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "formData": { + "additionalProperties": {}, + "description": "FormData is the data provided by the form on submit. The data is in a key -> value map", + "example": { + "department": "Engineering" + }, + "type": "object", + "x-go-name": "FormData" + }, + "formDefinitionId": { + "description": "FormDefinitionID is the id of the form definition that created this form", + "example": "49841cb8-00a5-4fbd-9888-8bbb28d48331", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "formElements": { + "description": "FormElements is the configuration of the form, this would be a repeat of the fields from the form-config", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formErrors": { + "description": "FormErrors is an array of form validation errors from the last time the form instance was transitioned to the SUBMITTED state. If the form instance had validation errors then it would be moved to the IN PROGRESS state where the client can retrieve these errors", + "items": { + "properties": { + "key": { + "description": "Key is the technical key", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "messages": { + "description": "Messages is a list of web.ErrorMessage items", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "type": "array", + "x-go-name": "Messages" + }, + "value": { + "description": "Value is the value associated with a Key", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormErrors" + }, + "formInput": { + "additionalProperties": {}, + "nullable": true, + "description": "FormInput is an object of form input labels to value", + "example": { + "input1": "Sales" + }, + "type": "object", + "x-go-name": "FormInput" + }, + "id": { + "description": "Unique guid identifying this form instance", + "example": "06a2d961-07fa-44d1-8d0a-2f6470e30fd2", + "type": "string", + "x-go-name": "FormInstanceID" + }, + "modified": { + "description": "Modified is the last date the form instance was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + }, + "recipients": { + "description": "Recipients references to the recipient of a form. The recipients are those who are responsible for filling out a form and completing it", + "items": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a FormInstanceRecipientType value\nIDENTITY FormInstanceRecipientIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormInstanceRecipientIdentity", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Recipients" + }, + "standAloneForm": { + "default": false, + "description": "StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form", + "example": false, + "type": "boolean", + "x-go-name": "StandAloneForm" + }, + "standAloneFormUrl": { + "description": "StandAloneFormURL is the URL where this form may be completed by the designated recipients using the standalone form UI", + "example": "https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "StandAloneFormURL" + }, + "state": { + "description": "State the state of the form instance\nASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "enum": [ + "ASSIGNED", + "IN_PROGRESS", + "SUBMITTED", + "COMPLETED", + "CANCELLED" + ], + "example": "ASSIGNED", + "type": "string", + "x-go-enum-desc": "ASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "x-go-name": "State" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "x-codegen-request-body-name": "Body", + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/form-instances/{formInstanceID}": { + "get": { + "tags": [ + "Custom Forms" + ], + "summary": "Returns a form instance.", + "description": "Parameter `{formInstanceID}` should match a form instance ID.", + "operationId": "getFormInstanceByKey", + "parameters": [ + { + "name": "formInstanceID", + "in": "path", + "description": "Form instance ID", + "required": true, + "schema": { + "type": "string", + "x-go-name": "FormInstanceID" + }, + "example": "00000000-0000-0000-0000-000000000000", + "x-go-name": "FormInstanceID" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns a form instance by its key", + "content": { + "application/json": { + "schema": { + "properties": { + "created": { + "description": "Created is the date the form instance was assigned", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "createdBy": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a form instance created by type enum value\nWORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "enum": [ + "WORKFLOW_EXECUTION", + "SOURCE" + ], + "example": "WORKFLOW_EXECUTION", + "type": "string", + "x-go-enum-desc": "WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "expire": { + "description": "Expire is the maximum amount of time that a form can be in progress. After this time is reached then the form will be moved to a CANCELED state automatically. The user will no longer be able to complete the submission. When a form instance is expires an audit log will be generated for that record", + "example": "2023-08-12T20:14:57.74486Z", + "type": "string", + "x-go-name": "Expire" + }, + "formConditions": { + "description": "FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "formData": { + "additionalProperties": {}, + "description": "FormData is the data provided by the form on submit. The data is in a key -> value map", + "example": { + "department": "Engineering" + }, + "type": "object", + "x-go-name": "FormData" + }, + "formDefinitionId": { + "description": "FormDefinitionID is the id of the form definition that created this form", + "example": "49841cb8-00a5-4fbd-9888-8bbb28d48331", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "formElements": { + "description": "FormElements is the configuration of the form, this would be a repeat of the fields from the form-config", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formErrors": { + "description": "FormErrors is an array of form validation errors from the last time the form instance was transitioned to the SUBMITTED state. If the form instance had validation errors then it would be moved to the IN PROGRESS state where the client can retrieve these errors", + "items": { + "properties": { + "key": { + "description": "Key is the technical key", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "messages": { + "description": "Messages is a list of web.ErrorMessage items", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "type": "array", + "x-go-name": "Messages" + }, + "value": { + "description": "Value is the value associated with a Key", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormErrors" + }, + "formInput": { + "additionalProperties": {}, + "nullable": true, + "description": "FormInput is an object of form input labels to value", + "example": { + "input1": "Sales" + }, + "type": "object", + "x-go-name": "FormInput" + }, + "id": { + "description": "Unique guid identifying this form instance", + "example": "06a2d961-07fa-44d1-8d0a-2f6470e30fd2", + "type": "string", + "x-go-name": "FormInstanceID" + }, + "modified": { + "description": "Modified is the last date the form instance was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + }, + "recipients": { + "description": "Recipients references to the recipient of a form. The recipients are those who are responsible for filling out a form and completing it", + "items": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a FormInstanceRecipientType value\nIDENTITY FormInstanceRecipientIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormInstanceRecipientIdentity", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Recipients" + }, + "standAloneForm": { + "default": false, + "description": "StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form", + "example": false, + "type": "boolean", + "x-go-name": "StandAloneForm" + }, + "standAloneFormUrl": { + "description": "StandAloneFormURL is the URL where this form may be completed by the designated recipients using the standalone form UI", + "example": "https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "StandAloneFormURL" + }, + "state": { + "description": "State the state of the form instance\nASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "enum": [ + "ASSIGNED", + "IN_PROGRESS", + "SUBMITTED", + "COMPLETED", + "CANCELLED" + ], + "example": "ASSIGNED", + "type": "string", + "x-go-enum-desc": "ASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "x-go-name": "State" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [] + } + ] + }, + "patch": { + "tags": [ + "Custom Forms" + ], + "summary": "Patch a form instance.", + "description": "Parameter `{formInstanceID}` should match a form instance ID.", + "operationId": "patchFormInstance", + "parameters": [ + { + "name": "formInstanceID", + "in": "path", + "description": "Form instance ID", + "required": true, + "schema": { + "type": "string", + "x-go-name": "FormInstanceID" + }, + "example": "00000000-0000-0000-0000-000000000000", + "x-go-name": "FormInstanceID" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "Body is the request payload to patch a form instance, check: https://jsonpatch.com", + "content": { + "application/json": { + "schema": { + "title": "Patch is an ordered collection of Operations.", + "description": "Patch is an ordered collection of Operations.", + "type": "array", + "example": [ + { + "op": "replace", + "path": "/description", + "value": "a new description" + } + ], + "items": { + "title": "Operation is a single JSON-Patch step, such as a single 'add' operation.", + "type": "object", + "additionalProperties": { + "type": "object", + "properties": {} + }, + "x-go-package": "github.com/evanphx/json-patch" + }, + "x-go-package": "github.com/evanphx/json-patch" + }, + "example": [ + { + "op": "replace", + "path": "/state", + "value": "SUBMITTED" + }, + { + "op": "replace", + "path": "/formData", + "value": { + "a-key-1": "a-value-1", + "a-key-2": true, + "a-key-3": 1 + } + } + ] + } + }, + "required": false + }, + "responses": { + "200": { + "description": "Returns the form instance updated", + "content": { + "application/json": { + "schema": { + "properties": { + "created": { + "description": "Created is the date the form instance was assigned", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Created" + }, + "createdBy": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a form instance created by type enum value\nWORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "enum": [ + "WORKFLOW_EXECUTION", + "SOURCE" + ], + "example": "WORKFLOW_EXECUTION", + "type": "string", + "x-go-enum-desc": "WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution\nSOURCE FormInstanceCreatedByTypeSource", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "expire": { + "description": "Expire is the maximum amount of time that a form can be in progress. After this time is reached then the form will be moved to a CANCELED state automatically. The user will no longer be able to complete the submission. When a form instance is expires an audit log will be generated for that record", + "example": "2023-08-12T20:14:57.74486Z", + "type": "string", + "x-go-name": "Expire" + }, + "formConditions": { + "description": "FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form", + "items": { + "description": "Represent a form conditional.", + "properties": { + "ruleOperator": { + "description": "ConditionRuleLogicalOperatorType value.\nAND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "enum": [ + "AND", + "OR" + ], + "example": "AND", + "type": "string", + "x-go-enum-desc": "AND ConditionRuleLogicalOperatorTypeAnd\nOR ConditionRuleLogicalOperatorTypeOr", + "x-go-name": "RuleOperator" + }, + "rules": { + "description": "List of rules.", + "items": { + "properties": { + "sourceType": { + "description": "Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key).\nINPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "enum": [ + "INPUT", + "ELEMENT" + ], + "example": "ELEMENT", + "type": "string", + "x-go-enum-desc": "INPUT ConditionRuleSourceTypeInput\nELEMENT ConditionRuleSourceTypeElement", + "x-go-name": "SourceType" + }, + "source": { + "description": "Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement,\nthe source is the name of a technical key of an element to retrieve its value.", + "example": "department", + "type": "string", + "x-go-name": "Source" + }, + "operator": { + "description": "ConditionRuleComparisonOperatorType value.\nEQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "enum": [ + "EQ", + "NE", + "CO", + "NOT_CO", + "IN", + "NOT_IN", + "EM", + "NOT_EM", + "SW", + "NOT_SW", + "EW", + "NOT_EW" + ], + "example": "EQ", + "type": "string", + "x-go-enum-desc": "EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality.\nNE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality.\nCO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value.\nNOT_CO ConditionRuleComparisonOperatorTypeNotContains\nIN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values.\nNOT_IN ConditionRuleComparisonOperatorTypeNotIncludes\nEM ConditionRuleComparisonOperatorTypeEmpty\nNOT_EM ConditionRuleComparisonOperatorTypeNotEmpty\nSW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive.\nNOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith\nEW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive.\nNOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith", + "x-go-name": "Operator" + }, + "valueType": { + "description": "ConditionRuleValueType type.\nSTRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "enum": [ + "STRING", + "STRING_LIST", + "INPUT", + "ELEMENT", + "LIST", + "BOOLEAN" + ], + "example": "STRING", + "type": "string", + "x-go-enum-desc": "STRING ConditionRuleValueTypeString This value is a static string.\nSTRING_LIST ConditionRuleValueTypeStringList This value is an array of string values.\nINPUT ConditionRuleValueTypeInput This value is a reference to a form input.\nELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key).\nLIST ConditionRuleValueTypeList\nBOOLEAN ConditionRuleValueTypeBoolean", + "x-go-name": "ValueType" + }, + "value": { + "description": "Based on the ValueType.", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Rules" + }, + "effects": { + "description": "List of effects.", + "items": { + "description": "Effect produced by a condition.", + "properties": { + "effectType": { + "description": "Type of effect to perform when the conditions are evaluated for this logic block.\nHIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "enum": [ + "HIDE", + "SHOW", + "DISABLE", + "ENABLE", + "REQUIRE", + "OPTIONAL", + "SUBMIT_MESSAGE", + "SUBMIT_NOTIFICATION", + "SET_DEFAULT_VALUE" + ], + "example": "HIDE", + "type": "string", + "x-go-enum-desc": "HIDE ConditionEffectTypeHide Disables validations.\nSHOW ConditionEffectTypeShow Enables validations.\nDISABLE ConditionEffectTypeDisable Disables validations.\nENABLE ConditionEffectTypeEnable Enables validations.\nREQUIRE ConditionEffectTypeRequire\nOPTIONAL ConditionEffectTypeOptional\nSUBMIT_MESSAGE ConditionEffectTypeSubmitMessage\nSUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification\nSET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose.", + "x-go-name": "EffectType" + }, + "config": { + "description": "Arbitrary map containing a configuration based on the EffectType.", + "type": "object", + "properties": { + "defaultValueLabel": { + "type": "string", + "description": "Effect type's label.", + "example": "Access to Remove" + }, + "element": { + "type": "string", + "description": "Element's identifier.", + "example": 8110662963316867 + } + }, + "x-go-name": "Config" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Effects" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormConditions" + }, + "formData": { + "additionalProperties": {}, + "description": "FormData is the data provided by the form on submit. The data is in a key -> value map", + "example": { + "department": "Engineering" + }, + "type": "object", + "x-go-name": "FormData" + }, + "formDefinitionId": { + "description": "FormDefinitionID is the id of the form definition that created this form", + "example": "49841cb8-00a5-4fbd-9888-8bbb28d48331", + "type": "string", + "x-go-name": "FormDefinitionID" + }, + "formElements": { + "description": "FormElements is the configuration of the form, this would be a repeat of the fields from the form-config", + "items": { + "properties": { + "id": { + "description": "Form element identifier.", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "elementType": { + "description": "FormElementType value. \nTEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMN_SET FormElementTypeColumns\nIMAGE FormElementTypeImage\nDESCRIPTION FormElementTypeDescription", + "enum": [ + "TEXT", + "TOGGLE", + "TEXTAREA", + "HIDDEN", + "PHONE", + "EMAIL", + "SELECT", + "DATE", + "SECTION", + "COLUMN_SET", + "IMAGE", + "DESCRIPTION" + ], + "example": "TEXT", + "type": "string", + "x-go-name": "ElementType" + }, + "config": { + "additionalProperties": {}, + "description": "Config object.", + "example": { + "label": "Department" + }, + "type": "object", + "x-go-name": "Config", + "x-go-enum-desc": "TEXT FormElementTypeText\nTOGGLE FormElementTypeToggle\nTEXTAREA FormElementTypeTextArea\nHIDDEN FormElementTypeHidden\nPHONE FormElementTypePhone\nEMAIL FormElementTypeEmail\nSELECT FormElementTypeSelect\nDATE FormElementTypeDate\nSECTION FormElementTypeSection\nCOLUMNS FormElementTypeColumns" + }, + "key": { + "description": "Technical key.", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "validations": { + "nullable": true, + "type": "array", + "items": { + "description": "Set of FormElementValidation items.", + "example": [ + { + "validationType": "REQUIRED" + } + ], + "type": "object", + "properties": { + "validationType": { + "type": "string", + "enum": [ + "REQUIRED", + "MIN_LENGTH", + "MAX_LENGTH", + "REGEX", + "DATE", + "MAX_DATE", + "MIN_DATE", + "LESS_THAN_DATE", + "PHONE", + "EMAIL", + "DATA_SOURCE", + "TEXTAREA" + ] + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormElements" + }, + "formErrors": { + "description": "FormErrors is an array of form validation errors from the last time the form instance was transitioned to the SUBMITTED state. If the form instance had validation errors then it would be moved to the IN PROGRESS state where the client can retrieve these errors", + "items": { + "properties": { + "key": { + "description": "Key is the technical key", + "example": "department", + "type": "string", + "x-go-name": "Key" + }, + "messages": { + "description": "Messages is a list of web.ErrorMessage items", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "type": "array", + "x-go-name": "Messages" + }, + "value": { + "description": "Value is the value associated with a Key", + "example": "Engineering", + "x-go-name": "Value" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "FormErrors" + }, + "formInput": { + "additionalProperties": {}, + "nullable": true, + "description": "FormInput is an object of form input labels to value", + "example": { + "input1": "Sales" + }, + "type": "object", + "x-go-name": "FormInput" + }, + "id": { + "description": "Unique guid identifying this form instance", + "example": "06a2d961-07fa-44d1-8d0a-2f6470e30fd2", + "type": "string", + "x-go-name": "FormInstanceID" + }, + "modified": { + "description": "Modified is the last date the form instance was modified", + "example": "2023-07-12T20:14:57.74486Z", + "format": "date-time", + "type": "string", + "x-go-name": "Modified" + }, + "recipients": { + "description": "Recipients references to the recipient of a form. The recipients are those who are responsible for filling out a form and completing it", + "items": { + "properties": { + "id": { + "description": "ID is a unique identifier", + "example": "00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "ID" + }, + "type": { + "description": "Type is a FormInstanceRecipientType value\nIDENTITY FormInstanceRecipientIdentity", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "type": "string", + "x-go-enum-desc": "IDENTITY FormInstanceRecipientIdentity", + "x-go-name": "Type" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Recipients" + }, + "standAloneForm": { + "default": false, + "description": "StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form", + "example": false, + "type": "boolean", + "x-go-name": "StandAloneForm" + }, + "standAloneFormUrl": { + "description": "StandAloneFormURL is the URL where this form may be completed by the designated recipients using the standalone form UI", + "example": "https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000", + "type": "string", + "x-go-name": "StandAloneFormURL" + }, + "state": { + "description": "State the state of the form instance\nASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "enum": [ + "ASSIGNED", + "IN_PROGRESS", + "SUBMITTED", + "COMPLETED", + "CANCELLED" + ], + "example": "ASSIGNED", + "type": "string", + "x-go-enum-desc": "ASSIGNED FormInstanceStateAssigned\nIN_PROGRESS FormInstanceStateInProgress\nSUBMITTED FormInstanceStateSubmitted\nCOMPLETED FormInstanceStateCompleted\nCANCELLED FormInstanceStateCancelled", + "x-go-name": "State" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "409": { + "description": "An error with the request property conflicts with stored", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [] + } + ], + "x-codegen-request-body-name": "Body" + } + }, + "/form-instances/{formInstanceID}/data-source/{formElementID}": { + "get": { + "tags": [ + "Custom Forms" + ], + "summary": "Retrieves dynamic data by element.", + "description": "Parameter `{formInstanceID}` should match a form instance ID.\nParameter `{formElementID}` should match a form element ID at the data source configuration.", + "operationId": "searchFormElementDataByElementID", + "parameters": [ + { + "name": "formInstanceID", + "in": "path", + "description": "Form instance ID", + "required": true, + "schema": { + "type": "string", + "x-go-name": "FormInstanceID" + }, + "example": "00000000-0000-0000-0000-000000000000", + "x-go-name": "FormInstanceID" + }, + { + "name": "formElementID", + "in": "path", + "description": "Form element ID", + "required": true, + "schema": { + "type": "string", + "x-go-name": "FormElementID" + }, + "example": 1, + "x-go-name": "FormElementID" + }, + { + "name": "limit", + "in": "query", + "description": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "schema": { + "type": "integer", + "format": "int64", + "maxLength": 250, + "minLength": 0, + "default": 250, + "x-go-name": "Limit" + }, + "example": 250, + "required": false, + "x-go-name": "Limit" + }, + { + "name": "filters", + "in": "query", + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "schema": { + "type": "string", + "x-go-name": "Filters" + }, + "example": "value eq \"ID01\"", + "required": false, + "x-go-name": "Filters" + }, + { + "name": "query", + "in": "query", + "description": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "schema": { + "type": "string", + "x-go-name": "Query" + }, + "example": "support", + "required": false, + "x-go-name": "Query" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Retrieves dynamic data to aid in correctly completing a valid form by form element ID from data source configuration", + "content": { + "application/json": { + "schema": { + "properties": { + "results": { + "description": "Results holds a list of FormElementDataSourceConfigOptions items", + "example": "{\"results\":[{\"label\":\"Alfred 255e71dfc6e\",\"subLabel\":\"Alfred.255e71dfc6e@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2e16676\"},{\"label\":\"Alize eba9d4cd27da\",\"subLabel\":\"Alize.eba9d4cd27da@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2f1667c\"},{\"label\":\"Antonina 01f69c3ea\",\"subLabel\":\"Antonina.01f69c3ea@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2f9667e\"},{\"label\":\"Ardella 21e78ce155\",\"subLabel\":\"Ardella.21e78ce155@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2e6667a\"},{\"label\":\"Arnaldo d8582b6e17\",\"subLabel\":\"Arnaldo.d8582b6e17@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced3426686\"},{\"label\":\"Aurelia admin24828\",\"subLabel\":\"Aurelia.admin24828@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2e16674\"},{\"label\":\"Barbara 72ca418fdd\",\"subLabel\":\"Barbara.72ca418fdd@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2fb6680\"},{\"label\":\"Barbara ee1a2436ee\",\"subLabel\":\"Barbara.ee1a2436ee@testmail.identitysoon.com\",\"value\":\"2c918084821847c5018227ced2e56678\"},{\"label\":\"Baylee 652d72432f3\",\"subLabel\":\"Baylee.652d72432f3@testmail.identitysoon.com\",\"value\":\"2c91808582184782018227ced28b6aee\"},{\"label\":\"Brock e76b56ae4d49\",\"subLabel\":\"Brock.e76b56ae4d49@testmail.identitysoon.com\",\"value\":\"2c91808582184782018227ced28b6aef\"}]}", + "items": { + "type": "object", + "properties": { + "label": { + "description": "Label is the main label to display to the user when selecting this option", + "type": "string", + "example": "regression-test-access-request-07c55dd6-3056-430a-86b5-fccc395bb6c5", + "x-go-name": "Label" + }, + "subLabel": { + "description": "SubLabel is the sub label to display below the label in diminutive styling to help describe or identify this option", + "type": "string", + "example": "", + "x-go-name": "SubLabel" + }, + "value": { + "description": "Value is the value to save as an entry when the user selects this option", + "type": "string", + "example": "e96674448eba4ca1ba04eee999a8f3cd", + "x-go-name": "Value" + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "type": "array", + "x-go-name": "Results" + } + }, + "type": "object", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [] + } + ] + } + }, + "/form-instances/{formInstanceID}/file/{fileID}": { + "get": { + "tags": [ + "Custom Forms" + ], + "summary": "Download instance file by fileId.", + "operationId": "getFormInstanceFile", + "parameters": [ + { + "name": "formInstanceID", + "in": "path", + "description": "FormInstanceID\n\nForm instance ID", + "required": true, + "example": "00000000-0000-0000-0000-000000000000", + "schema": { + "type": "string", + "x-go-name": "FormInstanceID" + }, + "x-go-name": "FormInstanceID" + }, + { + "name": "fileID", + "in": "path", + "description": "FileID\n\nString specifying the hashed name of the uploaded file we are retrieving.", + "required": true, + "example": "00000031N0J7R2B57M8YG73J7M.png", + "schema": { + "type": "string", + "x-go-name": "FileID" + }, + "x-go-name": "FileID" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Returns a file that is referred to by fileID and associated with the formInstanceID", + "content": { + "application/json": { + "schema": { + "type": "string", + "format": "binary" + } + }, + "image/jpeg": { + "schema": { + "type": "string", + "format": "binary" + } + }, + "image/png": { + "schema": { + "type": "string", + "format": "binary" + } + }, + "application/octet-stream": { + "schema": { + "type": "string", + "format": "binary" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "404": { + "description": "An error with the item not found", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "503": { + "description": "An external service is not available", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/jpeg": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "image/png": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + }, + "application/octet-stream": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "x-codegen-request-body-name": "Body" + } + }, + "/form-definitions/predefined-select-options": { + "get": { + "tags": [ + "Custom Forms" + ], + "summary": "List predefined select options.", + "description": "No parameters required.", + "operationId": "searchPreDefinedSelectOptions", + "responses": { + "200": { + "description": "Returns a list of available predefined select options", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "results": { + "description": "Results holds a list of PreDefinedSelectOption items", + "type": "array", + "items": { + "type": "string", + "description": "PreDefinedSelectOption pre-defined select options", + "example": "IDENTITY", + "x-go-package": "github.com/sailpoint/sp-forms/domain" + }, + "x-go-name": "Results" + } + }, + "x-go-package": "github.com/sailpoint/sp-forms/domain" + } + } + } + }, + "400": { + "description": "An error with the request occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "401": { + "description": "An error with the authorization occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "403": { + "description": "An error with the user permissions occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + }, + "429": { + "description": "Too many requests", + "content": { + "application/json": { + "schema": { + "title": "Error is the standard API error response type.", + "type": "object", + "properties": { + "detailCode": { + "description": "DetailCode is the text of the status code returned", + "example": "Internal Server Error", + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "trackingId": { + "description": "TrackingID is the request tracking unique identifier", + "example": "9cd03ef80e6a425eb6b11bdbb057cdb4", + "type": "string", + "x-go-name": "TrackingID" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + } + } + } + }, + "500": { + "description": "An internal server error occurred", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "x-go-name": "DetailCode" + }, + "messages": { + "type": "array", + "items": { + "title": "ErrorMessage is the standard API error response message type.", + "type": "object", + "properties": { + "locale": { + "description": "Locale is the current Locale", + "example": "en-US", + "type": "string", + "x-go-name": "Locale" + }, + "localeOrigin": { + "description": "LocaleOrigin holds possible values of how the locale was selected", + "example": "DEFAULT", + "type": "string", + "x-go-name": "LocaleOrigin" + }, + "text": { + "description": "Text is the actual text of the error message", + "example": "This is an error", + "type": "string", + "x-go-name": "Text" + } + }, + "x-go-package": "github.com/sailpoint/atlas-go/atlas/web" + }, + "x-go-name": "Messages" + }, + "statusCode": { + "type": "integer", + "format": "int64", + "x-go-name": "StatusCode" + }, + "trackingId": { + "type": "string", + "x-go-name": "TrackingID" + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "sp:forms:manage" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/access-request-identity-metrics/{identityId}/requested-objects/{requestedObjectId}/type/{type}": { + "get": { + "tags": [ + "Access Request Identity Metrics" + ], + "summary": "Return access request identity metrics", + "description": "Use this API to return information access metrics.", + "operationId": "getAccessRequestIdentityMetrics", + "parameters": [ + { + "name": "identityId", + "in": "path", + "description": "Manager's identity ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "7025c863-c270-4ba6-beea-edf3cb091573" + }, + { + "name": "requestedObjectId", + "in": "path", + "description": "Requested access item's ID.", + "required": true, + "schema": { + "type": "string" + }, + "example": "2db501be-f0fb-4cc5-a695-334133c52891" + }, + { + "name": "type", + "in": "path", + "description": "Requested access item's type.", + "required": true, + "schema": { + "type": "string", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the access item to retrieve the recommendation for.", + "example": "2c938083633d259901633d2623ec0375" + }, + "type": { + "type": "string", + "example": "ENTITLEMENT", + "description": "Access item's type.", + "enum": [ + "ENTITLEMENT", + "ACCESS_PROFILE", + "ROLE" + ] + } + } + } + }, + "example": "ENTITLEMENT" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "security": [ + { + "UserContextAuth": [ + "idn:access-request-approvals:read" + ] + } + ], + "responses": { + "200": { + "description": "Summary of the resource access and source activity for the direct reports of the provided manager.", + "content": { + "application/json": { + "schema": { + "type": "object", + "items": { + "type": "object", + "properties": { + "identitiesWithAccess": { + "type": "integer", + "format": "int64", + "nullable": true, + "description": "A count of the provided manager's direct reports that have already been granted the access item in question.", + "example": 8 + }, + "identitiesWithActivity": { + "type": "integer", + "format": "int64", + "nullable": true, + "description": "A count of the provided manager's direct reports that have activity within the associated source.", + "example": 5 + }, + "totalIdentities": { + "type": "integer", + "format": "int64", + "nullable": true, + "description": "Total number of identities who share a manager with the identity requesting access.", + "example": 10 + }, + "squadAvailable": { + "type": "boolean", + "default": false, + "description": "True if the manager's ID can be found. False if the manager's ID cannot be found.", + "example": true + }, + "validActivityObject": { + "type": "boolean", + "default": false, + "description": "True if the requested access item is associated with a single Activity Data Insights connector source. False if the requested access item type is a role. If it's a role, it matches to multiple sources, so a single relevant source can't be determined for activity metrics.", + "example": true + }, + "activitySourceConfigured": { + "type": "boolean", + "default": false, + "description": "True if the Activity Data Insights connector is configured for the source associated with the requested access item. False if the matching Activity Data Insights connector is not configured.", + "example": true + }, + "requestedObjectActive": { + "type": "boolean", + "default": false, + "description": "True if the requested access item exists and is available. False if the requested access item is either missing or deleted.", + "example": true + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/icons/{objectType}/{objectId}": { + "put": { + "operationId": "setIcon", + "tags": [ + "Icons" + ], + "summary": "Update an icon", + "description": "This API endpoint updates an icon by object type and object id. A token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "objectType", + "schema": { + "type": "string" + }, + "required": true, + "description": "Object type. Available options ['application']", + "example": "application" + }, + { + "in": "path", + "name": "objectId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Object id.", + "example": "a291e870-48c3-4953-b656-fb5ce2a93169" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "required": [ + "image" + ], + "properties": { + "image": { + "type": "string", + "format": "binary", + "description": "file with icon. Allowed mime-types ['image/png', 'image/jpeg']", + "example": "\\x00\\x00\\x00\\x02" + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:icons:manage" + ] + } + ], + "responses": { + "200": { + "description": "Icon updated", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "icon": { + "type": "string", + "description": "url to file with icon", + "example": "" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "operationId": "deleteIcon", + "tags": [ + "Icons" + ], + "summary": "Delete an icon", + "description": "This API endpoint delete an icon by object type and object id. A token with ORG_ADMIN authority is required to call this API.", + "parameters": [ + { + "in": "path", + "name": "objectType", + "schema": { + "type": "string" + }, + "required": true, + "description": "Object type. Available options ['application']", + "example": "application" + }, + { + "in": "path", + "name": "objectId", + "schema": { + "type": "string" + }, + "required": true, + "description": "Object id.", + "example": "a291e870-48c3-4953-b656-fb5ce2a93169" + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "security": [ + { + "UserContextAuth": [ + "idn:icons:manage" + ] + } + ], + "responses": { + "204": { + "description": "No content - indicates the request was successful but there is no content to be returned in the response." + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/suggested-entitlement-description-batches/{batchId}/stats": { + "get": { + "tags": [ + "Suggested Entitlement Description" + ], + "operationId": "getSedBatchStats", + "summary": "Submit Sed Batch Stats Request", + "description": "Submit Sed Batch Stats Request.\nSubmits batchId in the path param (e.g. {batchId}/stats). API responses with stats of the batchId.", + "parameters": [ + { + "name": "batchId", + "in": "path", + "description": "Batch Id", + "schema": { + "type": "string", + "format": "uuid" + }, + "example": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "required": true + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "Stats of Sed batch.", + "content": { + "application/json": { + "schema": { + "description": "Sed Batch Stats", + "type": "object", + "properties": { + "batchComplete": { + "description": "batch complete", + "type": "boolean", + "example": true, + "default": false + }, + "batchId": { + "description": "batch Id", + "format": "uuid", + "type": "string", + "example": "016629d1-1d25-463f-97f3-c6686846650" + }, + "discoveredCount": { + "description": "discovered count", + "format": "int64", + "type": "integer", + "example": 100 + }, + "discoveryComplete": { + "description": "discovery complete", + "type": "boolean", + "example": true, + "default": false + }, + "processedCount": { + "description": "processed count", + "format": "int64", + "example": 100, + "type": "integer" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:sed:read" + ] + } + ] + } + }, + "/suggested-entitlement-description-batches": { + "get": { + "tags": [ + "Suggested Entitlement Description" + ], + "operationId": "getSedBatches", + "summary": "List Sed Batch Request", + "description": "List Sed Batches.\nAPI responses with Sed Batch Status", + "responses": { + "200": { + "description": "Status of batch", + "content": { + "application/json": { + "schema": { + "description": "Sed Batch Status", + "type": "object", + "properties": { + "status": { + "description": "status of batch", + "type": "string", + "example": "OK" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:sed:read" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + }, + "post": { + "tags": [ + "Suggested Entitlement Description" + ], + "operationId": "submitSedBatchRequest", + "summary": "Submit Sed Batch Request", + "description": "Submit Sed Batch Request.\nRequest body has a list of entitlement Ids that user wants to have description generated by LLM. API responses with batchId that groups Ids together", + "requestBody": { + "description": "Sed Batch Request", + "content": { + "application/json-patch+json": { + "schema": { + "description": "Sed Batch Request", + "type": "object", + "properties": { + "entitlements": { + "description": "list of entitlement ids", + "items": { + "type": "string", + "example": "016629d1-1d25-463f-97f3-c6686846650" + }, + "type": "array" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Sed Batch Response", + "content": { + "application/json": { + "schema": { + "description": "Sed Batch Response", + "type": "object", + "properties": { + "batchId": { + "description": "BatchId that groups all the ids together", + "format": "uuid", + "type": "string", + "example": "016629d1-1d25-463f-97f3-c6686846650" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:sed:write" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/suggested-entitlement-description-approvals": { + "post": { + "tags": [ + "Suggested Entitlement Description" + ], + "summary": "Submit Bulk Approval Request", + "description": "Submit Bulk Approval Request for SED.\nRequest body takes list of SED Ids. API responses with list of SED Approval Status", + "operationId": "submitSedApproval", + "requestBody": { + "description": "Sed Approval", + "content": { + "application/json-patch+json": { + "schema": { + "items": { + "description": "Sed Approval Request Body", + "type": "object", + "properties": { + "items": { + "description": "List of SED id's", + "items": { + "format": "uuid", + "type": "string" + }, + "type": "array", + "example": "016629d1-1d25-463f-97f3-c6686846650" + } + } + }, + "type": "array" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "List of SED Approval Status", + "content": { + "application/json": { + "schema": { + "items": { + "description": "SED Approval Status", + "type": "object", + "properties": { + "failedReason": { + "description": "failed reason will be display if status is failed", + "type": "string", + "example": "invalid status" + }, + "id": { + "description": "Sed id", + "format": "uuid", + "type": "string", + "example": "016629d1-1d25-463f-97f3-c6686846650" + }, + "status": { + "description": "SUCCESS | FAILED", + "example": "SUCCESS", + "type": "string" + } + } + }, + "type": "array" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:sed:write" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/suggested-entitlement-description-assignments": { + "post": { + "tags": [ + "Suggested Entitlement Description" + ], + "operationId": "submitSedAssignment", + "summary": "Submit Sed Assignment Request", + "description": "Submit Assignment Request.\nRequest body has an assignee, and list of SED Ids that are assigned to that assignee API responses with batchId that groups all approval requests together", + "requestBody": { + "description": "Sed Assignment Request", + "content": { + "application/json-patch+json": { + "schema": { + "description": "Sed Assignment", + "type": "object", + "properties": { + "assignee": { + "description": "Sed Assignee", + "type": "object", + "properties": { + "type": { + "description": "Type of assignment\nWhen value is PERSONA, the value MUST be SOURCE_OWNER or ENTITLEMENT_OWNER\nIDENTITY SED_ASSIGNEE_IDENTITY_TYPE\nGROUP SED_ASSIGNEE_GROUP_TYPE\nSOURCE_OWNER SED_ASSIGNEE_SOURCE_OWNER_TYPE\nENTITLEMENT_OWNER SED_ASSIGNEE_ENTITLEMENT_OWNER_TYPE", + "enum": [ + "IDENTITY", + "GROUP", + "SOURCE_OWNER", + "ENTITLEMENT_OWNER" + ], + "type": "string", + "example": "SOURCE_OWNER" + }, + "value": { + "description": "Identity or Group identifier\nEmpty when using source/entitlement owner personas", + "type": "string", + "example": "016629d1-1d25-463f-97f3-c6686846650" + } + }, + "required": [ + "type" + ] + }, + "items": { + "description": "List of SED id's", + "items": { + "format": "uuid", + "type": "string", + "example": "016629d1-1d25-463f-97f3-c6686846650" + }, + "type": "array" + } + } + } + } + }, + "required": true + }, + "responses": { + "202": { + "description": "Sed Assignment Response", + "content": { + "application/json": { + "schema": { + "description": "Sed Assignment Response", + "type": "object", + "properties": { + "batchId": { + "description": "BatchId that groups all the ids together", + "format": "uuid", + "type": "string", + "example": "016629d1-1d25-463f-97f3-c6686846650" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:sed:write" + ] + } + ], + "parameters": [ + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ] + } + }, + "/suggested-entitlement-descriptions": { + "get": { + "tags": [ + "Suggested Entitlement Description" + ], + "operationId": "listSeds", + "summary": "List Suggested Entitlement Description", + "description": "List of Suggested Entitlement Description", + "parameters": [ + { + "description": "Integer specifying the maximum number of records to return in a single API call. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used.", + "schema": { + "format": "int64", + "type": "integer" + }, + "in": "query", + "name": "limit", + "example": "limit=0" + }, + { + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**batchId**: *eq*\n\n**status**: *eq, ne, in*\n\n**displayName**: *eq, co*", + "in": "query", + "name": "filters", + "example": "displayName co \"Read and Write\"", + "schema": { + "type": "string" + } + }, + { + "description": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nSince requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used.", + "in": "query", + "name": "count", + "example": "count=true", + "schema": { + "type": "boolean" + } + }, + { + "description": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored.\nThis parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array.", + "in": "query", + "name": "count-only", + "example": "count-only=true", + "schema": { + "type": "boolean" + } + }, + { + "description": "By default, the ListSeds API will only return items that you have requested to be generated. \nThis option will allow you to see all items that have been requested", + "in": "query", + "name": "requested-by-anyone", + "example": "requested-by-anyone=true", + "schema": { + "type": "boolean" + } + }, + { + "description": "Will limit records to items that are in \"suggested\" or \"approved\" status", + "in": "query", + "name": "show-pending-status-only", + "example": "show-pending-status-only=true", + "schema": { + "type": "boolean" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "responses": { + "200": { + "description": "List of Suggested Entitlement Details", + "content": { + "application/json": { + "schema": { + "items": { + "description": "Suggested Entitlement Description", + "type": "object", + "properties": { + "Name": { + "type": "string", + "description": "name of the entitlement", + "example": "BatchInvoiceProcessing" + }, + "approved_by": { + "type": "string", + "description": "entitlement approved by", + "example": "2c918086-76de-afbf-0176-f6d28f65565a" + }, + "approved_type": { + "type": "string", + "description": "entitlement approved type", + "example": "admin" + }, + "approved_when": { + "format": "date-time", + "type": "string", + "example": "2024-03-22T16:32:16.308Z", + "description": "entitlement approved then" + }, + "attribute": { + "type": "string", + "description": "entitlement attribute", + "example": "Role" + }, + "description": { + "type": "string", + "description": "description of entitlement", + "example": "This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable procedures." + }, + "displayName": { + "type": "string", + "description": "entitlement display name", + "example": "AWS-Cloud-Billing" + }, + "id": { + "format": "uuid", + "type": "string", + "description": "sed id", + "example": "ead281ee-12a9-40ac-9534-36b5d7d65d53" + }, + "sourceId": { + "type": "string", + "description": "entitlement source id", + "example": "103f567b93ee49b991c40f9412f87643" + }, + "sourceName": { + "type": "string", + "description": "entitlement source name", + "example": "IDN Salesforce" + }, + "status": { + "type": "string", + "description": "entitlement status", + "example": "suggested" + }, + "suggestedDescription": { + "type": "string", + "description": "llm suggested entitlement description", + "example": "This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable" + }, + "type": { + "type": "string", + "description": "entitlement type", + "example": "group" + }, + "value": { + "type": "string", + "description": "entitlement value", + "example": "group" + } + } + }, + "type": "array" + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:sed:read" + ] + } + ] + }, + "patch": { + "tags": [ + "Suggested Entitlement Description" + ], + "operationId": "patchSed", + "summary": "Patch Suggested Entitlement Description", + "description": "Patch Suggested Entitlement Description", + "parameters": [ + { + "description": "id is sed id", + "in": "path", + "name": "id", + "example": "ebab396f-0af1-4050-89b7-dafc63ec70e7", + "required": true, + "schema": { + "type": "string", + "format": "uuid" + } + }, + { + "name": "X-SailPoint-Experimental", + "in": "header", + "description": "Use this header to enable this experimental API.", + "example": true, + "schema": { + "type": "string", + "default": true + }, + "required": true + } + ], + "requestBody": { + "description": "Sed Patch Request", + "content": { + "application/json-patch+json": { + "schema": { + "items": { + "description": "Patch for Suggested Entitlement Description", + "type": "object", + "properties": { + "op": { + "description": "desired operation", + "type": "string", + "example": "replace" + }, + "path": { + "description": "field to be patched", + "type": "string", + "example": "status" + }, + "value": { + "description": "value to replace with", + "example": "approved" + } + } + }, + "type": "array" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "detail of patched sed", + "content": { + "application/json": { + "schema": { + "description": "Suggested Entitlement Description", + "type": "object", + "properties": { + "Name": { + "type": "string", + "description": "name of the entitlement", + "example": "BatchInvoiceProcessing" + }, + "approved_by": { + "type": "string", + "description": "entitlement approved by", + "example": "2c918086-76de-afbf-0176-f6d28f65565a" + }, + "approved_type": { + "type": "string", + "description": "entitlement approved type", + "example": "admin" + }, + "approved_when": { + "format": "date-time", + "type": "string", + "example": "2024-03-22T16:32:16.308Z", + "description": "entitlement approved then" + }, + "attribute": { + "type": "string", + "description": "entitlement attribute", + "example": "Role" + }, + "description": { + "type": "string", + "description": "description of entitlement", + "example": "This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable procedures." + }, + "displayName": { + "type": "string", + "description": "entitlement display name", + "example": "AWS-Cloud-Billing" + }, + "id": { + "format": "uuid", + "type": "string", + "description": "sed id", + "example": "ead281ee-12a9-40ac-9534-36b5d7d65d53" + }, + "sourceId": { + "type": "string", + "description": "entitlement source id", + "example": "103f567b93ee49b991c40f9412f87643" + }, + "sourceName": { + "type": "string", + "description": "entitlement source name", + "example": "IDN Salesforce" + }, + "status": { + "type": "string", + "description": "entitlement status", + "example": "suggested" + }, + "suggestedDescription": { + "type": "string", + "description": "llm suggested entitlement description", + "example": "This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable" + }, + "type": { + "type": "string", + "description": "entitlement type", + "example": "group" + }, + "value": { + "type": "string", + "description": "entitlement value", + "example": "group" + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [ + "idn:sed:write" + ] + } + ] + } + }, + "/discovered-applications": { + "get": { + "operationId": "getDiscoveredApplications", + "tags": [ + "Application Discovery" + ], + "summary": "Retrieve discovered applications for tenant", + "description": "Fetches a list of applications that have been identified within the environment. This includes details such as application names, discovery dates, potential correlated saas_vendors and related suggested connectors.\n", + "security": [ + { + "UserContextAuth": [ + "idn:application-discovery:read" + ] + } + ], + "parameters": [ + { + "in": "query", + "name": "limit", + "description": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 250, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "maximum": 250, + "default": 250 + } + }, + { + "in": "query", + "name": "offset", + "description": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "required": false, + "example": 0, + "schema": { + "type": "integer", + "format": "int32", + "minimum": 0, + "default": 0 + } + }, + { + "in": "query", + "name": "filter", + "schema": { + "type": "string" + }, + "description": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n \n \nFiltering is supported for the following fields and operators:\n\n**name**: *eq, sw, co*\n\n**description**: *eq, sw, co*\n", + "example": "name eq \"Okta\" and description co \"Okta\"", + "required": false, + "style": "form" + }, + { + "in": "query", + "name": "sorters", + "schema": { + "type": "string", + "format": "comma-separated" + }, + "description": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, discoveredAt, discoverySource**", + "example": "name" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved list of discovered applications.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "array", + "description": "An array of discovered applications for a given tenant", + "example": [ + { + "id": "app-123", + "name": "ExampleApp", + "discoverySource": "CSV", + "discoveredVendor": "ExampleVendor", + "description": "An application for managing examples.", + "recommendedConnectors": [ + "ConnectorA", + "ConnectorB" + ], + "discoveredTimestamp": "2023-01-01T12:00:00Z" + } + ], + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "uuid", + "description": "Unique identifier for the discovered application.", + "example": "2d9180835d2e5168015d32f890ca1581" + }, + "name": { + "type": "string", + "description": "Name of the discovered application.", + "example": "ExampleApp" + }, + "discoverySource": { + "type": "string", + "description": "Source from which the application was discovered.", + "example": "CSV" + }, + "discoveredVendor": { + "type": "string", + "description": "The vendor associated with the discovered application.", + "example": "ExampleVendor" + }, + "description": { + "type": "string", + "description": "A brief description of the discovered application.", + "example": "An application for managing examples." + }, + "recommendedConnectors": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of recommended connectors for the application.", + "example": [ + "ConnectorA", + "ConnectorB" + ] + }, + "discoveredTimestamp": { + "type": "string", + "format": "date-time", + "description": "The timestamp when the application was discovered, in ISO 8601 format.", + "example": "2023-01-01T12:00:00Z" + } + } + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/manual-discover-applications-template": { + "get": { + "summary": "CSV template download for discovery", + "tags": [ + "Application Discovery" + ], + "description": "This endpoint allows the user to download an example CSV file with two columns `application_name` and `description`. The CSV file contains a single row with the values 'Example Application' and 'Example Description'.\n\nThe downloaded template is specifically designed for use with the `/manual-discover-applications` endpoint.\n", + "security": [ + { + "UserContextAuth": [ + "idn:application-discovery:read" + ] + } + ], + "operationId": "getManualDiscoverApplicationsCsvTemplate", + "responses": { + "200": { + "description": "A CSV file download was successful.", + "content": { + "text/csv": { + "schema": { + "type": "object", + "properties": { + "application_name": { + "type": "string", + "description": "Name of the application.", + "example": "Example Application" + }, + "description": { + "type": "string", + "description": "Description of the application.", + "example": "Example Description" + } + } + }, + "example": "application_name,description\nExample Application,Example Description\n" + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/manual-discover-applications": { + "post": { + "summary": "CSV Upload to discover applications", + "tags": [ + "Application Discovery" + ], + "description": "This endpoint supports uploading a CSV file with application data for manual correlation to specific IDN connectors. \nIf a suitable IDN connector is unavailable, the system will recommend generic connectors instead.", + "security": [ + { + "UserContextAuth": [ + "idn:application-discovery:write" + ] + } + ], + "operationId": "sendManualDiscoverApplicationsCsvTemplate", + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "properties": { + "file": { + "type": "string", + "format": "binary", + "description": "The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.", + "example": "application_name,description\n\"Sample App\",\"This is a sample description for Sample App.\"\n\"Another App\",\"Description for Another App.\"" + } + }, + "required": [ + "file" + ] + } + } + } + }, + "responses": { + "200": { + "description": "The CSV has been successfully processed." + }, + "400": { + "description": "Bad request - There was an error with the CSV format or validation failed (e.g., `application_name` missing). Error message should be provided in response.\n", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + }, + "/vendor-connector-mappings": { + "get": { + "security": [ + { + "UserContextAuth": [ + "idn:application-discovery:read" + ] + } + ], + "operationId": "getVendorConnectorMappings", + "tags": [ + "Application Discovery" + ], + "summary": "List vendor connector mappings", + "description": "Retrieves a list of mappings between SaaS vendors and IDN connectors, detailing the connections established for correlation.\n", + "responses": { + "200": { + "description": "Successfully retrieved list.", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The unique identifier for the vendor-connector mapping.", + "example": "78733556-9ea3-4f59-bf69-e5cd92b011b4" + }, + "vendor": { + "type": "string", + "description": "The name of the vendor.", + "example": "Example vendor" + }, + "connector": { + "type": "string", + "description": "The name of the connector.", + "example": "Example connector" + }, + "createdAt": { + "type": "string", + "format": "date-time", + "description": "The creation timestamp of the mapping.", + "example": "2024-03-13T12:56:19.391294Z" + }, + "createdBy": { + "type": "string", + "description": "The identifier of the user who created the mapping.", + "example": "admin" + }, + "updatedAt": { + "type": "object", + "nullable": true, + "properties": { + "Time": { + "type": "string", + "format": "date-time", + "description": "The timestamp when the mapping was last updated, represented in ISO 8601 format.", + "example": "2024-03-14T12:56:19.391294Z" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'Time' field is set and valid.", + "default": false, + "example": true + } + }, + "description": "An object representing the nullable timestamp of the last update." + }, + "updatedBy": { + "type": "object", + "nullable": true, + "properties": { + "String": { + "type": "string", + "description": "The identifier of the user who last updated the mapping, if available.", + "example": "user-67891" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'String' field is set and valid.", + "default": false, + "example": true + } + }, + "description": "An object representing the nullable identifier of the user who last updated the mapping." + }, + "deletedAt": { + "type": "object", + "nullable": true, + "properties": { + "Time": { + "type": "string", + "format": "date-time", + "description": "The timestamp when the mapping was deleted, represented in ISO 8601 format, if applicable.", + "example": "0001-01-01T00:00:00Z" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'Time' field is set and valid, i.e., if the mapping has been deleted.", + "default": false, + "example": false + } + }, + "description": "An object representing the nullable timestamp of when the mapping was deleted." + }, + "deletedBy": { + "type": "object", + "nullable": true, + "properties": { + "String": { + "type": "string", + "description": "The identifier of the user who deleted the mapping, if applicable.", + "example": "" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'String' field is set and valid, i.e., if the mapping has been deleted.", + "default": false, + "example": false + } + }, + "description": "An object representing the nullable identifier of the user who deleted the mapping." + } + } + }, + "example": [ + { + "id": "78733556-9ea3-4f59-bf69-e5cd92b011b4", + "vendor": "Example Vendor", + "connector": "Example Connector", + "createdAt": "2024-03-13T12:56:19.391294Z", + "createdBy": "admin", + "updatedAt": { + "Time": "2024-03-14T12:56:19.391294Z", + "Valid": true + }, + "updatedBy": { + "String": "user-67891", + "Valid": true + }, + "deletedAt": { + "Time": "0001-01-01T00:00:00Z", + "Valid": false + }, + "deletedBy": { + "String": "", + "Valid": false + } + }, + { + "id": "78733556-9ea3-4f59-bf69-e5cd92b011b5", + "vendor": "Another Corporation", + "connector": "Another Connector", + "createdAt": "2024-04-13T11:46:19.391294Z", + "createdBy": "admin", + "updatedAt": { + "Time": "0001-01-01T00:00:00Z", + "Valid": false + }, + "updatedBy": { + "String": "", + "Valid": false + }, + "deletedAt": { + "Time": "0001-01-01T00:00:00Z", + "Valid": false + }, + "deletedBy": { + "String": "", + "Valid": false + } + } + ] + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "405": { + "description": "Method Not Allowed - indicates that the server knows the request method, but the target resource doesn't support this method.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "errorName": { + "description": "A message describing the error", + "example": "NotSupportedException" + }, + "errorMessage": { + "description": "Description of the error", + "example": "Cannot consume content type" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "post": { + "security": [ + { + "UserContextAuth": [ + "idn:application-discovery:write" + ] + } + ], + "operationId": "createVendorConnectorMapping", + "tags": [ + "Vendor Connector Mappings" + ], + "summary": "Create a vendor connector mapping", + "description": "Creates a new mapping between a SaaS vendor and an IDN connector to establish correlation paths.\n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The unique identifier for the vendor-connector mapping.", + "example": "78733556-9ea3-4f59-bf69-e5cd92b011b4" + }, + "vendor": { + "type": "string", + "description": "The name of the vendor.", + "example": "Example vendor" + }, + "connector": { + "type": "string", + "description": "The name of the connector.", + "example": "Example connector" + }, + "createdAt": { + "type": "string", + "format": "date-time", + "description": "The creation timestamp of the mapping.", + "example": "2024-03-13T12:56:19.391294Z" + }, + "createdBy": { + "type": "string", + "description": "The identifier of the user who created the mapping.", + "example": "admin" + }, + "updatedAt": { + "type": "object", + "nullable": true, + "properties": { + "Time": { + "type": "string", + "format": "date-time", + "description": "The timestamp when the mapping was last updated, represented in ISO 8601 format.", + "example": "2024-03-14T12:56:19.391294Z" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'Time' field is set and valid.", + "default": false, + "example": true + } + }, + "description": "An object representing the nullable timestamp of the last update." + }, + "updatedBy": { + "type": "object", + "nullable": true, + "properties": { + "String": { + "type": "string", + "description": "The identifier of the user who last updated the mapping, if available.", + "example": "user-67891" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'String' field is set and valid.", + "default": false, + "example": true + } + }, + "description": "An object representing the nullable identifier of the user who last updated the mapping." + }, + "deletedAt": { + "type": "object", + "nullable": true, + "properties": { + "Time": { + "type": "string", + "format": "date-time", + "description": "The timestamp when the mapping was deleted, represented in ISO 8601 format, if applicable.", + "example": "0001-01-01T00:00:00Z" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'Time' field is set and valid, i.e., if the mapping has been deleted.", + "default": false, + "example": false + } + }, + "description": "An object representing the nullable timestamp of when the mapping was deleted." + }, + "deletedBy": { + "type": "object", + "nullable": true, + "properties": { + "String": { + "type": "string", + "description": "The identifier of the user who deleted the mapping, if applicable.", + "example": "" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'String' field is set and valid, i.e., if the mapping has been deleted.", + "default": false, + "example": false + } + }, + "description": "An object representing the nullable identifier of the user who deleted the mapping." + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Successfully created a new vendor connector mapping.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The unique identifier for the vendor-connector mapping.", + "example": "78733556-9ea3-4f59-bf69-e5cd92b011b4" + }, + "vendor": { + "type": "string", + "description": "The name of the vendor.", + "example": "Example vendor" + }, + "connector": { + "type": "string", + "description": "The name of the connector.", + "example": "Example connector" + }, + "createdAt": { + "type": "string", + "format": "date-time", + "description": "The creation timestamp of the mapping.", + "example": "2024-03-13T12:56:19.391294Z" + }, + "createdBy": { + "type": "string", + "description": "The identifier of the user who created the mapping.", + "example": "admin" + }, + "updatedAt": { + "type": "object", + "nullable": true, + "properties": { + "Time": { + "type": "string", + "format": "date-time", + "description": "The timestamp when the mapping was last updated, represented in ISO 8601 format.", + "example": "2024-03-14T12:56:19.391294Z" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'Time' field is set and valid.", + "default": false, + "example": true + } + }, + "description": "An object representing the nullable timestamp of the last update." + }, + "updatedBy": { + "type": "object", + "nullable": true, + "properties": { + "String": { + "type": "string", + "description": "The identifier of the user who last updated the mapping, if available.", + "example": "user-67891" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'String' field is set and valid.", + "default": false, + "example": true + } + }, + "description": "An object representing the nullable identifier of the user who last updated the mapping." + }, + "deletedAt": { + "type": "object", + "nullable": true, + "properties": { + "Time": { + "type": "string", + "format": "date-time", + "description": "The timestamp when the mapping was deleted, represented in ISO 8601 format, if applicable.", + "example": "0001-01-01T00:00:00Z" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'Time' field is set and valid, i.e., if the mapping has been deleted.", + "default": false, + "example": false + } + }, + "description": "An object representing the nullable timestamp of when the mapping was deleted." + }, + "deletedBy": { + "type": "object", + "nullable": true, + "properties": { + "String": { + "type": "string", + "description": "The identifier of the user who deleted the mapping, if applicable.", + "example": "" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'String' field is set and valid, i.e., if the mapping has been deleted.", + "default": false, + "example": false + } + }, + "description": "An object representing the nullable identifier of the user who deleted the mapping." + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "405": { + "description": "Method Not Allowed - indicates that the server knows the request method, but the target resource doesn't support this method.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "errorName": { + "description": "A message describing the error", + "example": "NotSupportedException" + }, + "errorMessage": { + "description": "Description of the error", + "example": "Cannot consume content type" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + }, + "delete": { + "security": [ + { + "UserContextAuth": [ + "idn:application-discovery:write" + ] + } + ], + "operationId": "deleteVendorConnectorMapping", + "tags": [ + "Vendor Connector Mappings" + ], + "summary": "Delete a vendor connector mapping", + "description": "Soft deletes a mapping between a SaaS vendor and an IDN connector, removing the established correlation.\n", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The unique identifier for the vendor-connector mapping.", + "example": "78733556-9ea3-4f59-bf69-e5cd92b011b4" + }, + "vendor": { + "type": "string", + "description": "The name of the vendor.", + "example": "Example vendor" + }, + "connector": { + "type": "string", + "description": "The name of the connector.", + "example": "Example connector" + }, + "createdAt": { + "type": "string", + "format": "date-time", + "description": "The creation timestamp of the mapping.", + "example": "2024-03-13T12:56:19.391294Z" + }, + "createdBy": { + "type": "string", + "description": "The identifier of the user who created the mapping.", + "example": "admin" + }, + "updatedAt": { + "type": "object", + "nullable": true, + "properties": { + "Time": { + "type": "string", + "format": "date-time", + "description": "The timestamp when the mapping was last updated, represented in ISO 8601 format.", + "example": "2024-03-14T12:56:19.391294Z" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'Time' field is set and valid.", + "default": false, + "example": true + } + }, + "description": "An object representing the nullable timestamp of the last update." + }, + "updatedBy": { + "type": "object", + "nullable": true, + "properties": { + "String": { + "type": "string", + "description": "The identifier of the user who last updated the mapping, if available.", + "example": "user-67891" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'String' field is set and valid.", + "default": false, + "example": true + } + }, + "description": "An object representing the nullable identifier of the user who last updated the mapping." + }, + "deletedAt": { + "type": "object", + "nullable": true, + "properties": { + "Time": { + "type": "string", + "format": "date-time", + "description": "The timestamp when the mapping was deleted, represented in ISO 8601 format, if applicable.", + "example": "0001-01-01T00:00:00Z" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'Time' field is set and valid, i.e., if the mapping has been deleted.", + "default": false, + "example": false + } + }, + "description": "An object representing the nullable timestamp of when the mapping was deleted." + }, + "deletedBy": { + "type": "object", + "nullable": true, + "properties": { + "String": { + "type": "string", + "description": "The identifier of the user who deleted the mapping, if applicable.", + "example": "" + }, + "Valid": { + "type": "boolean", + "description": "A flag indicating if the 'String' field is set and valid, i.e., if the mapping has been deleted.", + "default": false, + "example": false + } + }, + "description": "An object representing the nullable identifier of the user who deleted the mapping." + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Successfully deleted the specified vendor connector mapping.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "count": { + "type": "integer", + "description": "The number of vendor connector mappings successfully deleted.", + "example": 1 + } + } + } + } + } + }, + "400": { + "description": "Client Error - Returned if the request body is invalid.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + } + } + } + }, + "401": { + "description": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "error": { + "description": "A message describing the error", + "example": "JWT validation failed: JWT is expired" + } + } + } + } + } + }, + "403": { + "description": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "403": { + "summary": "An example of a 403 response object", + "value": { + "detailCode": "403 Forbidden", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server understood the request but refuses to authorize it." + } + ] + } + } + } + } + } + }, + "404": { + "description": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "404": { + "summary": "An example of a 404 response object", + "value": { + "detailCode": "404 Not found", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "The server did not find a current representation for the target resource." + } + ] + } + } + } + } + } + }, + "429": { + "description": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "message": { + "description": "A message describing the error", + "example": " Rate Limit Exceeded " + } + } + } + } + } + }, + "500": { + "description": "Internal Server Error - Returned if there is an unexpected error.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "detailCode": { + "type": "string", + "description": "Fine-grained error code providing more detail of the error.", + "example": "400.1 Bad Request Content" + }, + "trackingId": { + "type": "string", + "description": "Unique tracking id for the error.", + "example": "e7eab60924f64aa284175b9fa3309599" + }, + "messages": { + "type": "array", + "description": "Generic localized reason for error", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + }, + "causes": { + "type": "array", + "description": "Plain-text descriptive reasons to provide additional detail to the text provided in the messages field", + "items": { + "type": "object", + "properties": { + "locale": { + "type": "string", + "description": "The locale for the message text, a BCP 47 language tag.", + "example": "en-US", + "nullable": true + }, + "localeOrigin": { + "type": "string", + "enum": [ + "DEFAULT", + "REQUEST", + null + ], + "description": "An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.", + "example": "DEFAULT", + "nullable": true + }, + "text": { + "type": "string", + "description": "Actual text of the error message in the indicated locale.", + "example": "The request was syntactically correct but its content is semantically invalid." + } + } + } + } + } + }, + "examples": { + "500": { + "summary": "An example of a 500 response object", + "value": { + "detailCode": "500.0 Internal Fault", + "trackingId": "b21b1f7ce4da4d639f2c62a57171b427", + "messages": [ + { + "locale": "en-US", + "localeOrigin": "DEFAULT", + "text": "An internal fault occurred." + } + ] + } + } + } + } + } + } + } + } + } + }, + "security": [ + { + "UserContextAuth": [] + } + ], + "components": { + "securitySchemes": { + "UserContextAuth": { + "type": "oauth2", + "description": "OAuth2 Bearer token (JWT) generated using either a Personal Access token or through the Authorization Code flow. \nSee [Identity Security Cloud REST API Authentication](https://developer.sailpoint.com/docs/api/authentication/) for more information.\n- Directions for generating a [personal access token](https://developer.sailpoint.com/docs/api/authentication/#personal-access-tokens)\n- Directions using [client credentials flow](https://developer.sailpoint.com/docs/api/authentication/#client-credentials-grant-flow)\n- Directions for using [authorization code flow](https://developer.sailpoint.com/docs/api/authentication/#authorization-code-grant-flow)\n\nWhich authentication method should I choose? See the [guide](https://developer.sailpoint.com/docs/api/authentication/#which-oauth-20-grant-flow-should-i-use).\n\nLearn more about how to find your `tokenUrl` and `authorizationUrl` [in the docs](https://developer.sailpoint.com/docs/api/authentication/#find-your-tenants-oauth-details).\n", + "flows": { + "clientCredentials": { + "tokenUrl": "https://tenant.api.identitynow.com/oauth/token", + "scopes": { + "sp:scopes:default": "default scope", + "sp:scopes:all": "access to all scopes" + } + }, + "authorizationCode": { + "authorizationUrl": "https://tenant.login.sailpoint.com/oauth/authorize", + "tokenUrl": "https://tenant.api.identitynow.com/oauth/token", + "scopes": { + "sp:scopes:default": "default scope", + "sp:scopes:all": "access to all scopes" + } + } + } + }, + "ApplicationOnlyAuth": { + "type": "oauth2", + "description": "OAuth2 Bearer token (JWT) generated using client credentials flow. \nSee [Identity Security Cloud REST API Authentication](https://developer.sailpoint.com/docs/api/authentication/) for more information.\n- Directions using [client credentials flow](https://developer.sailpoint.com/docs/api/authentication/#client-credentials-grant-flow)\n\nWhich authentication method should I choose? See the [guide](https://developer.sailpoint.com/docs/api/authentication/#which-oauth-20-grant-flow-should-i-use).\n\nLearn more about how to find your `tokenUrl` and `authorizationUrl` [in the docs](https://developer.sailpoint.com/docs/api/authentication/#find-your-tenants-oauth-details).\n", + "flows": { + "clientCredentials": { + "tokenUrl": "https://tenant.api.identitynow.com/oauth/token", + "scopes": { + "sp:scopes:default": "default scope" + } + } + } + } + }, + "schemas": { + "AccessRequest": { + "type": "object", + "properties": { + "requestedFor": { + "description": "A list of Identity IDs for whom the Access is requested. If it's a Revoke request, there can only be one Identity ID.", + "type": "array", + "items": { + "type": "string", + "example": "2c918084660f45d6016617daa9210584" + } + }, + "requestType": { + "type": "string", + "enum": [ + "GRANT_ACCESS", + "REVOKE_ACCESS", + null + ], + "description": "Access request type. Defaults to GRANT_ACCESS. REVOKE_ACCESS type can only have a single Identity ID in the requestedFor field.", + "example": "GRANT_ACCESS", + "nullable": true + }, + "requestedItems": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The type of the item being requested.", + "example": "ACCESS_PROFILE" + }, + "id": { + "type": "string", + "description": "ID of Role, Access Profile or Entitlement being requested.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "comment": { + "type": "string", + "description": "Comment provided by requester.\n* Comment is required when the request is of type Revoke Access.\n", + "example": "Requesting access profile for John Doe" + }, + "clientMetadata": { + "type": "object", + "additionalProperties": { + "type": "string", + "example": { + "requestedAppId": "2c91808f7892918f0178b78da4a305a1", + "requestedAppName": "test-app" + } + }, + "example": { + "requestedAppName": "test-app", + "requestedAppId": "2c91808f7892918f0178b78da4a305a1" + }, + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status." + }, + "removeDate": { + "type": "string", + "description": "The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date.\n* Specify a date in the future.\n* The current SLA for the deprovisioning is 24 hours.\n* This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration.\n", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + } + }, + "required": [ + "id", + "type" + ] + }, + "minItems": 1, + "maxItems": 25 + }, + "clientMetadata": { + "type": "object", + "additionalProperties": { + "type": "string", + "example": { + "requestedAppId": "2c91808f7892918f0178b78da4a305a1", + "requestedAppName": "test-app" + } + }, + "example": { + "requestedAppId": "2c91808f7892918f0178b78da4a305a1", + "requestedAppName": "test-app" + }, + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities." + } + }, + "required": [ + "requestedFor", + "requestedItems" + ] + }, + "AccessRequestItem": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The type of the item being requested.", + "example": "ACCESS_PROFILE" + }, + "id": { + "type": "string", + "description": "ID of Role, Access Profile or Entitlement being requested.", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "comment": { + "type": "string", + "description": "Comment provided by requester.\n* Comment is required when the request is of type Revoke Access.\n", + "example": "Requesting access profile for John Doe" + }, + "clientMetadata": { + "type": "object", + "additionalProperties": { + "type": "string", + "example": { + "requestedAppId": "2c91808f7892918f0178b78da4a305a1", + "requestedAppName": "test-app" + } + }, + "example": { + "requestedAppName": "test-app", + "requestedAppId": "2c91808f7892918f0178b78da4a305a1" + }, + "description": "Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status." + }, + "removeDate": { + "type": "string", + "description": "The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date.\n* Specify a date in the future.\n* The current SLA for the deprovisioning is 24 hours.\n* This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration.\n", + "format": "date-time", + "example": "2020-07-11T21:23:15.000Z" + } + }, + "required": [ + "id", + "type" + ] + }, + "AccessProfileDocument": { + "description": "More complete representation of an access profile. ", + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "description": "Access profile's ID.", + "example": "2c9180825a6c1adc015a71c9023f0818" + }, + "name": { + "type": "string", + "description": "Access profile's name.", + "example": "Cloud Eng" + }, + "_type": { + "description": "Access profile's document type. \nThis enum represents the currently supported document types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "accessprofile" + }, + "source": { + "type": "object", + "description": "Access profile's source.", + "properties": { + "id": { + "type": "string", + "description": "Source's ID.", + "example": "ff8081815757d4fb0157588f3d9d008f" + }, + "name": { + "type": "string", + "description": "Source's name.", + "example": "Employees" + } + } + }, + "entitlements": { + "type": "array", + "description": "Entitlements the access profile has access to.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + "AccessProfileSummary": { + "description": "This is a summary representation of an access profile.", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "revocable": { + "type": "boolean", + "example": true + } + } + } + ] + }, + "AccessReviewReassignment": { + "type": "object", + "properties": { + "reassign": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of item or identity being reassigned.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "type": { + "type": "string", + "description": "The type of item or identity being reassigned.", + "enum": [ + "TARGET_SUMMARY", + "ITEM", + "IDENTITY_SUMMARY" + ], + "example": "ITEM" + } + }, + "required": [ + "id", + "type" + ] + } + }, + "reassignTo": { + "type": "string", + "description": "The ID of the identity to which the certification is reassigned", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "reason": { + "type": "string", + "description": "The reason comment for why the reassign was made", + "example": "reassigned for some reason" + } + }, + "required": [ + "reassign", + "reassignTo", + "reason" + ] + }, + "Account": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "sourceId", + "sourceName", + "attributes", + "authoritative", + "disabled", + "locked", + "nativeIdentity", + "systemAccount", + "uncorrelated", + "manuallyCorrelated", + "hasEntitlements" + ], + "properties": { + "sourceId": { + "type": "string", + "example": "2c9180835d2e5168015d32f890ca1581", + "description": "The unique ID of the source this account belongs to" + }, + "sourceName": { + "type": "string", + "example": "Employees", + "description": "The display name of the source this account belongs to" + }, + "identityId": { + "type": "string", + "example": "2c9180835d2e5168015d32f890ca1581", + "description": "The unique ID of the identity this account is correlated to" + }, + "cloudLifecycleState": { + "type": "string", + "nullable": true, + "example": "active", + "description": "The lifecycle state of the identity this account is correlated to" + }, + "identityState": { + "type": "string", + "nullable": true, + "example": "ACTIVE", + "description": "The identity state of the identity this account is correlated to" + }, + "connectionType": { + "type": "string", + "nullable": true, + "example": "direct", + "description": "The connection type of the source this account is from" + }, + "type": { + "type": "string", + "nullable": true, + "example": "NON_HUMAN", + "description": "The type of the account" + }, + "attributes": { + "type": "object", + "nullable": true, + "additionalProperties": true, + "description": "The account attributes that are aggregated", + "example": { + "firstName": "SailPoint", + "lastName": "Support", + "displayName": "SailPoint Support" + } + }, + "authoritative": { + "type": "boolean", + "description": "Indicates if this account is from an authoritative source", + "example": false + }, + "description": { + "type": "string", + "description": "A description of the account", + "nullable": true, + "example": null + }, + "disabled": { + "type": "boolean", + "description": "Indicates if the account is currently disabled", + "example": false + }, + "locked": { + "type": "boolean", + "description": "Indicates if the account is currently locked", + "example": false + }, + "nativeIdentity": { + "type": "string", + "description": "The unique ID of the account generated by the source system", + "example": "552775" + }, + "systemAccount": { + "type": "boolean", + "example": false, + "description": "If true, this is a user account within IdentityNow. If false, this is an account from a source system." + }, + "uncorrelated": { + "type": "boolean", + "description": "Indicates if this account is not correlated to an identity", + "example": false + }, + "uuid": { + "type": "string", + "description": "The unique ID of the account as determined by the account schema", + "example": "slpt.support", + "nullable": true + }, + "manuallyCorrelated": { + "type": "boolean", + "description": "Indicates if the account has been manually correlated to an identity", + "example": false + }, + "hasEntitlements": { + "type": "boolean", + "description": "Indicates if the account has entitlements", + "example": true + }, + "identity": { + "description": "The identity this account is correlated to", + "example": { + "id": "2c918084660f45d6016617daa9210584", + "type": "IDENTITY", + "name": "Adam Kennedy" + }, + "type": "object", + "properties": { + "type": { + "description": "DTO type", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "sourceOwner": { + "type": "object", + "nullable": true, + "description": "The owner of this object.", + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY", + "description": "Type of owner object." + }, + "id": { + "type": "string", + "description": "Identity id", + "example": "4c5c8534e99445de98eef6c75e25eb01" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the owner.", + "example": "John Cavender" + } + } + }, + "features": { + "type": "string", + "description": "A string list containing the owning source's features", + "example": "ENABLE", + "nullable": true + }, + "origin": { + "type": "string", + "nullable": true, + "enum": [ + "AGGREGATED", + "PROVISIONED", + null + ], + "description": "The origin of the account either aggregated or provisioned", + "example": "AGGREGATED" + }, + "ownerIdentity": { + "description": "The identity who owns this account, typically used for non-human accounts", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the identity", + "example": "2c918084660f45d6016617daa9210584" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the identity", + "example": "Adam Kennedy" + } + } + }, + "ownerGroup": { + "description": "The governance group who owns this account, typically used for non-human accounts", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "The type of object being referenced", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "ID of the governance group", + "example": "8d3e0094e99445de98eef6c75e25jc04" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the governance group", + "example": "GovGroup AX17Z" + } + } + } + } + } + ] + }, + "AccountActivity": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the account activity", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "name": { + "type": "string", + "description": "The name of the activity", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "created": { + "description": "When the activity was first created", + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z" + }, + "modified": { + "description": "When the activity was last modified", + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "nullable": true + }, + "completed": { + "description": "When the activity was completed", + "type": "string", + "format": "date-time", + "nullable": true, + "example": "2018-10-19T13:49:37.385Z" + }, + "completionStatus": { + "allOf": [ + { + "nullable": true, + "type": "string", + "description": "The status after completion.", + "enum": [ + "SUCCESS", + "FAILURE", + "INCOMPLETE", + "PENDING", + null + ], + "example": "SUCCESS" + }, + { + "nullable": true + } + ] + }, + "type": { + "nullable": true, + "type": "string", + "example": "appRequest", + "description": "The type of action the activity performed. Please see the following list of types. This list may grow over time.\n\n- CloudAutomated\n- IdentityAttributeUpdate\n- appRequest\n- LifecycleStateChange\n- AccountStateUpdate\n- AccountAttributeUpdate\n- CloudPasswordRequest\n- Attribute Synchronization Refresh\n- Certification\n- Identity Refresh\n- Lifecycle Change Refresh\n\n\n[Learn more here](https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data).\n" + }, + "requesterIdentitySummary": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of this identity summary", + "example": "ff80818155fe8c080155fe8d925b0316" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity", + "example": "SailPoint Services" + }, + "identityId": { + "type": "string", + "description": "ID of the identity that this summary represents", + "example": "c15b9f5cca5a4e9599eaa0e64fa921bd" + }, + "completed": { + "type": "boolean", + "description": "Indicates if all access items for this summary have been decided on", + "example": true, + "default": false + } + } + }, + "targetIdentitySummary": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of this identity summary", + "example": "ff80818155fe8c080155fe8d925b0316" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity", + "example": "SailPoint Services" + }, + "identityId": { + "type": "string", + "description": "ID of the identity that this summary represents", + "example": "c15b9f5cca5a4e9599eaa0e64fa921bd" + }, + "completed": { + "type": "boolean", + "description": "Indicates if all access items for this summary have been decided on", + "example": true, + "default": false + } + } + }, + "errors": { + "nullable": true, + "description": "A list of error messages, if any, that were encountered.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds." + ] + }, + "warnings": { + "nullable": true, + "description": "A list of warning messages, if any, that were encountered.", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Some warning, another warning" + ] + }, + "items": { + "nullable": true, + "type": "array", + "description": "Individual actions performed as part of this account activity", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Item id", + "example": "48c545831b264409a81befcabb0e3c5a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of item", + "example": "48c545831b264409a81befcabb0e3c5a" + }, + "requested": { + "type": "string", + "format": "date-time", + "description": "Date and time item was requested", + "example": "2017-07-11T18:45:37.098Z" + }, + "approvalStatus": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "FINISHED", + "REJECTED", + "RETURNED", + "EXPIRED", + "PENDING", + "CANCELED", + null + ], + "example": "PENDING", + "description": "The state of an approval status" + }, + { + "nullable": true + } + ] + }, + "provisioningStatus": { + "type": "string", + "enum": [ + "PENDING", + "FINISHED", + "UNVERIFIABLE", + "COMMITED", + "FAILED", + "RETRY" + ], + "description": "Provisioning state of an account activity item", + "example": "PENDING" + }, + "requesterComment": { + "type": "object", + "nullable": true, + "properties": { + "commenterId": { + "type": "string", + "description": "Id of the identity making the comment", + "example": "2c918084660f45d6016617daa9210584" + }, + "commenterName": { + "type": "string", + "description": "Human-readable display name of the identity making the comment", + "example": "Adam Kennedy" + }, + "body": { + "type": "string", + "description": "Content of the comment", + "example": "Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat." + }, + "date": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was made", + "example": "2017-07-11T18:45:37.098Z" + } + } + }, + "reviewerIdentitySummary": { + "type": "object", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of this identity summary", + "example": "ff80818155fe8c080155fe8d925b0316" + }, + "name": { + "type": "string", + "description": "Human-readable display name of identity", + "example": "SailPoint Services" + }, + "identityId": { + "type": "string", + "description": "ID of the identity that this summary represents", + "example": "c15b9f5cca5a4e9599eaa0e64fa921bd" + }, + "completed": { + "type": "boolean", + "description": "Indicates if all access items for this summary have been decided on", + "example": true, + "default": false + } + } + }, + "reviewerComment": { + "type": "object", + "nullable": true, + "properties": { + "commenterId": { + "type": "string", + "description": "Id of the identity making the comment", + "example": "2c918084660f45d6016617daa9210584" + }, + "commenterName": { + "type": "string", + "description": "Human-readable display name of the identity making the comment", + "example": "Adam Kennedy" + }, + "body": { + "type": "string", + "description": "Content of the comment", + "example": "Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat." + }, + "date": { + "type": "string", + "format": "date-time", + "description": "Date and time comment was made", + "example": "2017-07-11T18:45:37.098Z" + } + } + }, + "operation": { + "allOf": [ + { + "type": "string", + "enum": [ + "ADD", + "CREATE", + "MODIFY", + "DELETE", + "DISABLE", + "ENABLE", + "UNLOCK", + "LOCK", + "REMOVE", + "SET", + null + ], + "description": "Represents an operation in an account activity item", + "example": "ADD" + }, + { + "nullable": true + } + ] + }, + "attribute": { + "type": "string", + "description": "Attribute to which account activity applies", + "nullable": true, + "example": "detectedRoles" + }, + "value": { + "type": "string", + "description": "Value of attribute", + "nullable": true, + "example": "Treasury Analyst [AccessProfile-1529010191212]" + }, + "nativeIdentity": { + "nullable": true, + "type": "string", + "description": "Native identity in the target system to which the account activity applies", + "example": "Sandie.Camero" + }, + "sourceId": { + "type": "string", + "description": "Id of Source to which account activity applies", + "example": "2c91808363ef85290164000587130c0c" + }, + "accountRequestInfo": { + "type": "object", + "nullable": true, + "properties": { + "requestedObjectId": { + "type": "string", + "description": "Id of requested object", + "example": "2c91808563ef85690164001c31140c0c" + }, + "requestedObjectName": { + "type": "string", + "description": "Human-readable name of requested object", + "example": "Treasury Analyst" + }, + "requestedObjectType": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The currently supported requestable object types. ", + "example": "ACCESS_PROFILE" + } + }, + "description": "If an account activity item is associated with an access request, captures details of that request." + }, + "clientMetadata": { + "nullable": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs, if any were included in the corresponding access request item", + "example": { + "customKey1": "custom value 1", + "customKey2": "custom value 2" + } + }, + "removeDate": { + "nullable": true, + "type": "string", + "description": "The date the role or access profile or entitlement is no longer assigned to the specified identity.", + "format": "date-time", + "example": "2020-07-11T00:00:00Z" + } + } + } + }, + "executionStatus": { + "type": "string", + "description": "The current state of execution.", + "enum": [ + "EXECUTING", + "VERIFYING", + "TERMINATED", + "COMPLETED" + ], + "example": "COMPLETED" + }, + "clientMetadata": { + "nullable": true, + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Arbitrary key-value pairs, if any were included in the corresponding access request", + "example": { + "customKey1": "custom value 1", + "customKey2": "custom value 2" + } + } + } + }, + "AccountActivitySearchedItem": { + "description": "AccountActivity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "action": { + "type": "string", + "description": "Type of action performed in the activity.", + "externalDocs": { + "description": "Learn more about account activity action types", + "url": "https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data" + }, + "example": "Identity Refresh." + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "stage": { + "type": "string", + "description": "Activity's current stage.", + "example": "Completed" + }, + "origin": { + "type": "string", + "description": "Activity's origin.", + "nullable": true, + "example": null + }, + "status": { + "type": "string", + "description": "Activity's current status.", + "example": "Complete" + }, + "requester": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "recipient": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "trackingNumber": { + "type": "string", + "description": "Account activity's tracking number.", + "example": "61aad0c9e8134eca89e76a35e0cabe3f" + }, + "errors": { + "type": "array", + "description": "Errors provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "warnings": { + "type": "array", + "description": "Warnings provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "approvals": { + "type": "array", + "description": "Approvals performed on an item during activity.", + "items": { + "type": "object", + "properties": { + "comments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "The comment text", + "example": "This request was autoapproved by our automated ETS subscriber." + }, + "commenter": { + "type": "string", + "description": "The name of the commenter", + "example": "Automated AR Approval" + }, + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + } + } + }, + "created": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "modified": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "string", + "description": "The result of the approval", + "example": "Finished" + }, + "type": { + "type": "string", + "nullable": true, + "example": null + } + } + } + }, + "originalRequests": { + "type": "array", + "description": "Original actions that triggered all individual source actions related to the account action.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + }, + "attributeRequests": { + "type": "array", + "description": "Attribute changes requested for account.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "description": "Operation used.", + "example": "add" + }, + "source": { + "description": "Account's source.", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "expansionItems": { + "type": "array", + "description": "Controls that translated the attribute requests into actual provisioning actions on the source.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The ID of the account", + "example": "2c91808981f58ea601821c3e93482e6f" + }, + "cause": { + "type": "string", + "example": "Role" + }, + "name": { + "type": "string", + "description": "The name of the item", + "example": "smartsheet-role" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "accountRequests": { + "type": "array", + "description": "Account data for each individual source action triggered by the original requests.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Unique ID of the account", + "example": "John.Doe" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "example": "Modify", + "description": "The operation that was performed" + }, + "provisioningTarget": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "object", + "properties": { + "errors": { + "type": "array", + "items": { + "type": "string", + "example": "[ConnectorError] [\n {\n \"code\": \"unrecognized_keys\",\n \"keys\": [\n \"groups\"\n ],\n \"path\": [],\n \"message\": \"Unrecognized key(s) in object: 'groups'\"\n }\n] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e)" + } + }, + "status": { + "type": "string", + "description": "The status of the account request", + "example": "failed" + }, + "ticketId": { + "type": "string", + "nullable": true, + "example": null + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "sources": { + "type": "string", + "description": "Sources involved in the account activity.", + "example": "smartsheet-test, airtable-v4, IdentityNow" + } + } + } + ] + }, + "AccountAttributes": { + "type": "object", + "required": [ + "attributes" + ], + "properties": { + "attributes": { + "description": "The schema attribute values for the account", + "type": "object", + "additionalProperties": true, + "example": { + "city": "Austin", + "displayName": "John Doe", + "userName": "jdoe", + "sAMAccountName": "jDoe", + "mail": "john.doe@sailpoint.com" + } + } + } + }, + "AccountsAsyncResult": { + "description": "Accounts async response containing details on started async process", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "id of the task", + "type": "string", + "example": "2c91808474683da6017468693c260195" + } + } + }, + "AccountToggleRequest": { + "description": "Request used for account enable/disable", + "type": "object", + "properties": { + "externalVerificationId": { + "description": "If set, an external process validates that the user wants to proceed with this request.", + "type": "string", + "example": "3f9180835d2e5168015d32f890ca1581" + }, + "forceProvisioning": { + "description": "If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated. Providing 'true' for an unlocked account will add and process 'Unlock' operation by the workflow.", + "type": "boolean", + "example": false + } + } + }, + "AccountUnlockRequest": { + "description": "Request used for account unlock", + "type": "object", + "properties": { + "externalVerificationId": { + "description": "If set, an external process validates that the user wants to proceed with this request.", + "type": "string", + "example": "3f9180835d2e5168015d32f890ca1581" + }, + "unlockIDNAccount": { + "description": "If set, the IDN account is unlocked after the workflow completes.", + "type": "boolean", + "example": false + }, + "forceProvisioning": { + "description": "If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated.", + "type": "boolean", + "example": false + } + } + }, + "ApprovalItems": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "Campaign": { + "type": "object", + "required": [ + "id", + "name", + "type", + "campaignType", + "description", + "correlatedStatus", + "mandatoryCommentRequirement" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the campaign.", + "example": "Campaign Name" + }, + "type": { + "type": "string", + "enum": [ + "CAMPAIGN" + ], + "description": "The type of object that is being referenced.", + "example": "CAMPAIGN" + }, + "campaignType": { + "type": "string", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH" + ], + "description": "The type of the campaign.", + "example": "MANAGER" + }, + "description": { + "type": "string", + "description": "The description of the campaign set by the admin who created it.", + "nullable": true, + "example": "A description of the campaign" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + }, + "Certification": { + "type": "object", + "properties": { + "id": { + "example": "2c9180835d2e5168015d32f890ca1581", + "type": "string", + "description": "id of the certification" + }, + "name": { + "example": "Source Owner Access Review for Employees [source]", + "type": "string", + "description": "name of the certification" + }, + "campaign": { + "type": "object", + "required": [ + "id", + "name", + "type", + "campaignType", + "description", + "correlatedStatus", + "mandatoryCommentRequirement" + ], + "properties": { + "id": { + "type": "string", + "description": "The unique ID of the campaign.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the campaign.", + "example": "Campaign Name" + }, + "type": { + "type": "string", + "enum": [ + "CAMPAIGN" + ], + "description": "The type of object that is being referenced.", + "example": "CAMPAIGN" + }, + "campaignType": { + "type": "string", + "enum": [ + "MANAGER", + "SOURCE_OWNER", + "SEARCH" + ], + "description": "The type of the campaign.", + "example": "MANAGER" + }, + "description": { + "type": "string", + "description": "The description of the campaign set by the admin who created it.", + "nullable": true, + "example": "A description of the campaign" + }, + "correlatedStatus": { + "description": "The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).", + "enum": [ + "CORRELATED", + "UNCORRELATED" + ], + "example": "CORRELATED" + }, + "mandatoryCommentRequirement": { + "type": "string", + "description": "Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.", + "enum": [ + "ALL_DECISIONS", + "REVOKE_ONLY_DECISIONS", + "NO_DECISIONS" + ], + "example": "NO_DECISIONS" + } + } + }, + "completed": { + "type": "boolean", + "description": "Have all decisions been made?", + "example": true + }, + "identitiesCompleted": { + "type": "integer", + "description": "The number of identities for whom all decisions have been made and are complete.", + "example": 5, + "format": "int32" + }, + "identitiesTotal": { + "type": "integer", + "description": "The total number of identities in the Certification, both complete and incomplete.", + "example": 10, + "format": "int32" + }, + "created": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "created date" + }, + "modified": { + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "modified date" + }, + "decisionsMade": { + "type": "integer", + "description": "The number of approve/revoke/acknowledge decisions that have been made.", + "example": 20, + "format": "int32" + }, + "decisionsTotal": { + "type": "integer", + "description": "The total number of approve/revoke/acknowledge decisions.", + "example": 40, + "format": "int32" + }, + "due": { + "type": "string", + "format": "date-time", + "description": "The due date of the certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "signed": { + "type": "string", + "format": "date-time", + "nullable": true, + "description": "The date the reviewer signed off on the Certification.", + "example": "2018-10-19T13:49:37.385Z" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + }, + "reassignment": { + "type": "object", + "nullable": true, + "properties": { + "from": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the certification.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the certification.", + "example": "Certification Name" + }, + "type": { + "type": "string", + "enum": [ + "CERTIFICATION" + ], + "example": "CERTIFICATION" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + } + } + }, + "comment": { + "type": "string", + "description": "The comment entered when the Certification was reassigned", + "example": "Reassigned for a reason" + } + } + }, + "hasErrors": { + "description": "Identifies if the certification has an error", + "type": "boolean", + "example": false + }, + "errorMessage": { + "description": "Description of the certification error", + "nullable": true, + "type": "string", + "example": "The certification has an error" + }, + "phase": { + "type": "string", + "description": "The current phase of the campaign.\n* `STAGED`: The campaign is waiting to be activated.\n* `ACTIVE`: The campaign is active.\n* `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete.\n", + "enum": [ + "STAGED", + "ACTIVE", + "SIGNED" + ], + "example": "ACTIVE" + } + } + }, + "CertificationReference": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the certification.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the certification.", + "example": "Certification Name" + }, + "type": { + "type": "string", + "enum": [ + "CERTIFICATION" + ], + "example": "CERTIFICATION" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + } + } + }, + "EntitlementDocument": { + "description": "Entitlement", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "displayName": { + "type": "string", + "description": "Entitlement's display name.", + "example": "Admin" + }, + "source": { + "type": "object", + "description": "Entitlement's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of entitlement's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of entitlement's source.", + "example": "ODS-HR-Employees" + } + } + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the entitlement is requestable.", + "default": false, + "example": false + }, + "cloudGoverned": { + "type": "boolean", + "description": "Indicates whether the entitlement is cloud governed.", + "default": false, + "example": false + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "identityCount": { + "type": "integer", + "description": "Number of identities who have access to the entitlement.", + "format": "int32", + "example": 3 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + "EntitlementSummary": { + "description": "EntitlementReference", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "privileged": { + "type": "boolean", + "example": false + }, + "attribute": { + "type": "string", + "example": "memberOf" + }, + "value": { + "type": "string", + "example": "CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + }, + "standalone": { + "type": "boolean", + "example": false + } + } + } + ] + }, + "Event": { + "description": "Event", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "action": { + "type": "string", + "description": "Name of the event as it's displayed in audit reports.", + "example": "update" + }, + "type": { + "type": "string", + "description": "Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.", + "example": "SYSTEM_CONFIG" + }, + "actor": { + "type": "string", + "description": "Name of the actor that generated the event.", + "example": "System" + }, + "target": { + "type": "string", + "description": "Name of the target, or recipient, of the event.", + "example": "Carol.Adams" + }, + "stack": { + "type": "string", + "description": "The event's stack.", + "example": "tpe" + }, + "trackingNumber": { + "type": "string", + "description": "ID of the group of events.", + "example": "63f891e0735f4cc8bf1968144a1e7440" + }, + "ipAddress": { + "type": "string", + "description": "Target system's IP address.", + "example": "52.52.97.85" + }, + "details": { + "type": "string", + "description": "ID of event's details.", + "example": "73b65dfbed1842548c207432a18c84b0" + }, + "attributes": { + "type": "object", + "description": "Attributes involved in the event.", + "additionalProperties": true, + "example": { + "pod": "stg03-useast1", + "org": "acme", + "sourceName": "SailPoint" + } + }, + "objects": { + "type": "array", + "description": "Objects the event is happening to.", + "items": { + "type": "string", + "example": "AUTHENTICATION" + } + }, + "operation": { + "type": "string", + "description": "Operation, or action, performed during the event.", + "example": "REQUEST" + }, + "status": { + "type": "string", + "description": "Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.", + "example": "PASSED" + }, + "technicalName": { + "type": "string", + "description": "Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'.", + "example": "AUTHENTICATION_REQUEST_PASSED" + } + } + } + ] + }, + "IdentityDocument": { + "description": "Identity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "Carol.Adams", + "description": "Identity's display name." + }, + "firstName": { + "type": "string", + "description": "Identity's first name.", + "example": "Carol" + }, + "lastName": { + "type": "string", + "description": "Identity's last name.", + "example": "Adams" + }, + "email": { + "type": "string", + "description": "Identity's primary email address.", + "example": "Carol.Adams@sailpointdemo.com" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "phone": { + "type": "string", + "description": "Identity's phone number.", + "example": "+1 440-527-3672" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "inactive": { + "type": "boolean", + "description": "Indicates whether the identity is inactive.", + "default": false, + "example": false + }, + "protected": { + "type": "boolean", + "description": "Indicates whether the identity is protected.", + "default": false, + "example": false + }, + "status": { + "type": "string", + "description": "Identity's status in SailPoint.", + "example": "UNREGISTERED" + }, + "employeeNumber": { + "type": "string", + "description": "Identity's employee number.", + "example": "1a2a3d4e" + }, + "manager": { + "type": "object", + "description": "Identity's manager.", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of identity's manager.", + "example": "2c9180867dfe694b017e208e27c05799" + }, + "name": { + "type": "string", + "description": "Name of identity's manager.", + "example": "Amanda.Ross" + }, + "displayName": { + "type": "string", + "description": "Display name of identity's manager.", + "example": "Amanda.Ross" + } + } + }, + "isManager": { + "type": "boolean", + "description": "Indicates whether the identity is a manager of other identities.", + "example": false + }, + "identityProfile": { + "type": "object", + "description": "Identity's identity profile.", + "properties": { + "id": { + "type": "string", + "description": "Identity profile's ID.", + "example": "3bc8ad26b8664945866b31339d1ff7d2" + }, + "name": { + "type": "string", + "description": "Identity profile's name.", + "example": "HR Employees" + } + } + }, + "source": { + "type": "object", + "description": "Identity's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of identity's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of identity's source.", + "example": "ODS-HR-Employees" + } + } + }, + "attributes": { + "type": "object", + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "country": "US", + "firstname": "Carol", + "cloudStatus": "UNREGISTERED" + } + }, + "processingState": { + "type": "string", + "description": "Identity's processing state.", + "nullable": true, + "example": null + }, + "processingDetails": { + "description": "Identity's processing details.", + "nullable": true, + "type": "object", + "properties": { + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "stage": { + "type": "string", + "example": "In Process" + }, + "retryCount": { + "type": "integer", + "example": 0, + "format": "int32" + }, + "stackTrace": { + "type": "string", + "example": "" + }, + "message": { + "type": "string", + "example": "" + } + } + }, + "accounts": { + "type": "array", + "description": "List of accounts associated with the identity.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "John.Doe" + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "disabled": { + "type": "boolean", + "description": "Indicates whether the account is disabled.", + "default": false, + "example": false + }, + "locked": { + "type": "boolean", + "description": "Indicates whether the account is locked.", + "default": false, + "example": false + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the account is privileged.", + "default": false, + "example": false + }, + "manuallyCorrelated": { + "type": "boolean", + "description": "Indicates whether the account has been manually correlated to an identity.", + "default": false, + "example": false + }, + "passwordLastSet": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "entitlementAttributes": { + "type": "object", + "nullable": true, + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "moderator": true, + "admin": true, + "trust_level": "4" + } + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + } + } + } + ] + } + }, + "accountCount": { + "type": "integer", + "description": "Number of accounts associated with the identity.", + "format": "int32", + "example": 3 + }, + "apps": { + "type": "array", + "description": "List of applications the identity has access to.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "account": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The SailPoint generated unique ID", + "example": "2c9180837dfe6949017e21f3d8cd6d49" + }, + "accountId": { + "type": "string", + "description": "The account ID generated by the source", + "example": "CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + } + } + } + } + } + ] + } + }, + "appCount": { + "type": "integer", + "format": "int32", + "description": "Number of applications the identity has access to.", + "example": 2 + }, + "access": { + "type": "array", + "description": "List of access items assigned to the identity.", + "items": { + "discriminator": { + "propertyName": "type", + "mapping": { + "ACCESS_PROFILE": "../access/AccessProfileSummary.yaml", + "ENTITLEMENT": "../access/AccessProfileEntitlement.yaml", + "ROLE": "../access/AccessProfileRole.yaml" + } + }, + "oneOf": [ + { + "description": "This is a summary representation of an access profile.", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "revocable": { + "type": "boolean", + "example": true + } + } + } + ] + }, + { + "description": "EntitlementReference", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "privileged": { + "type": "boolean", + "example": false + }, + "attribute": { + "type": "string", + "example": "memberOf" + }, + "value": { + "type": "string", + "example": "CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + }, + "standalone": { + "type": "boolean", + "example": false + } + } + } + ] + }, + { + "description": "Role", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "disabled": { + "type": "boolean" + }, + "revocable": { + "type": "boolean" + } + } + } + ] + } + ] + } + }, + "accessCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items assigned to the identity.", + "example": 5 + }, + "entitlementCount": { + "type": "integer", + "format": "int32", + "description": "Number of entitlements assigned to the identity.", + "example": 10 + }, + "roleCount": { + "type": "integer", + "format": "int32", + "description": "Number of roles assigned to the identity.", + "example": 1 + }, + "accessProfileCount": { + "type": "integer", + "format": "int32", + "description": "Number of access profiles assigned to the identity.", + "example": 1 + }, + "owns": { + "type": "array", + "description": "Access items the identity owns.", + "items": { + "type": "object", + "properties": { + "sources": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "roles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "apps": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "governanceGroups": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "fallbackApprover": { + "type": "boolean", + "example": false + } + } + } + }, + "ownsCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items the identity owns.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + "IdentityProfile": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "required": [ + "authoritativeSource" + ], + "properties": { + "description": { + "type": "string", + "description": "The description of the Identity Profile.", + "example": "My custom flat file profile", + "nullable": true + }, + "owner": { + "type": "object", + "description": "The owner of the Identity Profile.", + "nullable": true, + "properties": { + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "Type of the object to which this reference applies", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "William Wilson" + } + } + }, + "priority": { + "type": "integer", + "format": "int64", + "description": "The priority for an Identity Profile.", + "example": 10 + }, + "authoritativeSource": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "SOURCE" + ], + "description": "Type of the object to which this reference applies", + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of the object to which this reference applies", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the object to which this reference applies", + "example": "HR Active Directory" + } + } + }, + "identityRefreshRequired": { + "type": "boolean", + "default": false, + "description": "True if a identity refresh is needed. Typically triggered when a change on the source has been made.", + "example": true + }, + "identityCount": { + "type": "integer", + "description": "The number of identities that belong to the Identity Profile.", + "format": "int32", + "example": 8 + }, + "identityAttributeConfig": { + "type": "object", + "description": "Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process.", + "properties": { + "enabled": { + "description": "The backend will only promote values if the profile/mapping is enabled.", + "type": "boolean", + "default": false, + "example": true + }, + "attributeTransforms": { + "type": "array", + "items": { + "type": "object", + "description": "Defines a transformation definition for an identity attribute.", + "properties": { + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute.", + "example": "email" + }, + "transformDefinition": { + "description": "The seaspray transformation definition.", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of the transform definition.", + "example": "accountAttribute" + }, + "attributes": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "object" + } + ] + }, + "description": "Arbitrary key-value pairs to store any metadata for the object", + "example": { + "attributeName": "e-mail", + "sourceName": "MySource", + "sourceId": "2c9180877a826e68017a8c0b03da1a53" + } + } + } + } + } + } + } + } + }, + "identityExceptionReportReference": { + "type": "object", + "nullable": true, + "properties": { + "taskResultId": { + "type": "string", + "format": "uuid", + "description": "The id of the task result.", + "example": "2b838de9-db9b-abcf-e646-d4f274ad4238" + }, + "reportName": { + "type": "string", + "example": "My annual report", + "description": "The name of the report." + } + } + }, + "hasTimeBasedAttr": { + "description": "Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile.", + "type": "boolean", + "default": false, + "example": true + } + } + } + ] + }, + "IdentityReferenceWithNameAndEmail": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "ProvisioningConfig": { + "type": "object", + "description": "Specification of a Service Desk integration provisioning configuration.", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "ProvisioningPolicy": { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "the provisioning policy name", + "example": "example provisioning policy for inactive identities" + }, + "description": { + "type": "string", + "description": "the description of the provisioning policy", + "example": "this provisioning policy creates access based on an identity going inactive" + }, + "usageType": { + "type": "string", + "nullable": false, + "enum": [ + "CREATE", + "UPDATE", + "ENABLE", + "DISABLE", + "DELETE", + "ASSIGN", + "UNASSIGN", + "CREATE_GROUP", + "UPDATE_GROUP", + "DELETE_GROUP", + "REGISTER", + "CREATE_IDENTITY", + "UPDATE_IDENTITY", + "EDIT_GROUP", + "UNLOCK", + "CHANGE_PASSWORD" + ], + "example": "CREATE", + "description": "The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. " + }, + "fields": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute.", + "example": "userName" + }, + "transform": { + "type": "object", + "description": "The transform to apply to the field", + "example": { + "type": "rule", + "attributes": { + "name": "Create Unique LDAP Attribute" + } + }, + "default": {} + }, + "attributes": { + "type": "object", + "description": "Attributes required for the transform", + "example": { + "template": "${firstname}.${lastname}${uniqueCounter}", + "cloudMaxUniqueChecks": "50", + "cloudMaxSize": "20", + "cloudRequired": "true" + } + }, + "isRequired": { + "type": "boolean", + "readOnly": true, + "description": "Flag indicating whether or not the attribute is required.", + "default": false, + "example": false + }, + "type": { + "type": "string", + "description": "The type of the attribute.", + "example": "string" + }, + "isMultiValued": { + "type": "boolean", + "description": "Flag indicating whether or not the attribute is multi-valued.", + "default": false, + "example": false + } + } + } + } + } + }, + "QueuedCheckConfigDetails": { + "description": "Configuration of maximum number days and interval for checking Service Desk integration queue status", + "required": [ + "provisioningStatusCheckIntervalMinutes", + "provisioningMaxStatusCheckDays" + ], + "type": "object", + "properties": { + "provisioningStatusCheckIntervalMinutes": { + "description": "interval in minutes between status checks", + "type": "string", + "example": "30" + }, + "provisioningMaxStatusCheckDays": { + "description": "maximum number of days to check", + "type": "string", + "example": "2" + } + } + }, + "Reassignment": { + "type": "object", + "nullable": true, + "properties": { + "from": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the certification.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the certification.", + "example": "Certification Name" + }, + "type": { + "type": "string", + "enum": [ + "CERTIFICATION" + ], + "example": "CERTIFICATION" + }, + "reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + } + } + }, + "comment": { + "type": "string", + "description": "The comment entered when the Certification was reassigned", + "example": "Reassigned for a reason" + } + } + }, + "ReassignmentReference": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of item or identity being reassigned.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "type": { + "type": "string", + "description": "The type of item or identity being reassigned.", + "enum": [ + "TARGET_SUMMARY", + "ITEM", + "IDENTITY_SUMMARY" + ], + "example": "ITEM" + } + }, + "required": [ + "id", + "type" + ] + }, + "RemediationItems": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "RequestableObject": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Id of the requestable object itself", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "name": { + "type": "string", + "description": "Human-readable display name of the requestable object", + "example": "Applied Research Access" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "The time when the requestable object was created" + }, + "modified": { + "nullable": true, + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "The time when the requestable object was last modified" + }, + "description": { + "type": "string", + "description": "Description of the requestable object.", + "example": "Access to research information, lab results, and schematics.", + "nullable": true + }, + "type": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The currently supported requestable object types. ", + "example": "ACCESS_PROFILE" + }, + "requestStatus": { + "allOf": [ + { + "type": "string", + "enum": [ + "AVAILABLE", + "PENDING", + "ASSIGNED", + null + ], + "description": "Status indicating the ability of an access request for the object to be made by or on behalf of the identity specified by *identity-id*. *AVAILABLE* indicates the object is available to request. *PENDING* indicates the object is unavailable because the identity has a pending request in flight. *ASSIGNED* indicates the object is unavailable because the identity already has the indicated role or access profile. If *identity-id* is not specified (allowed only for admin users), then status will be *AVAILABLE* for all results.", + "example": "AVAILABLE" + }, + { + "nullable": true + } + ] + }, + "identityRequestId": { + "type": "string", + "description": "If *requestStatus* is *PENDING*, indicates the id of the associated account activity.", + "nullable": true, + "example": null + }, + "ownerRef": { + "type": "object", + "nullable": true, + "properties": { + "type": { + "type": "string", + "description": "The type can only be IDENTITY. This is read-only.", + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Identity ID.", + "example": "5168015d32f890ca15812c9180835d2e" + }, + "name": { + "type": "string", + "description": "Identity's human-readable display name. This is read-only.", + "example": "Alison Ferguso" + }, + "email": { + "type": "string", + "description": "Identity's email address. This is read-only.", + "example": "alison.ferguso@identitysoon.com" + } + } + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Whether the requester must provide comments when requesting the object.", + "example": false + } + } + }, + "RequestableObjectType": { + "type": "string", + "enum": [ + "ACCESS_PROFILE", + "ROLE", + "ENTITLEMENT" + ], + "description": "The currently supported requestable object types. ", + "example": "ACCESS_PROFILE" + }, + "RequestableObjectRequestStatus": { + "type": "string", + "enum": [ + "AVAILABLE", + "PENDING", + "ASSIGNED", + null + ], + "description": "Status indicating the ability of an access request for the object to be made by or on behalf of the identity specified by *identity-id*. *AVAILABLE* indicates the object is available to request. *PENDING* indicates the object is unavailable because the identity has a pending request in flight. *ASSIGNED* indicates the object is unavailable because the identity already has the indicated role or access profile. If *identity-id* is not specified (allowed only for admin users), then status will be *AVAILABLE* for all results.", + "example": "AVAILABLE" + }, + "Reviewer": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the reviewer.", + "example": "ef38f94347e94562b5bb8424a56397d8" + }, + "name": { + "type": "string", + "description": "The name of the reviewer.", + "example": "Reviewer Name" + }, + "email": { + "type": "string", + "description": "The email of the reviewing identity.", + "example": "reviewer@test.com" + }, + "type": { + "type": "string", + "enum": [ + "IDENTITY" + ], + "description": "The type of the reviewing identity.", + "example": "IDENTITY" + }, + "created": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The created date of the reviewing identity." + }, + "modified": { + "nullable": true, + "example": "2018-06-25T20:22:28.104Z", + "format": "date-time", + "type": "string", + "description": "The modified date of the reviewing identity." + } + } + }, + "RoleDocument": { + "description": "Role", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "properties": { + "accessProfiles": { + "type": "array", + "description": "Access profiles included with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91809c6faade77016fb4f0b63407ae", + "description": "Access profile's unique ID." + }, + "name": { + "type": "string", + "example": "Admin Access", + "description": "Access profile's display name." + } + } + } + }, + "accessProfileCount": { + "type": "integer", + "description": "Number of access profiles included with the role.", + "format": "int32", + "example": 1 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "entitlements": { + "type": "array", + "description": "Entitlements included with the role.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements included with the role.", + "format": "int32", + "example": 3 + } + } + } + ] + }, + "RoleSummary": { + "description": "Role", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "disabled": { + "type": "boolean" + }, + "revocable": { + "type": "boolean" + } + } + } + ] + }, + "SearchDocument": { + "discriminator": { + "propertyName": "_type", + "mapping": { + "accessprofile": "../model/access/profile/AccessProfileDocument.yaml", + "accountactivity": "../model/account/activity/AccountActivityDocument.yaml", + "entitlement": "../model/entitlement/EntitlementDocument.yaml", + "event": "../model/event/EventDocument.yaml", + "identity": "../model/identity/IdentityDocument.yaml", + "role": "../model/role/RoleDocument.yaml" + } + }, + "oneOf": [ + { + "description": "More complete representation of an access profile. ", + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "description": "Access profile's ID.", + "example": "2c9180825a6c1adc015a71c9023f0818" + }, + "name": { + "type": "string", + "description": "Access profile's name.", + "example": "Cloud Eng" + }, + "_type": { + "description": "Access profile's document type. \nThis enum represents the currently supported document types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "accessprofile" + }, + "source": { + "type": "object", + "description": "Access profile's source.", + "properties": { + "id": { + "type": "string", + "description": "Source's ID.", + "example": "ff8081815757d4fb0157588f3d9d008f" + }, + "name": { + "type": "string", + "description": "Source's name.", + "example": "Employees" + } + } + }, + "entitlements": { + "type": "array", + "description": "Entitlements the access profile has access to.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "AccountActivity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "action": { + "type": "string", + "description": "Type of action performed in the activity.", + "externalDocs": { + "description": "Learn more about account activity action types", + "url": "https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data" + }, + "example": "Identity Refresh." + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "stage": { + "type": "string", + "description": "Activity's current stage.", + "example": "Completed" + }, + "origin": { + "type": "string", + "description": "Activity's origin.", + "nullable": true, + "example": null + }, + "status": { + "type": "string", + "description": "Activity's current status.", + "example": "Complete" + }, + "requester": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "recipient": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "trackingNumber": { + "type": "string", + "description": "Account activity's tracking number.", + "example": "61aad0c9e8134eca89e76a35e0cabe3f" + }, + "errors": { + "type": "array", + "description": "Errors provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "warnings": { + "type": "array", + "description": "Warnings provided by the source while completing account actions.", + "items": { + "type": "string" + }, + "nullable": true, + "example": null + }, + "approvals": { + "type": "array", + "description": "Approvals performed on an item during activity.", + "items": { + "type": "object", + "properties": { + "comments": { + "type": "array", + "items": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "The comment text", + "example": "This request was autoapproved by our automated ETS subscriber." + }, + "commenter": { + "type": "string", + "description": "The name of the commenter", + "example": "Automated AR Approval" + }, + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + } + } + }, + "created": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "modified": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "string", + "description": "The result of the approval", + "example": "Finished" + }, + "type": { + "type": "string", + "nullable": true, + "example": null + } + } + } + }, + "originalRequests": { + "type": "array", + "description": "Original actions that triggered all individual source actions related to the account action.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com" + }, + "attributeRequests": { + "type": "array", + "description": "Attribute changes requested for account.", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "description": "Operation used.", + "example": "add" + }, + "source": { + "description": "Account's source.", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "expansionItems": { + "type": "array", + "description": "Controls that translated the attribute requests into actual provisioning actions on the source.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The ID of the account", + "example": "2c91808981f58ea601821c3e93482e6f" + }, + "cause": { + "type": "string", + "example": "Role" + }, + "name": { + "type": "string", + "description": "The name of the item", + "example": "smartsheet-role" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "accountRequests": { + "type": "array", + "description": "Account data for each individual source action triggered by the original requests.", + "items": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Unique ID of the account", + "example": "John.Doe" + }, + "attributeRequests": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Attribute name.", + "example": "groups" + }, + "op": { + "type": "string", + "description": "Operation to perform on attribute.", + "example": "Add" + }, + "value": { + "type": "string", + "description": "Value of attribute.", + "example": "3203537556531076" + } + } + } + }, + "op": { + "type": "string", + "example": "Modify", + "description": "The operation that was performed" + }, + "provisioningTarget": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "result": { + "type": "object", + "properties": { + "errors": { + "type": "array", + "items": { + "type": "string", + "example": "[ConnectorError] [\n {\n \"code\": \"unrecognized_keys\",\n \"keys\": [\n \"groups\"\n ],\n \"path\": [],\n \"message\": \"Unrecognized key(s) in object: 'groups'\"\n }\n] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e)" + } + }, + "status": { + "type": "string", + "description": "The status of the account request", + "example": "failed" + }, + "ticketId": { + "type": "string", + "nullable": true, + "example": null + } + } + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + } + } + } + }, + "sources": { + "type": "string", + "description": "Sources involved in the account activity.", + "example": "smartsheet-test, airtable-v4, IdentityNow" + } + } + } + ] + }, + { + "description": "Entitlement", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "displayName": { + "type": "string", + "description": "Entitlement's display name.", + "example": "Admin" + }, + "source": { + "type": "object", + "description": "Entitlement's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of entitlement's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of entitlement's source.", + "example": "ODS-HR-Employees" + } + } + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the entitlement is requestable.", + "default": false, + "example": false + }, + "cloudGoverned": { + "type": "boolean", + "description": "Indicates whether the entitlement is cloud governed.", + "default": false, + "example": false + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "identityCount": { + "type": "integer", + "description": "Number of identities who have access to the entitlement.", + "format": "int32", + "example": 3 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "Event", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "action": { + "type": "string", + "description": "Name of the event as it's displayed in audit reports.", + "example": "update" + }, + "type": { + "type": "string", + "description": "Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.", + "example": "SYSTEM_CONFIG" + }, + "actor": { + "type": "string", + "description": "Name of the actor that generated the event.", + "example": "System" + }, + "target": { + "type": "string", + "description": "Name of the target, or recipient, of the event.", + "example": "Carol.Adams" + }, + "stack": { + "type": "string", + "description": "The event's stack.", + "example": "tpe" + }, + "trackingNumber": { + "type": "string", + "description": "ID of the group of events.", + "example": "63f891e0735f4cc8bf1968144a1e7440" + }, + "ipAddress": { + "type": "string", + "description": "Target system's IP address.", + "example": "52.52.97.85" + }, + "details": { + "type": "string", + "description": "ID of event's details.", + "example": "73b65dfbed1842548c207432a18c84b0" + }, + "attributes": { + "type": "object", + "description": "Attributes involved in the event.", + "additionalProperties": true, + "example": { + "pod": "stg03-useast1", + "org": "acme", + "sourceName": "SailPoint" + } + }, + "objects": { + "type": "array", + "description": "Objects the event is happening to.", + "items": { + "type": "string", + "example": "AUTHENTICATION" + } + }, + "operation": { + "type": "string", + "description": "Operation, or action, performed during the event.", + "example": "REQUEST" + }, + "status": { + "type": "string", + "description": "Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.", + "example": "PASSED" + }, + "technicalName": { + "type": "string", + "description": "Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'.", + "example": "AUTHENTICATION_REQUEST_PASSED" + } + } + } + ] + }, + { + "description": "Identity", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "Carol.Adams", + "description": "Identity's display name." + }, + "firstName": { + "type": "string", + "description": "Identity's first name.", + "example": "Carol" + }, + "lastName": { + "type": "string", + "description": "Identity's last name.", + "example": "Adams" + }, + "email": { + "type": "string", + "description": "Identity's primary email address.", + "example": "Carol.Adams@sailpointdemo.com" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "phone": { + "type": "string", + "description": "Identity's phone number.", + "example": "+1 440-527-3672" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. " + }, + "inactive": { + "type": "boolean", + "description": "Indicates whether the identity is inactive.", + "default": false, + "example": false + }, + "protected": { + "type": "boolean", + "description": "Indicates whether the identity is protected.", + "default": false, + "example": false + }, + "status": { + "type": "string", + "description": "Identity's status in SailPoint.", + "example": "UNREGISTERED" + }, + "employeeNumber": { + "type": "string", + "description": "Identity's employee number.", + "example": "1a2a3d4e" + }, + "manager": { + "type": "object", + "description": "Identity's manager.", + "nullable": true, + "properties": { + "id": { + "type": "string", + "description": "ID of identity's manager.", + "example": "2c9180867dfe694b017e208e27c05799" + }, + "name": { + "type": "string", + "description": "Name of identity's manager.", + "example": "Amanda.Ross" + }, + "displayName": { + "type": "string", + "description": "Display name of identity's manager.", + "example": "Amanda.Ross" + } + } + }, + "isManager": { + "type": "boolean", + "description": "Indicates whether the identity is a manager of other identities.", + "example": false + }, + "identityProfile": { + "type": "object", + "description": "Identity's identity profile.", + "properties": { + "id": { + "type": "string", + "description": "Identity profile's ID.", + "example": "3bc8ad26b8664945866b31339d1ff7d2" + }, + "name": { + "type": "string", + "description": "Identity profile's name.", + "example": "HR Employees" + } + } + }, + "source": { + "type": "object", + "description": "Identity's source.", + "properties": { + "id": { + "type": "string", + "description": "ID of identity's source.", + "example": "2c91808b6e9e6fb8016eec1a2b6f7b5f" + }, + "name": { + "type": "string", + "description": "Display name of identity's source.", + "example": "ODS-HR-Employees" + } + } + }, + "attributes": { + "type": "object", + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "country": "US", + "firstname": "Carol", + "cloudStatus": "UNREGISTERED" + } + }, + "processingState": { + "type": "string", + "description": "Identity's processing state.", + "nullable": true, + "example": null + }, + "processingDetails": { + "description": "Identity's processing details.", + "nullable": true, + "type": "object", + "properties": { + "date": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "stage": { + "type": "string", + "example": "In Process" + }, + "retryCount": { + "type": "integer", + "example": 0, + "format": "int32" + }, + "stackTrace": { + "type": "string", + "example": "" + }, + "message": { + "type": "string", + "example": "" + } + } + }, + "accounts": { + "type": "array", + "description": "List of accounts associated with the identity.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "Account ID.", + "example": "John.Doe" + }, + "source": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "example": "Delimited File", + "description": "Type of source returned." + } + } + } + ] + }, + "disabled": { + "type": "boolean", + "description": "Indicates whether the account is disabled.", + "default": false, + "example": false + }, + "locked": { + "type": "boolean", + "description": "Indicates whether the account is locked.", + "default": false, + "example": false + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the account is privileged.", + "default": false, + "example": false + }, + "manuallyCorrelated": { + "type": "boolean", + "description": "Indicates whether the account has been manually correlated to an identity.", + "default": false, + "example": false + }, + "passwordLastSet": { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + }, + "entitlementAttributes": { + "type": "object", + "nullable": true, + "description": "Map or dictionary of key/value pairs.", + "additionalProperties": true, + "example": { + "moderator": true, + "admin": true, + "trust_level": "4" + } + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + } + } + } + ] + } + }, + "accountCount": { + "type": "integer", + "description": "Number of accounts associated with the identity.", + "format": "int32", + "example": 3 + }, + "apps": { + "type": "array", + "description": "List of applications the identity has access to.", + "items": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "account": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The SailPoint generated unique ID", + "example": "2c9180837dfe6949017e21f3d8cd6d49" + }, + "accountId": { + "type": "string", + "description": "The account ID generated by the source", + "example": "CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + } + } + } + } + } + ] + } + }, + "appCount": { + "type": "integer", + "format": "int32", + "description": "Number of applications the identity has access to.", + "example": 2 + }, + "access": { + "type": "array", + "description": "List of access items assigned to the identity.", + "items": { + "discriminator": { + "propertyName": "type", + "mapping": { + "ACCESS_PROFILE": "../access/AccessProfileSummary.yaml", + "ENTITLEMENT": "../access/AccessProfileEntitlement.yaml", + "ROLE": "../access/AccessProfileRole.yaml" + } + }, + "oneOf": [ + { + "description": "This is a summary representation of an access profile.", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "revocable": { + "type": "boolean", + "example": true + } + } + } + ] + }, + { + "description": "EntitlementReference", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + "privileged": { + "type": "boolean", + "example": false + }, + "attribute": { + "type": "string", + "example": "memberOf" + }, + "value": { + "type": "string", + "example": "CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com" + }, + "standalone": { + "type": "boolean", + "example": false + } + } + } + ] + }, + { + "description": "Role", + "allOf": [ + { + "allOf": [ + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "description": { + "type": "string", + "nullable": true, + "example": null + } + } + } + ] + }, + { + "type": "object", + "properties": { + "owner": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "example": "John Q. Doe" + } + } + } + ] + }, + "disabled": { + "type": "boolean" + }, + "revocable": { + "type": "boolean" + } + } + } + ] + } + ] + } + }, + "accessCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items assigned to the identity.", + "example": 5 + }, + "entitlementCount": { + "type": "integer", + "format": "int32", + "description": "Number of entitlements assigned to the identity.", + "example": 10 + }, + "roleCount": { + "type": "integer", + "format": "int32", + "description": "Number of roles assigned to the identity.", + "example": 1 + }, + "accessProfileCount": { + "type": "integer", + "format": "int32", + "description": "Number of access profiles assigned to the identity.", + "example": 1 + }, + "owns": { + "type": "array", + "description": "Access items the identity owns.", + "items": { + "type": "object", + "properties": { + "sources": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "entitlements": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "accessProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "roles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "apps": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "governanceGroups": { + "type": "array", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + } + }, + "fallbackApprover": { + "type": "boolean", + "example": false + } + } + } + }, + "ownsCount": { + "type": "integer", + "format": "int32", + "description": "Number of access items the identity owns.", + "example": 5 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + } + } + } + ] + }, + { + "description": "Role", + "allOf": [ + { + "type": "object", + "required": [ + "id", + "name", + "_type" + ], + "properties": { + "id": { + "type": "string", + "example": "2c91808375d8e80a0175e1f88a575222" + }, + "name": { + "type": "string", + "example": "john.doe" + }, + "_type": { + "description": "Enum representing the currently supported document types.\n\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofile", + "accountactivity", + "account", + "aggregation", + "entitlement", + "event", + "identity", + "role" + ], + "example": "identity" + } + } + }, + { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313", + "description": "The unique ID of the referenced object." + }, + "name": { + "type": "string", + "example": "John Doe", + "description": "The human readable name of the referenced object." + } + } + }, + { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Access item's description.", + "example": "The admin role" + }, + "created": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was created.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "type": "string", + "description": "ISO-8601 date-time referring to the time when the object was last modified.", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "synced": { + "type": "string", + "description": "ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. \nThis date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. \nThere may be some delay between the `synced` time and the time when the updated data is actually available in the search API. ", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:33.104Z" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the access item is currently enabled.", + "default": false, + "example": true + }, + "requestable": { + "type": "boolean", + "description": "Indicates whether the access item can be requested.", + "default": true, + "example": true + }, + "requestCommentsRequired": { + "type": "boolean", + "description": "Indicates whether comments are required for requests to access the item.", + "default": false, + "example": false + }, + "owner": { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's display name.", + "example": "Support" + }, + "email": { + "type": "string", + "description": "Owner's email.", + "example": "cloud-support@sailpoint.com" + } + } + } + } + } + ] + }, + { + "type": "object", + "properties": { + "accessProfiles": { + "type": "array", + "description": "Access profiles included with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "2c91809c6faade77016fb4f0b63407ae", + "description": "Access profile's unique ID." + }, + "name": { + "type": "string", + "example": "Admin Access", + "description": "Access profile's display name." + } + } + } + }, + "accessProfileCount": { + "type": "integer", + "description": "Number of access profiles included with the role.", + "format": "int32", + "example": 1 + }, + "tags": { + "type": "array", + "description": "Tags that have been applied to the object.", + "items": { + "type": "string" + }, + "example": [ + "TAG_1", + "TAG_2" + ] + }, + "segments": { + "type": "array", + "description": "Segments with the role.", + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "example": "b009b6e3-b56d-41d9-8735-cb532ea0b017", + "description": "Segment's unique ID." + }, + "name": { + "type": "string", + "example": "Test Segment", + "description": "Segment's display name." + } + } + } + }, + "segmentCount": { + "type": "integer", + "description": "Number of segments with the role.", + "format": "int32", + "example": 1 + }, + "entitlements": { + "type": "array", + "description": "Entitlements included with the role.", + "items": { + "type": "object", + "properties": { + "hasPermissions": { + "type": "boolean", + "description": "Indicates whether the entitlement has permissions.", + "default": false, + "example": false + }, + "description": { + "type": "string", + "description": "Entitlement's description.", + "example": "Cloud engineering" + }, + "attribute": { + "type": "string", + "description": "Entitlement attribute's name.", + "example": "memberOf" + }, + "value": { + "type": "string", + "description": "Entitlement's value.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + }, + "schema": { + "type": "string", + "description": "Entitlement's schema.", + "example": "group" + }, + "privileged": { + "type": "boolean", + "description": "Indicates whether the entitlement is privileged.", + "default": false, + "example": false + }, + "id": { + "type": "string", + "description": "Entitlement's ID.", + "example": "2c918084575812550157589064f33b89" + }, + "name": { + "type": "string", + "description": "Entitlement's name.", + "example": "CN=Cloud Engineering,DC=sailpoint,DC=COM" + } + } + } + }, + "entitlementCount": { + "type": "integer", + "description": "Number of entitlements included with the role.", + "format": "int32", + "example": 3 + } + } + } + ] + } + ] + }, + "SavedSearch": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The saved search ID.\n", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64" + }, + "owner": { + "description": "The owner of the saved search.\n", + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG", + "ACCESS_PROFILE", + "ACCESS_REQUEST_APPROVAL", + "ACCOUNT", + "APPLICATION", + "CAMPAIGN", + "CAMPAIGN_FILTER", + "CERTIFICATION", + "CLUSTER", + "CONNECTOR_SCHEMA", + "ENTITLEMENT", + "GOVERNANCE_GROUP", + "IDENTITY", + "IDENTITY_PROFILE", + "IDENTITY_REQUEST", + "LIFECYCLE_STATE", + "PASSWORD_POLICY", + "ROLE", + "RULE", + "SOD_POLICY", + "SOURCE", + "TAG", + "TAG_CATEGORY", + "TASK_RESULT", + "REPORT_RESULT", + "SOD_VIOLATION", + "ACCOUNT_ACTIVITY", + "WORKGROUP" + ], + "description": "An enumeration of the types of DTOs supported within the IdentityNow infrastructure.", + "example": "IDENTITY" + }, + "id": { + "description": "The id of the object.\n", + "type": "string", + "example": "2c91808568c529c60168cca6f90c1313" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "type": "string", + "description": "The ID of the identity that owns this saved search.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "public": { + "type": "boolean", + "description": "Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time.", + "default": false, + "example": false + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the saved search.\n", + "type": "string", + "example": "Disabled accounts" + }, + "description": { + "description": "The description of the saved search.\n", + "type": "string", + "nullable": true, + "example": "Disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "created": { + "description": "The date the saved search was initially created.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "modified": { + "description": "The last date the saved search was modified.\n", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "indices": { + "description": "The names of the Elasticsearch indices in which to search.\n", + "type": "array", + "items": { + "description": "Enum representing the currently supported indices.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "accessprofiles", + "accountactivities", + "entitlements", + "events", + "identities", + "roles", + "*" + ], + "example": "identities" + }, + "example": [ + "identities" + ] + }, + "columns": { + "description": "The columns to be returned (specifies the order in which they will be presented) for each document type.\n\nThe currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "object", + "properties": { + "field": { + "description": "The name of the field.\n", + "type": "string", + "example": "email" + }, + "header": { + "description": "The value of the header.\n", + "type": "string", + "example": "Work Email" + } + }, + "required": [ + "field" + ] + } + }, + "example": { + "identity": [ + { + "field": "displayName", + "header": "Display Name" + }, + { + "field": "e-mail", + "header": "Work Email" + } + ] + } + }, + "query": { + "description": "The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL.\n", + "type": "string", + "example": "@accounts(disabled:true)" + }, + "fields": { + "description": "The fields to be searched against in a multi-field query.\n", + "type": "array", + "nullable": true, + "items": { + "type": "string" + }, + "example": [ + "disabled" + ] + }, + "orderBy": { + "description": "Sort by index. This takes precedence over the `sort` property.\n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "nullable": true, + "example": { + "identity": [ + "lastName", + "firstName" + ], + "role": [ + "name" + ] + } + }, + "sort": { + "description": "The fields to be used to sort the search results.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "displayName" + ], + "nullable": true + }, + "filters": { + "nullable": true, + "allOf": [ + { + "type": "object", + "description": "The filters to be applied for each filtered field name.", + "example": { + "attributes.cloudAuthoritativeSource": { + "type": "EXISTS", + "exclude": true + }, + "accessCount": { + "type": "RANGE", + "range": { + "lower": { + "value": "3" + } + } + }, + "created": { + "type": "RANGE", + "range": { + "lower": { + "value": "2019-12-01", + "inclusive": true + }, + "upper": { + "value": "2020-01-01" + } + } + }, + "source.name": { + "type": "TERMS", + "terms": [ + "HR Employees", + "Corporate Active Directory" + ], + "exclude": true + }, + "protected": { + "type": "TERMS", + "terms": [ + "true" + ] + } + } + }, + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported filter types.\nAdditional values may be added in the future without notice.", + "type": "string", + "enum": [ + "EXISTS", + "RANGE", + "TERMS" + ], + "example": "RANGE" + }, + "range": { + "type": "object", + "description": "The range of values to be filtered.", + "properties": { + "lower": { + "description": "The lower bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + }, + "upper": { + "description": "The upper bound of the range.", + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "description": "The value of the range's endpoint.", + "type": "string", + "example": "1" + }, + "inclusive": { + "description": "Indicates if the endpoint is included in the range.", + "type": "boolean", + "default": false, + "example": false + } + } + } + } + }, + "terms": { + "description": "The terms to be filtered.", + "type": "array", + "items": { + "type": "string", + "example": "account_count" + } + }, + "exclude": { + "description": "Indicates if the filter excludes results.", + "type": "boolean", + "default": false, + "example": false + } + } + } + ] + } + }, + "required": [ + "indices", + "query" + ] + } + ] + }, + "Schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "ScheduledSearch": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "description": "The scheduled search ID.", + "type": "string", + "example": "0de46054-fe90-434a-b84e-c6b3359d0c64", + "readOnly": true + }, + "owner": { + "description": "The owner of the scheduled search", + "readOnly": true, + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + }, + "ownerId": { + "description": "The ID of the scheduled search owner.\n\nPlease use the `id` in the `owner` object instead.\n", + "type": "string", + "example": "2c9180867624cbd7017642d8c8c81f67", + "readOnly": true, + "deprecated": true + } + } + }, + { + "type": "object", + "properties": { + "name": { + "description": "The name of the scheduled search.\n", + "type": "string", + "example": "Daily disabled accounts", + "nullable": true + }, + "description": { + "description": "The description of the scheduled search.\n", + "type": "string", + "nullable": true, + "example": "Daily disabled accounts" + } + } + }, + { + "type": "object", + "properties": { + "savedSearchId": { + "description": "The ID of the saved search that will be executed.", + "type": "string", + "example": "554f1511-f0a1-4744-ab14-599514d3e57c" + }, + "created": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The date the scheduled search was initially created.", + "readOnly": true + }, + "modified": { + "allOf": [ + { + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "A date-time in ISO-8601 format" + } + ], + "description": "The last date the scheduled search was modified.", + "readOnly": true + }, + "schedule": { + "type": "object", + "description": "The schedule information.", + "properties": { + "type": { + "description": "Enum representing the currently supported schedule types.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "DAILY", + "WEEKLY", + "MONTHLY", + "CALENDAR", + "ANNUALLY" + ], + "example": "WEEKLY" + }, + "months": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The months to execute the search. This only applies to schedules with a type of `ANNUALLY`.\n", + "example": { + "type": "LIST", + "values": [ + "3", + "6", + "9", + "12" + ] + }, + "nullable": true + } + ] + }, + "days": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The days to execute the search.\n\nIf `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`.\n\nIf `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `\"1\"`, `\"10\"`, or `\"28\"`. Optionally, the value `\"L\"` can be used to refer to the last day of the month.\n", + "example": { + "type": "LIST", + "values": [ + "MON", + "WED", + "FRI" + ] + }, + "nullable": true + } + ] + }, + "hours": { + "allOf": [ + { + "type": "object", + "properties": { + "type": { + "description": "Enum representing the currently supported selector types.\n\nLIST - the *values* array contains one or more distinct values.\n\nRANGE - the *values* array contains two values: the start and end of the range, inclusive.\n\nAdditional values may be added in the future without notice.\n", + "type": "string", + "enum": [ + "LIST", + "RANGE" + ], + "example": "LIST" + }, + "values": { + "description": "The selected values.\n", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "MON", + "WED" + ] + }, + "interval": { + "nullable": true, + "description": "The selected interval for RANGE selectors.\n", + "type": "integer", + "format": "int32", + "example": 3 + } + }, + "required": [ + "type", + "values" + ] + }, + { + "description": "The hours selected.", + "example": { + "type": "RANGE", + "values": [ + "9", + "18" + ], + "interval": 3 + } + } + ] + }, + "expiration": { + "description": "The schedule expiration date. Latest possible expiration date is '2038-01-19T03:14:07+0000'", + "type": "string", + "nullable": true, + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z" + }, + "timeZoneId": { + "description": "The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org's default timezone is used.", + "nullable": true, + "type": "string", + "example": "America/Chicago" + } + }, + "required": [ + "type", + "hours" + ] + }, + "recipients": { + "description": "A list of identities that should receive the scheduled search report via email.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of object being referenced", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "The ID of the referenced object", + "example": "2c9180867624cbd7017642d8c8c81f67" + } + }, + "required": [ + "type", + "id" + ] + } + }, + "enabled": { + "description": "Indicates if the scheduled search is enabled.\n", + "type": "boolean", + "default": false, + "example": false + }, + "emailEmptyResults": { + "description": "Indicates if email generation should occur when search returns no results.\n", + "type": "boolean", + "default": false, + "example": false + }, + "displayQueryDetails": { + "description": "Indicates if the generated email should include the query and search results preview (which could include PII).\n", + "type": "boolean", + "default": false, + "example": false + } + }, + "required": [ + "savedSearchId", + "schedule", + "recipients" + ] + } + ], + "required": [ + "id", + "owner", + "ownerId" + ] + }, + "ServiceDeskIntegrationDto": { + "allOf": [ + { + "type": "object", + "description": "Service Desk integration's specification.", + "required": [ + "name", + "description", + "type", + "attributes" + ], + "properties": { + "id": { + "type": "string", + "description": "Unique identifier for the Service Desk integration", + "example": "62945a496ef440189b1f03e3623411c8" + }, + "name": { + "description": "Service Desk integration's name. The name must be unique.", + "type": "string", + "example": "Service Desk Integration Name" + }, + "created": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was created", + "example": "2024-01-17T18:45:25.994Z" + }, + "modified": { + "type": "string", + "format": "date-time", + "description": "The date and time the Service Desk integration was last modified", + "example": "2024-02-18T18:45:25.994Z" + }, + "description": { + "description": "Service Desk integration's description.", + "type": "string", + "example": "A very nice Service Desk integration" + }, + "type": { + "description": "Service Desk integration types:\n\n- ServiceNowSDIM\n- ServiceNow\n", + "type": "string", + "default": "ServiceNowSDIM", + "example": "ServiceNowSDIM" + }, + "ownerRef": { + "allOf": [ + { + "type": "object", + "description": "Owner's identity.", + "properties": { + "type": { + "type": "string", + "description": "Owner's DTO type.", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner's identity ID.", + "example": "2c9180a46faadee4016fb4e018c20639" + }, + "name": { + "type": "string", + "description": "Owner's name.", + "example": "Support" + } + } + } + ] + }, + "clusterRef": { + "allOf": [ + { + "type": "object", + "description": "Source cluster.", + "properties": { + "type": { + "type": "string", + "description": "Source cluster DTO type.", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Source cluster ID.", + "example": "2c9180847a7fccdd017aa5896f9f4f6f" + }, + "name": { + "type": "string", + "description": "Source cluster display name.", + "example": "Training VA" + } + } + } + ] + }, + "cluster": { + "description": "Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).", + "type": "string", + "example": "xyzzy999", + "deprecated": true, + "nullable": true + }, + "managedSources": { + "description": "Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).", + "type": "array", + "items": { + "type": "string" + }, + "deprecated": true, + "example": [ + "2c9180835d191a86015d28455b4a2329", + "2c5680835d191a85765d28455b4a9823" + ] + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + }, + "attributes": { + "description": "Service Desk integration's attributes. Validation constraints enforced by the implementation.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "beforeProvisioningRule": { + "allOf": [ + { + "type": "object", + "description": "Before Provisioning Rule.", + "properties": { + "type": { + "type": "string", + "description": "Before Provisioning Rule DTO type.", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Before Provisioning Rule ID.", + "example": "048eb3d55c5a4758bd07dccb87741c78" + }, + "name": { + "type": "string", + "description": "Rule display name.", + "example": "Before Provisioning Airtable Rule" + } + } + } + ] + } + } + } + ] + }, + "ServiceDeskIntegrationTemplateDto": { + "allOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "id": { + "description": "System-generated unique ID of the Object", + "type": "string", + "example": "id12345", + "readOnly": true + }, + "name": { + "description": "Name of the Object", + "type": "string", + "example": "aName" + }, + "created": { + "description": "Creation date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + }, + "modified": { + "description": "Last modification date of the Object", + "type": "string", + "example": "2015-05-28T14:07:17Z", + "format": "date-time", + "readOnly": true + } + } + }, + { + "type": "object", + "description": "This is the model for a Service Desk integration template, used to create and edit Service Desk Integrations.", + "required": [ + "type", + "attributes", + "provisioningConfig" + ], + "properties": { + "type": { + "description": "The 'type' property specifies the type of the Service Desk integration template.", + "type": "string", + "example": "Web Service SDIM", + "default": "Web Service SDIM" + }, + "attributes": { + "description": "The 'attributes' property value is a map of attributes available for integrations using this Service Desk integration template.", + "type": "object", + "additionalProperties": true, + "example": { + "property": "value", + "key": "value" + } + }, + "provisioningConfig": { + "description": "The 'provisioningConfig' property specifies the configuration used to provision integrations using the template.", + "type": "object", + "properties": { + "universalManager": { + "description": "Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.", + "type": "boolean", + "readOnly": true, + "default": false, + "example": true + }, + "managedResourceRefs": { + "description": "References to sources for the Service Desk integration template. May only be specified if universalManager is false.", + "type": "array", + "items": { + "allOf": [ + { + "type": "object", + "description": "Source for Service Desk integration template.", + "properties": { + "type": { + "type": "string", + "description": "DTO type of source for service desk integration template.", + "enum": [ + "SOURCE" + ], + "example": "SOURCE" + }, + "id": { + "type": "string", + "description": "ID of source for service desk integration template.", + "example": "2c9180835d191a86015d28455b4b232a" + }, + "name": { + "type": "string", + "description": "Human-readable name of source for service desk integration template.", + "example": "HR Active Directory" + } + } + } + ] + }, + "example": [ + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb051111", + "name": "My Source 1" + }, + { + "type": "SOURCE", + "id": "2c9180855d191c59015d291ceb052222", + "name": "My Source 2" + } + ] + }, + "planInitializerScript": { + "description": "This is a reference to a plan initializer script.", + "type": "object", + "nullable": true, + "properties": { + "source": { + "description": "This is a Rule that allows provisioning instruction changes.", + "type": "string", + "example": "\\r\\n\\r\\n\\r\\n Before Provisioning Rule which changes disables and enables to a modify.\\r\\n \n" + } + } + }, + "noProvisioningRequests": { + "description": "Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration.", + "type": "boolean", + "default": false, + "example": true + }, + "provisioningRequestExpiration": { + "description": "When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.", + "type": "integer", + "format": "int32", + "example": 7 + } + } + } + } + } + ] + }, + "ServiceDeskIntegrationTemplateType": { + "description": "This represents a Service Desk Integration template type.", + "required": [ + "type", + "scriptName" + ], + "type": "object", + "properties": { + "name": { + "description": "This is the name of the type.", + "example": "aName", + "type": "string" + }, + "type": { + "description": "This is the type value for the type.", + "example": "aType", + "type": "string" + }, + "scriptName": { + "description": "This is the scriptName attribute value for the type.", + "example": "aScriptName", + "type": "string" + } + } + }, + "Source": { + "type": "object", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "Source ID.", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "name": { + "type": "string", + "description": "Source's human-readable name.", + "example": "My Source" + }, + "description": { + "type": "string", + "description": "Source's human-readable description.", + "example": "This is the corporate directory." + }, + "owner": { + "description": "Reference to identity object who owns the source.", + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "IDENTITY" + ], + "example": "IDENTITY" + }, + "id": { + "type": "string", + "description": "Owner identity's ID.", + "example": "2c91808568c529c60168cca6f90c1313" + }, + "name": { + "type": "string", + "description": "Owner identity's human-readable display name.", + "example": "MyName" + } + } + }, + "cluster": { + "description": "Reference to the source's associated cluster.", + "type": "object", + "nullable": true, + "required": [ + "name", + "id", + "type" + ], + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CLUSTER" + ], + "example": "CLUSTER" + }, + "id": { + "type": "string", + "description": "Cluster ID.", + "example": "2c9180866166b5b0016167c32ef31a66" + }, + "name": { + "type": "string", + "description": "Cluster's human-readable display name.", + "example": "Corporate Cluster" + } + } + }, + "accountCorrelationConfig": { + "description": "Reference to account correlation config object.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "ACCOUNT_CORRELATION_CONFIG" + ], + "example": "ACCOUNT_CORRELATION_CONFIG" + }, + "id": { + "type": "string", + "description": "Account correlation config ID.", + "example": "2c9180855d191c59015d28583727245a" + }, + "name": { + "type": "string", + "description": "Account correlation config's human-readable display name.", + "example": "Directory [source-62867] Account Correlation" + } + } + }, + "accountCorrelationRule": { + "description": "Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "managerCorrelationMapping": { + "allOf": [ + { + "type": "object", + "properties": { + "accountAttributeName": { + "type": "string", + "description": "Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity.", + "example": "manager" + }, + "identityAttributeName": { + "type": "string", + "description": "Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute.", + "example": "manager" + } + } + }, + { + "nullable": true, + "description": "Filter object used during manager correlation to match incoming manager values to an existing manager's\naccount/identity.\n" + } + ] + }, + "managerCorrelationRule": { + "description": "Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "beforeProvisioningRule": { + "description": "Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "RULE" + ], + "example": "RULE" + }, + "id": { + "type": "string", + "description": "Rule ID.", + "example": "2c918085708c274401708c2a8a760001" + }, + "name": { + "type": "string", + "description": "Rule's human-readable display name.", + "example": "Example Rule" + } + } + }, + "schemas": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "CONNECTOR_SCHEMA" + ], + "example": "CONNECTOR_SCHEMA" + }, + "id": { + "type": "string", + "description": "Schema ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Schema's human-readable display name.", + "example": "MySchema" + } + } + }, + "description": "List of references to schema objects.", + "example": [ + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232a", + "name": "account" + }, + { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180835d191a86015d28455b4b232b", + "name": "group" + } + ] + }, + "passwordPolicies": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "PASSWORD_POLICY" + ], + "example": "PASSWORD_POLICY" + }, + "id": { + "type": "string", + "description": "Policy ID.", + "example": "2c91808568c529c60168cca6f90c1777" + }, + "name": { + "type": "string", + "description": "Policy's human-readable display name.", + "example": "My Password Policy" + } + } + }, + "description": "List of references to the associated PasswordPolicy objects.", + "example": [ + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb053980", + "name": "Corporate Password Policy" + }, + { + "type": "PASSWORD_POLICY", + "id": "2c9180855d191c59015d291ceb057777", + "name": "Vendor Password Policy" + } + ] + }, + "features": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "AUTHENTICATE", + "COMPOSITE", + "DIRECT_PERMISSIONS", + "DISCOVER_SCHEMA", + "ENABLE", + "MANAGER_LOOKUP", + "NO_RANDOM_ACCESS", + "PROXY", + "SEARCH", + "TEMPLATE", + "UNLOCK", + "UNSTRUCTURED_TARGETS", + "SHAREPOINT_TARGET", + "PROVISIONING", + "GROUP_PROVISIONING", + "SYNC_PROVISIONING", + "PASSWORD", + "CURRENT_PASSWORD", + "ACCOUNT_ONLY_REQUEST", + "ADDITIONAL_ACCOUNT_REQUEST", + "NO_AGGREGATION", + "GROUPS_HAVE_MEMBERS", + "NO_PERMISSIONS_PROVISIONING", + "NO_GROUP_PERMISSIONS_PROVISIONING", + "NO_UNSTRUCTURED_TARGETS_PROVISIONING", + "NO_DIRECT_PERMISSIONS_PROVISIONING", + "PREFER_UUID", + "ARM_SECURITY_EXTRACT", + "ARM_UTILIZATION_EXTRACT", + "ARM_CHANGELOG_EXTRACT", + "USES_UUID" + ], + "example": "AUTHENTICATE" + }, + "description": "Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.\n* AUTHENTICATE: The source supports pass-through authentication.\n* COMPOSITE: The source supports composite source creation.\n* DIRECT_PERMISSIONS: The source supports returning DirectPermissions.\n* DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.\n* ENABLE The source supports reading if an account is enabled or disabled.\n* MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.\n* NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.\n* PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.\n* SEARCH\n* TEMPLATE\n* UNLOCK: The source supports reading if an account is locked or unlocked.\n* UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.\n* SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.\n* PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.\n* GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.\n* SYNC_PROVISIONING: The source can provision accounts synchronously.\n* PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.\n* CURRENT_PASSWORD: Some source types support verification of the current password\n* ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.\n* ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.\n* NO_AGGREGATION: A source that does not support aggregation.\n* GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.\n* NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.\n* NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.\n* NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.\n* USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.\n* PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.\n* ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM\n* ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM\n* ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM", + "example": [ + "PROVISIONING", + "NO_PERMISSIONS_PROVISIONING", + "GROUPS_HAVE_MEMBERS" + ] + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "connector": { + "type": "string", + "description": "Connector script name.", + "example": "active-directory" + }, + "connectorClass": { + "type": "string", + "description": "Fully qualified name of the Java class that implements the connector interface.", + "example": "sailpoint.connector.LDAPConnector" + }, + "connectorAttributes": { + "type": "object", + "description": "Connector specific configuration. This configuration will differ from type to type.", + "example": { + "healthCheckTimeout": 30, + "authSearchAttributes": [ + "cn", + "uid", + "mail" + ] + } + }, + "deleteThreshold": { + "type": "integer", + "format": "int32", + "description": "Number from 0 to 100 that specifies when to skip the delete phase.", + "example": 10 + }, + "authoritative": { + "type": "boolean", + "description": "When this is true, it indicates that the source is referenced by an identity profile.", + "default": false, + "example": false + }, + "managementWorkgroup": { + "description": "Reference to management workgroup for the source.", + "type": "object", + "nullable": true, + "properties": { + "type": { + "description": "Type of object being referenced.", + "type": "string", + "enum": [ + "GOVERNANCE_GROUP" + ], + "example": "GOVERNANCE_GROUP" + }, + "id": { + "type": "string", + "description": "Management workgroup ID.", + "example": "2c91808568c529c60168cca6f90c2222" + }, + "name": { + "type": "string", + "description": "Management workgroup's human-readable display name.", + "example": "My Management Workgroup" + } + } + }, + "healthy": { + "type": "boolean", + "description": "When this is true, it indicates that the source is healthy.", + "default": false, + "example": true + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT", + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "Status identifier that gives specific information about why a source is or isn't healthy. ", + "example": "SOURCE_STATE_HEALTHY" + }, + "since": { + "type": "string", + "description": "Timestamp that shows when a source health check was last performed.", + "example": "2021-09-28T15:48:29.380Z" + }, + "connectorId": { + "type": "string", + "description": "Connector ID", + "example": "active-directory" + }, + "connectorName": { + "type": "string", + "description": "Name of the connector that was chosen during source creation.", + "example": "Active Directory" + }, + "connectionType": { + "type": "string", + "description": "Type of connection (direct or file).", + "example": "file" + }, + "connectorImplementationId": { + "type": "string", + "description": "Connector implementation ID.", + "example": "delimited-file" + }, + "created": { + "type": "string", + "description": "Date-time when the source was created", + "format": "date-time", + "example": "2022-02-08T14:50:03.827Z" + }, + "modified": { + "type": "string", + "description": "Date-time when the source was last modified.", + "format": "date-time", + "example": "2024-01-23T18:08:50.897Z" + }, + "credentialProviderEnabled": { + "type": "boolean", + "description": "If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.", + "default": false, + "example": false + }, + "category": { + "type": "string", + "nullable": true, + "default": null, + "description": "Source category (e.g. null, CredentialProvider).", + "example": "CredentialProvider" + } + }, + "required": [ + "name", + "owner", + "connector" + ] + }, + "SourceHealthDto": { + "type": "object", + "description": "Dto for source health data", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "the id of the Source", + "example": "2c91808568c529c60168cca6f90c1324" + }, + "type": { + "type": "string", + "description": "Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a Delimited File source, you must set the `provisionasCsv` query parameter to `true`. ", + "example": "OpenLDAP - Direct" + }, + "name": { + "type": "string", + "description": "the name of the source", + "example": "Source1234" + }, + "org": { + "type": "string", + "description": "source's org", + "example": "denali-cjh" + }, + "isAuthoritative": { + "type": "boolean", + "example": false, + "description": "Is the source authoritative" + }, + "isCluster": { + "type": "boolean", + "example": false, + "description": "Is the source in a cluster" + }, + "hostname": { + "type": "string", + "example": "megapod-useast1-secret-hostname.sailpoint.com", + "description": "source's hostname" + }, + "pod": { + "type": "string", + "description": "source's pod", + "example": "megapod-useast1" + }, + "iqServiceVersion": { + "type": "string", + "description": "The version of the iqService", + "example": "iqVersion123" + }, + "status": { + "type": "string", + "enum": [ + "SOURCE_STATE_ERROR_CLUSTER", + "SOURCE_STATE_ERROR_SOURCE", + "SOURCE_STATE_ERROR_VA", + "SOURCE_STATE_FAILURE_CLUSTER", + "SOURCE_STATE_FAILURE_SOURCE", + "SOURCE_STATE_HEALTHY", + "SOURCE_STATE_UNCHECKED_CLUSTER", + "SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES", + "SOURCE_STATE_UNCHECKED_SOURCE", + "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS" + ], + "description": "connection test result", + "example": "SOURCE_STATE_UNCHECKED_SOURCE" + } + } + }, + "Transform": { + "type": "object", + "description": "The representation of an internally- or customer-defined transform.", + "required": [ + "name", + "type", + "attributes" + ], + "properties": { + "name": { + "type": "string", + "description": "Unique name of this transform", + "example": "Timestamp To Date", + "minLength": 1, + "maxLength": 50 + }, + "type": { + "type": "string", + "description": "The type of transform operation", + "enum": [ + "accountAttribute", + "base64Decode", + "base64Encode", + "concat", + "conditional", + "dateCompare", + "dateFormat", + "dateMath", + "decomposeDiacriticalMarks", + "e164phone", + "firstValid", + "rule", + "identityAttribute", + "indexOf", + "iso3166", + "lastIndexOf", + "leftPad", + "lookup", + "lower", + "normalizeNames", + "randomAlphaNumeric", + "randomNumeric", + "reference", + "replaceAll", + "replace", + "rightPad", + "split", + "static", + "substring", + "trim", + "upper", + "usernameGenerator", + "uuid", + "displayName", + "rfc5646" + ], + "example": "dateFormat", + "externalDocs": { + "description": "Transform Operations", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations" + } + }, + "attributes": { + "nullable": true, + "description": "Meta-data about the transform. Values in this list are specific to the type of transform to be executed.", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Decode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "base64Encode", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "concat", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of items to join together", + "example": [ + "John", + " ", + "Smith" + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "conditional", + "type": "object", + "required": [ + "expression", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "expression": { + "type": "string", + "description": "A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. \n\nThe `eq` operator is the only valid comparison", + "example": "ValueA eq ValueB" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": "false" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateCompare", + "type": "object", + "required": [ + "firstDate", + "secondDate", + "operator", + "positiveCondition", + "negativeCondition" + ], + "properties": { + "firstDate": { + "description": "This is the first date to consider (The date that would be on the left hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "secondDate": { + "description": "This is the second date to consider (The date that would be on the right hand side of the comparison operation).", + "oneOf": [ + { + "title": "accountAttribute", + "type": "object", + "required": [ + "sourceName", + "attributeName" + ], + "properties": { + "sourceName": { + "type": "string", + "description": "A reference to the source to search for the account", + "example": "Workday" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.", + "example": "DEPARTMENT" + }, + "accountSortAttribute": { + "type": "string", + "description": "The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries", + "example": "created", + "default": "created" + }, + "accountSortDescending": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)", + "example": false, + "default": false + }, + "accountReturnFirstLink": { + "type": "boolean", + "description": "The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false", + "example": false, + "default": false + }, + "accountFilter": { + "type": "string", + "description": "This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria.\nOnly certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements", + "example": "!(nativeIdentity.startsWith(\"*DELETED*\"))" + }, + "accountPropertyFilter": { + "type": "string", + "description": "This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset.\n\nAll account attributes are available for filtering as this operation is performed in memory.", + "example": "(groups.containsAll({'Admin'}) || location == 'Austin')" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + } + ] + }, + "operator": { + "type": "string", + "description": "This is the comparison to perform.\n| Operation | Description |\n| --------- | ------- |\n| LT | Strictly less than: firstDate < secondDate |\n| LTE | Less than or equal to: firstDate <= secondDate |\n| GT | Strictly greater than: firstDate > secondDate |\n| GTE | Greater than or equal to: firstDate >= secondDate |\n", + "enum": [ + "LT", + "LTE", + "GT", + "GTE" + ], + "example": "LT" + }, + "positiveCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to true", + "example": "true" + }, + "negativeCondition": { + "type": "string", + "description": "The output of the transform if the expression evalutes to false", + "example": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateFormat", + "type": "object", + "properties": { + "inputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "outputFormat": { + "description": "A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into.\n\n*If no inputFormat is provided, the transform assumes that it is in ISO8601 format*", + "oneOf": [ + { + "title": "Named Construct", + "type": "string", + "description": "| Construct | Date Time Pattern | Description |\n| --------- | ----------------- | ----------- |\n| ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | \n| LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. |\n| PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. |\n| EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. |\n| EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. |\n", + "enum": [ + "ISO8601", + "LDAP", + "PEOPLE_SOFT", + "EPOCH_TIME_JAVA", + "EPOCH_TIME_WIN32" + ], + "example": "PEOPLE_SOFT" + }, + { + "title": "Java Simple Date Format", + "type": "string", + "description": "There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information.\n\n>NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.\n (This table is from the SimpleDateFormat page.)\n\n| Date Time Pattern | Result |\n| ----------------- | ------ |\n| `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` |\n| `EEE, MMM d, ''yy` | Wed, Jul 4, '01 |\n| `h:mm a` | 12:08 PM |\n| `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time |\n| `K:mm a, z` | 0:08 PM, PDT |\n| `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM |\n| `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 |\n| `yyMMddHHmmssZ` | 010704120856-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 |\n| `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 |\n| `YYYY-'W'ww-u` | 2001-W27-3 |\n", + "example": "mm/dd/yyyy" + } + ] + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "dateMath", + "type": "object", + "required": [ + "expression" + ], + "properties": { + "expression": { + "type": "string", + "description": "A string value of the date and time components to operation on, along with the math operations to execute.\n", + "externalDocs": { + "description": "Date Math Expressions", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure" + }, + "example": "now+1w" + }, + "roundUp": { + "type": "boolean", + "description": "A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. \n\n\nIf not provided, the transform will default to `false`\n\n\n`true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component)\n\n\n`false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated)\n", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "decomposeDiacriticalMarks", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "e164phone", + "type": "object", + "properties": { + "defaultRegion": { + "type": "string", + "description": "This is an optional attribute that can be used to define the region of the phone number to format into.\n\n\nIf defaultRegion is not provided, it will take US as the default country.\n\n\nThe format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)\n", + "example": "US" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "firstValid", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "array", + "items": { + "type": "object" + }, + "description": "An array of attributes to evaluate for existence.", + "example": [ + { + "attributes": { + "sourceName": "Active Directory", + "attributeName": "sAMAccountName" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "Okta", + "attributeName": "login" + }, + "type": "accountAttribute" + }, + { + "attributes": { + "sourceName": "HR Source", + "attributeName": "employeeID" + }, + "type": "accountAttribute" + } + ] + }, + "ignoreErrors": { + "type": "boolean", + "description": "a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur.", + "example": false, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "rule", + "oneOf": [ + { + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "This is the name of the Transform rule that needs to be invoked by the transform", + "example": "Transform Calculation Rule" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "includeNumbers", + "includeSpecialChars", + "length" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `generateRandomString`", + "example": "generateRandomString" + }, + "includeNumbers": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include numbers", + "example": true + }, + "includeSpecialChars": { + "type": "boolean", + "description": "This must be either \"true\" or \"false\" to indicate whether the generator logic should include special characters", + "example": true + }, + "length": { + "type": "string", + "description": "This specifies how long the randomly generated string needs to be\n\n\n>NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + }, + { + "type": "object", + "required": [ + "name", + "operation", + "uid" + ], + "properties": { + "name": { + "type": "string", + "description": "This must always be set to \"Cloud Services Deployment Utility\"", + "example": "Cloud Services Deployment Utility" + }, + "operation": { + "type": "string", + "description": "The operation to perform `getReferenceIdentityAttribute`", + "example": "getReferenceIdentityAttribute" + }, + "uid": { + "type": "string", + "description": "This is the SailPoint User Name (uid) value of the identity whose attribute is desired\n\nAs a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute.\n", + "example": "2c91808570313110017040b06f344ec9" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false + } + } + } + ] + }, + { + "title": "identityAttribute", + "type": "object", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "The system (camel-cased) name of the identity attribute to bring in", + "example": "email" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "indexOf", + "type": "object", + "required": [ + "substring" + ], + "properties": { + "substring": { + "type": "string", + "description": "A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.", + "example": "admin_" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "iso3166", + "type": "object", + "properties": { + "format": { + "type": "string", + "description": "An optional value to denote which ISO 3166 format to return. Valid values are:\n\n\n`alpha2` - Two-character country code (e.g., \"US\"); this is the default value if no format is supplied\n\n\n`alpha3` - Three-character country code (e.g., \"USA\")\n\n\n`numeric` - The numeric country code (e.g., \"840\")\n", + "example": "alpha2" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "leftPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lookup", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched\n\n\n>**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return \"Unknown Region\" for the attribute that is mapped to this transform.\n", + "example": { + "USA": "Americas", + "FRA": "EMEA", + "AUS": "APAC", + "default": "Unknown Region" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "lower", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "nameNormalizer", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomAlphaNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "randomNumeric", + "type": "object", + "properties": { + "length": { + "type": "string", + "description": "This is an integer value specifying the size/number of characters the random string must contain\n\n\n* This value must be a positive number and cannot be blank\n\n\n* If no length is provided, the transform will default to a value of `32`\n\n\n* Due to identity attribute data constraints, the maximum allowable value is `450` characters\n", + "example": "10" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "reference", + "type": "object", + "required": [ + "id" + ], + "properties": { + "id": { + "type": "string", + "description": "This ID specifies the name of the pre-existing transform which you want to use within your current transform", + "example": "Existing Transform" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replaceAll", + "type": "object", + "required": [ + "table" + ], + "properties": { + "table": { + "type": "object", + "additionalProperties": true, + "description": "An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.", + "example": { + "-": " ", + "\"": "'", + "ñ": "n" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "replace", + "type": "object", + "required": [ + "regex", + "replacement" + ], + "properties": { + "regex": { + "type": "string", + "description": "This can be a string or a regex pattern in which you want to replace.", + "example": "[^a-zA-Z]", + "externalDocs": { + "description": "Regex Builder", + "url": "https://regex101.com/" + } + }, + "replacement": { + "type": "string", + "description": "This is the replacement string that should be substituded wherever the string or pattern is found.", + "example": " " + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "rightPad", + "type": "object", + "required": [ + "length" + ], + "properties": { + "length": { + "type": "string", + "description": "An integer value for the desired length of the final output string", + "example": "4" + }, + "padding": { + "type": "string", + "description": "A string value representing the character that the incoming data should be padded with to get to the desired length\n\n\nIf not provided, the transform will default to a single space (\" \") character for padding\n", + "example": "0" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "split", + "type": "object", + "required": [ + "delimiter", + "index" + ], + "properties": { + "delimiter": { + "type": "string", + "description": "This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data", + "example": "," + }, + "index": { + "type": "string", + "description": "An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.", + "example": "5" + }, + "throws": { + "type": "boolean", + "description": "A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array)\n\n\n`true` - The transform should return \"IndexOutOfBoundsException\"\n\n\n`false` - The transform should return null\n\n\nIf not provided, the transform will default to false and return a null\n", + "example": true, + "default": false + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "static", + "type": "object", + "required": [ + "values" + ], + "properties": { + "values": { + "type": "string", + "description": "This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.", + "example": "string$variable", + "externalDocs": { + "description": "Static Transform Documentation", + "url": "https://developer.sailpoint.com/idn/docs/transforms/operations/static" + } + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + }, + { + "title": "substring", + "type": "object", + "required": [ + "begin" + ], + "properties": { + "begin": { + "type": "integer", + "description": "The index of the first character to include in the returned substring.\n\n\nIf `begin` is set to -1, the transform will begin at character 0 of the input data\n", + "example": 1, + "format": "int32" + }, + "beginOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the begin attribute when returning a substring. \n\nThis attribute is only used if begin is not -1.\n", + "example": 3, + "format": "int32" + }, + "end": { + "type": "integer", + "description": "The index of the first character to exclude from the returned substring.\n\nIf end is -1 or not provided at all, the substring transform will return everything up to the end of the input string.\n", + "example": 6, + "format": "int32" + }, + "endOffset": { + "type": "integer", + "description": "This integer value is the number of characters to add to the end attribute when returning a substring. \n\nThis attribute is only used if end is provided and is not -1.\n", + "example": 1, + "format": "int32" + }, + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "trim", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "upper", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + }, + "input": { + "type": "object", + "description": "This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.", + "additionalProperties": true, + "example": { + "type": "accountAttribute", + "attributes": { + "attributeName": "first_name", + "sourceName": "Source" + } + } + } + } + }, + { + "title": "uuid", + "type": "object", + "properties": { + "requiresPeriodicRefresh": { + "type": "boolean", + "description": "A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process", + "example": false, + "default": false + } + } + } + ] + } + } + }, + "WorkItems": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the work item", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "requesterId": { + "type": "string", + "description": "ID of the requester", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "requesterDisplayName": { + "type": "string", + "description": "The displayname of the requester", + "example": "John Smith", + "nullable": true + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "ownerName": { + "type": "string", + "description": "The name of the owner", + "example": "Jason Smith" + }, + "created": { + "type": "string", + "format": "date-time", + "example": "2017-07-11T18:45:37.098Z", + "description": "Time when the work item was created" + }, + "modified": { + "type": "string", + "format": "date-time", + "example": "2018-06-25T20:22:28.104Z", + "description": "Time when the work item was last updated", + "nullable": true + }, + "description": { + "type": "string", + "description": "The description of the work item", + "example": "Create account on source 'AD'" + }, + "state": { + "type": "string", + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled" + ], + "example": "Finished", + "description": "The state of a work item" + }, + "type": { + "type": "string", + "enum": [ + "Generic", + "Certification", + "Remediation", + "Delegation", + "Approval", + "ViolationReview", + "Form", + "PolicyVioloation", + "Challenge", + "ImpactAnalysis", + "Signoff", + "Event", + "ManualAction", + "Test" + ], + "example": "Generic", + "description": "The type of the work item" + }, + "remediationItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the certification", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetId": { + "type": "string", + "description": "The ID of the certification target", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "targetName": { + "type": "string", + "description": "The name of the certification target", + "example": "john.smith" + }, + "targetDisplayName": { + "type": "string", + "description": "The display name of the certification target", + "example": "emailAddress" + }, + "applicationName": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "attributeName": { + "type": "string", + "description": "The name of the attribute being certified", + "example": "phoneNumber" + }, + "attributeOperation": { + "type": "string", + "description": "The operation of the certification on the attribute", + "example": "update" + }, + "attributeValue": { + "type": "string", + "description": "The value of the attribute being certified", + "example": "512-555-1212" + }, + "nativeIdentity": { + "type": "string", + "description": "The native identity of the target", + "example": "jason.smith2" + } + } + }, + "description": "A list of remediation items" + }, + "approvalItems": { + "type": "array", + "nullable": true, + "items": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The approval item's ID", + "example": "2c9180835d2e5168015d32f890ca1581" + }, + "account": { + "type": "string", + "description": "The account referenced by the approval item", + "example": "john.smith", + "nullable": true + }, + "application": { + "type": "string", + "description": "The name of the application/source", + "example": "Active Directory" + }, + "name": { + "type": "string", + "description": "The attribute's name", + "example": "emailAddress", + "nullable": true + }, + "operation": { + "type": "string", + "description": "The attribute's operation", + "example": "update" + }, + "value": { + "type": "string", + "description": "The attribute's value", + "example": "a@b.com", + "nullable": true + }, + "state": { + "allOf": [ + { + "type": "string", + "nullable": true, + "enum": [ + "Finished", + "Rejected", + "Returned", + "Expired", + "Pending", + "Canceled", + null + ], + "example": "Pending", + "description": "The state of a work item" + }, + { + "nullable": true + } + ] + } + } + }, + "description": "A list of items that need to be approved" + }, + "name": { + "type": "string", + "description": "The work item name", + "example": "Account Create", + "nullable": true + }, + "completed": { + "type": "string", + "format": "date-time", + "example": "2018-10-19T13:49:37.385Z", + "description": "The time at which the work item completed", + "nullable": true + }, + "numItems": { + "type": "integer", + "format": "int32", + "description": "The number of items in the work item", + "example": 19, + "nullable": true + }, + "form": { + "allOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "ID of the form", + "example": "2c9180835d2e5168015d32f890ca1581", + "nullable": true + }, + "name": { + "type": "string", + "description": "Name of the form", + "example": "AccountSelection Form", + "nullable": true + }, + "title": { + "type": "string", + "description": "The form title", + "example": "Account Selection for John.Doe" + }, + "subtitle": { + "type": "string", + "description": "The form subtitle.", + "example": "Please select from the following" + }, + "targetUser": { + "type": "string", + "description": "The name of the user that should be shown this form", + "example": "Jane.Doe" + }, + "sections": { + "type": "array", + "items": { + "type": "object", + "allOf": [ + { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the FormItem", + "example": "Field1" + } + } + }, + { + "type": "object", + "properties": { + "label": { + "type": "string", + "description": "Label of the section", + "example": "Section 1" + }, + "formItems": { + "type": "array", + "items": { + "type": "object" + }, + "description": "List of FormItems. FormItems can be SectionDetails and/or FieldDetails", + "example": [] + } + } + } + ] + }, + "description": "Sections of the form" + } + } + }, + { + "nullable": true + } + ] + }, + "errors": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "The work item ID that was specified was not found." + ], + "description": "An array of errors that ocurred during the work item" + } + } + }, + "WorkItemsCount": { + "type": "object", + "properties": { + "count": { + "type": "integer", + "description": "The count of work items", + "example": 29 + } + } + }, + "WorkItemsSummary": { + "type": "object", + "properties": { + "open": { + "type": "integer", + "description": "The count of open work items", + "example": 29 + }, + "completed": { + "type": "integer", + "description": "The count of completed work items", + "example": 1 + }, + "total": { + "type": "integer", + "description": "The count of total work items", + "example": 30 + } + } + }, + "AccountUsage": { + "type": "object", + "properties": { + "date": { + "type": "string", + "format": "date", + "description": "The first day of the month for which activity is aggregated.", + "example": "2023-04-21" + }, + "count": { + "type": "integer", + "format": "int64", + "description": "The number of days within the month that the account was active in a source.", + "example": 10 + } + } + }, + "SourceUsage": { + "type": "object", + "properties": { + "date": { + "type": "string", + "format": "date", + "description": "The first day of the month for which activity is aggregated.", + "example": "2023-04-21" + }, + "count": { + "type": "number", + "format": "float", + "description": "The average number of days that accounts were active within this source, for the month.", + "example": 10.45 + } + } + }, + "SourceUsageStatus": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Source Usage Status. Acceptable values are:\n - COMPLETE\n - This status means that an activity data source has been setup and usage insights are available for the source.\n - INCOMPLETE\n - This status means that an activity data source has not been setup and usage insights are not available for the source.", + "example": "COMPLETE", + "enum": [ + "COMPLETE", + "INCOMPLETE" + ] + } + } + }, + "BrandingItem": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "name of branding item", + "example": "default" + }, + "productName": { + "type": "string", + "description": "product name", + "example": "product name", + "nullable": true + }, + "actionButtonColor": { + "type": "string", + "description": "hex value of color for action button", + "example": "0074D9", + "nullable": true + }, + "activeLinkColor": { + "type": "string", + "description": "hex value of color for link", + "example": "011E69", + "nullable": true + }, + "navigationColor": { + "type": "string", + "description": "hex value of color for navigation bar", + "example": "011E69", + "nullable": true + }, + "emailFromAddress": { + "type": "string", + "description": "email from address", + "example": "no-reply@sailpoint.com", + "nullable": true + }, + "standardLogoURL": { + "type": "string", + "description": "url to standard logo", + "example": "", + "nullable": true + }, + "loginInformationalMessage": { + "type": "string", + "description": "login information message", + "example": "", + "nullable": true + } + } + }, + "BrandingItemCreate": { + "type": "object", + "required": [ + "name", + "productName" + ], + "properties": { + "name": { + "type": "string", + "description": "name of branding item", + "example": "custom-branding-item" + }, + "productName": { + "type": "string", + "description": "product name", + "example": "product name", + "nullable": true + }, + "actionButtonColor": { + "type": "string", + "description": "hex value of color for action button", + "example": "0074D9" + }, + "activeLinkColor": { + "type": "string", + "description": "hex value of color for link", + "example": "011E69" + }, + "navigationColor": { + "type": "string", + "description": "hex value of color for navigation bar", + "example": "011E69" + }, + "emailFromAddress": { + "type": "string", + "description": "email from address", + "example": "no-reply@sailpoint.com" + }, + "loginInformationalMessage": { + "type": "string", + "description": "login information message", + "example": "" + }, + "fileStandard": { + "type": "string", + "format": "binary", + "description": "png file with logo", + "example": "\\x00\\x00\\x00\\x02" + } + } + } + } + } +} diff --git a/dereferenced/deref-sailpoint-api.v2024.yaml b/dereferenced/deref-sailpoint-api.v2024.yaml new file mode 100644 index 00000000..8fbe9df1 --- /dev/null +++ b/dereferenced/deref-sailpoint-api.v2024.yaml @@ -0,0 +1,284280 @@ +openapi: 3.0.1 +info: + title: Identity Security Cloud V2024 API + description: 'Use these APIs to interact with the Identity Security Cloud platform to achieve repeatable, automated processes with greater scalability. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.' + termsOfService: 'https://developer.sailpoint.com/discuss/tos' + contact: + name: Developer Relations + url: 'https://developer.sailpoint.com/discuss/api-help' + license: + name: MIT + url: 'https://opensource.org/licenses/MIT' + version: v2024 +servers: + - url: 'https://{tenant}.api.identitynow.com/v2024' + description: This is the production API server. + variables: + tenant: + default: sailpoint + description: 'This is the name of your tenant, typically your company''s name.' + - url: 'https://{apiUrl}/v2024' + description: This is the V2024 API server. + variables: + apiUrl: + default: sailpoint.api.identitynow.com + description: This is the api url of your tenant +tags: + - name: Access Model Metadata + description: | + Use this API to create and manage metadata attributes for your Access Model. + Access Model Metadata allows you to add contextual information to your ISC Access Model items using pre-defined metadata for risk, regulations, privacy levels, etc., or by creating your own metadata attributes to reflect the unique needs of your organization. This release of the API includes support for entitlement metadata. Support for role and access profile metadata will be introduced in a subsequent release. + + Common usages for Access Model metadata include: + + - Organizing and categorizing access items to make it easier for your users to search for and find the access rights they want to request, certify, or manage. + + - Providing richer information about access that is being acted on to allow stakeholders to make better decisions when approving, certifying, or managing access rights. + + - Identifying access that may requires additional approval requirements or be subject to more frequent review. + - name: Access Profiles + description: | + Use this API to implement and customize access profile functionality. + With this functionality in place, administrators can create access profiles and configure them for use throughout Identity Security Cloud, enabling users to get the access they need quickly and securely. + + Access profiles group entitlements, which represent access rights on sources. + + For example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization. + + An administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement. + + When users only need Active Directory employee access, they can request access to the 'Employees' entitlement. + + When users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile. + + Access profiles are the most important units of access in Identity Security Cloud. Identity Security Cloud uses access profiles in many features, including the following: + + - Provisioning: When you use the Provisioning Service, lifecycle states and roles both grant access to users in the form of access profiles. + + - Certifications: You can approve or revoke access profiles in certification campaigns, just like entitlements. + + - Access Requests: You can assign access profiles to applications, and when a user requests access to the app associated with an access profile and someone approves the request, access is granted to both the application and its associated access profile. + + - Roles: You can group one or more access profiles into a role to quickly assign access items based on an identity's role. + + In Identity Security Cloud, administrators can use the Access drop-down menu and select Access Profiles to view, configure, and delete existing access profiles, as well as create new ones. + Administrators can enable and disable an access profile, and they can also make the following configurations: + + - Manage Entitlements: Manage the profile's access by adding and removing entitlements. + + - Access Requests: Configure access profiles to be requestable and establish an approval process for any requests that the access profile be granted or revoked. + Do not configure an access profile to be requestable without first establishing a secure access request approval process for the access profile. + + - Multiple Account Options: Define the logic Identity Security Cloud uses to provision access to an identity with multiple accounts on the source. + + Refer to [Managing Access Profiles](https://documentation.sailpoint.com/saas/help/access/access-profiles.html) for more information about access profiles. + - name: Access Request Approvals + description: | + Use this API to implement and customize access request approval functionality. + With this functionality in place, administrators can delegate qualified users to review users' requests for access or managers' requests to revoke team members' access to applications, entitlements, or roles. + This enables more qualified users to review access requests and the others to spend their time on other tasks. + + In Identity Security Cloud, users can request access to applications, entitlements, and roles, and managers can request that team members' access be revoked. + For applications and entitlements, administrators can set access profiles to require approval from the access profile owner, the application owner, the source owner, the requesting user's manager, or a governance group for access to be granted or revoked. + For roles, administrators can also set roles to allow access requests and require approval from the role owner, the requesting user's manager, or a governance group for access to be granted or revoked. + If the administrator designates a governance group as the required approver, any governance group member can approve the requests. + + When a user submits an access request, Identity Security Cloud sends the first required approver in the queue an email notification, based on the access request configuration's approval and reminder escalation configuration. + + In Approvals in Identity Security Cloud, required approvers can view pending access requests under the Requested tab and approve or deny them, or the approvers can reassign the requests to different reviewers for approval. + If the required approver approves the request and is the only reviewer required, Identity Security Cloud grants or revokes access, based on the request. + If multiple reviewers are required, Identity Security Cloud sends the request to the next reviewer in the queue, based on the access request configuration's approval reminder and escalation configuration. + The required approver can then view any completed access requests under the Reviewed tab. + + Refer to [Access Requests](https://documentation.sailpoint.com/saas/help/requests/index.html) for more information about access request approvals. + - name: Access Request Identity Metrics + description: | + Use this API to implement access request identity metrics functionality. + With this functionality in place, access request reviewers can see relevant details about the requested access item and associated source activity. + This allows reviewers to see how many of the identities who share a manager with the access requester have this same type of access and how many of them have had activity in the related source. + This additional context about whether the access has been granted before and how often it has been used can help those approving access requests make more informed decisions. + - name: Access Requests + description: | + Use this API to implement and customize access request functionality. + With this functionality in place, users can request access to applications, entitlements, or roles, and managers can request that team members' access be revoked. + This allows users to get access to the tools they need quickly and securely, and it allows managers to take away access to those tools. + + Identity Security Cloud's Access Request service allows end users to request access that requires approval before it can be granted to users and enables qualified users to review those requests and approve or deny them. + + In the Request Center in Identity Security Cloud, users can view available applications, roles, and entitlements and request access to them. + If the requested tools requires approval, the requests appear as 'Pending' under the My Requests tab until the required approver approves, rejects, or cancels them. + + Users can use My Requests to track and/or cancel the requests. + + In My Team on the Identity Security Cloud Home, managers can submit requests to revoke their team members' access. + They can use the My Requests tab under Request Center to track and/or cancel the requests. + + Refer to [Requesting Access](https://documentation.sailpoint.com/saas/user-help/requests/requesting_access.html) for more information about access requests. + - name: Account Activities + description: | + Use this API to implement account activity tracking functionality. + With this functionality in place, users can track source account activity in Identity Security Cloud, which greatly improves traceability in the system. + + An account activity refers to a log of each action performed on a source account. This is useful for auditing the changes performed on an account throughout its life. + In Identity Security Cloud's Search, users can search for account activities and select the activity's row to get an overview of the activity's account action and view its progress, its involved sources, and its most basic metadata, such as the identity requesting the option and the recipient. + + Account activity includes most actions Identity Security Cloud completes on source accounts. Users can search in Identity Security Cloud for the following account action types: + + - Access Request: These include any access requests the source account is involved in. + + - Account Attribute Updates: These include updates to a single attribute on an account on a source. + + - Account State Update: These include locking or unlocking actions on an account on a source. + + - Certification: These include actions removing an entitlement from an account on a source as a result of the entitlement's revocation during a certification. + + - Cloud Automated `Lifecyclestate`: These include automated lifecycle state changes that result in a source account's correlated identity being assigned to a different lifecycle state. + Identity Security Cloud replaces the `Lifecyclestate` variable with the name of the lifecycle state it has moved the account's identity to. + + - Identity Attribute Update: These include updates to a source account's correlated identity attributes as the result of a provisioning action. + When you update an identity attribute that also updates an identity's lifecycle state, the cloud automated `Lifecyclestate` event also displays. + Account Activity does not include attribute updates that occur as a result of aggregation. + + - Identity Refresh: These include correlated identity refreshes that occur for an account on a source whenever the account's correlated identity profile gets a new role or updates. + These also include refreshes that occur whenever Identity Security Cloud assigns an application to the account's correlated identity based on the application's being assigned to All Users From Source or Specific Users From Source. + + - Lifecycle State Refresh: These include the actions that took place when a lifecycle state changed. This event only occurs after a cloud automated `Lifecyclestate` change or a lifecycle state change. + + - Lifecycle State Change: These include the account activities that result from an identity's manual assignment to a null lifecycle state. + + - Password Change: These include password changes on sources. + + Refer to [Account Activity](https://documentation.sailpoint.com/saas/help/search/index.html#account-activity) for more information about account activities. + - name: Account Aggregations + description: | + Use this API to implement account aggregation progress tracking functionality. + With this functionality in place, administrators can view in-progress account aggregations, their statuses, and their relevant details. + + An account aggregation refers to the process Identity Security Cloud uses to gather and load account data from a source into Identity Security Cloud. + + Whenever Identity Security Cloud is in the process of aggregating a source, it adds an entry to the Aggregation Activity Log, along with its relevant details. + To view aggregation activity, administrators can select the Connections drop-down menu, select Sources, and select the relevant source, select its Import Data tab, and select Account Aggregation. + In Account Aggregation, administrators can view the account aggregations' statuses and details in the Account Activity Log. + + Refer to [Loading Account Data](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html) for more information about account aggregations. + - name: Account Usages + description: | + Use this API to implement account usage insight functionality. + With this functionality in place, administrators can gather information and insights about how their tenants' source accounts are being used. + This allows organizations to get the information they need to start optimizing and securing source account usage. + - name: Accounts + description: | + Use this API to implement and customize account functionality. + With this functionality in place, administrators can manage users' access across sources in Identity Security Cloud. + + In Identity Security Cloud, an account refers to a user's account on a supported source. + This typically includes a unique identifier for the user, a unique password, a set of permissions associated with the source and a set of attributes. Identity Security Cloud loads accounts through the creation of sources in Identity Security Cloud. + + Administrators can correlate users' identities with the users' accounts on the different sources they use. + This allows Identity Security Cloud to govern the access of identities and all their correlated accounts securely and cohesively. + + To view the accounts on a source and their correlated identities, administrators can use the Connections drop-down menu, select Sources, select the relevant source, and select its Account tab. + + To view and edit source account statuses for an identity in Identity Security Cloud, administrators can use the Identities drop-down menu, select Identity List, select the relevant identity, and select its Accounts tab. + Administrators can toggle an account's Actions to aggregate the account, enable/disable it, unlock it, or remove it from the identity. + + Accounts can have the following statuses: + + - Enabled: The account is enabled. The user can access it. + + - Disabled: The account is disabled, and the user cannot access it, but the identity is not disabled in Identity Security Cloud. This can occur when an administrator disables the account or when the user's lifecycle state changes. + + - Locked: The account is locked. This may occur when someone has entered an incorrect password for the account too many times. + + - Pending: The account is currently updating. This status typically lasts seconds. + + Administrators can select the source account to view its attributes, entitlements, and the last time the account's password was changed. + + Refer to [Managing User Accounts](https://documentation.sailpoint.com/saas/help/common/users/user_access.html#managing-user-accounts) for more information about accounts. + - name: Approvals + - name: Auth Profile + description: | + Auth Profile - Represents authentication configuration for an Identity Profile. This object gets created when an Identity Profile is created. + + APIs can be used to retrieve and update Auth Profiles. + - name: Auth Users + description: | + Use this API to implement user authentication system functionality. + With this functionality in place, users can get a user's authentication system details, including their capabilities, and modify those capabilities. + The user's capabilities refer to their access to different systems, or authorization, within the tenant, like access to certifications (CERT_ADMIN) or reports (REPORT_ADMIN). + These capabilities also determine a user's access to the different APIs. + This API provides users with a way to determine a user's access and make quick and easy changes to that access. + - name: Branding + description: | + Use this API to implement and customize branding functionality. + With this functionality in place, administrators can get and manage existing branding items, and they can also create new branding items and configure them for use throughout Identity Security Cloud. + The Branding APIs provide administrators with a way to customize branding items. + This customization includes details like their colors, logos, and other information. + Refer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) for more information about certifications. + - name: Certification Campaign Filters + description: | + Use this API to implement the certification campaign filter functionality. These filters can be used to create a certification campaign that includes a subset of your entitlements or users to certify. + + For example, if for a certification campaign an organization wants to certify only specific users or entitlements, then those can be included/excluded on the basis of campaign filters. + + For more information about creating a campaign filter, refer to [Creating a Campaign Filter](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#creating-a-campaign-filter) + + You can create campaign filters using any of the following criteria types: + + - Access Profile : This criteria type includes or excludes access profiles from a campaign. + + - Account Attribute : This criteria type includes or excludes certification items that match a specified value in an account attribute. + + - Entitlement : This criteria type includes or excludes entitlements from a campaign. + + - Identity : This criteria type includes or excludes specific identities from your campaign. + + - Identity Attribute : This criteria type includes or excludes identities based on whether they have an identity attribute that matches criteria you've chosen. + + - Role : This criteria type includes or excludes roles, as opposed to identities. + + - Source : This criteria type includes or excludes entitlements from a source you select. + + For more information about these criteria types, refer to [Types of Campaign Filters](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#types-of-campaign-filters) + + Once the campaign filter is created, it can be linked while creating the campaign. The generated campaign will have the items to review as per the campaign filter. + + For example, An inclusion campaign filter is created with a source of Source 1, an operation of Equals, and an entitlement of Entitlement 1. When this filter is selected, only users who have Entitlement 1 are included in the campaign, and only Entitlement 1 is shown in the certification. + - name: Certification Campaigns + description: | + Use this API to implement certification campaign functionality. + With this functionality in place, administrators can create, customize, and manage certification campaigns for their organizations' use. + Certification campaigns provide Identity Security Cloud users with an interactive review process they can use to identify and verify access to systems. + Campaigns help organizations reduce risk of inappropriate access and satisfy audit requirements. + + A certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. + These certifications serve as a way of showing that a user's access has been reviewed and approved. + Multiple certifications by different reviewers are often required to approve a user's access. + A set of multiple certifications is called a certification campaign. + + For example, an organization may use a Manager Certification campaign as a way of showing that a user's access has been reviewed and approved by multiple managers. + Once this campaign has been completed, Identity Security Cloud would provision all the access the user needs, nothing more. + + Identity Security Cloud provides two simple campaign types users can create without using search queries, Manager and Source Owner campaigns: + + You can create these types of campaigns without using any search queries in Identity Security Cloud: + + - ManagerCampaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access is certified by their managers. + You only need to provide a name and description to create one. + + - Source Owner Campaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access to a source is certified by its source owners. + You only need to provide a name and description to create one. + You can specify the sources whose owners you want involved or just run it across all sources. + + For more information about these campaign types, refer to [Starting a Manager or Source Owner Campaign](https://documentation.sailpoint.com/saas/help/certs/starting_campaign.html). + + One useful way to create certification campaigns in Identity Security Cloud is to use a specific search and then run a campaign on the results returned by that search. + This allows you to be much more specific about whom you are certifying in your campaigns and what access you are certifying in your campaigns. + For example, you can search for all identities who are managed by "Amanda.Ross" and also have the access to the "Accounting" role and then run a certification campaign based on that search to ensure that the returned identities are appropriately certified. + + You can use Identity Security Cloud search queries to create these types of campaigns: + + - Identities: Use this campaign type to review and revoke access items for specific identities. + You can either build a search query and create a campaign certifying all identities returned by that query, or you can search for individual identities and add those identities to the certification campaign. + + - Access Items: Use this campaign type to review and revoke a set of roles, access profiles, or entitlements from the identities that have them. + You can either build a search query and create a campaign certifying all access items returned by that query, or you can search for individual access items and add those items to the certification campaign. + + - Role Composition: Use this campaign type to review a role's composition, including its title, description, and membership criteria. + You can either build a search query and create a campaign certifying all roles returned by that query, or you can search for individual roles and add those roles to the certification campaign. + + - Uncorrelated Accounts: Use this campaign type to certify source accounts that aren't linked to an authoritative identity in Identity Security Cloud. + You can use this campaign type to view all the uncorrelated accounts for a source and certify them. + + For more information about search-based campaigns, refer to [Starting a Campaign from Search](https://documentation.sailpoint.com/saas/help/certs/starting_search_campaign.html). + + Once you have generated your campaign, it becomes available for preview. + An administrator can review the campaign and make changes, or if it's ready and accurate, activate it. + + Once the campaign is active, organization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers. + Those reviewers can view any of the certifications they either need to review (active) or have already reviewed (completed). + + When a certification campaign is in progress, certification reviewers see the listed active certifications whose involved identities they can review. + Reviewers can then make decisions to grant or revoke access, as well as reassign the certification to another reviewer. If the reviewer chooses this option, they must provide a reason for reassignment in the form of a comment. + + Once a reviewer has made decisions on all the certification's involved access items, he or she must "Sign Off" to complete the review process. + Doing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items. + + Once all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase. + In the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation. + In this situation, the certification campaign completes once all the remediation requests are completed. + + The end of a certification campaign is determined by its deadline, its completion status, or by an administrator's decision. + + For more information about certifications and certification campaigns, refer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html). + - name: Certification Summaries + description: | + Use this API to implement certification summary functionality. + With this functionality in place, administrators and designated certification reviewers can review summaries of identity certification campaigns and draw conclusions about the campaigns' scope, security, and effectiveness. + Implementing certification summary functionality improves organizations' ability to review their [certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) and helps them satisfy audit and regulatory requirements by enabling them to trace access changes and the decisions made in their review processes. + + A certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. + These certifications serve as a way of showing that a user's access has been reviewed and approved. + Multiple certifications by different reviewers are often required to approve a user's access. + A set of multiple certifications is called a certification campaign. + + For example, an organization may use a Manager Certification as a way of showing that a user's access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user's access has been reviewed and approved by multiple managers. + Once this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more. + + Certification summaries provide information about identity certification campaigns such as the identities involved, the number of decisions made, and the access changed. + For example, an administrator or designated certification reviewer can examine the Manager Certification campaign to get an overview of how many entitlement decisions are made in that campaign as opposed to role decisions, which identities would be affected by changes to the campaign, and how those identities' access would be affected. + - name: Certifications + description: | + Use this API to implement certification functionality. + With this functionality in place, administrators and designated certification reviewers can review users' access certifications and decide whether to approve access, revoke it, or reassign the review to another reviewer. + Implementing certifications improves organizations' data security by reducing inappropriate access through a distributed review process and helping them satisfy audit and regulatory requirements. + + A certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. + These serve as a way of showing that a user's access has been reviewed and approved. + Multiple certifications by different reviewers are often required to approve a user's access. + A set of multiple certifications is called a certification campaign. + + For example, an organization may use a Manager Certification as a way of showing that a user's access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user's access has been reviewed and approved by multiple managers. + Once this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more. + + Organization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers. + Those reviewers can select the 'Certifications' tab to view any of the certifications they either need to review or have already reviewed under the 'Active' and 'Completed' tabs, respectively. + + When a certification campaign is in progress, certification reviewers will see certifications listed under 'Active,' where they can review the involved identities. + Under the 'Decision' column on the right, next to each access item, reviewers can select the checkmark to approve access, select the 'X' to revoke access, or they can toggle the 'More Options' menu to reassign the certification to another reviewer and provide a reason for reassignment in the form of a comment. + + Once a reviewer has made decisions on all the certification's involved access items, he or she must select 'Sign Off' to complete the review process. + Doing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items. + + Once all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase. In the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation. + In this situation, the certification campaign completes once all the remediation requests are completed. + - name: Configuration Hub + description: | + Upload configurations and manage object mappings between tenants. + + Configuration files can be managed and deployed using Configuration Hub by uploading a JSON file which contains configuration data. + + The function of object mapping allows objects with varying names and IDs to be compared. While objects are compared, a user can replace a value in the source tenant with a new value. Object mapping also helps in locating referenced objects to the source object during the drafting process. + + Refer to [Uploading a Configuration File](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html#uploading-a-configuration-file) for more information about uploading Configuration Files + + Refer to [Mapping Objects](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html#mapping-objects) for more information about object mappings. + - name: Connector Rule Management + - name: Connectors + description: | + Use this API to implement connector functionality. + With this functionality in place, administrators can view available connectors. + + Connectors are the bridges Identity Security Cloud uses to communicate with and aggregate data from sources. + For example, if it is necessary to set up a connection between Identity Security Cloud and the Active Directory source, a connector can bridge the two and enable Identity Security Cloud to synchronize data between the systems. + This ensures account entitlements and states are correct throughout the organization. + + In Identity Security Cloud, administrators can use the Connections drop-down menu and select Sources to view the available source connectors. + + Refer to [Identity Security Cloud Connectors](https://documentation.sailpoint.com/connectors/identitynow/landingpages/help/landingpages/identitynow_connectivity_landing.html) for more information about the connectors available in Identity Security Cloud. + + Refer to [SaaS Connectivity](https://developer.sailpoint.com/docs/connectivity/saas-connectivity/) for more information about the SaaS custom connectors that do not need VAs (virtual appliances) to communicate with their sources. + + Refer to [Managing Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) for more information about using connectors in Identity Security Cloud. + - name: Custom Forms + description: | + Use this API to build and manage custom forms. + With this functionality in place, administrators can create and view form definitions and form instances. + + Forms are composed of sections and fields. Sections split the form into logical groups of fields and fields are the data collection points within the form. Configure conditions to modify elements of the form as the responder provides input. Create form inputs to pass information from a calling feature, like a workflow, to your form. + + Forms can be used within workflows as an action or as a trigger. The Form Action allows you to assign a form as a step in a running workflow, suspending the workflow until the form is submitted or times out, and the workflow resumes. The Form Submitted Trigger initiates a workflow when a form is submitted. The trigger can be configured to initiate on submission of a full form, a form element with any value, or a form element with a particular value. + + Refer to [Forms](https://documentation.sailpoint.com/saas/help/forms/index.html) for more information about using forms in Identity Security Cloud. + - name: Custom Password Instructions + description: | + Use this API to implement custom password instruction functionality. + With this functionality in place, administrators can create custom password instructions to help users reset their passwords, change them, unlock their accounts, or recover their usernames. + This allows administrators to emphasize password policies or provide organization-specific instructions. + + Administrators must first use [Update Password Org Config](https://developer.sailpoint.com/docs/api/beta/put-password-org-config/) to set `customInstructionsEnabled` to `true`. + + Once they have enabled custom instructions, they can use [Create Custom Password Instructions](https://developer.sailpoint.com/docs/api/beta/create-custom-password-instructions/) to create custom page content for the specific pageId they select. + + For example, an administrator can use the pageId forget-username:user-email to set the custom text for the case when users forget their usernames and must enter their emails. + + Refer to [Creating Custom Instruction Text](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html#creating-custom-instruction-text) for more information about creating custom password instructions. + - name: Discovered Applications + description: | + Use this API to retrieve all the available discovered apps for a given tenant id. + - name: Entitlements + description: | + Use this API to implement and customize entitlement functionality. + With this functionality in place, administrators can view entitlements and configure them for use throughout Identity Security Cloud in certifications, access profiles, and roles. + Administrators in Identity Security Cloud can then grant users access to the entitlements or configure them so users themselves can request access to the entitlements whenever they need them. + With a good approval process, this entitlement functionality allows users to gain the specific access they need on sources quickly and securely. + + Entitlements represent access rights on sources. + Entitlements are the most granular form of access in Identity Security Cloud. + Entitlements are often grouped into access profiles, and access profiles themselves are often grouped into roles, the broadest form of access in Identity Security Cloud. + + For example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization. + + An administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement. + + An administrator can then create an even broader set of access in the form of a role grouping the 'AD Developers' access profile with another profile, 'GitHub Developers,' grouping entitlements for the GitHub source. + + When users only need Active Directory employee access, they can request access to the 'Employees' entitlement. + + When users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile. + + When users need both the 'AD Developers' access profile and the 'GitHub Developers' access profile, they can request access to the role grouping both. + + Administrators often use roles and access profiles within those roles to manage access so that users can gain access more quickly, but the hierarchy of access all starts with entitlements. + + Anywhere entitlements appear, you can select them to find more information about the following: + + - Cloud Access Details: These provide details about the cloud access entitlements on cloud-enabled sources. + + - Permissions: Permissions represent individual units of read/write/admin access to a system. + + - Relationships: These list each entitlement's parent and child relationships. + + - Type: This is the entitlement's type. Some sources support multiple types, each with a different attribute schema. + + Identity Security Cloud uses entitlements in many features, including the following: + + - Certifications: Entitlements can be revoked from an identity that no longer needs them. + + - Roles: Roles can group access profiles which themselves group entitlements. You can grant and revoke access on a broad level with roles. Role membership criteria can grant roles to identities based on whether they have certain entitlements or attributes. + + - Access Profiles: Access profiles group entitlements. + They are the most important units of access in Identity Security Cloud. + Identity Security Cloud uses them in provisioning, certifications, and access requests, and administrators can configure them to grant very broad or very granular access. + + You cannot delete entitlements directly from Identity Security Cloud. + Entitlements are deleted based on their inclusion in aggregations. + + Refer to [Deleting Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html#deleting-entitlements) more information about deleting entitlements. + + Refer to [Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html) for more information about entitlements. + - name: Global Tenant Security Settings + description: | + Use this API to implement and customize global tenant security settings. + With this functionality in place, administrators can manage the global security settings that a tenant/org has. + This API can be used to configure the networks and Geographies allowed to access Identity Security Cloud URLs. + - name: Governance Groups + description: | + Use this API to implement and customize Governance Group functionality. With this functionality in place, administrators can create Governance Groups and configure them for use throughout Identity Security Cloud. + + A governance group is a group of users that can make governance decisions about access. If your organization has the Access Request or Certifications service, you can configure governance groups to review access requests or certifications. A governance group can determine whether specific access is appropriate for a user. + + Refer to [Creating and Managing Governance Groups](https://documentation.sailpoint.com/saas/help/common/users/governance_groups.html) for more information about how to build Governance Groups in the visual builder in the Identity Security Cloud UI. + - name: IAI Access Request Recommendations + - name: IAI Common Access + - name: IAI Message Catalogs + - name: IAI Outliers + - name: IAI Peer Group Strategies + - name: IAI Recommendations + - name: IAI Role Mining + - name: Icons + description: | + Use this API to implement functionality related to object icons (application icons for example). + With this functionality in place, administrators can set or remove an icon for specific object type for use throughout Identity Security Cloud. + - name: Identities + description: | + Use this API to implement identity functionality. + With this functionality in place, administrators can synchronize an identity's attributes with its various source attributes. + + Identity Security Cloud uses identities as users' authoritative accounts. Identities can own other accounts, entitlements, and attributes. + + An identity has a variety of attributes, such as an account name, an email address, a job title, and more. + These identity attributes can be correlated with different attributes on different sources. + For example, the identity John.Smith can own an account in the GitHub source with the account name John-Smith-Org, and Identity Security Cloud knows they are the same person with the same access and attributes. + + In Identity Security Cloud, administrators often set up these synchronizations to get triggered automatically with a change or to run on a schedule. + To manually synchronize attributes for an identity, administrators can use the Identities drop-down menu and select Identity List to view the list of identities. + They can then select the identity they want to manually synchronize and use the hamburger menu to select 'Synchronize Attributes.' + Doing so immediately begins the attribute synchronization and analyzes all accounts for the selected identity. + + Refer to [Synchronizing Attributes](https://documentation.sailpoint.com/saas/help/provisioning/attr_sync.html) for more information about synchronizing attributes. + - name: Identity Attributes + - name: Identity History + - name: Identity Profiles + description: | + Use this API to implement identity profile functionality. + With this functionality in place, administrators can view identity profiles and their configurations. + + Identity profiles represent the configurations that can be applied to identities as a way of granting them a set of security and access, as well as defining the mappings between their identity attributes and their source attributes. + + In Identity Security Cloud, administrators can use the Identities drop-down menu and select Identity Profiles to view the list of identity profiles. + This list shows some details about each identity profile, along with its status. + They can select an identity profile to view its settings, its mappings between identity attributes and correlating source account attributes, and its provisioning settings. + + Refer to [Creating Identity Profiles](https://documentation.sailpoint.com/saas/help/setup/identity_profiles.html) for more information about identity profiles. + - name: Lifecycle States + description: | + Use this API to implement and customize lifecycle state functionality. + With this functionality in place, administrators can create and configure custom lifecycle states for use across their organizations, which is key to controlling which users have access, when they have access, and the access they have. + + A lifecycle state describes a user's status in a company. For example, two lifecycle states come by default with Identity Security Cloud: 'Active' and 'Inactive.' + When an active employee takes an extended leave of absence from a company, his or her lifecycle state may change to 'Inactive,' for security purposes. + The inactive employee would lose access to all the applications, sources, and sensitive data during the leave of absence, but when the employee returns and becomes active again, all that access would be restored. + This saves administrators the time that would otherwise be spent provisioning the employee's access to each individual tool, reviewing the employee's certification history, etc. + + Administrators can create a variety of custom lifecycle states. Refer to [Planning New Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#planning-new-lifecycle-states) for some custom lifecycle state ideas. + + Administrators must define the criteria for being in each lifecycle state, and they must define how Identity Security Cloud manages users' access to apps and sources for each lifecycle state. + + In Identity Security Cloud, administrators can manage lifecycle states by going to Admin > Identities > Identity Profile, selecting the identity profile whose lifecycle states they want to manage, selecting the 'Provisioning' tab, and using the left panel to either select the lifecycle state they want to modify or create a new lifecycle state. + + In the 'Provisioning' tab, administrators can make the following access changes to an identity profile's lifecycle state: + + - Enable/disable the lifecycle state for the identity profile. + + - Enable/disable source accounts for the identity profile's lifecycle state. + + - Add existing access profiles to grant to the identity profiles in that lifecycle state. + + - Create a new access profile to grant to the identity profile in that lifecycle state. + + Access profiles granted in a previous lifecycle state are automatically revoked when the identity moves to a new lifecycle state. + To maintain access across multiple lifecycle states, administrators must grant the access profiles in each lifecycle state. + For example, if an administrator wants users with the 'HR Employee' identity profile to maintain their building access in both the 'Active' and 'Leave of Absence' lifecycle states, the administrator must grant the access profile for that building access to both lifecycle states. + + During scheduled refreshes, Identity Security Cloud evaluates lifecycle states to determine whether their assigned identities have the access defined in the lifecycle states' access profiles. + If the identities are missing access, Identity Security Cloud provisions that access. + + Administrators can also use the 'Provisioning' tab to configure email notifications for Identity Security Cloud to send whenever an identity with that identity profile has a lifecycle state change. + Refer to [Configuring Lifecycle State Notifications](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#configuring-lifecycle-state-notifications) for more information on how to do so. + + An identity's lifecycle state can have four different statuses: the lifecycle state's status can be 'Active,' it can be 'Not Set,' it can be 'Not Valid,' or it 'Does Not Match Technical Name Case.' + Refer to [Moving Identities into Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#moving-identities-into-lifecycle-states) for more information about these different lifecycle state statuses. + + Refer to [Setting Up Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html) for more information about lifecycle states. + - name: Managed Clients + description: Read and create operations for client data and statuses + - name: Managed Clusters + description: 'Read and create pperations for client Clusters, including Log Configuration' + - name: Manual Discover Applications + description: | + Use this API to manually upload application names to be correlated to an ISC connector. + - name: Manual Discover Applications Template + description: | + Use this API to download the CSV template to send to the application discovery service. + - name: MFA Configuration + description: Configure and test multifactor authentication (MFA) methods + - name: MFA Controller + description: This API used for multifactor authentication functionality belong to gov-multi-auth service. This controller allow you to verify authentication by specified method + - name: Non-Employee Lifecycle Management + description: | + Use this API to implement non-employee lifecycle management functionality. + With this functionality in place, administrators can create non-employee records and configure them for use in their organizations. + This allows organizations to provide secure access to non-employees and control that access. + + The 'non-employee' term refers to any consultant, contractor, intern, or other user in an organization who is not a full-time permanent employee. + Organizations can track non-employees' access and activity in Identity Security Cloud by creating and maintaining non-employee sources. + Organizations can have a maximum of 50 non-employee sources. + + By using SailPoint's Non-Employee Lifecycle Management functionality, you agree to the following: + + - SailPoint is not responsible for storing sensitive data. + You may only add account attributes to non-employee identities that are necessary for business operations and are consistent with your contractual limitations on data that may be sent or stored in Identity Security Cloud. + + - You are responsible for regularly downloading your list of non-employee accounts for all the sources you create and storing this list of accounts in a managed location to maintain an authoritative system of record and backup data for these accounts. + + To manage non-employees in Identity Security Cloud, administrators must create a non-employee source and add accounts to the source. + + To create a non-employee source in Identity Security Cloud, administrators must use the Admin panel to go to Connections > Sources. + They must then specify 'Non-Employee' in the 'Source Type' field. + Refer to [Creating a Non-Employee Source](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html#creating-a-non-employee-source) for more details about how to create non-employee sources. + + To add accounts to a non-employee source in Identity Security Cloud, administrators can select the non-employee source and add the accounts. + They can also use the 'Manage Non-Employees' widget on their user dashboards to reach the list of sources and then select the non-employee source they want to add the accounts to. + + Administrators can either add accounts individually or in bulk. Each non-employee source can have a maximum of 20,000 accounts. + To add accounts in bulk, they must select the 'Bulk Upload' option and upload a CSV file. + Refer to [Adding Accounts](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html#adding-accounts) for more details about how to add accounts to non-employee sources. + + Once administrators have created the non-employee source and added accounts to it, they can create identity profiles to generate identities for the non-employee accounts and manage the non-employee identities the same way they would any other identities. + + Refer to [Managing Non-Employee Sources and Accounts](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html) for more information about non-employee lifecycle management. + - name: Notifications + - name: OAuth Clients + description: | + Use this API to implement OAuth client functionality. + With this functionality in place, users with the appropriate security scopes can create and configure OAuth clients to use as a way to obtain authorization to use the Identity Security Cloud REST API. + Refer to [Authentication](https://developer.sailpoint.com/docs/api/authentication/) for more information about OAuth and how it works with the Identity Security Cloud REST API. + - name: Org Config + description: Operations for managing org configuration settings (eg. time zone) + - name: Password Configuration + description: | + Use this API to implement organization password configuration functionality. + With this functionality in place, organization administrators can create organization-specific password configurations. + + These configurations include details like custom password instructions, as well as digit token length and duration. + + Refer to [Configuring User Authentication for Password Resets](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html) for more information about organization password configuration functionality. + - name: Password Dictionary + description: | + Use this API to implement password dictionary functionality. + With this functionality in place, administrators can create password dictionaries to prevent users from using certain words or characters in their passwords. + + A password dictionary is a list of words or characters that users are prevented from including in their passwords. + This can help protect users from themselves and force them to create passwords that are not easy to break. + + A password dictionary must meet the following requirements to for the API to handle them correctly: + + - It must be in .txt format. + + - All characters must be UTF-8 characters. + + - Each line must contain a single word or character with no spaces or whitespace characters. + + - It must contain at least one line other than the locale string. + + - Each line must not exceed 128 characters. + + - The file must not exceed 2500 lines. + + Administrators should also consider the following when they create their dictionaries: + + - Lines starting with a # represent comments. + + - All words in the password dictionary are case-insensitive. + For example, adding the word "password" to the dictionary also disallows the following: PASSWORD, Password, and PassWord. + + - The dictionary uses substring matching. + For example, adding the word "spring" to the dictionary also disallows the following: Spring124, 345SprinG, and 8spring. + Users can then select 'Change Password' to update their passwords. + + Administrators must do the following to create a password dictionary: + + - Create the text file that will contain the prohibited password values. + + - If the dictionary is not in English, they must add a locale string to the top line: locale:`languageCode`_`countryCode` + + The languageCode value refers to the language's 2-letter ISO 639-1 code. + The countryCode value refers to the country's 2-letter ISO 3166-1 code. + + Refer to this list https://docs.oracle.com/cd/E13214_01/wli/docs92/xref/xqisocodes.html to see all the available ISO 639-1 language codes and ISO 3166-1 country codes. + + - Upload the .txt file to Identity Security Cloud with [Update Password Dictionary](https://developer.sailpoint.com/docs/api/v3/put-password-dictionary). Uploading a new file always overwrites the previous dictionary file. + + Administrators can then specify which password policies check new passwords against the password dictionary by doing the following: In the Admin panel, they can use the Password Mgmt dropdown menu to select Policies, select the policy, and select the 'Prevent use of words in this site's password dictionary' checkbox beside it. + + Refer to [Configuring Advanced Password Management Options](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html) for more information about password dictionaries. + - name: Password Management + description: | + Use this API to implement password management functionality. + With this functionality in place, users can manage their identity passwords for all their applications. + + In Identity Security Cloud, users can select their names in the upper right corner of the page and use the drop-down menu to select Password Manager. + Password Manager lists the user's identity's applications, possibly grouped to share passwords. + Users can then select 'Change Password' to update their passwords. + + Grouping passwords allows users to update their passwords more broadly, rather than requiring them to update each password individually. + Password Manager may list the applications and sources in the following groups: + + - Password Group: This refers to a group of applications that share a password. + For example, a user can use the same password for Google Drive, Google Mail, and YouTube. + Updating the password for the password group updates the password for all its included applications. + + - Multi-Application Source: This refers to a source with multiple applications that share a password. + For example, a user can have a source, G Suite, that includes the Google Calendar, Google Drive, and Google Mail applications. + Updating the password for the multi-application source updates the password for all its included applications. + + - Applications: These are applications that do not share passwords with other applications. + + An organization may require some authentication for users to update their passwords. + Users may be required to answer security questions or use a third-party authenticator before they can confirm their updates. + + Refer to [Managing Passwords](https://documentation.sailpoint.com/saas/user-help/accounts/passwords.html) for more information about password management. + - name: Password Policies + description: | + Use these APIs to implement password policies functionality. + These APIs allow you to define the policy parameters for choosing passwords. + + IdentityNow comes with a default policy that you can modify to define the password requirements your users must meet to log in to IdentityNow, such as requiring a minimum password length, including special characters, and disallowing certain patterns. + If you have licensed Password Management, you can create additional password policies beyond the default one to manage passwords for supported sources in your org. + + In the Identity Security Cloud Admin panel, administrators can use the Password Mgmt dropdown menu to select Sync Groups. + Refer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/pwd_policies/pwd_policies.html) for more information about password policies. + - name: Password Sync Groups + description: | + Use this API to implement password sync group functionality. + With this functionality in place, administrators can group sources into password sync groups so that all their applications share the same password. + This allows users to update the password for all the applications in a sync group if they want, rather than updating each password individually. + + A password sync group is a group of applications that shares a password. + Administrators create these groups by grouping the applications' sources. + For example, an administrator can group the ActiveDirectory, GitHub, and G Suite sources together so that all those sources' applications can also be grouped to share a password. + A user can then update his or her password for ActiveDirectory, GitHub, Gmail, Google Drive, and Google Calendar all at once, rather then updating each one individually. + + The following are required for administrators to create a password sync group in Identity Security Cloud: + + - At least two direct connect sources connected to Identity Security Cloud and configured for Password Management. + + - Each authentication source in a sync group must have at least one application. Refer to [Adding and Resetting Application Passwords](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html#adding-and-resetting-application-passwords) for more information about adding applications to sources. + + - At least one password policy. Refer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/policies.html) for more information about password policies. + + In the Admin panel in Identity Security Cloud, administrators can use the Password Mgmt dropdown menu to select Sync Groups. + To create a sync group, administrators must provide a name, choose a password policy to be enforced across the sources in the sync group, and select the sources to include in the sync group. + + Administrators can also delete sync groups in Identity Security Cloud, but they should know the following before they do: + + - Passwords related to the associated sources will become independent, so changing one will not change the others anymore. + + - Passwords for the sources' connected applications will also become independent. + + - Password policies assigned to the sync group are then assigned directly to the associated sources. + To change the password policy for a source, administrators must edit it directly. + + Once the password sync group has been created, users can update the password for the group in Password Manager. + + Refer to [Managing Password Sync Groups](https://documentation.sailpoint.com/saas/help/pwd/sync_grps.html) for more information about password sync groups. + - name: Personal Access Tokens + description: | + Use this API to implement personal access token (PAT) functionality. + With this functionality in place, users can use PATs as an alternative to passwords for authentication in Identity Security Cloud. + + PATs embed user information into the client ID and secret. + This replaces the API clients' need to store and provide a username and password to establish a connection, improving Identity Security Cloud organizations' integration security. + + In Identity Security Cloud, users can do the following to create and manage their PATs: Select the dropdown menu under their names, select Preferences, and then select Personal Access Tokens. + They must then provide a description about the token's purpose. + They can then select 'Create Token' at the bottom of the page to generate and view the Secret and Client ID. + + Refer to [Managing Personal Access Tokens](https://documentation.sailpoint.com/saas/help/common/generate_tokens.html) for more information about PATs. + - name: Public Identities + description: | + Use this API in conjunction with [Public Identites Config](https://developer.sailpoint.com/docs/api/v3/public-identities-config/) to enable non-administrators to view identities' publicly visible attributes. + With this functionality in place, non-administrators can view identity attributes other than the default attributes (email, lifecycle state, and manager), depending on which identity attributes their organization administrators have made public. + This can be helpful for access approvers, certification reviewers, managers viewing their direct reports' access, and source owners viewing their tasks. + - name: Public Identities Config + description: | + Use this API to implement public identity configuration functionality. + With this functionality in place, administrators can make up to 5 identity attributes publicly visible so other non-administrator users can see the relevant information they need to make decisions. + This can be helpful for approvers making approvals, certification reviewers, managers viewing their direct reports' access, and source owners viewing their tasks. + + By default, non-administrators can select an identity and view the following attributes: email, lifecycle state, and manager. + However, it may be helpful for a non-administrator reviewer to see other identity attributes like department, region, title, etc. + Administrators can use this API to make those necessary identity attributes public to non-administrators. + + For example, a non-administrator deciding whether to approve another identity's request for access to the Workday application, whose access may be restricted to members of the HR department, would want to know whether the identity is a member of the HR department. + If an administrator has used [Update Public Identity Config](https://developer.sailpoint.com/docs/api/v3/update-public-identity-config/) to make the "department" attribute public, the approver can see the department and make a decision without requesting any more information. + - name: Reports Data Extraction + description: | + Use this API to implement reports lifecycle managing and monitoring. + With this functionality in place, users can run reports, view their results, and cancel reports in progress. + This can be potentially helpful for auditing purposes. + - name: Requestable Objects + description: | + Use this API to implement requestable object functionality. + With this functionality in place, administrators can determine which access items can be requested with the [Access Request APIs](https://developer.sailpoint.com/docs/api/v3/access-requests/), along with their statuses. + This can be helpful for administrators who are implementing and customizing access request functionality as a way of checking which items are requestable as they are created, assigned, and made available. + - name: Role Insights + - name: Roles + description: | + Use this API to implement and customize role functionality. + With this functionality in place, administrators can create roles and configure them for use throughout Identity Security Cloud. + Identity Security Cloud can use established criteria to automatically assign the roles to qualified users. This enables users to get all the access they need quickly and securely and administrators to spend their time on other tasks. + + Entitlements represent the most granular level of access in Identity Security Cloud. + Access profiles represent the next level and often group entitlements. + Roles represent the broadest level of access and often group access profiles. + + For example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization. + + An administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement. + + An administrator can then create an even broader set of access in the form of a role grouping the 'AD Developers' access profile with another profile, 'GitHub Developers,' grouping entitlements for the GitHub source. + + When users only need Active Directory employee access, they can request access to the 'Employees' entitlement. + + When users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile. + + When users need both the 'AD Developers' access profile and the 'GitHub Developers' access profile, they can request access to the role grouping both. + + Roles often represent positions within organizations. + For example, an organization's accountant can access all the tools the organization's accountants need with the 'Accountant' role. + If the accountant switches to engineering, a qualified member of the organization can quickly revoke the accountant's 'Accountant' access and grant access to the 'Engineer' role instead, granting access to all the tools the organization's engineers need. + + In Identity Security Cloud, adminstrators can use the Access drop-down menu and select Roles to view, configure, and delete existing roles, as well as create new ones. + Administrators can enable and disable the role, and they can also make the following configurations: + + - Manage Access: Manage the role's access by adding or removing access profiles. + + - Define Assignment: Define the criteria Identity Security Cloud uses to assign the role to identities. + Use the first option, 'Standard Criteria,' to provide specific criteria for assignment like specific account attributes, entitlements, or identity attributes. + Use the second, 'Identity List,' to specify the identities for assignment. + + - Access Requests: Configure roles to be requestable and establish an approval process for any requests that the role be granted or revoked. + Do not configure a role to be requestable without establishing a secure access request approval process for that role first. + + Refer to [Working with Roles](https://documentation.sailpoint.com/saas/help/access/roles.html) for more information about roles. + - name: Saved Search + description: | + Use this API to implement saved search functionality. + With saved search functionality in place, users can save search queries and then view those saved searches, as well as rerun them. + + Search queries in Identity Security Cloud can grow very long and specific, which can make reconstructing them difficult or tedious, so it can be especially helpful to save search queries. + It also opens the possibility to configure Identity Security Cloud to run the saved queries on a schedule, which is essential to detecting user information and access changes throughout an organization's tenant and across all its sources. + Refer to [Scheduled Search](https://developer.sailpoint.com/docs/api/v3/scheduled-search/) for more information about running saved searches on a schedule. + + In Identity Security Cloud, users can save searches under a name, and then they can access that saved search and run it again when they want. + + Refer to [Managing Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html) for more information about saving searches and using them. + - name: Scheduled Search + description: | + Use this API to implement scheduled search functionality. + With scheduled search functionality in place, users can run saved search queries on their tenants on a schedule, and Identity Security Cloud emails them the search results. + Users can also share these search results with other users by email by adding those users as subscribers, or those users can subscribe themselves. + + One of the greatest benefits of saving searches is the ability to run those searches on a schedule. + This is essential for organizations to constantly detect any changes to user information or access throughout their tenants and across all their sources. + For example, the manager Amanda Ross can schedule a saved search "manager.name:amanda.ross AND attributes.location:austin" on a schedule to regularly stay aware of changes with the Austin employees reporting to her. + Identity Security Cloud emails her the search results when the search runs, so she can work on other tasks instead of actively running this search. + + In Identity Security Cloud, scheduling a search involves a subscription. + Users can create a subscription for a saved search and schedule it to run daily, weekly, or monthly (you can only use one schedule option at a time). + The user can add other identities as subscribers so when the scheduled search runs, the subscribers and the user all receive emails. + + By default, subscriptions exclude detailed results from the emails, for security purposes. + Including detailed results about user access in an email may expose sensitive information. + However, the subscription creator can choose to include the information in the emails. + + By default, Identity Security Cloud sends emails to the subscribers even when the searches do not return new results. + However, the subscription creator can choose to suppress these empty emails. + + Users can also subscribe to saved searches that already have existing subscriptions so they receive emails when the searches run. + A saved search can have up to 10 subscriptions configured at a time. + + The subscription creator can enable, disable, or delete the subscription. + + Refer to [Subscribing to Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html#subscribing-to-saved-searches) for more information about scheduling searches and subscribing to them. + - name: Search + description: | + Use this API to implement search functionality. + With search functionality in place, users can search their tenants for nearly any information from throughout their organizations. + + Identity Security Cloud enables organizations to store user data from across all their connected sources and manage the users' access, so the ability to query and filter that data is essential. + Its search goes through all those sources and finds the results quickly and specifically. + + The search query is flexible - it can be very broad or very narrow. + The search only returns results for searchable objects it is filtering for. + The following objects are searchable: identities, roles, access profiles, entitlements, events, and account activities. + By default, no filter is applied, so a search for "Ad" returns both the identity "Adam.Archer" as well as the role "Administrator." + + Users can further narrow their results by using Identity Security Cloud's specific syntax and punctuation to structure their queries. + For example, the query "attributes.location:austin AND NOT manager.name:amanda.ross" returns all results associated with the Austin location, but it excludes those associated with the manager Amanda Ross. + Refer to [Building a Search Query](https://documentation.sailpoint.com/saas/help/search/building-query.html) for more information about how to construct specific search queries. + + Refer to [Using Search](https://documentation.sailpoint.com/saas/help/search/index.html) for more information about Identity Security Cloud's search and its different possibilities. + + The search feature uses Elasticsearch as a datastore and query engine. + The power of Elasticsearch makes this feature suitable for ad-hoc reporting. + However, data from the operational databases (ex. identities, roles, events, etc) has to be ingested into Elasticsearch. + This ingestion process introduces a latency from when the operational data is created to when it is available in search. + Depending on the system load, this can take a few seconds to a few minutes. + Please keep this latency in mind when you use search. + - name: Search Attribute Configuration + - name: Segments + description: | + Use this API to implement and customize access request segment functionality. + With this functionality in place, administrators can create and manage access request segments. + Segments provide organizations with a way to make the access their users have even more granular - this can simply the access request process for the organization's users and improves security by reducing the risk of overprovisoning access. + + Segments represent sets of identities, all grouped by specified identity attributes, who are only able to see and access the access items associated with their segments. + For example, administrators could group all their organization's London office employees into one segment, "London Office Employees," by their shared location. + The administrators could then define the access items the London employees would need, and the identities in the "London Office Employees" would then only be able to see and access those items. + + In Identity Security Cloud, administrators can use the 'Access' drop-down menu and select 'Segments' to reach the 'Access Requests Segments' page. + This page lists all the existing access request segments, along with their statuses, enabled or disabled. + Administrators can use this page to create, edit, enable, disable, and delete segments. + To create a segment, an administrator must provide a name, define the identities grouped in the segment, and define the items the identities in the segment can access. + These items can be access profiles, roles, or entitlements. + + When administrators use the API to create and manage segments, they use a JSON expression in the `visibilityCriteria` object to define the segment's identities and access items. + + Refer to [Managing Access Request Segments](https://documentation.sailpoint.com/saas/help/requests/segments.html) for more information about segments in Identity Security Cloud. + - name: Service Desk Integration + description: | + Use this API to build an integration between Identity Security Cloud and a service desk ITSM (IT service management) solution. + Once an administrator builds this integration between Identity Security Cloud and a service desk, users can use Identity Security Cloud to raise and track tickets that are synchronized between Identity Security Cloud and the service desk. + + In Identity Security Cloud, administrators can create a service desk integration (sometimes also called an SDIM, or Service Desk Integration Module) by going to Admin > Connections > Service Desk and selecting 'Create.' + + To create a Generic Service Desk integration, for example, administrators must provide the required information on the General Settings page, the Connectivity and Authentication information, Ticket Creation information, Status Mapping information, and Requester Source information on the Configure page. + Refer to [Integrating SailPoint with Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html) for more information about the process of setting up a Generic Service Desk in Identity Security Cloud. + + Administrators can create various service desk integrations, all with their own nuances. + The following service desk integrations are available: + + - [Atlassian Cloud Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_cloud/help/integrating_jira_cloud_sd/introduction.html) + + - [Atlassian Server Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_server/help/integrating_jira_server_sd/introduction.html) + + - [BMC Helix ITSM Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_ITSM_sd/help/integrating_bmc_helix_itsm_sd/intro.html) + + - [BMC Helix Remedyforce Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_remedyforce_sd/help/integrating_bmc_helix_remedyforce_sd/intro.html) + + - [Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html) + + - [ServiceNow Service Desk](https://documentation.sailpoint.com/connectors/servicenow/sdim/help/integrating_servicenow_sdim/intro.html) + + - [Zendesk Service Desk](https://documentation.sailpoint.com/connectors/zendesk/help/integrating_zendesk_sd/introduction.html) + - name: SIM Integrations + description: | + Use this API to administer IdentityNow's Service Integration Module, or SIM integration with ServiceNow, so that it converts IdentityNow provisioning actions into tickets in ServiceNow. + + ServiceNow is a software platform that supports IT service management and automates common business processes for requesting and fulfilling service requests across a business enterprise. + + You must have an IdentityNow ServiceNow ServiceDesk license to use this integration. Contact your Customer Success Manager for more information. + + Service Desk integration for IdentityNow and in deprecation - not available for new implementation, as of July 21st, 2021. As per SailPoint’s [support policy](https://community.sailpoint.com/t5/Connector-Directory/SailPoint-Support-Policy-for-Connectivity/ta-p/79422), all existing SailPoint IdentityNow customers using this legacy integration will be supported until July 2022. + - name: SOD Policies + description: | + Use this API to implement and manage "separation of duties" (SOD) policies. + With SOD policy functionality in place, administrators can organize the access in their tenants to prevent individuals from gaining conflicting or excessive access. + + "Separation of duties" refers to the concept that people shouldn't have conflicting sets of access - all their access should be configured in a way that protects your organization's assets and data. + For example, people who record monetary transactions shouldn't be able to issue payment for those transactions. + Any changes to major system configurations should be approved by someone other than the person requesting the change. + + Organizations can use "separation of duties" (SOD) policies to enforce and track their internal security rules throughout their tenants. + These SOD policies limit each user's involvement in important processes and protects the organization from individuals gaining excessive access. + + To create SOD policies in Identity Security Cloud, administrators use 'Search' and then access 'Policies'. + To create a policy, they must configure two lists of access items. Each access item can only be added to one of the two lists. + They can search for the entitlements they want to add to these access lists. + + >Note: You can have a maximum of 500 policies of any type (including general policies) in your organization. In each access-based SOD policy, you can have a maximum of 50 entitlements in each access list. + + Once a SOD policy is in place, if an identity has access items on both lists, a SOD violation will trigger. + These violations are included in SOD violation reports that other users will see in emails at regular intervals if they're subscribed to the SOD policy. + The other users can then better help to enforce these SOD policies. + + To create a subscription to a SOD policy in Identity Security Cloud, administrators use 'Search' and then access 'Layers'. + They can create a subscription to the policy and schedule it to run at a regular interval. + + Refer to [Managing Policies](https://documentation.sailpoint.com/saas/help/sod/manage-policies.html) for more information about SOD policies. + + Refer to [Subscribe to a SOD Policy](https://documentation.sailpoint.com/saas/help/sod/policy-violations.html#subscribe-to-an-sod-policy) for more information about SOD policy subscriptions. + - name: SOD Violations + description: | + Use this API to check for current "separation of duties" (SOD) policy violations as well as potential future SOD policy violations. + With SOD violation functionality in place, administrators can get information about current SOD policy violations and predict whether an access change will trigger new violations, which helps to prevent them from occurring at all. + + "Separation of duties" refers to the concept that people shouldn't have conflicting sets of access - all their access should be configured in a way that protects your organization's assets and data. + For example, people who record monetary transactions shouldn't be able to issue payment for those transactions. + Any changes to major system configurations should be approved by someone other than the person requesting the change. + + Organizations can use "separation of duties" (SOD) policies to enforce and track their internal security rules throughout their tenants. + These SOD policies limit each user's involvement in important processes and protects the organization from individuals gaining excessive access. + + Once a SOD policy is in place, if an identity has conflicting access items, a SOD violation will trigger. + These violations are included in SOD violation reports that other users will see in emails at regular intervals if they're subscribed to the SOD policy. + The other users can then better help to enforce these SOD policies. + + Administrators can use the SOD violations APIs to check a set of identities for any current SOD violations, and they can use them to check whether adding an access item would potentially trigger a SOD violation. + This second option is a good way to prevent SOD violations from triggering at all. + + Refer to [Handling Policy Violations](https://documentation.sailpoint.com/saas/help/sod/policy-violations.html) for more information about SOD policy violations. + - name: Source Usages + description: | + Use this API to implement source usage insight functionality. + With this functionality in place, administrators can gather information and insights about how their tenants' sources are being used. + This allows organizations to get the information they need to start optimizing and securing source usage. + - name: Sources + description: | + Use this API to implement and customize source functionality. + With source functionality in place, organizations can use Identity Security Cloud to connect their various sources and user data sets and manage access across all those different sources in a secure, scalable way. + + [Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) refer to the Identity Security Cloud representations for external applications, databases, and directory management systems that maintain their own sets of users, like Dropbox, GitHub, and Workday, for example. + Organizations may use hundreds, if not thousands, of different source systems, and any one employee within an organization likely has a different user record on each source, often with different permissions on many of those records. + Connecting these sources to Identity Security Cloud makes it possible to manage user access across them all. + Then, if a new hire starts at an organization, Identity Security Cloud can grant the new hire access to all the sources they need. + If an employee moves to a new department and needs access to new sources but no longer needs access to others, Identity Security Cloud can grant the necessary access and revoke the unnecessary access for all the employee's various sources. + If an employee leaves the company, Identity Security Cloud can revoke access to all the employee's various source accounts immediately. + These are just a few examples of the many ways that source functionality makes identity governance easier, more efficient, and more secure. + + In Identity Security Cloud, administrators can create configure, manage, and edit sources, and they can designate other users as source admins to be able to do so. + They can also designate users as source sub-admins, who can perform the same source actions but only on sources associated with their governance groups. + Admins go to Connections > Sources to see a list of the existing source representations in their organizations. + They can create new sources or select existing ones. + + To create a new source, the following must be specified: Source Name, Description, Source Owner, and Connection Type. + Refer to [Configuring a Source](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html#configuring-a-source) for more information about the source configuration process. + + Identity Security Cloud connects with its sources either by a direct communication with the source server (connection information specific to the source must be provided) or a flat file feed, a CSV file containing all the relevant information about the accounts to be loaded in. + Different sources use different connectors to share data with Identity Security Cloud, and each connector's setup process is specific to that connector. + SailPoint has built a number of connectors to come out of the box and connect to the most common sources, and SailPoint actively maintains these connectors. + Refer to [Identity Security Cloud Connectors](https://documentation.sailpoint.com/connectors/identitynow/landingpages/help/landingpages/identitynow_connectivity_landing.html) for more information about these SailPoint supported connectors. + Refer to the following links for more information about two useful connectors: + + - [JDBC Connector](https://documentation.sailpoint.com/connectors/jdbc/help/integrating_jdbc/introduction.html): This customizable connector an directly connect to databases that support JDBC (Java Database Connectivity). + + - [Web Services Connector](https://documentation.sailpoint.com/connectors/webservices/help/integrating_webservices/introduction.html): This connector can directly connect to databases that support Web Services. + + Refer to [SaaS Connectivity](https://developer.sailpoint.com/docs/connectivity/saas-connectivity/) for more information about SailPoint's new connectivity framework that makes it easy to build and manage custom connectors to SaaS sources. + + When admins select existing sources, they can view the following information about the source: + + - Associated connections (any associated identity profiles, apps, or references to the source in a transform). + + - Associated user accounts. These accounts are linked to their identities - this provides a more complete picture of each user's access across sources. + + - Associated entitlements (sets of access rights on sources). + + - Associated access profiles (groupings of entitlements). + + The user account data and the entitlements update with each data aggregation from the source. + Organizations generally run scheduled, automated data aggregations to ensure that their data is always in sync between their sources and their Identity Security Cloud tenants so an access change on a source is detected quickly in Identity Security Cloud. + Admins can view a history of these aggregations, and they can also run manual imports. + Refer to [Loading Account Data](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html) for more information about manual and scheduled aggregations. + + Admins can also make changes to determine which user account data Identity Security Cloud collects from the source and how it correlates that account data with identity data. + To define which account attributes the source shares with Identity Security Cloud, admins can edit the account schema on the source. + Refer to [Managing Source Account Schemas](https://documentation.sailpoint.com/saas/help/accounts/schema.html) for more information about source account schemas and how to edit them. + To define the mapping between the source account attributes and their correlating identity attributes, admins can edit the correlation configuration on the source. + Refer to [Assigning Source Accounts to Identities](https://documentation.sailpoint.com/saas/help/accounts/correlation.html) for more information about this correlation process between source accounts and identities. + + Admins can also delete sources, but they must first ensure that the sources no longer have any active connections: the source must not be associated with any identity profile or any app, and it must not be referenced by any transform. + Refer to [Deleting Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html#deleting-sources) for more information about deleting sources. + + Well organized, mapped out connections between sources and Identity Security Cloud are essential to achieving comprehensive identity access governance across all the source systems organizations need. + Refer to [Managing Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) for more information about all the different things admins can do with sources once they are connected. + - name: SP-Config + description: Import and export configuration for some objects between tenants. + - name: Suggested Entitlement Description + description: | + Use this API to leverage power of LLM to generate suggested entitlement description. + - name: Tagged Objects + description: | + Use this API to implement object tagging functionality. + With object tagging functionality in place, any user in an organization can use tags as a way to group objects together and find them more quickly when the user searches Identity Security Cloud. + + In Identity Security Cloud, users can search their tenants for information and add tags objects they find. + Tagging an object provides users with a way of grouping objects together and makes it easier to find these objects in the future. + + For example, if a user is searching for an entitlement that grants a risky level of access to Active Directory, it's possible that the user may have to search through hundreds of entitlements to find the correct one. + Once the user finds that entitlement, the user can add a tag to the entitlement, "AD_RISKY" to make it easier to find the entitlement again. + The user can add the same tag to multiple objects the user wants to group together for an easy future search, and the user can also do so in bulk. + When the user wants to find that tagged entitlement again, the user can search for "tags:AD_RISKY" to find all objects with that tag. + + With the API, you can tag even more different object types than you can in Identity Security Cloud (access profiles, entitlements, identities, and roles). + You can use the API to tag all these objects: + + - Access profiles + + - Applications + + - Certification campaigns + + - Entitlements + + - Identities + + - Roles + + - SOD (separation of duties) policies + + - Sources + + You can also use the API to directly find, create, and manage tagged objects without using search queries. + + There are limits to tags: + + - You can have up to 500 different tags in your tenant. + + - You can apply up to 30 tags to one object. + + - You can have up to 10,000 tag associations, pairings of 1 tag to 1 object, in your tenant. + + Because of these limits, it is recommended that you work with your governance experts and security teams to establish a list of tags that are most expressive of governance objects and access managed by Identity Security Cloud. + + These are the types of information often expressed in tags: + + - Affected departments + + - Compliance and regulatory categories + + - Remediation urgency levels + + - Risk levels + + Refer to [Tagging Items in Search](https://documentation.sailpoint.com/saas/help/search/index.html?h=tags#tagging-items-in-search) for more information about tagging objects in Identity Security Cloud. + - name: Task Management + - name: Tenant + description: API for reading tenant details. + - name: Transforms + description: | + The purpose of this API is to expose functionality for the manipulation of Transform objects. + Transforms are a form of configurable objects which define an easy way to manipulate attribute data without having + to write code. These endpoints don't require API calls to other resources, audit service is used for keeping track + of which users have made changes to the Transforms. + + Refer to [Transforms](https://developer.sailpoint.com/docs/extensibility/transforms/) for more information about transforms. + - name: Triggers + description: | + Event Triggers provide real-time updates to changes in Identity Security Cloud so you can take action as soon as an event occurs, rather than poll an API endpoint for updates. Identity Security Cloud provides a user interface within the admin console to create and manage trigger subscriptions. These endpoints allow for programatically creating and managing trigger subscriptions. + + There are two types of event triggers: + * `FIRE_AND_FORGET`: This trigger type will send a payload to each subscriber without needing a response. Each trigger of this type has a limit of **50 subscriptions**. + * `REQUEST_RESPONSE`: This trigger type will send a payload to a subscriber and expect a response back. Each trigger of this type may only have **one subscription**. + + ## Available Event Triggers + Production ready event triggers that are available in all tenants. + + | Name | ID | Type | Trigger condition | + |-|-|-|-| + | [Access Request Dynamic Approval](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-dynamic-approval/) | idn:access-request-dynamic-approver | REQUEST_RESPONSE |After an access request is submitted. Expects the subscriber to respond with the ID of an identity or workgroup to add to the approval workflow. | + | [Access Request Decision](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-decision/) | idn:access-request-post-approval | FIRE_AND_FORGET | After an access request is approved. | + | [Access Request Submitted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-submitted/) | idn:access-request-pre-approval | REQUEST_RESPONSE | After an access request is submitted. Expects the subscriber to respond with an approval decision. | + | [Account Aggregation Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:account-aggregation-completed | FIRE_AND_FORGET | After an account aggregation completed, terminated, failed. | + | Account Attributes Changed | idn:account-attributes-changed | FIRE_AND_FORGET | After an account aggregation, and one or more account attributes have changed. | + | Account Correlated | idn:account-correlated | FIRE_AND_FORGET | After an account is added to an identity. | + | Accounts Collected for Aggregation | idn:aggregation-accounts-collected | FIRE_AND_FORGET | New, changed, and deleted accounts have been gathered during an aggregation and are being processed. | + | Account Uncorrelated | idn:account-uncorrelated | FIRE_AND_FORGET | After an account is removed from an identity. | + | Campaign Activated | idn:campaign-activated | FIRE_AND_FORGET | After a campaign is activated. | + | Campaign Ended | idn:campaign-ended | FIRE_AND_FORGET | After a campaign ends. | + | Campaign Generated | idn:campaign-generated | FIRE_AND_FORGET | After a campaign finishes generating. | + | Certification Signed Off | idn:certification-signed-off | FIRE_AND_FORGET | After a certification is signed off by its reviewer. | + | [Identity Attributes Changed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:identity-attributes-changed | FIRE_AND_FORGET | After One or more identity attributes changed. | + | [Identity Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-created/) | idn:identity-created | FIRE_AND_FORGET | After an identity is created. | + | [Provisioning Action Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/provisioning-completed/) | idn:post-provisioning | FIRE_AND_FORGET | After a provisioning action completed on a source. | + | [Scheduled Search](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/scheduled-search/) | idn:saved-search-complete | FIRE_AND_FORGET | After a scheduled search completed. | + | [Source Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-created/) | idn:source-created | FIRE_AND_FORGET | After a source is created. | + | [Source Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-deleted/) | idn:source-deleted | FIRE_AND_FORGET | After a source is deleted. | + | [Source Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-updated/) | idn:source-updated | FIRE_AND_FORGET | After configuration changes have been made to a source. | + | [VA Cluster Status Change](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/va-cluster-status-change/) | idn:va-cluster-status-change | FIRE_AND_FORGET | After the status of a VA cluster has changed. | + + ## Early Access Event Triggers + Triggers that are in-development and not ready for production use. Please contact support to enable these triggers in your tenant. + + | Name | ID | Type | Trigger condition | + |-|-|-|-| + | [Identity Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-deleted/) | idn:identity-deleted | FIRE_AND_FORGET | After an identity is deleted. | + | [Source Account Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-created/) | idn:source-account-created | FIRE_AND_FORGET | After a source account is created. | + | [Source Account Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-deleted/) | idn:source-account-deleted | FIRE_AND_FORGET | After a source account is deleted. | + | [Source Account Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-updated/) | idn:source-account-updated | FIRE_AND_FORGET | After a source account is changed. | + - name: UI Metadata + description: |- + API for managing UI Metadata. Use this API to manage metadata about your User Interface. + For example you can set the iFrameWhitelist parameter to permit another domain to encapsulate IDN within an iframe or set the usernameEmptyText to change the placeholder text for Username on your tenant's login screen. + - name: Vendor Connector Mappings + description: | + Use this API to manage mappings between various SaaS vendors and Identity Security Cloud (ISC) connectors. + - name: Work Items + description: | + Use this API to implement work item functionality. + With this functionality in place, users can manage their work items (tasks). + + Work items refer to the tasks users see in Identity Security Cloud's Task Manager. + They can see the pending work items they need to complete, as well as the work items they have already completed. + Task Manager lists the work items along with the involved sources, identities, accounts, and the timestamp when the work item was created. + For example, a user may see a pending 'Create an Account' work item for the identity Fred.Astaire in GitHub for Fred's GitHub account, fred-astaire-sp. + Once the user completes the work item, the work item will be listed with his or her other completed work items. + + To complete work items, users can use their dashboards and select the 'My Tasks' widget. + The widget will list any work items they need to complete, and they can select the work item from the list to review its details. + When they complete the work item, they can select 'Mark Complete' to add it to their list of completed work items. + + Refer to [Task Manager](https://documentation.sailpoint.com/saas/user-help/task_manager.html) for more information about work items, including the different types of work items users may need to complete. + - name: Work Reassignment + description: | + Use this API to implement work reassignment functionality. + + Work Reassignment allows access request reviews, certifications, and manual provisioning tasks assigned to a user to be reassigned to a different user. This is primarily used for: + + - Temporarily redirecting work for users who are out of office, such as on vacation or sick leave + - Permanently redirecting work for users who should not be assigned these tasks at all, such as senior executives or service identities + + Users can define reassignments for themselves, managers can add them for their team members, and administrators can configure them on any user’s behalf. Work assigned during the specified reassignment timeframes will be automatically reassigned to the designated user as it is created. + + Refer to [Work Reassignment](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html) for more information about this topic. + - name: Workflows + description: | + Workflows allow administrators to create custom automation scripts directly within Identity Security Cloud. These automation scripts respond to [event triggers](https://developer.sailpoint.com/docs/extensibility/event-triggers/#how-to-get-started-with-event-triggers) and perform a series of actions to perform tasks that are either too cumbersome or not available in the Identity Security Cloud UI. Workflows can be configured via a graphical user interface within Identity Security Cloud, or by creating and uploading a JSON formatted script to the Workflow service. The Workflows API collection provides the necessary functionality to create, manage, and test your workflows via REST. +paths: + /access-profiles: + get: + operationId: listAccessProfiles + tags: + - Access Profiles + summary: List Access Profiles + description: |- + Use this API to get a list of access profiles. + A token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + >**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank. + parameters: + - in: query + name: for-subadmin + schema: + type: string + description: |- + If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID. + + A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin. + example: 8c190e6787aa4ed9a90bd9d5344523fb + required: false + - in: query + name: limit + description: |- + Note that for this API the maximum value for limit is 50. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 50 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 50 + default: 50 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, sw* + + **created**: *gt, lt, ge, le* + + **modified**: *gt, lt, ge, le* + + **owner.id**: *eq, in* + + **requestable**: *eq* + + **source.id**: *eq, in* + + Composite operators supported: *and, or* + + Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. + example: name eq "SailPoint Support" + required: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, created, modified** + example: 'name,-modified' + required: false + - in: query + name: for-segment-ids + schema: + type: string + format: comma-separated + description: |- + If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs. + + If segmentation is currently unavailable, specifying this parameter results in an error. + example: '0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d' + required: false + - in: query + name: include-unsegmented + schema: + type: boolean + default: true + description: 'Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.' + example: false + required: false + responses: + '200': + description: List of access profiles. + content: + application/json: + schema: + type: array + items: + type: object + description: Access Profile + properties: + id: + type: string + description: The ID of the Access Profile + example: 2c91808a7190d06e01719938fcd20792 + readOnly: true + name: + type: string + description: Name of the Access Profile + example: Employee-database-read-write + description: + type: string + nullable: true + description: Information about the Access Profile + example: Collection of entitlements to read/write the employee database + created: + type: string + description: Date the Access Profile was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Access Profile was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + enabled: + type: boolean + default: true + description: Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement. + example: true + owner: + description: Owner of the Access Profile + type: object + nullable: false + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + source: + type: object + properties: + id: + type: string + description: The ID of the Source with with which the Access Profile is associated + example: 2c91809773dee3610173fdb0b6061ef4 + type: + type: string + enum: + - SOURCE + description: 'The type of the Source, will always be SOURCE' + example: SOURCE + name: + type: string + description: The display name of the associated Source + example: ODS-AD-SOURCE + entitlements: + type: array + nullable: true + description: A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement. + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + requestable: + type: boolean + default: true + description: 'Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.' + example: true + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + description: Revocation request configuration for this object. + type: object + properties: + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + nullable: true + items: + type: string + description: 'List of IDs of segments, if any, to which this Access Profile is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + provisioningCriteria: + description: 'When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.' + nullable: true + example: + operation: OR + children: + - operation: AND + children: + - attribute: dn + operation: CONTAINS + value: useast + - attribute: manager + operation: CONTAINS + value: Scott.Clark + - operation: AND + children: + - attribute: dn + operation: EQUALS + value: Gibson + - attribute: telephoneNumber + operation: CONTAINS + value: '512' + type: object + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: string + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + required: + - owner + - name + - source + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:access-profile:read' + post: + operationId: createAccessProfile + tags: + - Access Profiles + summary: Create Access Profile + description: |- + Use this API to create an access profile. + A token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a token with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile's Source. + The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles. However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters. + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Access Profile + properties: + id: + type: string + description: The ID of the Access Profile + example: 2c91808a7190d06e01719938fcd20792 + readOnly: true + name: + type: string + description: Name of the Access Profile + example: Employee-database-read-write + description: + type: string + nullable: true + description: Information about the Access Profile + example: Collection of entitlements to read/write the employee database + created: + type: string + description: Date the Access Profile was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Access Profile was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + enabled: + type: boolean + default: true + description: Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement. + example: true + owner: + description: Owner of the Access Profile + type: object + nullable: false + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + source: + type: object + properties: + id: + type: string + description: The ID of the Source with with which the Access Profile is associated + example: 2c91809773dee3610173fdb0b6061ef4 + type: + type: string + enum: + - SOURCE + description: 'The type of the Source, will always be SOURCE' + example: SOURCE + name: + type: string + description: The display name of the associated Source + example: ODS-AD-SOURCE + entitlements: + type: array + nullable: true + description: A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement. + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + requestable: + type: boolean + default: true + description: 'Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.' + example: true + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + description: Revocation request configuration for this object. + type: object + properties: + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + nullable: true + items: + type: string + description: 'List of IDs of segments, if any, to which this Access Profile is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + provisioningCriteria: + description: 'When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.' + nullable: true + example: + operation: OR + children: + - operation: AND + children: + - attribute: dn + operation: CONTAINS + value: useast + - attribute: manager + operation: CONTAINS + value: Scott.Clark + - operation: AND + children: + - attribute: dn + operation: EQUALS + value: Gibson + - attribute: telephoneNumber + operation: CONTAINS + value: '512' + type: object + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: string + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + required: + - owner + - name + - source + responses: + '201': + description: Access profile created. + content: + application/json: + schema: + type: object + description: Access Profile + properties: + id: + type: string + description: The ID of the Access Profile + example: 2c91808a7190d06e01719938fcd20792 + readOnly: true + name: + type: string + description: Name of the Access Profile + example: Employee-database-read-write + description: + type: string + nullable: true + description: Information about the Access Profile + example: Collection of entitlements to read/write the employee database + created: + type: string + description: Date the Access Profile was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Access Profile was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + enabled: + type: boolean + default: true + description: Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement. + example: true + owner: + description: Owner of the Access Profile + type: object + nullable: false + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + source: + type: object + properties: + id: + type: string + description: The ID of the Source with with which the Access Profile is associated + example: 2c91809773dee3610173fdb0b6061ef4 + type: + type: string + enum: + - SOURCE + description: 'The type of the Source, will always be SOURCE' + example: SOURCE + name: + type: string + description: The display name of the associated Source + example: ODS-AD-SOURCE + entitlements: + type: array + nullable: true + description: A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement. + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + requestable: + type: boolean + default: true + description: 'Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.' + example: true + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + description: Revocation request configuration for this object. + type: object + properties: + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + nullable: true + items: + type: string + description: 'List of IDs of segments, if any, to which this Access Profile is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + provisioningCriteria: + description: 'When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.' + nullable: true + example: + operation: OR + children: + - operation: AND + children: + - attribute: dn + operation: CONTAINS + value: useast + - attribute: manager + operation: CONTAINS + value: Scott.Clark + - operation: AND + children: + - attribute: dn + operation: EQUALS + value: Gibson + - attribute: telephoneNumber + operation: CONTAINS + value: '512' + type: object + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: string + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + required: + - owner + - name + - source + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:access-profile:manage' + '/access-profiles/{id}': + get: + operationId: getAccessProfile + tags: + - Access Profiles + summary: Get an Access Profile + description: |- + This API returns an Access Profile by its ID. + + A token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + parameters: + - in: path + name: id + required: true + schema: + type: string + description: ID of the Access Profile + example: 2c9180837ca6693d017ca8d097500149 + responses: + '200': + description: An AccessProfile + content: + application/json: + schema: + type: object + description: Access Profile + properties: + id: + type: string + description: The ID of the Access Profile + example: 2c91808a7190d06e01719938fcd20792 + readOnly: true + name: + type: string + description: Name of the Access Profile + example: Employee-database-read-write + description: + type: string + nullable: true + description: Information about the Access Profile + example: Collection of entitlements to read/write the employee database + created: + type: string + description: Date the Access Profile was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Access Profile was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + enabled: + type: boolean + default: true + description: Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement. + example: true + owner: + description: Owner of the Access Profile + type: object + nullable: false + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + source: + type: object + properties: + id: + type: string + description: The ID of the Source with with which the Access Profile is associated + example: 2c91809773dee3610173fdb0b6061ef4 + type: + type: string + enum: + - SOURCE + description: 'The type of the Source, will always be SOURCE' + example: SOURCE + name: + type: string + description: The display name of the associated Source + example: ODS-AD-SOURCE + entitlements: + type: array + nullable: true + description: A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement. + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + requestable: + type: boolean + default: true + description: 'Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.' + example: true + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + description: Revocation request configuration for this object. + type: object + properties: + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + nullable: true + items: + type: string + description: 'List of IDs of segments, if any, to which this Access Profile is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + provisioningCriteria: + description: 'When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.' + nullable: true + example: + operation: OR + children: + - operation: AND + children: + - attribute: dn + operation: CONTAINS + value: useast + - attribute: manager + operation: CONTAINS + value: Scott.Clark + - operation: AND + children: + - attribute: dn + operation: EQUALS + value: Gibson + - attribute: telephoneNumber + operation: CONTAINS + value: '512' + type: object + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: string + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + required: + - owner + - name + - source + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:access-profile:read' + patch: + operationId: patchAccessProfile + tags: + - Access Profiles + summary: Patch a specified Access Profile + description: |- + This API updates an existing Access Profile. The following fields are patchable: + + **name** + + **description** + + **enabled** + + **owner** + + **requestable** + + **accessRequestConfig** + + **revokeRequestConfig** + + **segments** + + **entitlements** + + **provisioningCriteria** + + **source** (must be updated with entitlements belonging to new source in the same API call) + + If you need to change the `source` of the access profile, you can do so only if you update the `entitlements` in the same API call. The new entitlements can only come from the target source that you want to change to. Look for the example "Replace Source" in the examples dropdown. + + A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a SOURCE_SUBADMIN may only use this API to patch Access Profiles which are associated with Sources they are able to administer. + > The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles, however, any new access profiles as well as any updates to existing descriptions will be limited to 2000 characters. + + > You can only add or replace **entitlements** that exist on the source that the access profile is attached to. You can use the **list entitlements** endpoint with the **filters** query parameter to get a list of available entitlements on the access profile's source. + parameters: + - name: id + in: path + description: ID of the Access Profile to patch + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + requestBody: + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + examples: + Add Entitlements: + description: Add one or more entitlements to the end of the list + value: + - op: add + path: /entitlements + value: + - id: 2c9180857725c14301772a93bb77242d + type: ENTITLEMENT + name: AD User Group + Insert Entitlement: + description: Add an entitlement at the beginning of the entitlement list + value: + - op: add + path: /entitlements/0 + value: + id: 2c9180857725c14301772a93bb77242d + type: ENTITLEMENT + name: AD User Group + Replace Entitlements: + description: Replace all entitlements with a new list of entitlements + value: + - op: replace + path: /entitlements + value: + - id: 2c9180857725c14301772a93bb77242d + type: ENTITLEMENT + name: AD User Group + Remove Entitlement: + description: Remove the first entitlement in the list + value: + - op: remove + path: /entitlements/0 + Replace Source: + description: Change the source and the entitlements of the access profile + value: + - op: replace + path: /source + value: + id: 2c9180887671ff8c01767b4671fb7d5e + type: SOURCE + name: Employees + - op: replace + path: /entitlements + value: + - id: 2c9180877677453d01767b4b08f63386 + type: ENTITLEMENT + name: DevRel + required: true + responses: + '200': + description: Responds with the Access Profile as updated. + content: + application/json: + schema: + type: object + description: Access Profile + properties: + id: + type: string + description: The ID of the Access Profile + example: 2c91808a7190d06e01719938fcd20792 + readOnly: true + name: + type: string + description: Name of the Access Profile + example: Employee-database-read-write + description: + type: string + nullable: true + description: Information about the Access Profile + example: Collection of entitlements to read/write the employee database + created: + type: string + description: Date the Access Profile was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Access Profile was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + enabled: + type: boolean + default: true + description: Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement. + example: true + owner: + description: Owner of the Access Profile + type: object + nullable: false + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + source: + type: object + properties: + id: + type: string + description: The ID of the Source with with which the Access Profile is associated + example: 2c91809773dee3610173fdb0b6061ef4 + type: + type: string + enum: + - SOURCE + description: 'The type of the Source, will always be SOURCE' + example: SOURCE + name: + type: string + description: The display name of the associated Source + example: ODS-AD-SOURCE + entitlements: + type: array + nullable: true + description: A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement. + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + requestable: + type: boolean + default: true + description: 'Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error.' + example: true + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + description: Revocation request configuration for this object. + type: object + properties: + approvalSchemes: + type: array + nullable: true + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - APP_OWNER + - OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + **APP_OWNER**: The owner of the Application + + **OWNER**: Owner of the associated Access Profile or Role + + **SOURCE_OWNER**: Owner of the Source associated with an Access Profile + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + nullable: true + items: + type: string + description: 'List of IDs of segments, if any, to which this Access Profile is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + provisioningCriteria: + description: 'When an Identity has multiple Accounts on the Source with which an Access Profile is associated, this expression is evaluated against those Accounts to choose one to provision with the Access Profile.' + nullable: true + example: + operation: OR + children: + - operation: AND + children: + - attribute: dn + operation: CONTAINS + value: useast + - attribute: manager + operation: CONTAINS + value: Scott.Clark + - operation: AND + children: + - attribute: dn + operation: EQUALS + value: Gibson + - attribute: telephoneNumber + operation: CONTAINS + value: '512' + type: object + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + nullable: true + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines matching criteria for an Account to be provisioned with a specific Access Profile + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - HAS + - AND + - OR + description: Supported operations on ProvisioningCriteria + example: EQUALS + attribute: + type: string + description: 'Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.' + example: email + nullable: true + value: + type: string + description: 'String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: string + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.' + example: null + required: + - owner + - name + - source + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:access-profile:manage' + delete: + operationId: deleteAccessProfile + tags: + - Access Profiles + summary: Delete the specified Access Profile + description: |- + This API deletes an existing Access Profile. + + The Access Profile must not be in use, for example, Access Profile can not be deleted if they belong to an Application, Life Cycle State or a Role. If it is, a 400 error is returned. + + A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to invoke this API. In addition, a SOURCE_SUBADMIN token must be able to administer the Source associated with the Access Profile. + parameters: + - name: id + in: path + description: ID of the Access Profile to delete + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Returned when an access profile cannot be deleted as it's being used. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + 400.2.1.0 Object in use by another: + description: Returned when an access profile cannot be deleted as it's being used + value: + detailCode: 400.2.1.0 Object in use by another + trackingId: c9c1033c55b84ebc9e93e926dcf8b8b3 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The "testAccessProfile" access profile can't be deleted because it's in use. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:access-profile:manage' + /access-profiles/bulk-delete: + post: + operationId: deleteAccessProfilesInBulk + summary: Delete Access Profile(s) + tags: + - Access Profiles + description: |- + This endpoint initiates a bulk deletion of one or more access profiles. + When the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information. + This endpoint can only bulk delete up to a limit of 50 access profiles per request. + By default, if any of the indicated access profiles are in use, no deletions will be performed and the **inUse** field of the response indicates the usages that must be removed first. If the request field **bestEffortOnly** is **true**, however, usages are reported in the **inUse** response field but all other indicated access profiles will be deleted. + A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this endpoint. In addition, a SOURCE_SUBADMIN can only use this endpoint to delete access profiles associated with sources they're able to administer. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + accessProfileIds: + description: List of IDs of Access Profiles to be deleted. + type: array + items: + type: string + example: + - 2c9180847812e0b1017817051919ecca + - 2c9180887812e0b201781e129f151816 + bestEffortOnly: + description: 'If **true**, silently skip over any of the specified Access Profiles if they cannot be deleted because they are in use. If **false**, no deletions will be attempted if any of the Access Profiles are in use.' + type: boolean + example: true + example: + bestEffortOnly: true + accessProfileIds: + - 2c91808876438bb2017668b91919ecca + - 2c91808876438ba801766e129f151816 + responses: + '200': + description: 'Returned only if **bestEffortOnly** is **false**, and one or more Access Profiles are in use.' + content: + application/json: + schema: + type: object + properties: + taskId: + type: string + description: ID of the task which is executing the bulk deletion. This can be passed to the **/task-status** API to track status. + example: 2c9180867817ac4d017817c491119a20 + pending: + type: array + description: List of IDs of Access Profiles which are pending deletion. + items: + type: string + example: + - 2c91808876438bbb017668c21919ecca + - 2c91808876438bb201766e129f151816 + inUse: + type: array + description: List of usages of Access Profiles targeted for deletion. + items: + type: object + properties: + accessProfileId: + type: string + description: ID of the Access Profile that is in use + example: 2c91808876438bbb017668c21919ecca + usedBy: + type: array + description: List of references to objects which are using the indicated Access Profile + items: + type: object + description: Role using the access profile. + properties: + type: + type: string + description: DTO type of role using the access profile. + enum: + - ROLE + example: ROLE + id: + type: string + description: ID of role using the access profile. + example: 2c8180857a9b3da0017aa03418480f9d + name: + type: string + description: Display name of role using the access profile. + example: Manager Role + example: + pending: [] + inUse: + - accessProfileId: 2c91808876438ba801766e129f151816 + usages: + - type: Role + id: 2c9180887643764201766e9f6e121518 + '202': + description: Returned if at least one deletion will be performed. + content: + application/json: + schema: + type: object + properties: + taskId: + type: string + description: ID of the task which is executing the bulk deletion. This can be passed to the **/task-status** API to track status. + example: 2c9180867817ac4d017817c491119a20 + pending: + type: array + description: List of IDs of Access Profiles which are pending deletion. + items: + type: string + example: + - 2c91808876438bbb017668c21919ecca + - 2c91808876438bb201766e129f151816 + inUse: + type: array + description: List of usages of Access Profiles targeted for deletion. + items: + type: object + properties: + accessProfileId: + type: string + description: ID of the Access Profile that is in use + example: 2c91808876438bbb017668c21919ecca + usedBy: + type: array + description: List of references to objects which are using the indicated Access Profile + items: + type: object + description: Role using the access profile. + properties: + type: + type: string + description: DTO type of role using the access profile. + enum: + - ROLE + example: ROLE + id: + type: string + description: ID of role using the access profile. + example: 2c8180857a9b3da0017aa03418480f9d + name: + type: string + description: Display name of role using the access profile. + example: Manager Role + example: + taskId: 2c91808a7813090a01781412a1119a20 + pending: + - 2c91808a7813090a017813fe1919ecca + inUse: + - accessProfileId: 2c91808876438ba801766e129f151816 + usages: + - type: Role + id: 2c9180887643764201766e9f6e121518 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:access-profile:manage' + '/access-profiles/{id}/entitlements': + get: + operationId: getAccessProfileEntitlements + tags: + - Access Profiles + summary: List Access Profile's Entitlements + description: |- + Use this API to get a list of an access profile's entitlements. + A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a token with SOURCE_SUBADMIN authority must have access to the source associated with the specified access profile. + >**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank. + parameters: + - name: id + in: path + description: ID of the access profile containing the entitlements. + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, sw* + + **attribute**: *eq, sw* + + **value**: *eq, sw* + + **created**: *gt, lt, ge, le* + + **modified**: *gt, lt, ge, le* + + **owner.id**: *eq, in* + + **source.id**: *eq, in* + + Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. + example: attribute eq "memberOf" + required: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, attribute, value, created, modified** + example: 'name,-modified' + required: false + responses: + '200': + description: List of entitlements. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The entitlement id + example: 2c91808874ff91550175097daaec161c + name: + type: string + description: The entitlement name + example: LauncherTest2 + attribute: + type: string + description: The entitlement attribute name + example: memberOf + value: + type: string + description: The value of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + sourceSchemaObjectType: + type: string + description: The object type of the entitlement from the source schema + example: group + description: + type: string + description: The description of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + privileged: + type: boolean + description: True if the entitlement is privileged + example: true + cloudGoverned: + type: boolean + description: True if the entitlement is cloud governed + example: true + created: + type: string + description: Time when the entitlement was created + format: date-time + example: '2020-10-08T18:33:52.029Z' + modified: + type: string + description: Time when the entitlement was last modified + format: date-time + example: '2020-10-08T18:33:52.029Z' + source: + type: object + properties: + id: + type: string + description: The source ID + example: 2c9180827ca885d7017ca8ce28a000eb + type: + type: string + description: 'The source type, will always be "SOURCE"' + example: SOURCE + name: + type: string + description: The source name + example: ODS-AD-Source + attributes: + type: object + description: A map of free-form key-value pairs from the source system + example: + fieldName: fieldValue + additionalProperties: true + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Entitlement is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + directPermissions: + type: array + items: + type: object + description: 'Simplified DTO for the Permission objects stored in SailPoint''s database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.' + properties: + rights: + type: array + description: All the rights (e.g. actions) that this permission allows on the target + readOnly: true + items: + type: string + example: SELECT + target: + type: string + description: The target the permission would grants rights on. + readOnly: true + example: SYS.GV_$TRANSACTION + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:access-profile:read' + /access-requests: + post: + operationId: createAccessRequest + security: + - UserContextAuth: + - 'idn:access-request:manage' + summary: Submit Access Request + tags: + - Access Requests + description: | + Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. + + Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request + has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn't return an error + if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. + + It's best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can + be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also + use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting + an access request to ensure that you aren't requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request. + These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API. + + There are two types of access request: + + __GRANT_ACCESS__ + * Can be requested for multiple identities in a single request. + * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. + * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. + * Roles, access profiles and entitlements can be requested. + * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. + + __REVOKE_ACCESS__ + * Can only be requested for a single identity at a time. + * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. + * Does not support self request. Only manager can request to revoke access for their directly managed employees. + * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. + * Roles, access profiles, and entitlements can be requested for revocation. + * Revoke requests for entitlements are limited to 1 entitlement per access request currently. + * You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone. + * Allows a manager to request to revoke access for direct employees. A token with ORG_ADMIN authority can also request to revoke access from anyone. + + A token with API authority cannot be used to call this endpoint. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + requestedFor: + description: 'A list of Identity IDs for whom the Access is requested. If it''s a Revoke request, there can only be one Identity ID.' + type: array + items: + type: string + example: 2c918084660f45d6016617daa9210584 + requestType: + type: string + enum: + - GRANT_ACCESS + - REVOKE_ACCESS + - null + description: Access request type. Defaults to GRANT_ACCESS. REVOKE_ACCESS type can only have a single Identity ID in the requestedFor field. + example: GRANT_ACCESS + nullable: true + requestedItems: + type: array + items: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: The type of the item being requested. + example: ACCESS_PROFILE + id: + type: string + description: 'ID of Role, Access Profile or Entitlement being requested.' + example: 2c9180835d2e5168015d32f890ca1581 + comment: + type: string + description: | + Comment provided by requester. + * Comment is required when the request is of type Revoke Access. + example: Requesting access profile for John Doe + clientMetadata: + type: object + additionalProperties: + type: string + example: + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + requestedAppName: test-app + example: + requestedAppName: test-app + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. + removeDate: + type: string + description: | + The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. + * Specify a date in the future. + * The current SLA for the deprovisioning is 24 hours. + * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. + format: date-time + example: '2020-07-11T21:23:15.000Z' + required: + - id + - type + minItems: 1 + maxItems: 25 + clientMetadata: + type: object + additionalProperties: + type: string + example: + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + requestedAppName: test-app + example: + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + requestedAppName: test-app + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. + required: + - requestedFor + - requestedItems + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /access-requests/cancel: + post: + operationId: cancelAccessRequest + security: + - UserContextAuth: + - 'idn:access-request:cancel' + tags: + - Access Requests + summary: Cancel Access Request + description: |- + This API endpoint cancels a pending access request. An access request can be cancelled only if it has not passed the approval step. + Any token with ORG_ADMIN authority or token of the user who originally requested the access request is required to cancel it. + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Request body payload for cancel access request endpoint. + required: + - accountActivityId + - comment + properties: + accountActivityId: + type: string + description: 'This refers to the identityRequestId. To successfully cancel an access request, you must provide the identityRequestId.' + example: 2c9180835d2e5168015d32f890ca1581 + comment: + type: string + description: Reason for cancelling the pending access request. + example: I requested this role by mistake. + example: + accountActivityId: 2c91808568c529c60168cca6f90c1313 + comment: I requested this role by mistake. + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /access-request-config: + get: + operationId: getAccessRequestConfig + security: + - UserContextAuth: + - 'idn:access-request-config:read' + summary: Get Access Request Configuration + tags: + - Access Requests + description: This endpoint returns the current access-request configuration. + responses: + '200': + description: Access Request Configuration Details. + content: + application/json: + schema: + type: object + properties: + approvalsMustBeExternal: + type: boolean + description: 'If this is true, approvals must be processed by an external system. Also, if this is true, it blocks Request Center access requests and returns an error for any user who isn''t an org admin.' + default: false + example: true + autoApprovalEnabled: + type: boolean + description: 'If this is true and the requester and reviewer are the same, the request is automatically approved.' + default: false + example: true + requestOnBehalfOfConfig: + description: Request On Behalf Of configuration. + type: object + properties: + allowRequestOnBehalfOfAnyoneByAnyone: + type: boolean + description: 'If this is true, anyone can request access for anyone.' + default: false + example: true + allowRequestOnBehalfOfEmployeeByManager: + type: boolean + description: 'If this is true, a manager can request access for his or her direct reports.' + default: false + example: true + approvalReminderAndEscalationConfig: + description: Approval reminder and escalation configuration. + type: object + properties: + daysUntilEscalation: + type: integer + description: 'Number of days to wait before the first reminder. If no reminders are configured, then this is the number of days to wait before escalation.' + format: int32 + example: 0 + nullable: true + daysBetweenReminders: + type: integer + description: Number of days to wait between reminder notifications. + format: int32 + example: 0 + nullable: true + maxReminders: + type: integer + description: Maximum number of reminder notification to send to the reviewer before approval escalation. + format: int32 + minimum: 1 + example: 1 + nullable: true + fallbackApproverRef: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + entitlementRequestConfig: + description: Entitlement request configuration. + type: object + properties: + allowEntitlementRequest: + type: boolean + description: 'If this is true, entitlement requests are allowed.' + default: false + example: true + requestCommentsRequired: + type: boolean + description: 'If this is true, comments are required to submit entitlement requests.' + default: false + example: false + deniedCommentsRequired: + type: boolean + description: 'If this is true, comments are required to reject entitlement requests.' + default: false + example: false + grantRequestApprovalSchemes: + type: string + description: | + Approval schemes for granting entitlement request. This can be empty if no approval is needed. + Multiple schemes must be comma-separated. The valid schemes are "entitlementOwner", "sourceOwner", "manager" and "workgroup:{id}". + You can use multiple governance groups (workgroups). + default: sourceOwner + nullable: true + example: 'entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: setAccessRequestConfig + security: + - UserContextAuth: + - 'idn:access-request-config:update' + summary: Update Access Request Configuration + tags: + - Access Requests + description: |- + This endpoint replaces the current access-request configuration. + A token with ORG_ADMIN authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + approvalsMustBeExternal: + type: boolean + description: 'If this is true, approvals must be processed by an external system. Also, if this is true, it blocks Request Center access requests and returns an error for any user who isn''t an org admin.' + default: false + example: true + autoApprovalEnabled: + type: boolean + description: 'If this is true and the requester and reviewer are the same, the request is automatically approved.' + default: false + example: true + requestOnBehalfOfConfig: + description: Request On Behalf Of configuration. + type: object + properties: + allowRequestOnBehalfOfAnyoneByAnyone: + type: boolean + description: 'If this is true, anyone can request access for anyone.' + default: false + example: true + allowRequestOnBehalfOfEmployeeByManager: + type: boolean + description: 'If this is true, a manager can request access for his or her direct reports.' + default: false + example: true + approvalReminderAndEscalationConfig: + description: Approval reminder and escalation configuration. + type: object + properties: + daysUntilEscalation: + type: integer + description: 'Number of days to wait before the first reminder. If no reminders are configured, then this is the number of days to wait before escalation.' + format: int32 + example: 0 + nullable: true + daysBetweenReminders: + type: integer + description: Number of days to wait between reminder notifications. + format: int32 + example: 0 + nullable: true + maxReminders: + type: integer + description: Maximum number of reminder notification to send to the reviewer before approval escalation. + format: int32 + minimum: 1 + example: 1 + nullable: true + fallbackApproverRef: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + entitlementRequestConfig: + description: Entitlement request configuration. + type: object + properties: + allowEntitlementRequest: + type: boolean + description: 'If this is true, entitlement requests are allowed.' + default: false + example: true + requestCommentsRequired: + type: boolean + description: 'If this is true, comments are required to submit entitlement requests.' + default: false + example: false + deniedCommentsRequired: + type: boolean + description: 'If this is true, comments are required to reject entitlement requests.' + default: false + example: false + grantRequestApprovalSchemes: + type: string + description: | + Approval schemes for granting entitlement request. This can be empty if no approval is needed. + Multiple schemes must be comma-separated. The valid schemes are "entitlementOwner", "sourceOwner", "manager" and "workgroup:{id}". + You can use multiple governance groups (workgroups). + default: sourceOwner + nullable: true + example: 'entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584' + responses: + '200': + description: Access Request Configuration Details. + content: + application/json: + schema: + type: object + properties: + approvalsMustBeExternal: + type: boolean + description: 'If this is true, approvals must be processed by an external system. Also, if this is true, it blocks Request Center access requests and returns an error for any user who isn''t an org admin.' + default: false + example: true + autoApprovalEnabled: + type: boolean + description: 'If this is true and the requester and reviewer are the same, the request is automatically approved.' + default: false + example: true + requestOnBehalfOfConfig: + description: Request On Behalf Of configuration. + type: object + properties: + allowRequestOnBehalfOfAnyoneByAnyone: + type: boolean + description: 'If this is true, anyone can request access for anyone.' + default: false + example: true + allowRequestOnBehalfOfEmployeeByManager: + type: boolean + description: 'If this is true, a manager can request access for his or her direct reports.' + default: false + example: true + approvalReminderAndEscalationConfig: + description: Approval reminder and escalation configuration. + type: object + properties: + daysUntilEscalation: + type: integer + description: 'Number of days to wait before the first reminder. If no reminders are configured, then this is the number of days to wait before escalation.' + format: int32 + example: 0 + nullable: true + daysBetweenReminders: + type: integer + description: Number of days to wait between reminder notifications. + format: int32 + example: 0 + nullable: true + maxReminders: + type: integer + description: Maximum number of reminder notification to send to the reviewer before approval escalation. + format: int32 + minimum: 1 + example: 1 + nullable: true + fallbackApproverRef: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + entitlementRequestConfig: + description: Entitlement request configuration. + type: object + properties: + allowEntitlementRequest: + type: boolean + description: 'If this is true, entitlement requests are allowed.' + default: false + example: true + requestCommentsRequired: + type: boolean + description: 'If this is true, comments are required to submit entitlement requests.' + default: false + example: false + deniedCommentsRequired: + type: boolean + description: 'If this is true, comments are required to reject entitlement requests.' + default: false + example: false + grantRequestApprovalSchemes: + type: string + description: | + Approval schemes for granting entitlement request. This can be empty if no approval is needed. + Multiple schemes must be comma-separated. The valid schemes are "entitlementOwner", "sourceOwner", "manager" and "workgroup:{id}". + You can use multiple governance groups (workgroups). + default: sourceOwner + nullable: true + example: 'entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /access-request-status: + get: + operationId: listAccessRequestStatus + security: + - UserContextAuth: + - 'idn:access-request-status:read' + tags: + - Access Requests + summary: Access Request Status + description: |- + Use this API to return a list of access request statuses based on the specified query parameters. + If an access request was made for access that an identity already has, the API ignores the access request. These ignored requests do not display in the list of access request statuses. + Any token with any authority can request their own status. A token with ORG_ADMIN authority is required to call this API to get a list of statuses for other users. + parameters: + - in: query + name: requested-for + schema: + type: string + example: 2c9180877b2b6ea4017b2c545f971429 + description: Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*. + required: false + - in: query + name: requested-by + schema: + type: string + example: 2c9180877b2b6ea4017b2c545f971429 + description: Filter the results by the identity twho made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*. + required: false + - in: query + name: regarding-identity + schema: + type: string + example: 2c9180877b2b6ea4017b2c545f971429 + description: Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*. + required: false + - in: query + name: assigned-to + schema: + type: string + example: 2c9180877b2b6ea4017b2c545f971429 + description: Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user. + required: false + - in: query + name: count + description: 'If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.' + required: false + schema: + type: boolean + default: false + example: false + - in: query + name: limit + description: Max number of results to return. + required: false + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + example: 100 + - in: query + name: offset + description: Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified. + required: false + schema: + type: integer + format: int32 + minimum: 0 + example: 10 + - in: query + name: filters + schema: + type: string + example: accountActivityItemId eq "2c918086771c86df0177401efcdf54c0" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw* + required: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **created, modified, accountActivityItemId, name** + example: created + required: false + responses: + '200': + description: List of requested item statuses. + content: + application/json: + schema: + type: array + items: + type: object + properties: + name: + type: string + description: Human-readable display name of the item being requested. + example: AccessProfile1 + nullable: true + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + - null + description: Type of requested object. + example: ACCESS_PROFILE + nullable: true + cancelledRequestDetails: + allOf: + - type: object + properties: + comment: + type: string + description: Comment made by the owner when cancelling the associated request. + example: This request must be cancelled. + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + modified: + type: string + format: date-time + description: Date comment was added by the owner when cancelling the associated request. + example: '2019-12-20T09:17:12.192Z' + description: Provides additional details for a request that has been cancelled. + - nullable: true + errorMessages: + type: array + nullable: true + items: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + description: 'List of list of localized error messages, if any, encountered during the approval/provisioning process.' + state: + type: string + enum: + - EXECUTING + - REQUEST_COMPLETED + - CANCELLED + - TERMINATED + - PROVISIONING_VERIFICATION_PENDING + - REJECTED + - PROVISIONING_FAILED + - NOT_ALL_ITEMS_PROVISIONED + - ERROR + description: |- + Indicates the state of an access request: + * EXECUTING: The request is executing, which indicates the system is doing some processing. + * REQUEST_COMPLETED: Indicates the request has been completed. + * CANCELLED: The request was cancelled with no user input. + * TERMINATED: The request has been terminated before it was able to complete. + * PROVISIONING_VERIFICATION_PENDING: The request has finished any approval steps and provisioning is waiting to be verified. + * REJECTED: The request was rejected. + * PROVISIONING_FAILED: The request has failed to complete. + * NOT_ALL_ITEMS_PROVISIONED: One or more of the requested items failed to complete, but there were one or more successes. + * ERROR: An error occurred during request processing. + example: EXECUTING + approvalDetails: + type: array + items: + type: object + properties: + forwarded: + type: boolean + default: false + description: True if the request for this item was forwarded from one owner to another. + example: false + originalOwner: + type: object + description: Identity of orginal approval owner. + properties: + type: + type: string + description: DTO type of original approval owner's identity. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of original approval owner's identity. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Display name of original approval owner. + example: Michael Michaels + currentOwner: + allOf: + - type: object + description: Identity who reviewed the access item request. + properties: + type: + type: string + description: DTO type of identity who reviewed the access item request. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity who reviewed the access item request. + example: 2c3780a46faadee4016fb4e018c20652 + name: + type: string + description: Human-readable display name of identity who reviewed the access item request. + example: Allen Albertson + - nullable: true + modified: + type: string + format: date-time + description: Time at which item was modified. + example: '2019-08-23T18:52:57.398Z' + nullable: true + status: + type: string + enum: + - PENDING + - APPROVED + - REJECTED + - EXPIRED + - CANCELLED + - ARCHIVED + description: |- + Indicates the state of the request processing for this item: + * PENDING: The request for this item is awaiting processing. + * APPROVED: The request for this item has been approved. + * REJECTED: The request for this item was rejected. + * EXPIRED: The request for this item expired with no action taken. + * CANCELLED: The request for this item was cancelled with no user action. + * ARCHIVED: The request for this item has been archived after completion. + example: PENDING + scheme: + type: string + enum: + - APP_OWNER + - SOURCE_OWNER + - MANAGER + - ROLE_OWNER + - ACCESS_PROFILE_OWNER + - ENTITLEMENT_OWNER + - GOVERNANCE_GROUP + description: Describes the individual or group that is responsible for an approval step. + example: MANAGER + errorMessages: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + description: 'If the request failed, includes any error messages that were generated.' + nullable: true + comment: + type: string + description: 'Comment, if any, provided by the approver.' + example: I approve this request + nullable: true + removeDate: + type: string + description: The date the role or access profile or entitlement is no longer assigned to the specified identity. + format: date-time + example: '2020-07-11T00:00:00Z' + nullable: true + description: Approval details for each item. + manualWorkItemDetails: + type: array + nullable: true + items: + type: object + properties: + forwarded: + type: boolean + default: false + description: True if the request for this item was forwarded from one owner to another. + example: true + originalOwner: + type: object + nullable: true + description: 'Identity of original work item owner, if the work item has been forwarded.' + properties: + type: + type: string + description: DTO type of original work item owner's identity. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of original work item owner's identity. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Display name of original work item owner. + example: Michael Michaels + currentOwner: + type: object + description: Identity of current work item owner. + nullable: true + properties: + type: + type: string + description: DTO type of current work item owner's identity. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of current work item owner's identity. + example: 2c3780a46faadee4016fb4e018c20652 + name: + type: string + description: Display name of current work item owner. + example: Allen Albertson + modified: + type: string + format: date-time + description: Time at which item was modified. + example: '2019-08-23T18:52:57.398Z' + status: + type: string + enum: + - PENDING + - APPROVED + - REJECTED + - EXPIRED + - CANCELLED + - ARCHIVED + description: |- + Indicates the state of the request processing for this item: + * PENDING: The request for this item is awaiting processing. + * APPROVED: The request for this item has been approved. + * REJECTED: The request for this item was rejected. + * EXPIRED: The request for this item expired with no action taken. + * CANCELLED: The request for this item was cancelled with no user action. + * ARCHIVED: The request for this item has been archived after completion. + example: PENDING + forwardHistory: + type: array + nullable: true + items: + type: object + properties: + oldApproverName: + type: string + description: Display name of approver from whom the approval was forwarded. + example: Frank Mir + newApproverName: + type: string + description: Display name of approver to whom the approval was forwarded. + example: Al Volta + comment: + type: string + nullable: true + description: Comment made while forwarding. + example: Forwarding from Frank to Al + modified: + type: string + format: date-time + description: Time at which approval was forwarded. + example: '2019-08-23T18:52:57.398Z' + forwarderName: + type: string + nullable: true + description: Display name of forwarder who forwarded the approval. + example: William Wilson + reassignmentType: + description: |- + The approval reassignment type. + * MANUAL_REASSIGNMENT: An approval with this reassignment type has been specifically reassigned by the approval task's owner, from their queue to someone else's. + * AUTOMATIC_REASSIGNMENT: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to that approver's reassignment configuration. The approver's reassignment configuration may be set up to automatically reassign approval tasks for a defined (or possibly open-ended) period of time. + * AUTO_ESCALATION: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to the request's escalation configuration. For more information about escalation configuration, refer to [Setting Global Reminders and Escalation Policies](https://documentation.sailpoint.com/saas/help/requests/config_emails.html). + * SELF_REVIEW_DELEGATION: An approval with this reassignment type has been automatically reassigned by the system to prevent self-review. This helps prevent situations like a requester being tasked with approving their own request. For more information about preventing self-review, refer to [Self-review Prevention](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html#self-review-prevention) and [Preventing Self-approval](https://documentation.sailpoint.com/saas/help/requests/config_ap_roles.html#preventing-self-approval). + example: AUTOMATIC_REASSIGNMENT + type: string + enum: + - MANUAL_REASSIGNMENT + - AUTOMATIC_REASSIGNMENT + - AUTO_ESCALATION + - SELF_REVIEW_DELEGATION + description: The history of approval forward action. + description: Manual work items created for provisioning the item. + accountActivityItemId: + type: string + description: Id of associated account activity item. + example: 2c9180926cbfbddd016cbfc7c3b10010 + requestType: + type: string + enum: + - GRANT_ACCESS + - REVOKE_ACCESS + - null + description: Access request type. Defaults to GRANT_ACCESS. REVOKE_ACCESS type can only have a single Identity ID in the requestedFor field. + example: GRANT_ACCESS + nullable: true + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + nullable: true + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + requester: + type: object + description: Access item requester's identity. + properties: + type: + type: string + description: Access item requester's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Access item requester's identity ID. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Access item owner's human-readable display name. + example: William Wilson + requestedFor: + type: object + description: Identity access was requested for. + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + requesterComment: + allOf: + - type: object + properties: + comment: + type: string + nullable: true + description: Comment content. + example: This is a comment. + created: + type: string + format: date-time + description: Date and time comment was created. + example: '2017-07-11T18:45:37.098Z' + author: + type: object + readOnly: true + description: Author of the comment + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object + id: + type: string + description: The unique ID of the object + example: 2c9180847e25f377017e2ae8cae4650b + name: + type: string + description: The display name of the object + example: john.doe + - nullable: true + description: The requester's comment. + sodViolationContext: + allOf: + - description: An object referencing a completed SOD violation check + type: object + nullable: true + properties: + state: + type: string + enum: + - SUCCESS + - ERROR + - null + description: The status of SOD violation check + example: SUCCESS + nullable: true + uuid: + description: The id of the Violation check event + type: string + example: f73d16e9-a038-46c5-b217-1246e15fdbdd + nullable: true + violationCheckResult: + description: The inner object representing the completed SOD Violation check + type: object + properties: + message: + description: 'If the request failed, this includes any error message that was generated.' + example: + - locale: en-US + localeOrigin: DEFAULT + text: An error has occurred during the SOD violation check + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + clientMetadata: + type: object + nullable: true + additionalProperties: + type: string + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check. + example: + requestedAppName: test-app + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + violationContexts: + type: array + nullable: true + items: + description: The contextual information of the violated criteria + type: object + properties: + policy: + type: object + description: SOD policy. + properties: + type: + type: string + description: SOD policy DTO type. + enum: + - SOD_POLICY + example: SOD_POLICY + id: + type: string + description: SOD policy ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: SOD policy display name. + example: Business SOD Policy + conflictingAccessCriteria: + type: object + description: The object which contains the left and right hand side of the entitlements that got violated according to the policy. + properties: + leftCriteria: + type: object + properties: + criteriaList: + type: array + items: + description: Details of the Entitlement criteria + type: object + properties: + existing: + type: boolean + default: false + example: true + description: If the entitlement already belonged to the user or not. + type: + example: ENTITLEMENT + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Entitlement ID + example: 2c918085771e9d3301773b3cb66f6398 + name: + type: string + description: Entitlement name + example: My HR Entitlement + rightCriteria: + type: object + properties: + criteriaList: + type: array + items: + description: Details of the Entitlement criteria + type: object + properties: + existing: + type: boolean + default: false + example: true + description: If the entitlement already belonged to the user or not. + type: + example: ENTITLEMENT + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Entitlement ID + example: 2c918085771e9d3301773b3cb66f6398 + name: + type: string + description: Entitlement name + example: My HR Entitlement + violatedPolicies: + type: array + nullable: true + description: A list of the SOD policies that were violated. + items: + type: object + description: SOD policy. + properties: + type: + type: string + description: SOD policy DTO type. + enum: + - SOD_POLICY + example: SOD_POLICY + id: + type: string + description: SOD policy ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: SOD policy display name. + example: Business SOD Policy + - nullable: true + description: The details of the SOD violations for the associated approval. + provisioningDetails: + allOf: + - type: object + properties: + orderedSubPhaseReferences: + type: string + description: 'Ordered CSV of sub phase references to objects that contain more information about provisioning. For example, this can contain "manualWorkItemDetails" which indicate that there is further information in that object for this phase.' + example: manualWorkItemDetails + description: Provides additional details about provisioning for this request. + - nullable: true + preApprovalTriggerDetails: + allOf: + - type: object + properties: + comment: + type: string + description: Comment left for the pre-approval decision + example: Access is Approved + reviewer: + type: string + description: The reviewer of the pre-approval decision + example: John Doe + decision: + type: string + enum: + - APPROVED + - REJECTED + description: The decision of the pre-approval trigger + example: APPROVED + description: Provides additional details about the pre-approval trigger for this request. + - nullable: true + accessRequestPhases: + type: array + items: + type: object + properties: + started: + type: string + description: The time that this phase started. + format: date-time + example: '2020-07-11T00:00:00Z' + finished: + type: string + description: The time that this phase finished. + format: date-time + example: '2020-07-12T00:00:00Z' + nullable: true + name: + type: string + description: The name of this phase. + example: APPROVAL_PHASE + state: + type: string + enum: + - PENDING + - EXECUTING + - COMPLETED + - CANCELLED + - NOT_EXECUTED + description: The state of this phase. + example: COMPLETED + result: + type: string + enum: + - SUCCESSFUL + - FAILED + - null + description: The state of this phase. + example: SUCCESSFUL + nullable: true + phaseReference: + type: string + description: 'A reference to another object on the RequestedItemStatus that contains more details about the phase. Note that for the Provisioning phase, this will be empty if there are no manual work items.' + example: approvalDetails + nullable: true + description: Provides additional details about this access request phase. + description: 'A list of Phases that the Access Request has gone through in order, to help determine the status of the request.' + nullable: true + description: + type: string + description: Description associated to the requested object. + example: This is the Engineering role that engineers are granted. + nullable: true + removeDate: + type: string + format: date-time + nullable: true + description: When the role access is scheduled for removal. + example: '2019-10-23T00:00:00.000Z' + cancelable: + type: boolean + default: false + description: True if the request can be canceled. + example: true + accessRequestId: + type: string + description: This is the account activity id. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + clientMetadata: + nullable: true + type: object + additionalProperties: + type: string + description: 'Arbitrary key-value pairs, if any were included in the corresponding access request' + example: + key1: value1 + key2: value2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /access-request-approvals/pending: + get: + operationId: listPendingApprovals + summary: Pending Access Request Approvals List + tags: + - Access Request Approvals + description: This endpoint returns a list of pending approvals. See "owner-id" query parameter below for authorization info. + parameters: + - in: query + name: owner-id + schema: + type: string + description: |- + If present, the value returns only pending approvals for the specified identity. + * ORG_ADMIN users can call this with any identity ID value. + * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used. + * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value. + example: 2c91808568c529c60168cca6f90c1313 + required: false + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + required: false + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **requestedFor.id**: *eq, in* + + **modified**: *gt, lt, ge, le, eq, in* + example: id eq "2c91808568c529c60168cca6f90c1313" + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **created, modified** + example: modified + responses: + '200': + description: List of Pending Approvals. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The approval id. + example: id12345 + name: + type: string + description: The name of the approval. + example: aName + created: + type: string + format: date-time + description: When the approval was created. + example: '2017-07-11T18:45:37.098Z' + modified: + type: string + format: date-time + description: When the approval was modified last time. + example: '2018-07-25T20:22:28.104Z' + requestCreated: + type: string + format: date-time + description: When the access-request was created. + example: '2017-07-11T18:45:35.098Z' + requestType: + description: If the access-request was for granting or revoking access. + type: string + enum: + - GRANT_ACCESS + - REVOKE_ACCESS + - null + example: GRANT_ACCESS + nullable: true + requester: + type: object + description: Access item requester's identity. + properties: + type: + type: string + description: Access item requester's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Access item requester's identity ID. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Access item owner's human-readable display name. + example: William Wilson + requestedFor: + type: array + description: Identities access was requested for. + items: + type: object + description: Identity the access item is requested for. + properties: + type: + type: string + description: DTO type of identity the access item is requested for. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity the access item is requested for. + example: 2c4180a46faadee4016fb4e018c20626 + name: + type: string + description: Human-readable display name of identity the access item is requested for. + example: Robert Robinson + minItems: 1 + maxItems: 10 + owner: + type: object + description: Access item owner's identity. + properties: + type: + type: string + description: Access item owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Access item owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Access item owner's human-readable display name. + example: Support + requestedObject: + description: The requested access item. + type: object + properties: + id: + type: string + description: Id of the object. + example: 2c9180835d2e5168015d32f890ca1581 + name: + type: string + description: Name of the object. + example: Applied Research Access + description: + type: string + description: Description of the object. + example: 'Access to research information, lab results, and schematics' + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: Type of the object. + example: ROLE + requesterComment: + description: The requester's comment. + type: object + properties: + comment: + type: string + nullable: true + description: Comment content. + example: This is a comment. + created: + type: string + format: date-time + description: Date and time comment was created. + example: '2017-07-11T18:45:37.098Z' + author: + type: object + readOnly: true + description: Author of the comment + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object + id: + type: string + description: The unique ID of the object + example: 2c9180847e25f377017e2ae8cae4650b + name: + type: string + description: The display name of the object + example: john.doe + previousReviewersComments: + type: array + items: + type: object + properties: + comment: + type: string + nullable: true + description: Comment content. + example: This is a comment. + created: + type: string + format: date-time + description: Date and time comment was created. + example: '2017-07-11T18:45:37.098Z' + author: + type: object + readOnly: true + description: Author of the comment + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object + id: + type: string + description: The unique ID of the object + example: 2c9180847e25f377017e2ae8cae4650b + name: + type: string + description: The display name of the object + example: john.doe + description: The history of the previous reviewers comments. + forwardHistory: + type: array + items: + type: object + properties: + oldApproverName: + type: string + description: Display name of approver from whom the approval was forwarded. + example: Frank Mir + newApproverName: + type: string + description: Display name of approver to whom the approval was forwarded. + example: Al Volta + comment: + type: string + nullable: true + description: Comment made while forwarding. + example: Forwarding from Frank to Al + modified: + type: string + format: date-time + description: Time at which approval was forwarded. + example: '2019-08-23T18:52:57.398Z' + forwarderName: + type: string + nullable: true + description: Display name of forwarder who forwarded the approval. + example: William Wilson + reassignmentType: + description: |- + The approval reassignment type. + * MANUAL_REASSIGNMENT: An approval with this reassignment type has been specifically reassigned by the approval task's owner, from their queue to someone else's. + * AUTOMATIC_REASSIGNMENT: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to that approver's reassignment configuration. The approver's reassignment configuration may be set up to automatically reassign approval tasks for a defined (or possibly open-ended) period of time. + * AUTO_ESCALATION: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to the request's escalation configuration. For more information about escalation configuration, refer to [Setting Global Reminders and Escalation Policies](https://documentation.sailpoint.com/saas/help/requests/config_emails.html). + * SELF_REVIEW_DELEGATION: An approval with this reassignment type has been automatically reassigned by the system to prevent self-review. This helps prevent situations like a requester being tasked with approving their own request. For more information about preventing self-review, refer to [Self-review Prevention](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html#self-review-prevention) and [Preventing Self-approval](https://documentation.sailpoint.com/saas/help/requests/config_ap_roles.html#preventing-self-approval). + example: AUTOMATIC_REASSIGNMENT + type: string + enum: + - MANUAL_REASSIGNMENT + - AUTOMATIC_REASSIGNMENT + - AUTO_ESCALATION + - SELF_REVIEW_DELEGATION + description: The history of approval forward action. + commentRequiredWhenRejected: + type: boolean + default: false + description: When true the rejector has to provide comments when rejecting + example: true + actionInProcess: + description: 'Action that is performed on this approval, and system has not finished performing that action yet.' + type: string + enum: + - APPROVED + - REJECTED + - FORWARDED + example: APPROVED + removeDate: + type: string + description: The date the role or access profile or entitlement is no longer assigned to the specified identity. + format: date-time + example: '2020-07-11T00:00:00Z' + removeDateUpdateRequested: + type: boolean + default: false + description: 'If true, then the request is to change the remove date or sunset date.' + example: true + currentRemoveDate: + type: string + description: The remove date or sunset date that was assigned at the time of the request. + format: date-time + example: '2020-07-11T00:00:00Z' + sodViolationContext: + description: The details of the SOD violations for the associated approval. + type: object + nullable: true + properties: + state: + type: string + enum: + - SUCCESS + - ERROR + - null + description: The status of SOD violation check + example: SUCCESS + nullable: true + uuid: + description: The id of the Violation check event + type: string + example: f73d16e9-a038-46c5-b217-1246e15fdbdd + nullable: true + violationCheckResult: + description: The inner object representing the completed SOD Violation check + type: object + properties: + message: + description: 'If the request failed, this includes any error message that was generated.' + example: + - locale: en-US + localeOrigin: DEFAULT + text: An error has occurred during the SOD violation check + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + clientMetadata: + type: object + nullable: true + additionalProperties: + type: string + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check. + example: + requestedAppName: test-app + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + violationContexts: + type: array + nullable: true + items: + description: The contextual information of the violated criteria + type: object + properties: + policy: + type: object + description: SOD policy. + properties: + type: + type: string + description: SOD policy DTO type. + enum: + - SOD_POLICY + example: SOD_POLICY + id: + type: string + description: SOD policy ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: SOD policy display name. + example: Business SOD Policy + conflictingAccessCriteria: + type: object + description: The object which contains the left and right hand side of the entitlements that got violated according to the policy. + properties: + leftCriteria: + type: object + properties: + criteriaList: + type: array + items: + description: Details of the Entitlement criteria + type: object + properties: + existing: + type: boolean + default: false + example: true + description: If the entitlement already belonged to the user or not. + type: + example: ENTITLEMENT + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Entitlement ID + example: 2c918085771e9d3301773b3cb66f6398 + name: + type: string + description: Entitlement name + example: My HR Entitlement + rightCriteria: + type: object + properties: + criteriaList: + type: array + items: + description: Details of the Entitlement criteria + type: object + properties: + existing: + type: boolean + default: false + example: true + description: If the entitlement already belonged to the user or not. + type: + example: ENTITLEMENT + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Entitlement ID + example: 2c918085771e9d3301773b3cb66f6398 + name: + type: string + description: Entitlement name + example: My HR Entitlement + violatedPolicies: + type: array + nullable: true + description: A list of the SOD policies that were violated. + items: + type: object + description: SOD policy. + properties: + type: + type: string + description: SOD policy DTO type. + enum: + - SOD_POLICY + example: SOD_POLICY + id: + type: string + description: SOD policy ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: SOD policy display name. + example: Business SOD Policy + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /access-request-approvals/completed: + get: + operationId: listCompletedApprovals + summary: Completed Access Request Approvals List + tags: + - Access Request Approvals + description: This endpoint returns list of completed approvals. See *owner-id* query parameter below for authorization info. + parameters: + - in: query + name: owner-id + required: false + schema: + type: string + description: |- + If present, the value returns only completed approvals for the specified identity. + * ORG_ADMIN users can call this with any identity ID value. + * ORG_ADMIN users can also fetch all the approvals in the org, when + owner-id is not used. + * Non-ORG_ADMIN users can only specify *me* or pass their own + identity ID value. + example: 2c91808568c529c60168cca6f90c1313 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + required: false + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* + + **requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* + + **modified**: *gt, lt, ge, le, eq, in, ne, sw* + example: id eq "2c91808568c529c60168cca6f90c1313" + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **created, modified** + example: modified + responses: + '200': + description: List of Completed Approvals. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The approval id. + example: id12345 + name: + type: string + description: The name of the approval. + example: aName + created: + type: string + format: date-time + description: When the approval was created. + example: '2017-07-11T18:45:37.098Z' + modified: + type: string + format: date-time + description: When the approval was modified last time. + example: '2018-07-25T20:22:28.104Z' + requestCreated: + type: string + format: date-time + description: When the access-request was created. + example: '2017-07-11T18:45:35.098Z' + requestType: + description: If the access-request was for granting or revoking access. + type: string + enum: + - GRANT_ACCESS + - REVOKE_ACCESS + - null + example: GRANT_ACCESS + nullable: true + requester: + type: object + description: Access item requester's identity. + properties: + type: + type: string + description: Access item requester's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Access item requester's identity ID. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Access item owner's human-readable display name. + example: William Wilson + requestedFor: + type: object + description: Identity access was requested for. + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + reviewedBy: + type: object + description: Identity who reviewed the access item request. + properties: + type: + type: string + description: DTO type of identity who reviewed the access item request. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity who reviewed the access item request. + example: 2c3780a46faadee4016fb4e018c20652 + name: + type: string + description: Human-readable display name of identity who reviewed the access item request. + example: Allen Albertson + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + requestedObject: + description: The requested access item. + type: object + properties: + id: + type: string + description: Id of the object. + example: 2c9180835d2e5168015d32f890ca1581 + name: + type: string + description: Name of the object. + example: Applied Research Access + description: + type: string + description: Description of the object. + example: 'Access to research information, lab results, and schematics' + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: Type of the object. + example: ROLE + requesterComment: + allOf: + - type: object + properties: + comment: + type: string + nullable: true + description: Comment content. + example: This is a comment. + created: + type: string + format: date-time + description: Date and time comment was created. + example: '2017-07-11T18:45:37.098Z' + author: + type: object + readOnly: true + description: Author of the comment + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object + id: + type: string + description: The unique ID of the object + example: 2c9180847e25f377017e2ae8cae4650b + name: + type: string + description: The display name of the object + example: john.doe + - description: The requester's comment. + reviewerComment: + allOf: + - type: object + properties: + comment: + type: string + nullable: true + description: Comment content. + example: This is a comment. + created: + type: string + format: date-time + description: Date and time comment was created. + example: '2017-07-11T18:45:37.098Z' + author: + type: object + readOnly: true + description: Author of the comment + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object + id: + type: string + description: The unique ID of the object + example: 2c9180847e25f377017e2ae8cae4650b + name: + type: string + description: The display name of the object + example: john.doe + - description: The approval's reviewer's comment. + nullable: true + previousReviewersComments: + type: array + items: + type: object + properties: + comment: + type: string + nullable: true + description: Comment content. + example: This is a comment. + created: + type: string + format: date-time + description: Date and time comment was created. + example: '2017-07-11T18:45:37.098Z' + author: + type: object + readOnly: true + description: Author of the comment + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object + id: + type: string + description: The unique ID of the object + example: 2c9180847e25f377017e2ae8cae4650b + name: + type: string + description: The display name of the object + example: john.doe + description: The history of the previous reviewers comments. + forwardHistory: + type: array + items: + type: object + properties: + oldApproverName: + type: string + description: Display name of approver from whom the approval was forwarded. + example: Frank Mir + newApproverName: + type: string + description: Display name of approver to whom the approval was forwarded. + example: Al Volta + comment: + type: string + nullable: true + description: Comment made while forwarding. + example: Forwarding from Frank to Al + modified: + type: string + format: date-time + description: Time at which approval was forwarded. + example: '2019-08-23T18:52:57.398Z' + forwarderName: + type: string + nullable: true + description: Display name of forwarder who forwarded the approval. + example: William Wilson + reassignmentType: + description: |- + The approval reassignment type. + * MANUAL_REASSIGNMENT: An approval with this reassignment type has been specifically reassigned by the approval task's owner, from their queue to someone else's. + * AUTOMATIC_REASSIGNMENT: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to that approver's reassignment configuration. The approver's reassignment configuration may be set up to automatically reassign approval tasks for a defined (or possibly open-ended) period of time. + * AUTO_ESCALATION: An approval with this reassignment type has been automatically reassigned from another approver's queue, according to the request's escalation configuration. For more information about escalation configuration, refer to [Setting Global Reminders and Escalation Policies](https://documentation.sailpoint.com/saas/help/requests/config_emails.html). + * SELF_REVIEW_DELEGATION: An approval with this reassignment type has been automatically reassigned by the system to prevent self-review. This helps prevent situations like a requester being tasked with approving their own request. For more information about preventing self-review, refer to [Self-review Prevention](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html#self-review-prevention) and [Preventing Self-approval](https://documentation.sailpoint.com/saas/help/requests/config_ap_roles.html#preventing-self-approval). + example: AUTOMATIC_REASSIGNMENT + type: string + enum: + - MANUAL_REASSIGNMENT + - AUTOMATIC_REASSIGNMENT + - AUTO_ESCALATION + - SELF_REVIEW_DELEGATION + description: The history of approval forward action. + commentRequiredWhenRejected: + type: boolean + default: false + description: When true the rejector has to provide comments when rejecting + example: true + state: + description: The final state of the approval + type: string + enum: + - APPROVED + - REJECTED + example: APPROVED + removeDate: + type: string + description: The date the role or access profile or entitlement is no longer assigned to the specified identity. + format: date-time + example: '2020-07-11T00:00:00Z' + nullable: true + removeDateUpdateRequested: + type: boolean + default: false + description: 'If true, then the request was to change the remove date or sunset date.' + example: true + currentRemoveDate: + type: string + description: The remove date or sunset date that was assigned at the time of the request. + format: date-time + example: '2020-07-11T00:00:00Z' + nullable: true + sodViolationContext: + description: The details of the SOD violations for the associated approval. + type: object + nullable: true + properties: + state: + type: string + enum: + - SUCCESS + - ERROR + - null + description: The status of SOD violation check + example: SUCCESS + nullable: true + uuid: + description: The id of the Violation check event + type: string + example: f73d16e9-a038-46c5-b217-1246e15fdbdd + nullable: true + violationCheckResult: + description: The inner object representing the completed SOD Violation check + type: object + properties: + message: + description: 'If the request failed, this includes any error message that was generated.' + example: + - locale: en-US + localeOrigin: DEFAULT + text: An error has occurred during the SOD violation check + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + clientMetadata: + type: object + nullable: true + additionalProperties: + type: string + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check. + example: + requestedAppName: test-app + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + violationContexts: + type: array + nullable: true + items: + description: The contextual information of the violated criteria + type: object + properties: + policy: + type: object + description: SOD policy. + properties: + type: + type: string + description: SOD policy DTO type. + enum: + - SOD_POLICY + example: SOD_POLICY + id: + type: string + description: SOD policy ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: SOD policy display name. + example: Business SOD Policy + conflictingAccessCriteria: + type: object + description: The object which contains the left and right hand side of the entitlements that got violated according to the policy. + properties: + leftCriteria: + type: object + properties: + criteriaList: + type: array + items: + description: Details of the Entitlement criteria + type: object + properties: + existing: + type: boolean + default: false + example: true + description: If the entitlement already belonged to the user or not. + type: + example: ENTITLEMENT + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Entitlement ID + example: 2c918085771e9d3301773b3cb66f6398 + name: + type: string + description: Entitlement name + example: My HR Entitlement + rightCriteria: + type: object + properties: + criteriaList: + type: array + items: + description: Details of the Entitlement criteria + type: object + properties: + existing: + type: boolean + default: false + example: true + description: If the entitlement already belonged to the user or not. + type: + example: ENTITLEMENT + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Entitlement ID + example: 2c918085771e9d3301773b3cb66f6398 + name: + type: string + description: Entitlement name + example: My HR Entitlement + violatedPolicies: + type: array + nullable: true + description: A list of the SOD policies that were violated. + items: + type: object + description: SOD policy. + properties: + type: + type: string + description: SOD policy DTO type. + enum: + - SOD_POLICY + example: SOD_POLICY + id: + type: string + description: SOD policy ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: SOD policy display name. + example: Business SOD Policy + preApprovalTriggerResult: + nullable: true + type: object + description: 'If the access request submitted event trigger is configured and this access request was intercepted by it, then this is the result of the trigger''s decision to either approve or deny the request.' + properties: + comment: + type: string + description: The comment from the trigger + example: This request was autoapproved by our automated ETS subscriber + decision: + description: The approval decision of the trigger + type: string + enum: + - APPROVED + - REJECTED + example: APPROVED + reviewer: + type: string + description: The name of the approver + example: Automated AR Approval + date: + type: string + format: date-time + example: '2022-06-07T19:18:40.748Z' + description: The date and time the trigger decided on the request + clientMetadata: + type: object + additionalProperties: + type: string + description: Arbitrary key-value pairs provided during the request. + example: + requestedAppName: test-app + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/access-request-approvals/{approvalId}/approve': + post: + operationId: approveAccessRequest + summary: Approve Access Request Approval + tags: + - Access Request Approvals + description: Use this endpoint to approve an access request approval. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action. + parameters: + - in: path + name: approvalId + schema: + type: string + required: true + description: Approval ID. + example: 2c91808b7294bea301729568c68c002e + requestBody: + description: Reviewer's comment. + required: true + content: + application/json: + schema: + type: object + properties: + comment: + type: string + nullable: true + description: Comment content. + example: This is a comment. + created: + type: string + format: date-time + description: Date and time comment was created. + example: '2017-07-11T18:45:37.098Z' + author: + type: object + readOnly: true + description: Author of the comment + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object + id: + type: string + description: The unique ID of the object + example: 2c9180847e25f377017e2ae8cae4650b + name: + type: string + description: The display name of the object + example: john.doe + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/access-request-approvals/{approvalId}/reject': + post: + operationId: rejectAccessRequest + summary: Reject Access Request Approval + tags: + - Access Request Approvals + description: Use this API to reject an access request approval. Only the owner of the approval and admin users are allowed to perform this action. + parameters: + - in: path + name: approvalId + schema: + type: string + required: true + description: Approval ID. + example: 2c91808b7294bea301729568c68c002e + requestBody: + description: Reviewer's comment. + required: true + content: + application/json: + schema: + type: object + properties: + comment: + type: string + nullable: true + description: Comment content. + example: This is a comment. + created: + type: string + format: date-time + description: Date and time comment was created. + example: '2017-07-11T18:45:37.098Z' + author: + type: object + readOnly: true + description: Author of the comment + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object + id: + type: string + description: The unique ID of the object + example: 2c9180847e25f377017e2ae8cae4650b + name: + type: string + description: The display name of the object + example: john.doe + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/access-request-approvals/{approvalId}/forward': + post: + operationId: forwardAccessRequest + summary: Forward Access Request Approval + tags: + - Access Request Approvals + description: Use this API to forward an access request approval to a new owner. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action. + parameters: + - in: path + name: approvalId + schema: + type: string + required: true + description: Approval ID. + example: 2c91808b7294bea301729568c68c002e + requestBody: + description: Information about the forwarded approval. + required: true + content: + application/json: + schema: + type: object + required: + - newOwnerId + - comment + properties: + newOwnerId: + type: string + description: The Id of the new owner + example: 2c91808568c529c60168cca6f90c1314 + minLength: 1 + maxLength: 255 + comment: + type: string + description: The comment provided by the forwarder + example: 2c91808568c529c60168cca6f90c1313 + minLength: 1 + maxLength: 255 + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /access-request-approvals/approval-summary: + get: + operationId: getAccessRequestApprovalSummary + security: + - UserContextAuth: + - 'idn:access-request-approvals-summary:read' + summary: Get Access Requests Approvals Number + tags: + - Access Request Approvals + description: 'Use this API to return the number of pending, approved and rejected access requests approvals. See the "owner-id" query parameter for authorization information. info.' + parameters: + - in: query + name: owner-id + schema: + type: string + description: |- + The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity. + * ORG_ADMIN users can call this with any identity ID value. + * ORG_ADMIN user can also fetch all the approvals in the org, when + owner-id is not used. + * Non ORG_ADMIN users can only specify *me* or pass their own + identity ID value. + example: 2c91808568c529c60168cca6f90c1313 + required: false + - in: query + name: from-date + schema: + type: string + description: This is the date and time the results will be shown from. It must be in a valid ISO-8601 format. + example: 'from-date=2020-03-19T19:59:11Z' + required: false + responses: + '200': + description: 'Number of pending, approved, rejected access request approvals.' + content: + application/json: + schema: + type: object + properties: + pending: + type: integer + description: The number of pending access requests approvals. + format: int32 + example: 0 + approved: + type: integer + description: The number of approved access requests approvals. + format: int32 + example: 0 + rejected: + type: integer + description: The number of rejected access requests approvals. + format: int32 + example: 0 + '400': + description: Client Error - Returned if the query parameter is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /accounts: + get: + operationId: listAccounts + tags: + - Accounts + summary: Accounts List + description: |- + This returns a list of accounts. + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API. + security: + - UserContextAuth: + - 'idn:accounts:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + example: identityId eq "2c9180858082150f0180893dbaf44201" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in, sw* + + **identityId**: *eq, in, sw* + + **name**: *eq, in, sw* + + **nativeIdentity**: *eq, in, sw* + + **sourceId**: *eq, in, sw* + + **uncorrelated**: *eq* + + **entitlements**: *eq* + + **origin**: *eq, in* + + **manuallyCorrelated**: *eq* + + **identity.name**: *eq, in, sw* + + **identity.correlated**: *eq* + + **identity.identityState**: *eq, in* + + **source.displayableName**: *eq, in* + + **source.authoritative**: *eq* + + **source.connectionType**: *eq, in* + required: false + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'id,name' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType** + responses: + '200': + description: List of account objects + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - sourceId + - sourceName + - attributes + - authoritative + - disabled + - locked + - nativeIdentity + - systemAccount + - uncorrelated + - manuallyCorrelated + - hasEntitlements + properties: + sourceId: + type: string + example: 2c9180835d2e5168015d32f890ca1581 + description: The unique ID of the source this account belongs to + sourceName: + type: string + example: Employees + description: The display name of the source this account belongs to + identityId: + type: string + example: 2c9180835d2e5168015d32f890ca1581 + description: The unique ID of the identity this account is correlated to + cloudLifecycleState: + type: string + nullable: true + example: active + description: The lifecycle state of the identity this account is correlated to + identityState: + type: string + nullable: true + example: ACTIVE + description: The identity state of the identity this account is correlated to + connectionType: + type: string + nullable: true + example: direct + description: The connection type of the source this account is from + type: + type: string + nullable: true + example: NON_HUMAN + description: The type of the account + attributes: + type: object + nullable: true + additionalProperties: true + description: The account attributes that are aggregated + example: + firstName: SailPoint + lastName: Support + displayName: SailPoint Support + authoritative: + type: boolean + description: Indicates if this account is from an authoritative source + example: false + description: + type: string + description: A description of the account + nullable: true + example: null + disabled: + type: boolean + description: Indicates if the account is currently disabled + example: false + locked: + type: boolean + description: Indicates if the account is currently locked + example: false + nativeIdentity: + type: string + description: The unique ID of the account generated by the source system + example: '552775' + systemAccount: + type: boolean + example: false + description: 'If true, this is a user account within IdentityNow. If false, this is an account from a source system.' + uncorrelated: + type: boolean + description: Indicates if this account is not correlated to an identity + example: false + uuid: + type: string + description: The unique ID of the account as determined by the account schema + example: slpt.support + nullable: true + manuallyCorrelated: + type: boolean + description: Indicates if the account has been manually correlated to an identity + example: false + hasEntitlements: + type: boolean + description: Indicates if the account has entitlements + example: true + identity: + description: The identity this account is correlated to + example: + id: 2c918084660f45d6016617daa9210584 + type: IDENTITY + name: Adam Kennedy + type: object + properties: + type: + description: DTO type + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + sourceOwner: + type: object + nullable: true + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: Type of owner object. + id: + type: string + description: Identity id + example: 4c5c8534e99445de98eef6c75e25eb01 + name: + type: string + description: Human-readable display name of the owner. + example: John Cavender + features: + type: string + description: A string list containing the owning source's features + example: ENABLE + nullable: true + origin: + type: string + nullable: true + enum: + - AGGREGATED + - PROVISIONED + - null + description: The origin of the account either aggregated or provisioned + example: AGGREGATED + ownerIdentity: + description: 'The identity who owns this account, typically used for non-human accounts' + type: object + nullable: true + properties: + type: + description: The type of object being referenced + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of the identity + example: 2c918084660f45d6016617daa9210584 + name: + type: string + description: Human-readable display name of the identity + example: Adam Kennedy + ownerGroup: + description: 'The governance group who owns this account, typically used for non-human accounts' + type: object + nullable: true + properties: + type: + description: The type of object being referenced + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: ID of the governance group + example: 8d3e0094e99445de98eef6c75e25jc04 + name: + type: string + description: Human-readable display name of the governance group + example: GovGroup AX17Z + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createAccount + tags: + - Accounts + summary: Create Account + description: |- + This API submits an account creation task and returns the task ID. + You must include the `sourceId` where the account will be created in the `attributes` object. + This endpoint creates an account on the source record in your ISC tenant. This is useful for Flat File (`DelimitedFile`) type sources because it allows you to aggregate new accounts without needing to import a new CSV file every time. + However, if you use this endpoint to create an account for a Direct Connection type source, you must ensure that the account also exists on the target source. The endpoint doesn't actually provision the account on the target source, which means that if the account doesn't also exist on the target source, an aggregation between the source and your tenant will remove it from your tenant. + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:accounts:manage' + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - attributes + properties: + attributes: + description: The schema attribute values for the account + type: object + required: + - sourceId + properties: + sourceId: + type: string + description: Target source to create an account + example: 34bfcbe116c9407464af37acbaf7a4dc + additionalProperties: + type: string + example: + sourceId: 34bfcbe116c9407464af37acbaf7a4dc + city: Austin + displayName: John Doe + userName: jdoe + sAMAccountName: jDoe + mail: john.doe@sailpoint.com + responses: + '202': + description: Async task details + content: + application/json: + schema: + description: Accounts async response containing details on started async process + required: + - id + type: object + properties: + id: + description: id of the task + type: string + example: 2c91808474683da6017468693c260195 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/accounts/{id}': + get: + operationId: getAccount + tags: + - Accounts + summary: Account Details + description: |- + Use this API to return the details for a single account by its ID. + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API. + security: + - UserContextAuth: + - 'idn:accounts:read' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Account ID. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: Account object. + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - sourceId + - sourceName + - attributes + - authoritative + - disabled + - locked + - nativeIdentity + - systemAccount + - uncorrelated + - manuallyCorrelated + - hasEntitlements + properties: + sourceId: + type: string + example: 2c9180835d2e5168015d32f890ca1581 + description: The unique ID of the source this account belongs to + sourceName: + type: string + example: Employees + description: The display name of the source this account belongs to + identityId: + type: string + example: 2c9180835d2e5168015d32f890ca1581 + description: The unique ID of the identity this account is correlated to + cloudLifecycleState: + type: string + nullable: true + example: active + description: The lifecycle state of the identity this account is correlated to + identityState: + type: string + nullable: true + example: ACTIVE + description: The identity state of the identity this account is correlated to + connectionType: + type: string + nullable: true + example: direct + description: The connection type of the source this account is from + type: + type: string + nullable: true + example: NON_HUMAN + description: The type of the account + attributes: + type: object + nullable: true + additionalProperties: true + description: The account attributes that are aggregated + example: + firstName: SailPoint + lastName: Support + displayName: SailPoint Support + authoritative: + type: boolean + description: Indicates if this account is from an authoritative source + example: false + description: + type: string + description: A description of the account + nullable: true + example: null + disabled: + type: boolean + description: Indicates if the account is currently disabled + example: false + locked: + type: boolean + description: Indicates if the account is currently locked + example: false + nativeIdentity: + type: string + description: The unique ID of the account generated by the source system + example: '552775' + systemAccount: + type: boolean + example: false + description: 'If true, this is a user account within IdentityNow. If false, this is an account from a source system.' + uncorrelated: + type: boolean + description: Indicates if this account is not correlated to an identity + example: false + uuid: + type: string + description: The unique ID of the account as determined by the account schema + example: slpt.support + nullable: true + manuallyCorrelated: + type: boolean + description: Indicates if the account has been manually correlated to an identity + example: false + hasEntitlements: + type: boolean + description: Indicates if the account has entitlements + example: true + identity: + description: The identity this account is correlated to + example: + id: 2c918084660f45d6016617daa9210584 + type: IDENTITY + name: Adam Kennedy + type: object + properties: + type: + description: DTO type + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + sourceOwner: + type: object + nullable: true + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: Type of owner object. + id: + type: string + description: Identity id + example: 4c5c8534e99445de98eef6c75e25eb01 + name: + type: string + description: Human-readable display name of the owner. + example: John Cavender + features: + type: string + description: A string list containing the owning source's features + example: ENABLE + nullable: true + origin: + type: string + nullable: true + enum: + - AGGREGATED + - PROVISIONED + - null + description: The origin of the account either aggregated or provisioned + example: AGGREGATED + ownerIdentity: + description: 'The identity who owns this account, typically used for non-human accounts' + type: object + nullable: true + properties: + type: + description: The type of object being referenced + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of the identity + example: 2c918084660f45d6016617daa9210584 + name: + type: string + description: Human-readable display name of the identity + example: Adam Kennedy + ownerGroup: + description: 'The governance group who owns this account, typically used for non-human accounts' + type: object + nullable: true + properties: + type: + description: The type of object being referenced + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: ID of the governance group + example: 8d3e0094e99445de98eef6c75e25jc04 + name: + type: string + description: Human-readable display name of the governance group + example: GovGroup AX17Z + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: updateAccount + tags: + - Accounts + summary: Update Account + description: | + Use this API to update account details. + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + + This API supports updating an account's correlation by modifying the `identityId` and `manuallyCorrelated` fields. + To reassign an account from one identity to another, replace the current `identityId` with a new value. + If the account you're assigning was provisioned by Identity Security Cloud (ISC), it's possible for ISC to create a new account + for the previous identity as soon as the account is moved. If the account you're assigning is authoritative, + this causes the previous identity to become uncorrelated and can even result in its deletion. + All accounts that are reassigned will be set to `manuallyCorrelated: true` unless you specify otherwise. + + >**Note:** The `attributes` field can only be modified for flat file accounts. + security: + - UserContextAuth: + - 'idn:accounts:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Account ID. + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + description: 'A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.' + content: + application/json-patch+json: + schema: + type: array + items: + type: object + examples: + Uncorrelate account: + description: Remove account from Identity + value: + - op: remove + path: /identityId + Reassign account: + description: Move account from one Identity to another Identity + value: + - op: replace + path: /identityId + value: 2c9180857725c14301772a93bb77242d + Add account attribute: + description: Add flat file account's attribute + value: + - op: add + path: /attributes/familyName + value: Smith + Replace account attribute: + description: Replace flat file account's attribute + value: + - op: replace + path: /attributes/familyName + value: Smith + Remove account attribute: + description: Remove flat file account's attribute + value: + - op: remove + path: /attributes/familyName + responses: + '202': + description: Accepted. Update request accepted and is in progress. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putAccount + tags: + - Accounts + summary: Update Account + description: | + Use this API to update an account with a PUT request. + + This endpoint submits an account update task and returns the task ID. + + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + + >**Note: You can only use this PUT endpoint to update accounts from flat file sources.** + security: + - UserContextAuth: + - 'idn:accounts:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Account ID. + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - attributes + properties: + attributes: + description: The schema attribute values for the account + type: object + additionalProperties: true + example: + city: Austin + displayName: John Doe + userName: jdoe + sAMAccountName: jDoe + mail: john.doe@sailpoint.com + responses: + '202': + description: Async task details. + content: + application/json: + schema: + description: Accounts async response containing details on started async process + required: + - id + type: object + properties: + id: + description: id of the task + type: string + example: 2c91808474683da6017468693c260195 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteAccount + tags: + - Accounts + summary: Delete Account + description: |- + Use this API to delete an account. + This endpoint submits an account delete task and returns the task ID. + This endpoint only deletes the account from IdentityNow, not the source itself, which can result in the account's returning with the next aggregation between the source and IdentityNow. To avoid this scenario, it is recommended that you [disable accounts](https://developer.sailpoint.com/idn/api/v3/disable-account) rather than delete them. This will also allow you to reenable the accounts in the future. + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + >**NOTE: You can only delete accounts from sources of the "DelimitedFile" type.** + security: + - UserContextAuth: + - 'idn:accounts:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Account ID. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '202': + description: Async task details. + content: + application/json: + schema: + description: Accounts async response containing details on started async process + required: + - id + type: object + properties: + id: + description: id of the task + type: string + example: 2c91808474683da6017468693c260195 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/accounts/{id}/entitlements': + get: + operationId: getAccountEntitlements + tags: + - Accounts + summary: Account Entitlements + description: |- + This API returns entitlements of the account. + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API. + security: + - UserContextAuth: + - 'idn:accounts:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: path + name: id + schema: + type: string + required: true + description: The account id + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: An array of account entitlements + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + description: Entitlement object that represents entitlement + properties: + attribute: + description: Name of the entitlement attribute + type: string + example: authorizationType + value: + description: Raw value of the entitlement + type: string + example: 'CN=Users,dc=sailpoint,dc=com' + description: + description: Entitlment description + type: string + example: Active Directory DC + attributes: + description: Entitlement attributes + type: object + additionalProperties: true + example: + GroupType: Security + sAMAccountName: Buyer + sourceSchemaObjectType: + description: Schema objectType on the given application that maps to an Account Group + type: string + example: group + privileged: + description: Determines if this Entitlement is privileged. + type: boolean + example: false + cloudGoverned: + description: Determines if this Entitlement is goverened in the cloud. + type: boolean + example: false + source: + type: object + description: Source the entitlement belongs to. + properties: + type: + type: string + description: DTO type of source the entitlement belongs to. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source the entitlement belongs to. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source the entitlement belongs to. + example: HR Active Directory + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/accounts/{id}/reload': + post: + operationId: submitReloadAccount + tags: + - Accounts + summary: Reload Account + description: |- + This API asynchronously reloads the account directly from the connector and performs a one-time aggregation process. + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API. + security: + - UserContextAuth: + - 'idn:accounts-state:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The account id + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '202': + description: Async task details + content: + application/json: + schema: + description: Accounts async response containing details on started async process + required: + - id + type: object + properties: + id: + description: id of the task + type: string + example: 2c91808474683da6017468693c260195 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/accounts/{id}/enable': + post: + operationId: enableAccount + tags: + - Accounts + summary: Enable Account + description: |- + This API submits a task to enable account and returns the task ID. + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API. + security: + - UserContextAuth: + - 'idn:accounts-state:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The account id + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + description: Request used for account enable/disable + type: object + properties: + externalVerificationId: + description: 'If set, an external process validates that the user wants to proceed with this request.' + type: string + example: 3f9180835d2e5168015d32f890ca1581 + forceProvisioning: + description: 'If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated. Providing ''true'' for an unlocked account will add and process ''Unlock'' operation by the workflow.' + type: boolean + example: false + responses: + '202': + description: Async task details + content: + application/json: + schema: + description: Accounts async response containing details on started async process + required: + - id + type: object + properties: + id: + description: id of the task + type: string + example: 2c91808474683da6017468693c260195 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/accounts/{id}/disable': + post: + operationId: disableAccount + tags: + - Accounts + summary: Disable Account + description: |- + This API submits a task to disable the account and returns the task ID. + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API. + security: + - UserContextAuth: + - 'idn:accounts-state:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The account id + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + description: Request used for account enable/disable + type: object + properties: + externalVerificationId: + description: 'If set, an external process validates that the user wants to proceed with this request.' + type: string + example: 3f9180835d2e5168015d32f890ca1581 + forceProvisioning: + description: 'If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated. Providing ''true'' for an unlocked account will add and process ''Unlock'' operation by the workflow.' + type: boolean + example: false + responses: + '202': + description: Async task details + content: + application/json: + schema: + description: Accounts async response containing details on started async process + required: + - id + type: object + properties: + id: + description: id of the task + type: string + example: 2c91808474683da6017468693c260195 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/accounts/{id}/unlock': + post: + operationId: unlockAccount + tags: + - Accounts + summary: Unlock Account + description: |- + This API submits a task to unlock an account and returns the task ID. + To use this endpoint to unlock an account that has the `forceProvisioning` option set to true, the `idn:accounts-provisioning:manage` scope is required. + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API. + security: + - UserContextAuth: + - 'idn:accounts-state:manage' + - 'idn:accounts-provisioning:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The account ID. + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + description: Request used for account unlock + type: object + properties: + externalVerificationId: + description: 'If set, an external process validates that the user wants to proceed with this request.' + type: string + example: 3f9180835d2e5168015d32f890ca1581 + unlockIDNAccount: + description: 'If set, the IDN account is unlocked after the workflow completes.' + type: boolean + example: false + forceProvisioning: + description: 'If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated.' + type: boolean + example: false + responses: + '202': + description: Async task details + content: + application/json: + schema: + description: Accounts async response containing details on started async process + required: + - id + type: object + properties: + id: + description: id of the task + type: string + example: 2c91808474683da6017468693c260195 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /account-activities: + get: + operationId: listAccountActivities + tags: + - Account Activities + summary: List Account Activities + description: This gets a collection of account activities that satisfy the given query parameters. + parameters: + - in: query + name: requested-for + schema: + type: string + description: The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*. + required: false + example: 2c91808568c529c60168cca6f90c1313 + - in: query + name: requested-by + schema: + type: string + description: The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*. + required: false + example: 2c91808568c529c60168cca6f90c1313 + - in: query + name: regarding-identity + schema: + type: string + description: The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*. + required: false + example: 2c91808568c529c60168cca6f90c1313 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **type**: *eq, in, ge, gt, le, lt, ne, isnull, sw* + + **created**: *gt, lt, ge, le, eq, in, ne, isnull, sw* + + **modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw* + example: type eq "Identity Refresh" + required: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **type, created, modified** + example: created + required: false + responses: + '200': + description: List of account activities + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Id of the account activity + example: 2c9180835d2e5168015d32f890ca1581 + name: + type: string + description: The name of the activity + example: 2c9180835d2e5168015d32f890ca1581 + created: + description: When the activity was first created + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + modified: + description: When the activity was last modified + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + nullable: true + completed: + description: When the activity was completed + type: string + format: date-time + nullable: true + example: '2018-10-19T13:49:37.385Z' + completionStatus: + allOf: + - nullable: true + type: string + description: The status after completion. + enum: + - SUCCESS + - FAILURE + - INCOMPLETE + - PENDING + - null + example: SUCCESS + - nullable: true + type: + nullable: true + type: string + example: appRequest + description: | + The type of action the activity performed. Please see the following list of types. This list may grow over time. + + - CloudAutomated + - IdentityAttributeUpdate + - appRequest + - LifecycleStateChange + - AccountStateUpdate + - AccountAttributeUpdate + - CloudPasswordRequest + - Attribute Synchronization Refresh + - Certification + - Identity Refresh + - Lifecycle Change Refresh + + + [Learn more here](https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data). + requesterIdentitySummary: + type: object + nullable: true + properties: + id: + type: string + description: ID of this identity summary + example: ff80818155fe8c080155fe8d925b0316 + name: + type: string + description: Human-readable display name of identity + example: SailPoint Services + identityId: + type: string + description: ID of the identity that this summary represents + example: c15b9f5cca5a4e9599eaa0e64fa921bd + completed: + type: boolean + description: Indicates if all access items for this summary have been decided on + example: true + default: false + targetIdentitySummary: + type: object + nullable: true + properties: + id: + type: string + description: ID of this identity summary + example: ff80818155fe8c080155fe8d925b0316 + name: + type: string + description: Human-readable display name of identity + example: SailPoint Services + identityId: + type: string + description: ID of the identity that this summary represents + example: c15b9f5cca5a4e9599eaa0e64fa921bd + completed: + type: boolean + description: Indicates if all access items for this summary have been decided on + example: true + default: false + errors: + nullable: true + description: 'A list of error messages, if any, that were encountered.' + type: array + items: + type: string + example: + - 'sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds.' + warnings: + nullable: true + description: 'A list of warning messages, if any, that were encountered.' + type: array + items: + type: string + example: + - 'Some warning, another warning' + items: + nullable: true + type: array + description: Individual actions performed as part of this account activity + items: + type: object + properties: + id: + type: string + description: Item id + example: 48c545831b264409a81befcabb0e3c5a + name: + type: string + description: Human-readable display name of item + example: 48c545831b264409a81befcabb0e3c5a + requested: + type: string + format: date-time + description: Date and time item was requested + example: '2017-07-11T18:45:37.098Z' + approvalStatus: + allOf: + - type: string + nullable: true + enum: + - FINISHED + - REJECTED + - RETURNED + - EXPIRED + - PENDING + - CANCELED + - null + example: PENDING + description: The state of an approval status + - nullable: true + provisioningStatus: + type: string + enum: + - PENDING + - FINISHED + - UNVERIFIABLE + - COMMITED + - FAILED + - RETRY + description: Provisioning state of an account activity item + example: PENDING + requesterComment: + type: object + nullable: true + properties: + commenterId: + type: string + description: Id of the identity making the comment + example: 2c918084660f45d6016617daa9210584 + commenterName: + type: string + description: Human-readable display name of the identity making the comment + example: Adam Kennedy + body: + type: string + description: Content of the comment + example: Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat. + date: + type: string + format: date-time + description: Date and time comment was made + example: '2017-07-11T18:45:37.098Z' + reviewerIdentitySummary: + type: object + nullable: true + properties: + id: + type: string + description: ID of this identity summary + example: ff80818155fe8c080155fe8d925b0316 + name: + type: string + description: Human-readable display name of identity + example: SailPoint Services + identityId: + type: string + description: ID of the identity that this summary represents + example: c15b9f5cca5a4e9599eaa0e64fa921bd + completed: + type: boolean + description: Indicates if all access items for this summary have been decided on + example: true + default: false + reviewerComment: + type: object + nullable: true + properties: + commenterId: + type: string + description: Id of the identity making the comment + example: 2c918084660f45d6016617daa9210584 + commenterName: + type: string + description: Human-readable display name of the identity making the comment + example: Adam Kennedy + body: + type: string + description: Content of the comment + example: Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat. + date: + type: string + format: date-time + description: Date and time comment was made + example: '2017-07-11T18:45:37.098Z' + operation: + allOf: + - type: string + enum: + - ADD + - CREATE + - MODIFY + - DELETE + - DISABLE + - ENABLE + - UNLOCK + - LOCK + - REMOVE + - SET + - null + description: Represents an operation in an account activity item + example: ADD + - nullable: true + attribute: + type: string + description: Attribute to which account activity applies + nullable: true + example: detectedRoles + value: + type: string + description: Value of attribute + nullable: true + example: 'Treasury Analyst [AccessProfile-1529010191212]' + nativeIdentity: + nullable: true + type: string + description: Native identity in the target system to which the account activity applies + example: Sandie.Camero + sourceId: + type: string + description: Id of Source to which account activity applies + example: 2c91808363ef85290164000587130c0c + accountRequestInfo: + type: object + nullable: true + properties: + requestedObjectId: + type: string + description: Id of requested object + example: 2c91808563ef85690164001c31140c0c + requestedObjectName: + type: string + description: Human-readable name of requested object + example: Treasury Analyst + requestedObjectType: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: 'The currently supported requestable object types. ' + example: ACCESS_PROFILE + description: 'If an account activity item is associated with an access request, captures details of that request.' + clientMetadata: + nullable: true + type: object + additionalProperties: + type: string + description: 'Arbitrary key-value pairs, if any were included in the corresponding access request item' + example: + customKey1: custom value 1 + customKey2: custom value 2 + removeDate: + nullable: true + type: string + description: The date the role or access profile or entitlement is no longer assigned to the specified identity. + format: date-time + example: '2020-07-11T00:00:00Z' + executionStatus: + type: string + description: The current state of execution. + enum: + - EXECUTING + - VERIFYING + - TERMINATED + - COMPLETED + example: COMPLETED + clientMetadata: + nullable: true + type: object + additionalProperties: + type: string + description: 'Arbitrary key-value pairs, if any were included in the corresponding access request' + example: + customKey1: custom value 1 + customKey2: custom value 2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/account-activities/{id}': + get: + operationId: getAccountActivity + tags: + - Account Activities + summary: Get an Account Activity + description: This gets a single account activity by its id. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The account activity id + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: An account activity object + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Id of the account activity + example: 2c9180835d2e5168015d32f890ca1581 + name: + type: string + description: The name of the activity + example: 2c9180835d2e5168015d32f890ca1581 + created: + description: When the activity was first created + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + modified: + description: When the activity was last modified + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + nullable: true + completed: + description: When the activity was completed + type: string + format: date-time + nullable: true + example: '2018-10-19T13:49:37.385Z' + completionStatus: + allOf: + - nullable: true + type: string + description: The status after completion. + enum: + - SUCCESS + - FAILURE + - INCOMPLETE + - PENDING + - null + example: SUCCESS + - nullable: true + type: + nullable: true + type: string + example: appRequest + description: | + The type of action the activity performed. Please see the following list of types. This list may grow over time. + + - CloudAutomated + - IdentityAttributeUpdate + - appRequest + - LifecycleStateChange + - AccountStateUpdate + - AccountAttributeUpdate + - CloudPasswordRequest + - Attribute Synchronization Refresh + - Certification + - Identity Refresh + - Lifecycle Change Refresh + + + [Learn more here](https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data). + requesterIdentitySummary: + type: object + nullable: true + properties: + id: + type: string + description: ID of this identity summary + example: ff80818155fe8c080155fe8d925b0316 + name: + type: string + description: Human-readable display name of identity + example: SailPoint Services + identityId: + type: string + description: ID of the identity that this summary represents + example: c15b9f5cca5a4e9599eaa0e64fa921bd + completed: + type: boolean + description: Indicates if all access items for this summary have been decided on + example: true + default: false + targetIdentitySummary: + type: object + nullable: true + properties: + id: + type: string + description: ID of this identity summary + example: ff80818155fe8c080155fe8d925b0316 + name: + type: string + description: Human-readable display name of identity + example: SailPoint Services + identityId: + type: string + description: ID of the identity that this summary represents + example: c15b9f5cca5a4e9599eaa0e64fa921bd + completed: + type: boolean + description: Indicates if all access items for this summary have been decided on + example: true + default: false + errors: + nullable: true + description: 'A list of error messages, if any, that were encountered.' + type: array + items: + type: string + example: + - 'sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds.' + warnings: + nullable: true + description: 'A list of warning messages, if any, that were encountered.' + type: array + items: + type: string + example: + - 'Some warning, another warning' + items: + nullable: true + type: array + description: Individual actions performed as part of this account activity + items: + type: object + properties: + id: + type: string + description: Item id + example: 48c545831b264409a81befcabb0e3c5a + name: + type: string + description: Human-readable display name of item + example: 48c545831b264409a81befcabb0e3c5a + requested: + type: string + format: date-time + description: Date and time item was requested + example: '2017-07-11T18:45:37.098Z' + approvalStatus: + allOf: + - type: string + nullable: true + enum: + - FINISHED + - REJECTED + - RETURNED + - EXPIRED + - PENDING + - CANCELED + - null + example: PENDING + description: The state of an approval status + - nullable: true + provisioningStatus: + type: string + enum: + - PENDING + - FINISHED + - UNVERIFIABLE + - COMMITED + - FAILED + - RETRY + description: Provisioning state of an account activity item + example: PENDING + requesterComment: + type: object + nullable: true + properties: + commenterId: + type: string + description: Id of the identity making the comment + example: 2c918084660f45d6016617daa9210584 + commenterName: + type: string + description: Human-readable display name of the identity making the comment + example: Adam Kennedy + body: + type: string + description: Content of the comment + example: Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat. + date: + type: string + format: date-time + description: Date and time comment was made + example: '2017-07-11T18:45:37.098Z' + reviewerIdentitySummary: + type: object + nullable: true + properties: + id: + type: string + description: ID of this identity summary + example: ff80818155fe8c080155fe8d925b0316 + name: + type: string + description: Human-readable display name of identity + example: SailPoint Services + identityId: + type: string + description: ID of the identity that this summary represents + example: c15b9f5cca5a4e9599eaa0e64fa921bd + completed: + type: boolean + description: Indicates if all access items for this summary have been decided on + example: true + default: false + reviewerComment: + type: object + nullable: true + properties: + commenterId: + type: string + description: Id of the identity making the comment + example: 2c918084660f45d6016617daa9210584 + commenterName: + type: string + description: Human-readable display name of the identity making the comment + example: Adam Kennedy + body: + type: string + description: Content of the comment + example: Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat. + date: + type: string + format: date-time + description: Date and time comment was made + example: '2017-07-11T18:45:37.098Z' + operation: + allOf: + - type: string + enum: + - ADD + - CREATE + - MODIFY + - DELETE + - DISABLE + - ENABLE + - UNLOCK + - LOCK + - REMOVE + - SET + - null + description: Represents an operation in an account activity item + example: ADD + - nullable: true + attribute: + type: string + description: Attribute to which account activity applies + nullable: true + example: detectedRoles + value: + type: string + description: Value of attribute + nullable: true + example: 'Treasury Analyst [AccessProfile-1529010191212]' + nativeIdentity: + nullable: true + type: string + description: Native identity in the target system to which the account activity applies + example: Sandie.Camero + sourceId: + type: string + description: Id of Source to which account activity applies + example: 2c91808363ef85290164000587130c0c + accountRequestInfo: + type: object + nullable: true + properties: + requestedObjectId: + type: string + description: Id of requested object + example: 2c91808563ef85690164001c31140c0c + requestedObjectName: + type: string + description: Human-readable name of requested object + example: Treasury Analyst + requestedObjectType: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: 'The currently supported requestable object types. ' + example: ACCESS_PROFILE + description: 'If an account activity item is associated with an access request, captures details of that request.' + clientMetadata: + nullable: true + type: object + additionalProperties: + type: string + description: 'Arbitrary key-value pairs, if any were included in the corresponding access request item' + example: + customKey1: custom value 1 + customKey2: custom value 2 + removeDate: + nullable: true + type: string + description: The date the role or access profile or entitlement is no longer assigned to the specified identity. + format: date-time + example: '2020-07-11T00:00:00Z' + executionStatus: + type: string + description: The current state of execution. + enum: + - EXECUTING + - VERIFYING + - TERMINATED + - COMPLETED + example: COMPLETED + clientMetadata: + nullable: true + type: object + additionalProperties: + type: string + description: 'Arbitrary key-value pairs, if any were included in the corresponding access request' + example: + customKey1: custom value 1 + customKey2: custom value 2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /auth-org/network-config: + get: + operationId: getAuthOrgNetworkConfig + tags: + - Global Tenant Security Settings + summary: Get security network configuration. + description: 'This API returns the details of an org''s network auth configuration. Requires security scope of: ''sp:auth-org:read''' + security: + - UserContextAuth: + - 'sp:auth-org:read' + responses: + '200': + description: Network configuration for the tenant's auth org. + content: + application/json: + schema: + type: object + properties: + range: + type: array + description: The collection of ip ranges. + items: + type: string + example: + - 1.3.7.2 + - 255.255.255.252/30 + nullable: true + geolocation: + type: array + description: The collection of country codes. + items: + type: string + example: + - CA + - FR + - HT + nullable: true + whitelisted: + type: boolean + description: Denotes whether the provided lists are whitelisted or blacklisted for geo location. + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createAuthOrgNetworkConfig + tags: + - Global Tenant Security Settings + summary: Create security network configuration. + description: 'This API returns the details of an org''s network auth configuration. Requires security scope of: ''sp:auth-org:create''' + security: + - UserContextAuth: + - 'sp:auth-org:create' + requestBody: + required: true + description: |- + Network configuration creation request body. The following constraints ensure the request body conforms to certain logical guidelines, which are: + 1. Each string element in the range array must be a valid ip address or + ip subnet mask. + 2. Each string element in the geolocation array must be 2 characters, + and they can only be uppercase letters. + content: + application/json: + schema: + type: object + properties: + range: + type: array + description: The collection of ip ranges. + items: + type: string + example: + - 1.3.7.2 + - 255.255.255.252/30 + nullable: true + geolocation: + type: array + description: The collection of country codes. + items: + type: string + example: + - CA + - FR + - HT + nullable: true + whitelisted: + type: boolean + description: Denotes whether the provided lists are whitelisted or blacklisted for geo location. + default: false + example: true + responses: + '200': + description: Network configuration for the tenant. + content: + application/json: + schema: + type: object + properties: + range: + type: array + description: The collection of ip ranges. + items: + type: string + example: + - 1.3.7.2 + - 255.255.255.252/30 + nullable: true + geolocation: + type: array + description: The collection of country codes. + items: + type: string + example: + - CA + - FR + - HT + nullable: true + whitelisted: + type: boolean + description: Denotes whether the provided lists are whitelisted or blacklisted for geo location. + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchAuthOrgNetworkConfig + tags: + - Global Tenant Security Settings + summary: Update security network configuration. + description: |- + This API updates an existing network configuration for an org using PATCH + Requires security scope of: 'sp:auth-org:update' + security: + - UserContextAuth: + - 'sp:auth-org:update' + requestBody: + required: true + description: |- + A list of auth org network configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + Ensures that the patched Network Config conforms to certain logical guidelines, which are: + 1. Each string element in the range array must be a valid ip address or + ip subnet mask. + 2. Each string element in the geolocation array must be 2 characters, + and they can only be uppercase letters. + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /whitelisted + value: 'false,' + - op: add + path: /geolocation + value: + - AF + - HN + - ES + responses: + '200': + description: Updated Auth Org network configuration. + content: + application/json: + schema: + type: object + properties: + range: + type: array + description: The collection of ip ranges. + items: + type: string + example: + - 1.3.7.2 + - 255.255.255.252/30 + nullable: true + geolocation: + type: array + description: The collection of country codes. + items: + type: string + example: + - CA + - FR + - HT + nullable: true + whitelisted: + type: boolean + description: Denotes whether the provided lists are whitelisted or blacklisted for geo location. + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/auth-users/{id}': + get: + operationId: getAuthUser + tags: + - Auth Users + summary: Auth User Details + description: Return the specified user's authentication system details. + parameters: + - in: path + name: id + description: Identity ID + required: true + schema: + type: string + example: ef38f94347e94562b5bb8424a56397d8 + security: + - UserContextAuth: + - 'sp:auth-user:read' + responses: + '200': + description: The specified user's authentication system details. + content: + application/json: + schema: + type: object + properties: + tenant: + type: string + description: Tenant name. + example: test-tenant + id: + type: string + description: Identity ID. + example: 2c91808458ae7a4f0158b1bbf8af0628 + uid: + type: string + description: Identity's unique identitifier. + example: will.smith + profile: + type: string + description: ID of the auth profile associated with the auth user. + example: 2c91808458ae7a4f0158b1bbf8af0756 + identificationNumber: + type: string + description: Auth user's employee number. + example: 19-5588452 + email: + type: string + description: Auth user's email. + example: william.smith@example.com + phone: + type: string + description: Auth user's phone number. + example: '5555555555' + workPhone: + type: string + description: Auth user's work phone number. + example: '5555555555' + personalEmail: + type: string + description: Auth user's personal email. + example: william.smith@example.com + firstname: + type: string + description: Auth user's first name. + example: Will + lastname: + type: string + description: Auth user's last name. + example: Smith + displayName: + type: string + description: Auth user's name in displayed format. + example: Will Smith + alias: + type: string + description: Auth user's alias. + example: will.smith + lastPasswordChangeDate: + type: string + description: Date of last password change. + example: '2021-03-08T22:37:33.901Z' + lastLoginTimestamp: + description: Timestamp of the last login (long type value). + type: integer + format: int64 + example: 1656327185832 + currentLoginTimestamp: + description: Timestamp of the current login (long type value). + type: integer + format: int64 + example: 1656327185832 + capabilities: + description: Array of the auth user's capabilities. + type: array + items: + type: string + enum: + - CERT_ADMIN + - CLOUD_GOV_ADMIN + - CLOUD_GOV_USER + - HELPDESK + - ORG_ADMIN + - REPORT_ADMIN + - ROLE_ADMIN + - ROLE_SUBADMIN + - SAAS_MANAGEMENT_ADMIN + - SAAS_MANAGEMENT_READER + - SOURCE_ADMIN + - SOURCE_SUBADMIN + - 'das:ui-administrator' + - 'das:ui-compliance_manager' + - 'das:ui-auditor' + - 'das:ui-data-scope' + - 'sp:aic-dashboard-read' + - 'sp:aic-dashboard-write' + - 'sp:ui-config-hub-admin' + - 'sp:ui-config-hub-backup-admin' + - 'sp:ui-config-hub-read' + example: ORG_ADMIN + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchAuthUser + tags: + - Auth Users + summary: Auth User Update + description: |- + Use a PATCH request to update an existing user in the authentication system. + Use this endpoint to modify these fields: + * `capabilities` + + A '400.1.1 Illegal update attempt' detail code indicates that you attempted to PATCH a field that is not allowed. + security: + - UserContextAuth: + - 'sp:auth-user:update' + parameters: + - in: path + name: id + description: Identity ID + required: true + schema: + type: string + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + description: 'A list of auth user update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.' + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /capabilities + value: + - ORG_ADMIN + responses: + '200': + description: Auth user updated. + content: + application/json: + schema: + type: object + properties: + tenant: + type: string + description: Tenant name. + example: test-tenant + id: + type: string + description: Identity ID. + example: 2c91808458ae7a4f0158b1bbf8af0628 + uid: + type: string + description: Identity's unique identitifier. + example: will.smith + profile: + type: string + description: ID of the auth profile associated with the auth user. + example: 2c91808458ae7a4f0158b1bbf8af0756 + identificationNumber: + type: string + description: Auth user's employee number. + example: 19-5588452 + email: + type: string + description: Auth user's email. + example: william.smith@example.com + phone: + type: string + description: Auth user's phone number. + example: '5555555555' + workPhone: + type: string + description: Auth user's work phone number. + example: '5555555555' + personalEmail: + type: string + description: Auth user's personal email. + example: william.smith@example.com + firstname: + type: string + description: Auth user's first name. + example: Will + lastname: + type: string + description: Auth user's last name. + example: Smith + displayName: + type: string + description: Auth user's name in displayed format. + example: Will Smith + alias: + type: string + description: Auth user's alias. + example: will.smith + lastPasswordChangeDate: + type: string + description: Date of last password change. + example: '2021-03-08T22:37:33.901Z' + lastLoginTimestamp: + description: Timestamp of the last login (long type value). + type: integer + format: int64 + example: 1656327185832 + currentLoginTimestamp: + description: Timestamp of the current login (long type value). + type: integer + format: int64 + example: 1656327185832 + capabilities: + description: Array of the auth user's capabilities. + type: array + items: + type: string + enum: + - CERT_ADMIN + - CLOUD_GOV_ADMIN + - CLOUD_GOV_USER + - HELPDESK + - ORG_ADMIN + - REPORT_ADMIN + - ROLE_ADMIN + - ROLE_SUBADMIN + - SAAS_MANAGEMENT_ADMIN + - SAAS_MANAGEMENT_READER + - SOURCE_ADMIN + - SOURCE_SUBADMIN + - 'das:ui-administrator' + - 'das:ui-compliance_manager' + - 'das:ui-auditor' + - 'das:ui-data-scope' + - 'sp:aic-dashboard-read' + - 'sp:aic-dashboard-write' + - 'sp:ui-config-hub-admin' + - 'sp:ui-config-hub-backup-admin' + - 'sp:ui-config-hub-read' + example: ORG_ADMIN + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /brandings: + get: + operationId: getBrandingList + tags: + - Branding + summary: List of branding items + description: |- + This API endpoint returns a list of branding items. + + A token with API, ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:branding:read' + responses: + '200': + description: A list of branding items. + content: + application/json: + schema: + type: array + items: + type: object + properties: + name: + type: string + description: name of branding item + example: default + productName: + type: string + description: product name + example: product name + nullable: true + actionButtonColor: + type: string + description: hex value of color for action button + example: 0074D9 + nullable: true + activeLinkColor: + type: string + description: hex value of color for link + example: 011E69 + nullable: true + navigationColor: + type: string + description: hex value of color for navigation bar + example: 011E69 + nullable: true + emailFromAddress: + type: string + description: email from address + example: no-reply@sailpoint.com + nullable: true + standardLogoURL: + type: string + description: url to standard logo + example: '' + nullable: true + loginInformationalMessage: + type: string + description: login information message + example: '' + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createBrandingItem + tags: + - Branding + summary: Create a branding item + description: |- + This API endpoint creates a branding item. + A token with API, ORG_ADMIN authority is required to call this API. + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + required: + - name + - productName + properties: + name: + type: string + description: name of branding item + example: custom-branding-item + productName: + type: string + description: product name + example: product name + nullable: true + actionButtonColor: + type: string + description: hex value of color for action button + example: 0074D9 + activeLinkColor: + type: string + description: hex value of color for link + example: 011E69 + navigationColor: + type: string + description: hex value of color for navigation bar + example: 011E69 + emailFromAddress: + type: string + description: email from address + example: no-reply@sailpoint.com + loginInformationalMessage: + type: string + description: login information message + example: '' + fileStandard: + type: string + format: binary + description: png file with logo + example: \x00\x00\x00\x02 + security: + - UserContextAuth: + - 'idn:branding:manage' + responses: + '201': + description: Branding item created + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: name of branding item + example: default + productName: + type: string + description: product name + example: product name + nullable: true + actionButtonColor: + type: string + description: hex value of color for action button + example: 0074D9 + nullable: true + activeLinkColor: + type: string + description: hex value of color for link + example: 011E69 + nullable: true + navigationColor: + type: string + description: hex value of color for navigation bar + example: 011E69 + nullable: true + emailFromAddress: + type: string + description: email from address + example: no-reply@sailpoint.com + nullable: true + standardLogoURL: + type: string + description: url to standard logo + example: '' + nullable: true + loginInformationalMessage: + type: string + description: login information message + example: '' + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/brandings/{name}': + get: + operationId: getBranding + tags: + - Branding + summary: Get a branding item + description: |- + This API endpoint retrieves information for an existing branding item by name. + A token with API, ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:branding:read' + parameters: + - in: path + name: name + schema: + type: string + required: true + description: The name of the branding item to be retrieved + example: default + responses: + '200': + description: A branding item object + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: name of branding item + example: default + productName: + type: string + description: product name + example: product name + nullable: true + actionButtonColor: + type: string + description: hex value of color for action button + example: 0074D9 + nullable: true + activeLinkColor: + type: string + description: hex value of color for link + example: 011E69 + nullable: true + navigationColor: + type: string + description: hex value of color for navigation bar + example: 011E69 + nullable: true + emailFromAddress: + type: string + description: email from address + example: no-reply@sailpoint.com + nullable: true + standardLogoURL: + type: string + description: url to standard logo + example: '' + nullable: true + loginInformationalMessage: + type: string + description: login information message + example: '' + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: setBrandingItem + tags: + - Branding + summary: Update a branding item + description: |- + This API endpoint updates information for an existing branding item. + A token with API, ORG_ADMIN authority is required to call this API. + parameters: + - in: path + name: name + schema: + type: string + required: true + description: The name of the branding item to be retrieved + example: default + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + required: + - name + - productName + properties: + name: + type: string + description: name of branding item + example: custom-branding-item + productName: + type: string + description: product name + example: product name + nullable: true + actionButtonColor: + type: string + description: hex value of color for action button + example: 0074D9 + activeLinkColor: + type: string + description: hex value of color for link + example: 011E69 + navigationColor: + type: string + description: hex value of color for navigation bar + example: 011E69 + emailFromAddress: + type: string + description: email from address + example: no-reply@sailpoint.com + loginInformationalMessage: + type: string + description: login information message + example: '' + fileStandard: + type: string + format: binary + description: png file with logo + example: \x00\x00\x00\x02 + security: + - UserContextAuth: + - 'idn:branding:manage' + responses: + '200': + description: Branding item updated + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: name of branding item + example: default + productName: + type: string + description: product name + example: product name + nullable: true + actionButtonColor: + type: string + description: hex value of color for action button + example: 0074D9 + nullable: true + activeLinkColor: + type: string + description: hex value of color for link + example: 011E69 + nullable: true + navigationColor: + type: string + description: hex value of color for navigation bar + example: 011E69 + nullable: true + emailFromAddress: + type: string + description: email from address + example: no-reply@sailpoint.com + nullable: true + standardLogoURL: + type: string + description: url to standard logo + example: '' + nullable: true + loginInformationalMessage: + type: string + description: login information message + example: '' + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteBranding + tags: + - Branding + summary: Delete a branding item + description: |- + This API endpoint delete information for an existing branding item by name. + A token with API, ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:branding:manage' + parameters: + - in: path + name: name + schema: + type: string + required: true + description: The name of the branding item to be deleted + example: default + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /campaigns: + get: + operationId: getActiveCampaigns + tags: + - Certification Campaigns + summary: List Campaigns + description: | + Use this API to get a list of campaigns. This API can provide increased level of detail for each campaign for the correct provided query. + + A token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign:read' + - 'idn:campaign:manage' + - 'idn:campaign-report:read' + - 'idn:campaign-report:manage' + parameters: + - in: query + name: detail + schema: + type: string + enum: + - SLIM + - FULL + required: false + description: 'Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.' + example: FULL + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + required: false + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, sw* + + **status**: *eq, in* + example: name eq "Manager Campaign" + - in: query + name: sorters + schema: + type: string + format: comma-separated + required: false + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, created** + example: name + responses: + '200': + description: A list of campaign objects. By default list of SLIM campaigns is returned. + content: + application/json: + schema: + type: array + items: + oneOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + title: Campaign + allOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + properties: + modified: + type: string + readOnly: true + format: date-time + description: Modified time of the campaign + example: '2020-03-03T22:20:12.674Z' + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + filter: + type: object + description: Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank. + properties: + id: + type: string + description: The ID of whatever type of filter is being used. + example: 0fbe863c063c4c88a35fd7f17e8a3df5 + type: + type: string + description: Type of the filter + enum: + - CAMPAIGN_FILTER + - RULE + example: CAMPAIGN_FILTER + name: + type: string + description: Name of the filter + example: Test Filter + sunsetCommentsRequired: + type: boolean + description: Determines if comments on sunset date changes are required. + default: true + example: true + sourceOwnerCampaignInfo: + type: object + description: Must be set only if the campaign type is SOURCE_OWNER. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + searchCampaignInfo: + type: object + description: Must be set only if the campaign type is SEARCH. + properties: + type: + type: string + description: The type of search campaign represented. + enum: + - IDENTITY + - ACCESS + example: ACCESS + description: + type: string + description: 'Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.' + example: Search Campaign description + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + query: + type: string + description: The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set. + example: Search Campaign query description + identityIds: + type: array + description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set. + items: + type: string + maxItems: 1000 + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + accessConstraints: + type: array + description: Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access. + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + description: Type of Access + example: ENTITLEMENT + ids: + description: Must be set only if operator is SELECTED. + type: array + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + operator: + type: string + enum: + - ALL + - SELECTED + description: Used to determine whether the scope of the campaign should be reduced for selected ids or all. + example: SELECTED + required: + - type + - operator + maxItems: 1000 + required: + - type + roleCompositionCampaignInfo: + type: object + description: Optional configuration options for role composition campaigns. + properties: + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + roleIds: + type: array + description: 'Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + remediatorRef: + type: object + description: 'This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is ''IDENTITY'', and the chosen identity must be a Role Admin or Org Admin.' + properties: + type: + type: string + enum: + - IDENTITY + description: Legal Remediator Type + example: IDENTITY + id: + type: string + description: The ID of the remediator. + example: 2c90ad2a70ace7d50170acf22ca90010 + name: + type: string + description: The name of the remediator. + readOnly: true + example: Role Admin + required: + - type + - id + query: + type: string + description: 'Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + example: Search Query + description: + type: string + description: 'Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.' + example: Role Composition Description + required: + - remediatorRef + sourcesWithOrphanEntitlements: + type: array + description: A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). + readOnly: true + items: + type: object + properties: + id: + type: string + description: Id of the source + example: 2c90ad2a70ace7d50170acf22ca90010 + type: + type: string + enum: + - SOURCE + description: Type + example: SOURCE + name: + type: string + description: Name of the source + example: Source with orphan entitlements + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + examples: + Slim Campaign: + description: List of Slim Campaigns that would result from not specifying *detail* or specifying SLIM + value: + - id: 2c918086719eec070171a7e3355a360a + name: Manager Review + description: A review of everyone's access by their manager. + deadline: '2020-12-25T06:00:00.123Z' + type: MANAGER + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + created: 2022-08-02T19:00:27.731Z + totalCertifications: 10 + completedCertifications: 3 + alerts: + - level: ERROR + localizations: + - locale: en + localeOrigin: DEFAULT + text: Composite criterion must have children non-composite criterion must not. + - id: 7e1a731e3fb845cfbe58112ba4673ee4 + name: Search Campaign + description: Search Campaign Info + deadline: 2022-07-26T15:42:44.000Z + type: SEARCH + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + created: 2022-07-25T15:42:18.276Z + totalCertifications: 5 + completedCertifications: 3 + alerts: null + - id: 2c918086719eec070171a7e3355a412b + name: AD Source Review + description: A review of our AD source. + deadline: '2020-12-25T06:00:00.123Z' + type: SOURCE_OWNER + status: STAGED + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + created: 2022-07-27T17:04:19.027Z + totalCertifications: 7 + completedCertifications: 3 + alerts: + - level: WARN + localizations: + - locale: en + localeOrigin: DEFAULT + text: Composite criterion is in wrong format. + - id: 3b2e2e5821e84127b6d693d41c40623b + name: Role Composition Campaign + description: A review done by a role owner. + deadline: 2020-12-25T06:00:00.468Z + type: ROLE_COMPOSITION + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + created: 2022-08-02T20:29:51.065Z + totalCertifications: 1 + completedCertifications: 1 + alerts: null + Full Campaign: + description: List of Campaigns that would result from specifying *detail* as FULL + value: + - id: 078696a575e045c68d6722ccdb9f101d + name: Role Composition Campaign + description: A review done by a role owner. + deadline: 2020-12-25T06:00:00.468Z + type: ROLE_COMPOSITION + status: ERROR + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + modified: 2022-08-02T20:29:51.331Z + filter: + type: CAMPAIGN_FILTER + id: 0fbe863c063c4c88a35fd7f17e8a3df5 + name: Test Role Composition Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: + remediatorRef: + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + reviewerId: null + reviewer: null + roleIds: + - b15d609fc5c8434b865fe552315fda8f + query: null + description: null + sourcesWithOrphanEntitlements: null + mandatoryCommentRequirement: NO_DECISIONS + - id: 1be8fc1103914bf0a4e14e316b6a7b7c + name: Manager Review + description: A review of everyone's access by their manager. + deadline: 2020-12-25T06:00:00.468Z + type: MANAGER + status: STAGED + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + modified: 2022-08-02T19:00:34.391Z + filter: + type: CAMPAIGN_FILTER + id: 0fbe863c063c4c88a35fd7f17e8a3df5 + name: Test Manager Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: null + sourcesWithOrphanEntitlements: [] + mandatoryCommentRequirement: NO_DECISIONS + - id: 7e1a731e3fb845cfbe58112ba4673ee4 + name: Search Campaign + description: Search Campaign for Identities + deadline: 2022-07-26T15:42:44.000Z + type: SEARCH + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + modified: 2022-07-25T15:42:53.718Z + filter: + type: CAMPAIGN_FILTER + id: 0fbe863c063c4c88a35fd7f17e8a3df5 + name: Test Search Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: + type: IDENTITY + description: Example of Search Campaign + reviewer: + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: null + query: user + identityIds: null + accessConstraints: [] + roleCompositionCampaignInfo: null + sourcesWithOrphanEntitlements: [] + mandatoryCommentRequirement: NO_DECISIONS + - id: ad3cf3dd50394b1bad646de4bc51b999 + name: Source Owner Campaign + description: Example for Source Owner Campaign + deadline: 2022-08-10T17:09:02.000Z + type: SOURCE_OWNER + status: ACTIVE + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + modified: 2022-07-27T17:09:13.925Z + filter: + type: CAMPAIGN_FILTER + id: 0fbe863c063c4c88a35fd7f17e8a3df5 + name: Test Source Owner Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: + sourceIds: + - 2c91808781fd5aea01821200dc88318e + searchCampaignInfo: null + roleCompositionCampaignInfo: null + sourcesWithOrphanEntitlements: [] + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createCampaign + tags: + - Certification Campaigns + summary: Create a campaign + description: | + Use this API to create a certification campaign with the information provided in the request body. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign:manage' + requestBody: + required: true + content: + application/json: + schema: + type: object + title: Campaign + allOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + properties: + modified: + type: string + readOnly: true + format: date-time + description: Modified time of the campaign + example: '2020-03-03T22:20:12.674Z' + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + filter: + type: object + description: Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank. + properties: + id: + type: string + description: The ID of whatever type of filter is being used. + example: 0fbe863c063c4c88a35fd7f17e8a3df5 + type: + type: string + description: Type of the filter + enum: + - CAMPAIGN_FILTER + - RULE + example: CAMPAIGN_FILTER + name: + type: string + description: Name of the filter + example: Test Filter + sunsetCommentsRequired: + type: boolean + description: Determines if comments on sunset date changes are required. + default: true + example: true + sourceOwnerCampaignInfo: + type: object + description: Must be set only if the campaign type is SOURCE_OWNER. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + searchCampaignInfo: + type: object + description: Must be set only if the campaign type is SEARCH. + properties: + type: + type: string + description: The type of search campaign represented. + enum: + - IDENTITY + - ACCESS + example: ACCESS + description: + type: string + description: 'Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.' + example: Search Campaign description + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + query: + type: string + description: The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set. + example: Search Campaign query description + identityIds: + type: array + description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set. + items: + type: string + maxItems: 1000 + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + accessConstraints: + type: array + description: Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access. + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + description: Type of Access + example: ENTITLEMENT + ids: + description: Must be set only if operator is SELECTED. + type: array + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + operator: + type: string + enum: + - ALL + - SELECTED + description: Used to determine whether the scope of the campaign should be reduced for selected ids or all. + example: SELECTED + required: + - type + - operator + maxItems: 1000 + required: + - type + roleCompositionCampaignInfo: + type: object + description: Optional configuration options for role composition campaigns. + properties: + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + roleIds: + type: array + description: 'Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + remediatorRef: + type: object + description: 'This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is ''IDENTITY'', and the chosen identity must be a Role Admin or Org Admin.' + properties: + type: + type: string + enum: + - IDENTITY + description: Legal Remediator Type + example: IDENTITY + id: + type: string + description: The ID of the remediator. + example: 2c90ad2a70ace7d50170acf22ca90010 + name: + type: string + description: The name of the remediator. + readOnly: true + example: Role Admin + required: + - type + - id + query: + type: string + description: 'Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + example: Search Query + description: + type: string + description: 'Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.' + example: Role Composition Description + required: + - remediatorRef + sourcesWithOrphanEntitlements: + type: array + description: A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). + readOnly: true + items: + type: object + properties: + id: + type: string + description: Id of the source + example: 2c90ad2a70ace7d50170acf22ca90010 + type: + type: string + enum: + - SOURCE + description: Type + example: SOURCE + name: + type: string + description: Name of the source + example: Source with orphan entitlements + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + examples: + Manager: + value: + name: Manager Review + description: A review of everyone's access by their manager. + deadline: 2020-12-25T06:00:00.468Z + type: MANAGER + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + filter: + type: CAMPAIGN_FILTER + id: 0c46fb26c6b20967a55517ee90d15b93 + mandatoryCommentRequirement: NO_DECISIONS + Search: + value: + name: Search Campaign + description: Search Campaign + deadline: 2020-12-25T06:00:00.468Z + type: SEARCH + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + filter: + type: CAMPAIGN_FILTER + id: 0c46fb26c6b20967a55517ee90d15b93 + searchCampaignInfo: + type: ACCESS + query: user + mandatoryCommentRequirement: NO_DECISIONS + Source Owner: + value: + name: Source Owner + description: Source Owner Info + deadline: 2020-12-25T06:00:00.468Z + type: SOURCE_OWNER + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + filter: + type: CAMPAIGN_FILTER + id: 0c46fb26c6b20967a55517ee90d15b93 + sourceOwnerCampaignInfo: + sourceIds: + - 612b31b1a0f04aaf83123bdb80e70db6 + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + Role Composition: + value: + name: Role Composition Campaign + description: A review done by a role owner. + deadline: 2020-12-25T06:00:00.468Z + type: ROLE_COMPOSITION + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + filter: + type: CAMPAIGN_FILTER + id: 0c46fb26c6b20967a55517ee90d15b93 + roleCompositionCampaignInfo: + remediatorRef: + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + roleIds: + - b15d609fc5c8434b865fe552315fda8f + mandatoryCommentRequirement: NO_DECISIONS + responses: + '200': + description: 'This response indicates that the requested campaign was successfully created, and the API returns its representation.' + content: + application/json: + schema: + type: object + title: Campaign + allOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + properties: + modified: + type: string + readOnly: true + format: date-time + description: Modified time of the campaign + example: '2020-03-03T22:20:12.674Z' + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + filter: + type: object + description: Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank. + properties: + id: + type: string + description: The ID of whatever type of filter is being used. + example: 0fbe863c063c4c88a35fd7f17e8a3df5 + type: + type: string + description: Type of the filter + enum: + - CAMPAIGN_FILTER + - RULE + example: CAMPAIGN_FILTER + name: + type: string + description: Name of the filter + example: Test Filter + sunsetCommentsRequired: + type: boolean + description: Determines if comments on sunset date changes are required. + default: true + example: true + sourceOwnerCampaignInfo: + type: object + description: Must be set only if the campaign type is SOURCE_OWNER. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + searchCampaignInfo: + type: object + description: Must be set only if the campaign type is SEARCH. + properties: + type: + type: string + description: The type of search campaign represented. + enum: + - IDENTITY + - ACCESS + example: ACCESS + description: + type: string + description: 'Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.' + example: Search Campaign description + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + query: + type: string + description: The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set. + example: Search Campaign query description + identityIds: + type: array + description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set. + items: + type: string + maxItems: 1000 + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + accessConstraints: + type: array + description: Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access. + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + description: Type of Access + example: ENTITLEMENT + ids: + description: Must be set only if operator is SELECTED. + type: array + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + operator: + type: string + enum: + - ALL + - SELECTED + description: Used to determine whether the scope of the campaign should be reduced for selected ids or all. + example: SELECTED + required: + - type + - operator + maxItems: 1000 + required: + - type + roleCompositionCampaignInfo: + type: object + description: Optional configuration options for role composition campaigns. + properties: + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + roleIds: + type: array + description: 'Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + remediatorRef: + type: object + description: 'This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is ''IDENTITY'', and the chosen identity must be a Role Admin or Org Admin.' + properties: + type: + type: string + enum: + - IDENTITY + description: Legal Remediator Type + example: IDENTITY + id: + type: string + description: The ID of the remediator. + example: 2c90ad2a70ace7d50170acf22ca90010 + name: + type: string + description: The name of the remediator. + readOnly: true + example: Role Admin + required: + - type + - id + query: + type: string + description: 'Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + example: Search Query + description: + type: string + description: 'Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.' + example: Role Composition Description + required: + - remediatorRef + sourcesWithOrphanEntitlements: + type: array + description: A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). + readOnly: true + items: + type: object + properties: + id: + type: string + description: Id of the source + example: 2c90ad2a70ace7d50170acf22ca90010 + type: + type: string + enum: + - SOURCE + description: Type + example: SOURCE + name: + type: string + description: Name of the source + example: Source with orphan entitlements + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + examples: + Manager: + value: + id: 5594f43b76804a6980ece5fdccf74be7 + name: Manager Review + description: A review of everyone's access by their manager. + deadline: 2020-12-25T06:00:00.468Z + type: MANAGER + status: PENDING + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + created: 2022-08-02T20:21:18.421Z + modified: null + filter: + type: CAMPAIGN_FILTER + id: 0fbe863c063c4c88a35fd7f17e8a3df5 + name: Test Manager Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: 0 + completedCertifications: 0 + sourcesWithOrphanEntitlements: null + mandatoryCommentRequirement: NO_DECISIONS + Search: + value: + id: ec041831cb2147778b594feb9d8db44a + name: Search Campaign + description: Search Campaign + deadline: 2020-12-25T06:00:00.468Z + type: SEARCH + status: PENDING + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + created: 2022-08-03T13:54:34.344Z + modified: null + filter: + type: CAMPAIGN_FILTER + id: 0fbe863c063c4c88a35fd7f17e8a3df5 + name: Test Search Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: + type: ACCESS + description: user + reviewer: + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: null + query: user + identityIds: null + accessConstraints: [] + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: 0 + completedCertifications: 0 + sourcesWithOrphanEntitlements: null + mandatoryCommentRequirement: NO_DECISIONS + Source Owner: + value: + id: fd7b76ba4ea042de8a9414aa12fc977a + name: Source Owner + description: Source Owner Info + deadline: 2020-12-25T06:00:00.468Z + type: SOURCE_OWNER + status: PENDING + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + created: 2022-08-03T13:34:19.541Z + modified: null + filter: + type: CAMPAIGN_FILTER + id: 0fbe863c063c4c88a35fd7f17e8a3df5 + name: Test Source Owner Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + sourceIds: + - 612b31b1a0f04aaf83123bdb80e70db6 + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: 0 + completedCertifications: 0 + sourcesWithOrphanEntitlements: null + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + Role Composition: + value: + id: 3b2e2e5821e84127b6d693d41c40623b + name: Role Composition Campaign + description: A review done by a role owner. + deadline: 2020-12-25T06:00:00.468Z + type: ROLE_COMPOSITION + status: PENDING + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + created: 2022-08-02T20:30:46.083Z + modified: null + filter: + type: CAMPAIGN_FILTER + id: 0fbe863c063c4c88a35fd7f17e8a3df5 + name: Test Role Composition Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: + remediatorRef: + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + reviewerId: null + reviewer: null + roleIds: + - b15d609fc5c8434b865fe552315fda8f + query: null + description: null + alerts: null + totalCertifications: 0 + completedCertifications: 0 + sourcesWithOrphanEntitlements: null + mandatoryCommentRequirement: NO_DECISIONS + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaigns/{id}': + get: + operationId: getCampaign + tags: + - Certification Campaigns + summary: Get Campaign + description: | + Use this API to get information for an existing certification campaign by the campaign's ID. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign:read' + - 'idn:campaign:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the campaign to be retrieved. + example: 2c91808571bcfcf80171c23e4b4221fc + - in: query + name: detail + schema: + type: string + enum: + - SLIM + - FULL + required: false + description: 'Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.' + example: FULL + responses: + '200': + description: Requested campaign object. + content: + application/json: + schema: + oneOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + title: Campaign + allOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + properties: + modified: + type: string + readOnly: true + format: date-time + description: Modified time of the campaign + example: '2020-03-03T22:20:12.674Z' + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + filter: + type: object + description: Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank. + properties: + id: + type: string + description: The ID of whatever type of filter is being used. + example: 0fbe863c063c4c88a35fd7f17e8a3df5 + type: + type: string + description: Type of the filter + enum: + - CAMPAIGN_FILTER + - RULE + example: CAMPAIGN_FILTER + name: + type: string + description: Name of the filter + example: Test Filter + sunsetCommentsRequired: + type: boolean + description: Determines if comments on sunset date changes are required. + default: true + example: true + sourceOwnerCampaignInfo: + type: object + description: Must be set only if the campaign type is SOURCE_OWNER. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + searchCampaignInfo: + type: object + description: Must be set only if the campaign type is SEARCH. + properties: + type: + type: string + description: The type of search campaign represented. + enum: + - IDENTITY + - ACCESS + example: ACCESS + description: + type: string + description: 'Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.' + example: Search Campaign description + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + query: + type: string + description: The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set. + example: Search Campaign query description + identityIds: + type: array + description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set. + items: + type: string + maxItems: 1000 + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + accessConstraints: + type: array + description: Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access. + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + description: Type of Access + example: ENTITLEMENT + ids: + description: Must be set only if operator is SELECTED. + type: array + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + operator: + type: string + enum: + - ALL + - SELECTED + description: Used to determine whether the scope of the campaign should be reduced for selected ids or all. + example: SELECTED + required: + - type + - operator + maxItems: 1000 + required: + - type + roleCompositionCampaignInfo: + type: object + description: Optional configuration options for role composition campaigns. + properties: + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + roleIds: + type: array + description: 'Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + remediatorRef: + type: object + description: 'This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is ''IDENTITY'', and the chosen identity must be a Role Admin or Org Admin.' + properties: + type: + type: string + enum: + - IDENTITY + description: Legal Remediator Type + example: IDENTITY + id: + type: string + description: The ID of the remediator. + example: 2c90ad2a70ace7d50170acf22ca90010 + name: + type: string + description: The name of the remediator. + readOnly: true + example: Role Admin + required: + - type + - id + query: + type: string + description: 'Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + example: Search Query + description: + type: string + description: 'Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.' + example: Role Composition Description + required: + - remediatorRef + sourcesWithOrphanEntitlements: + type: array + description: A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). + readOnly: true + items: + type: object + properties: + id: + type: string + description: Id of the source + example: 2c90ad2a70ace7d50170acf22ca90010 + type: + type: string + enum: + - SOURCE + description: Type + example: SOURCE + name: + type: string + description: Name of the source + example: Source with orphan entitlements + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + examples: + Manager: + value: + id: 2c918086719eec070171a7e3355a360a + name: Manager Review + description: A review of everyone's access by their manager. + deadline: '2020-12-25T06:00:00.123Z' + type: MANAGER + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + Search: + value: + id: 7e1a731e3fb845cfbe58112ba4673ee4 + name: Search Campaign + description: Search Campaign Info + deadline: 2022-07-26T15:42:44.000Z + type: SEARCH + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + Source Owner: + value: + id: 2c918086719eec070171a7e3355a412b + name: AD Source Review + description: A review of our AD source. + deadline: '2020-12-25T06:00:00.123Z' + type: SOURCE_OWNER + status: STAGED + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + RoleComposition: + value: + id: 3b2e2e5821e84127b6d693d41c40623b + name: Role Composition Campaign + description: A review done by a role owner. + deadline: 2020-12-25T06:00:00.468Z + type: ROLE_COMPOSITION + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: updateCampaign + tags: + - Certification Campaigns + summary: Update a Campaign + description: | + Use this API to update individual fields on a certification campaign, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign:read' + - 'idn:campaign:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the campaign template being modified. + example: 2c91808571bcfcf80171c23e4b4221fc + requestBody: + required: true + description: | + A list of campaign update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + The fields that can be patched differ based on the status of the campaign. + + When the campaign is in the *STAGED* status, you can patch these fields: + * name + * description + * recommendationsEnabled + * deadline + * emailNotificationEnabled + * autoRevokeAllowed + + When the campaign is in the *ACTIVE* status, you can patch these fields: + * deadline + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /name + value: This field has been updated! + - op: copy + from: /name + path: /description + responses: + '200': + description: 'This response indicates that the PATCH operation succeeded, and the API returns the campaign''s new representation.' + content: + application/json: + schema: + type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + Manager: + value: + id: 2c918086719eec070171a7e3355a360a + name: Manager Review + description: A review of everyone's access by their manager. + deadline: '2020-12-25T06:00:00.123Z' + type: MANAGER + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + Search: + value: + id: 7e1a731e3fb845cfbe58112ba4673ee4 + name: Search Campaign + description: Search Campaign Info + deadline: 2022-07-26T15:42:44.000Z + type: SEARCH + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + Source Owner: + value: + id: 2c918086719eec070171a7e3355a412b + name: AD Source Review + description: A review of our AD source. + deadline: '2020-12-25T06:00:00.123Z' + type: SOURCE_OWNER + status: STAGED + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + RoleComposition: + value: + id: 3b2e2e5821e84127b6d693d41c40623b + name: Role Composition Campaign + description: A review done by a role owner. + deadline: 2020-12-25T06:00:00.468Z + type: ROLE_COMPOSITION + status: ACTIVE + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaigns/{id}/reassign': + post: + security: + - UserContextAuth: + - 'idn:campaign:manage' + operationId: move + tags: + - Certification Campaigns + summary: Reassign Certifications + description: | + This API reassigns the specified certifications from one identity to another. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The certification campaign ID + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + certificationIds: + description: List of certification IDs to reassign + type: array + items: + type: string + minItems: 1 + maxItems: 250 + example: + - af3859464779471211bb8424a563abc1 + - af3859464779471211bb8424a563abc2 + - af3859464779471211bb8424a563abc3 + reassignTo: + type: object + properties: + id: + type: string + description: The identity ID to which the review is being assigned. + example: ef38f94347e94562b5bb8424a56397d8 + type: + type: string + description: The type of the ID provided. + enum: + - IDENTITY + example: IDENTITY + reason: + type: string + description: Comment to explain why the certification was reassigned + example: reassigned for some reason + responses: + '202': + description: The reassign task that has been submitted. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The ID of the certification task. + example: 2c918086719eec070171a7e3355a360a + type: + type: string + description: The type of the certification task. More values may be added in the future. + enum: + - REASSIGN + - ADMIN_REASSIGN + - COMPLETE_CERTIFICATION + - FINISH_CERTIFICATION + - COMPLETE_CAMPAIGN + - ACTIVATE_CAMPAIGN + - CAMPAIGN_CREATE + - CAMPAIGN_DELETE + example: ADMIN_REASSIGN + targetType: + type: string + description: The type of item that is being operated on by this task whose ID is stored in the targetId field. + enum: + - CERTIFICATION + - CAMPAIGN + example: CAMPAIGN + targetId: + type: string + description: The ID of the item being operated on by this task. + example: 2c918086719eec070171a7e3355a834c + status: + type: string + description: The status of the task. + enum: + - QUEUED + - IN_PROGRESS + - SUCCESS + - ERROR + example: QUEUED + errors: + description: A list of errors that have been encountered by the task. + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + reassignmentTrailDTOs: + description: Reassignment trails that lead to self certification identity + type: array + items: + type: object + properties: + previousOwner: + type: string + description: The ID of previous owner identity. + example: ef38f94347e94562b5bb8424a56397d8 + newOwner: + type: string + description: The ID of new owner identity. + example: ef38f94347e94562b5bb8424a56397a3 + reassignmentType: + type: string + description: The type of reassignment. + example: AUTOMATIC_REASSIGNMENT + example: + previousOwner: ef38f94347e94562b5bb8424a56397d8 + newOwner: ef38f94347e94562b5bb8424a56397a3 + reassignmentType: AUTOMATIC_REASSIGNMENT + created: + type: string + description: The date and time on which this task was created. + format: date-time + example: '2020-09-24T18:10:47.693Z' + example: + id: 2c918086719eec070171a7e3355a360a + type: ADMIN_REASSIGN + targetType: CAMPAIGN + targetId: 2c918086719eec070171a7e3355a834c + status: QUEUED + errors: [] + created: '2020-09-24T18:10:47.693Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaigns/{id}/activate': + post: + operationId: startCampaign + tags: + - Certification Campaigns + summary: Activate a Campaign + description: | + Use this API to submit a job to activate the certified campaign with the specified ID. The campaign must be staged. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign:manage' + requestBody: + description: 'Optional. If no timezone is specified, the standard UTC timezone is used (i.e. UTC+00:00). Although this can take any timezone, the intended value is the caller''s timezone. The activation time calculated from the given timezone may cause the campaign deadline time to be modified, but it will remain within the original date. The timezone must be in a valid ISO 8601 format.' + required: false + content: + application/json: + schema: + type: object + properties: + timeZone: + type: string + description: 'The timezone must be in a valid ISO 8601 format. Timezones in ISO 8601 are represented as UTC (represented as ''Z'') or as an offset from UTC. The offset format can be +/-hh:mm, +/-hhmm, or +/-hh.' + default: Z + example: '-05:00' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Campaign ID. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaigns/{id}/complete': + post: + operationId: completeCampaign + tags: + - Certification Campaigns + summary: Complete a Campaign + description: | + :::caution + + This endpoint will run successfully for any campaigns that are **past due**. + + This endpoint will return a content error if the campaign is **not past due**. + + ::: + + Use this API to complete a certification campaign. This functionality is provided to admins so that they + can complete a certification even if all items have not been completed. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign:manage' + requestBody: + description: 'Optional. Default behavior is for the campaign to auto-approve upon completion, unless autoCompleteAction=REVOKE' + required: false + content: + application/json: + schema: + type: object + properties: + autoCompleteAction: + description: Determines whether to auto-approve(APPROVE) or auto-revoke(REVOKE) upon campaign completion. + type: string + enum: + - APPROVE + - REVOKE + default: APPROVE + example: REVOKE + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Campaign ID. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /campaigns/delete: + post: + operationId: deleteCampaigns + tags: + - Certification Campaigns + summary: Delete Campaigns + description: | + Use this API to delete certification campaigns whose IDs are specified in the provided list of campaign IDs. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign:manage' + requestBody: + description: IDs of the campaigns to delete. + required: true + content: + application/json: + schema: + type: object + properties: + ids: + description: The ids of the campaigns to delete + type: array + items: + type: string + example: + - 2c9180887335cee10173490db1776c26 + - 2c9180836a712436016a7125a90c0021 + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaigns/{id}/run-remediation-scan': + post: + operationId: startCampaignRemediationScan + tags: + - Certification Campaigns + summary: Run Campaign Remediation Scan + description: | + Use this API to run a remediation scan task for a certification campaign. + + A token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign-report:manage' + parameters: + - in: path + name: id + schema: + type: string + example: 2c91808571bcfcf80171c23e4b4221fc + required: true + description: ID of the campaign the remediation scan is being run for. + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaigns/{id}/reports': + get: + operationId: getCampaignReports + tags: + - Certification Campaigns + summary: Get Campaign Reports + description: | + Use this API to fetch all reports for a certification campaign by campaign ID. + + A token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign-report:read' + - 'idn:campaign-report:manage' + parameters: + - in: path + name: id + schema: + type: string + example: 2c91808571bcfcf80171c23e4b4221fc + required: true + description: ID of the campaign whose reports are being fetched. + responses: + '200': + description: Array of campaign report objects. + content: + application/json: + schema: + type: array + items: + type: object + title: Campaign Report + required: + - reportType + allOf: + - allOf: + - type: object + description: SOD policy violation report result. + properties: + type: + type: string + description: SOD policy violation report result DTO type. + enum: + - REPORT_RESULT + example: REPORT_RESULT + id: + type: string + description: SOD policy violation report result ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of the SOD policy violation report result. + example: SOD Policy 1 Violation + - type: object + properties: + status: + type: string + description: Status of a SOD policy violation report. + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + - PENDING + example: PENDING + - type: object + properties: + reportType: + type: string + description: type of a Report + enum: + - CAMPAIGN_COMPOSITION_REPORT + - CAMPAIGN_REMEDIATION_STATUS_REPORT + - CAMPAIGN_STATUS_REPORT + - CERTIFICATION_SIGNOFF_REPORT + example: CAMPAIGN_COMPOSITION_REPORT + lastRunAt: + type: string + readOnly: true + format: date-time + description: The most recent date and time this report was run + example: + type: REPORT_RESULT + id: 2c91808568c529c60168cca6f90c1313 + name: Campaign Composition Report + status: SUCCESS + reportType: CAMPAIGN_COMPOSITION_REPORT + lastRunAt: '2019-12-19T13:49:37.385Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaigns/{id}/run-report/{type}': + post: + operationId: startCampaignReport + tags: + - Certification Campaigns + summary: Run Campaign Report + description: | + Use this API to run a report for a certification campaign. + + A token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign-report:manage' + parameters: + - in: path + name: id + schema: + type: string + example: 2c91808571bcfcf80171c23e4b4221fc + required: true + description: ID of the campaign the report is being run for. + - in: path + name: type + schema: + type: string + description: type of a Report + enum: + - CAMPAIGN_COMPOSITION_REPORT + - CAMPAIGN_REMEDIATION_STATUS_REPORT + - CAMPAIGN_STATUS_REPORT + - CERTIFICATION_SIGNOFF_REPORT + example: CAMPAIGN_COMPOSITION_REPORT + required: true + description: Type of the report to run. + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /campaigns/reports-configuration: + get: + operationId: getCampaignReportsConfig + tags: + - Certification Campaigns + summary: Get Campaign Reports Configuration + description: | + Use this API to fetch the configuration for certification campaign reports. The configuration includes only one element - identity attributes defined as custom report columns. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign:read' + - 'idn:campaign:manage' + responses: + '200': + description: Campaign report configuration. + content: + application/json: + schema: + type: object + title: Campaign Reports Configuration + properties: + identityAttributeColumns: + type: array + nullable: true + description: list of identity attribute columns + items: + type: string + example: + - firstname + - lastname + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: setCampaignReportsConfig + tags: + - Certification Campaigns + summary: Set Campaign Reports Configuration + description: | + Use this API to overwrite the configuration for campaign reports. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign:manage' + requestBody: + required: true + description: Campaign report configuration. + content: + application/json: + schema: + type: object + title: Campaign Reports Configuration + properties: + identityAttributeColumns: + type: array + nullable: true + description: list of identity attribute columns + items: + type: string + example: + - firstname + - lastname + responses: + '200': + description: The persisted campaign report configuration. + content: + application/json: + schema: + type: object + title: Campaign Reports Configuration + properties: + identityAttributeColumns: + type: array + nullable: true + description: list of identity attribute columns + items: + type: string + example: + - firstname + - lastname + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /campaign-filters: + post: + operationId: createCampaignFilter + tags: + - Certification Campaign Filters + summary: Create Campaign Filter + description: Use this API to create a campaign filter based on filter details and criteria. + security: + - UserContextAuth: + - 'idn:campaign-filter:create' + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Campaign Filter Details + properties: + name: + type: string + description: Campaign filter name. + example: Identity Attribute Campaign Filter + description: + type: string + description: Campaign filter description. + example: Campaign filter to certify data based on an identity attribute's specified property. + owner: + type: string + description: Owner of the filter. This field automatically populates at creation time with the current user. + example: SailPoint Support + nullable: true + mode: + description: 'Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.' + enum: + - INCLUSION + - EXCLUSION + example: INCLUSION + criteriaList: + type: array + description: List of criteria. + items: + type: object + properties: + type: + type: string + enum: + - COMPOSITE + - ROLE + - IDENTITY + - IDENTITY_ATTRIBUTE + - ENTITLEMENT + - ACCESS_PROFILE + - SOURCE + - ACCOUNT + - AGGREGATED_ENTITLEMENT + - INVALID_CERTIFIABLE_ENTITY + description: Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship. + example: IDENTITY_ATTRIBUTE + operation: + allOf: + - type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + - null + description: Operation on a specific criteria + example: EQUALS + - nullable: true + property: + type: string + description: Specified key from the type of criteria. + example: displayName + nullable: true + value: + type: string + description: Value for the specified key from the type of criteria. + example: Allie + nullable: true + required: + - type + - property + - value + - operation + example: + - type: IDENTITY_ATTRIBUTE + property: displayName + value: support + operation: CONTAINS + negateResult: false + shortCircuit: false + recordChildMatches: false + id: null + suppressMatchedItems: false + children: null + required: + - name + - owner + - mode + responses: + '200': + description: Created successfully. + content: + application/json: + schema: + type: object + description: Campaign Filter Details + properties: + name: + type: string + description: Campaign filter name. + example: Identity Attribute Campaign Filter + description: + type: string + description: Campaign filter description. + example: Campaign filter to certify data based on an identity attribute's specified property. + owner: + type: string + description: Owner of the filter. This field automatically populates at creation time with the current user. + example: SailPoint Support + nullable: true + mode: + description: 'Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.' + enum: + - INCLUSION + - EXCLUSION + example: INCLUSION + criteriaList: + type: array + description: List of criteria. + items: + type: object + properties: + type: + type: string + enum: + - COMPOSITE + - ROLE + - IDENTITY + - IDENTITY_ATTRIBUTE + - ENTITLEMENT + - ACCESS_PROFILE + - SOURCE + - ACCOUNT + - AGGREGATED_ENTITLEMENT + - INVALID_CERTIFIABLE_ENTITY + description: Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship. + example: IDENTITY_ATTRIBUTE + operation: + allOf: + - type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + - null + description: Operation on a specific criteria + example: EQUALS + - nullable: true + property: + type: string + description: Specified key from the type of criteria. + example: displayName + nullable: true + value: + type: string + description: Value for the specified key from the type of criteria. + example: Allie + nullable: true + required: + - type + - property + - value + - operation + example: + - type: IDENTITY_ATTRIBUTE + property: displayName + value: support + operation: CONTAINS + negateResult: false + shortCircuit: false + recordChildMatches: false + id: null + suppressMatchedItems: false + children: null + required: + - name + - owner + - mode + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: listCampaignFilters + tags: + - Certification Campaign Filters + summary: List Campaign Filters + description: Use this API to list all campaign filters. You can reduce scope with standard V3 query parameters. + security: + - UserContextAuth: + - 'idn:campaign-filter-list:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: start + description: 'Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.' + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: includeSystemFilters + description: 'If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. ' + required: false + example: true + schema: + type: boolean + default: true + responses: + '200': + description: List of campaign filter objects. + content: + application/json: + schema: + type: object + properties: + items: + type: array + description: List of campaign filters. + items: + type: object + description: Campaign Filter Details + properties: + name: + type: string + description: Campaign filter name. + example: Identity Attribute Campaign Filter + description: + type: string + description: Campaign filter description. + example: Campaign filter to certify data based on an identity attribute's specified property. + owner: + type: string + description: Owner of the filter. This field automatically populates at creation time with the current user. + example: SailPoint Support + nullable: true + mode: + description: 'Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.' + enum: + - INCLUSION + - EXCLUSION + example: INCLUSION + criteriaList: + type: array + description: List of criteria. + items: + type: object + properties: + type: + type: string + enum: + - COMPOSITE + - ROLE + - IDENTITY + - IDENTITY_ATTRIBUTE + - ENTITLEMENT + - ACCESS_PROFILE + - SOURCE + - ACCOUNT + - AGGREGATED_ENTITLEMENT + - INVALID_CERTIFIABLE_ENTITY + description: Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship. + example: IDENTITY_ATTRIBUTE + operation: + allOf: + - type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + - null + description: Operation on a specific criteria + example: EQUALS + - nullable: true + property: + type: string + description: Specified key from the type of criteria. + example: displayName + nullable: true + value: + type: string + description: Value for the specified key from the type of criteria. + example: Allie + nullable: true + required: + - type + - property + - value + - operation + example: + - type: IDENTITY_ATTRIBUTE + property: displayName + value: support + operation: CONTAINS + negateResult: false + shortCircuit: false + recordChildMatches: false + id: null + suppressMatchedItems: false + children: null + required: + - name + - owner + - mode + count: + type: integer + description: Number of filters returned. + example: 2 + example: + items: + - id: 5b8a2ba86393dd174495c4436dd76b25 + name: IdentityAttribute Inclusion Campaign Filter + description: IdentityAttribute Inclusion Campaign Filter + owner: SailPoint Support + mode: INCLUSION + criteriaList: + - type: IDENTITY_ATTRIBUTE + property: displayName + value: '#' + operation: CONTAINS + negateResult: false + shortCircuit: false + recordChildMatches: false + id: null + suppressMatchedItems: false + children: null + isSystemFilter: false + - id: e9f9a1397b842fd5a65842087040d3ac + name: Exclusion Campaign Filter + description: Campaign filter for Exclusion update + owner: SailPoint Support + mode: EXCLUSION + criteriaList: + - type: IDENTITY_ATTRIBUTE + property: displayName + value: '#@' + operation: CONTAINS + negateResult: false + shortCircuit: false + recordChildMatches: false + id: null + suppressMatchedItems: false + children: null + isSystemFilter: false + count: 2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaign-filters/{id}': + get: + operationId: getCampaignFilterById + tags: + - Certification Campaign Filters + summary: Get Campaign Filter by ID + description: Retrieves information for an existing campaign filter using the filter's ID. + security: + - UserContextAuth: + - 'idn:campaign-filter:read' + parameters: + - in: path + name: filterId + schema: + type: string + example: e9f9a1397b842fd5a65842087040d3ac + required: true + description: The ID of the campaign filter to be retrieved. + responses: + '200': + description: A campaign filter object. + content: + application/json: + schema: + type: array + items: + type: object + description: Campaign Filter Details + properties: + name: + type: string + description: Campaign filter name. + example: Identity Attribute Campaign Filter + description: + type: string + description: Campaign filter description. + example: Campaign filter to certify data based on an identity attribute's specified property. + owner: + type: string + description: Owner of the filter. This field automatically populates at creation time with the current user. + example: SailPoint Support + nullable: true + mode: + description: 'Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.' + enum: + - INCLUSION + - EXCLUSION + example: INCLUSION + criteriaList: + type: array + description: List of criteria. + items: + type: object + properties: + type: + type: string + enum: + - COMPOSITE + - ROLE + - IDENTITY + - IDENTITY_ATTRIBUTE + - ENTITLEMENT + - ACCESS_PROFILE + - SOURCE + - ACCOUNT + - AGGREGATED_ENTITLEMENT + - INVALID_CERTIFIABLE_ENTITY + description: Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship. + example: IDENTITY_ATTRIBUTE + operation: + allOf: + - type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + - null + description: Operation on a specific criteria + example: EQUALS + - nullable: true + property: + type: string + description: Specified key from the type of criteria. + example: displayName + nullable: true + value: + type: string + description: Value for the specified key from the type of criteria. + example: Allie + nullable: true + required: + - type + - property + - value + - operation + example: + - type: IDENTITY_ATTRIBUTE + property: displayName + value: support + operation: CONTAINS + negateResult: false + shortCircuit: false + recordChildMatches: false + id: null + suppressMatchedItems: false + children: null + required: + - name + - owner + - mode + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: updateCampaignFilter + tags: + - Certification Campaign Filters + summary: Updates a Campaign Filter + description: Updates an existing campaign filter using the filter's ID. + security: + - UserContextAuth: + - 'idn:campaign-filter:update' + parameters: + - in: path + name: filterId + schema: + type: string + example: e9f9a1397b842fd5a65842087040d3ac + required: true + description: The ID of the campaign filter being modified. + requestBody: + required: true + description: A campaign filter details with updated field values. + content: + application/json: + schema: + type: object + description: Campaign Filter Details + properties: + name: + type: string + description: Campaign filter name. + example: Identity Attribute Campaign Filter + description: + type: string + description: Campaign filter description. + example: Campaign filter to certify data based on an identity attribute's specified property. + owner: + type: string + description: Owner of the filter. This field automatically populates at creation time with the current user. + example: SailPoint Support + nullable: true + mode: + description: 'Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.' + enum: + - INCLUSION + - EXCLUSION + example: INCLUSION + criteriaList: + type: array + description: List of criteria. + items: + type: object + properties: + type: + type: string + enum: + - COMPOSITE + - ROLE + - IDENTITY + - IDENTITY_ATTRIBUTE + - ENTITLEMENT + - ACCESS_PROFILE + - SOURCE + - ACCOUNT + - AGGREGATED_ENTITLEMENT + - INVALID_CERTIFIABLE_ENTITY + description: Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship. + example: IDENTITY_ATTRIBUTE + operation: + allOf: + - type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + - null + description: Operation on a specific criteria + example: EQUALS + - nullable: true + property: + type: string + description: Specified key from the type of criteria. + example: displayName + nullable: true + value: + type: string + description: Value for the specified key from the type of criteria. + example: Allie + nullable: true + required: + - type + - property + - value + - operation + example: + - type: IDENTITY_ATTRIBUTE + property: displayName + value: support + operation: CONTAINS + negateResult: false + shortCircuit: false + recordChildMatches: false + id: null + suppressMatchedItems: false + children: null + required: + - name + - owner + - mode + responses: + '200': + description: Created successfully. + content: + application/json: + schema: + type: object + description: Campaign Filter Details + properties: + name: + type: string + description: Campaign filter name. + example: Identity Attribute Campaign Filter + description: + type: string + description: Campaign filter description. + example: Campaign filter to certify data based on an identity attribute's specified property. + owner: + type: string + description: Owner of the filter. This field automatically populates at creation time with the current user. + example: SailPoint Support + nullable: true + mode: + description: 'Mode/type of filter, either the INCLUSION or EXCLUSION type. The INCLUSION type includes the data in generated campaigns as per specified in the criteria, whereas the EXCLUSION type excludes the data in generated campaigns as per specified in criteria.' + enum: + - INCLUSION + - EXCLUSION + example: INCLUSION + criteriaList: + type: array + description: List of criteria. + items: + type: object + properties: + type: + type: string + enum: + - COMPOSITE + - ROLE + - IDENTITY + - IDENTITY_ATTRIBUTE + - ENTITLEMENT + - ACCESS_PROFILE + - SOURCE + - ACCOUNT + - AGGREGATED_ENTITLEMENT + - INVALID_CERTIFIABLE_ENTITY + description: Type of the criteria in the filter. The `COMPOSITE` filter can contain multiple filters in an AND/OR relationship. + example: IDENTITY_ATTRIBUTE + operation: + allOf: + - type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + - null + description: Operation on a specific criteria + example: EQUALS + - nullable: true + property: + type: string + description: Specified key from the type of criteria. + example: displayName + nullable: true + value: + type: string + description: Value for the specified key from the type of criteria. + example: Allie + nullable: true + required: + - type + - property + - value + - operation + example: + - type: IDENTITY_ATTRIBUTE + property: displayName + value: support + operation: CONTAINS + negateResult: false + shortCircuit: false + recordChildMatches: false + id: null + suppressMatchedItems: false + children: null + required: + - name + - owner + - mode + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /campaign-filters/delete: + post: + operationId: deleteCampaignFilters + tags: + - Certification Campaign Filters + summary: Deletes Campaign Filters + description: Deletes campaign filters whose Ids are specified in the provided list of campaign filter Ids. Authorized callers must be an ORG_ADMIN or a CERT_ADMIN. + security: + - UserContextAuth: + - 'idn:campaign-filter:delete' + requestBody: + description: A json list of IDs of campaign filters to delete. + required: true + content: + application/json: + schema: + type: array + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + - 2efb374d392c4d88a34sv7b11e8a4eq6 + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /campaign-templates: + post: + operationId: createCampaignTemplate + tags: + - Certification Campaigns + summary: Create a Campaign Template + description: | + Use this API to create a certification campaign template based on campaign. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign-template:manage' + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Campaign Template + properties: + id: + type: string + description: Id of the campaign template + example: 2c9079b270a266a60170a277bb960008 + name: + type: string + description: This template's name. Has no bearing on generated campaigns' names. + example: Manager Campaign Template + description: + type: string + description: This template's description. Has no bearing on generated campaigns' descriptions. + example: Template for the annual manager campaign. + created: + type: string + description: Creation date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:44:00.364Z' + modified: + type: string + description: Modification date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:52:09.969Z' + scheduled: + type: boolean + readOnly: true + description: Indicates if this campaign template has been scheduled. + example: false + default: false + ownerRef: + type: object + readOnly: true + description: 'The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.' + properties: + id: + type: string + description: Id of the owner + example: 2c918086676d3e0601677611dbde220f + type: + type: string + enum: + - IDENTITY + description: Type of the owner + example: IDENTITY + name: + type: string + description: Name of the owner + example: Mister Manager + email: + type: string + description: Email of the owner + example: mr.manager@example.com + deadlineDuration: + type: string + description: 'The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign''s deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was "P2W" (two weeks), the resulting campaign''s deadline would be 2020-01-15 (the current date plus 14 days).' + example: P2W + campaign: + type: object + description: 'This will hold campaign related information like name, description etc.' + title: Campaign + allOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + properties: + modified: + type: string + readOnly: true + format: date-time + description: Modified time of the campaign + example: '2020-03-03T22:20:12.674Z' + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + filter: + type: object + description: Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank. + properties: + id: + type: string + description: The ID of whatever type of filter is being used. + example: 0fbe863c063c4c88a35fd7f17e8a3df5 + type: + type: string + description: Type of the filter + enum: + - CAMPAIGN_FILTER + - RULE + example: CAMPAIGN_FILTER + name: + type: string + description: Name of the filter + example: Test Filter + sunsetCommentsRequired: + type: boolean + description: Determines if comments on sunset date changes are required. + default: true + example: true + sourceOwnerCampaignInfo: + type: object + description: Must be set only if the campaign type is SOURCE_OWNER. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + searchCampaignInfo: + type: object + description: Must be set only if the campaign type is SEARCH. + properties: + type: + type: string + description: The type of search campaign represented. + enum: + - IDENTITY + - ACCESS + example: ACCESS + description: + type: string + description: 'Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.' + example: Search Campaign description + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + query: + type: string + description: The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set. + example: Search Campaign query description + identityIds: + type: array + description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set. + items: + type: string + maxItems: 1000 + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + accessConstraints: + type: array + description: Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access. + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + description: Type of Access + example: ENTITLEMENT + ids: + description: Must be set only if operator is SELECTED. + type: array + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + operator: + type: string + enum: + - ALL + - SELECTED + description: Used to determine whether the scope of the campaign should be reduced for selected ids or all. + example: SELECTED + required: + - type + - operator + maxItems: 1000 + required: + - type + roleCompositionCampaignInfo: + type: object + description: Optional configuration options for role composition campaigns. + properties: + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + roleIds: + type: array + description: 'Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + remediatorRef: + type: object + description: 'This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is ''IDENTITY'', and the chosen identity must be a Role Admin or Org Admin.' + properties: + type: + type: string + enum: + - IDENTITY + description: Legal Remediator Type + example: IDENTITY + id: + type: string + description: The ID of the remediator. + example: 2c90ad2a70ace7d50170acf22ca90010 + name: + type: string + description: The name of the remediator. + readOnly: true + example: Role Admin + required: + - type + - id + query: + type: string + description: 'Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + example: Search Query + description: + type: string + description: 'Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.' + example: Role Composition Description + required: + - remediatorRef + sourcesWithOrphanEntitlements: + type: array + description: A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). + readOnly: true + items: + type: object + properties: + id: + type: string + description: Id of the source + example: 2c90ad2a70ace7d50170acf22ca90010 + type: + type: string + enum: + - SOURCE + description: Type + example: SOURCE + name: + type: string + description: Name of the source + example: Source with orphan entitlements + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + required: + - name + - description + - created + - modified + - campaign + examples: + Manager: + description: 'This creates a template that can be used to generate manager campaigns. The campaigns will have a due date that is two weeks after their creation date, and will be named "{current date} Manager Review" (e.g. "2020-03-16 Manager Review").' + value: + name: Manager Review + description: A review of everyone's access by their manager. + deadlineDuration: P2W + campaign: + name: Manager Review + description: Review everyone's access. + type: MANAGER + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + mandatoryCommentRequirement: NO_DECISIONS + Search: + description: This creates a template that can be used to generate search access campaigns. The campaigns will cover the "reporter" access item for across all identities. + value: + name: Reporting Access Review + description: A review of everyone's access to the reporting system. + deadlineDuration: P2W + campaign: + name: Search Review + description: Review everyone's access to the reporting system. + type: SEARCH + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + searchCampaignInfo: + type: ACCESS + query: '@access(name: ("reporter"))' + description: Identities with reporting abilities + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + mandatoryCommentRequirement: NO_DECISIONS + Source Owner: + description: 'This creates a template that can be used to generate source owner campaigns. The campaigns will have a due date that is one month after their creation date, and will review one source.' + value: + name: AD Source Review + description: A review of our AD source. + deadlineDuration: P1M + campaign: + name: Source Review + description: Review everyone's access. + type: SOURCE_OWNER + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + sourceOwnerCampaignInfo: + sourceIds: + - 2c918084707deba501709d45ce4e5569 + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + RoleComposition: + description: 'This creates a template that can be used to generate role composition campaigns. The campaigns will have a due date that is two weeks after their creation date, and will be named "{current date} Role Composition Review" (e.g. "2020-03-16 Role Composition Review").' + value: + name: Role Composition Review + description: 'A review of every role''s access items, by the specified reviewer.' + deadlineDuration: P2W + campaign: + name: Role Composition Review + description: Review all our roles. + type: ROLE_COMPOSITION + roleCompositionCampaignInfo: + remediatorRef: + type: IDENTITY + id: 2c9180876ab2c053016ab6f65dfd5aaa + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + mandatoryCommentRequirement: NO_DECISIONS + responses: + '200': + description: Created successfully. + content: + application/json: + schema: + type: object + description: Campaign Template + properties: + id: + type: string + description: Id of the campaign template + example: 2c9079b270a266a60170a277bb960008 + name: + type: string + description: This template's name. Has no bearing on generated campaigns' names. + example: Manager Campaign Template + description: + type: string + description: This template's description. Has no bearing on generated campaigns' descriptions. + example: Template for the annual manager campaign. + created: + type: string + description: Creation date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:44:00.364Z' + modified: + type: string + description: Modification date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:52:09.969Z' + scheduled: + type: boolean + readOnly: true + description: Indicates if this campaign template has been scheduled. + example: false + default: false + ownerRef: + type: object + readOnly: true + description: 'The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.' + properties: + id: + type: string + description: Id of the owner + example: 2c918086676d3e0601677611dbde220f + type: + type: string + enum: + - IDENTITY + description: Type of the owner + example: IDENTITY + name: + type: string + description: Name of the owner + example: Mister Manager + email: + type: string + description: Email of the owner + example: mr.manager@example.com + deadlineDuration: + type: string + description: 'The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign''s deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was "P2W" (two weeks), the resulting campaign''s deadline would be 2020-01-15 (the current date plus 14 days).' + example: P2W + campaign: + type: object + description: 'This will hold campaign related information like name, description etc.' + title: Campaign + allOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + properties: + modified: + type: string + readOnly: true + format: date-time + description: Modified time of the campaign + example: '2020-03-03T22:20:12.674Z' + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + filter: + type: object + description: Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank. + properties: + id: + type: string + description: The ID of whatever type of filter is being used. + example: 0fbe863c063c4c88a35fd7f17e8a3df5 + type: + type: string + description: Type of the filter + enum: + - CAMPAIGN_FILTER + - RULE + example: CAMPAIGN_FILTER + name: + type: string + description: Name of the filter + example: Test Filter + sunsetCommentsRequired: + type: boolean + description: Determines if comments on sunset date changes are required. + default: true + example: true + sourceOwnerCampaignInfo: + type: object + description: Must be set only if the campaign type is SOURCE_OWNER. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + searchCampaignInfo: + type: object + description: Must be set only if the campaign type is SEARCH. + properties: + type: + type: string + description: The type of search campaign represented. + enum: + - IDENTITY + - ACCESS + example: ACCESS + description: + type: string + description: 'Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.' + example: Search Campaign description + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + query: + type: string + description: The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set. + example: Search Campaign query description + identityIds: + type: array + description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set. + items: + type: string + maxItems: 1000 + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + accessConstraints: + type: array + description: Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access. + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + description: Type of Access + example: ENTITLEMENT + ids: + description: Must be set only if operator is SELECTED. + type: array + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + operator: + type: string + enum: + - ALL + - SELECTED + description: Used to determine whether the scope of the campaign should be reduced for selected ids or all. + example: SELECTED + required: + - type + - operator + maxItems: 1000 + required: + - type + roleCompositionCampaignInfo: + type: object + description: Optional configuration options for role composition campaigns. + properties: + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + roleIds: + type: array + description: 'Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + remediatorRef: + type: object + description: 'This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is ''IDENTITY'', and the chosen identity must be a Role Admin or Org Admin.' + properties: + type: + type: string + enum: + - IDENTITY + description: Legal Remediator Type + example: IDENTITY + id: + type: string + description: The ID of the remediator. + example: 2c90ad2a70ace7d50170acf22ca90010 + name: + type: string + description: The name of the remediator. + readOnly: true + example: Role Admin + required: + - type + - id + query: + type: string + description: 'Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + example: Search Query + description: + type: string + description: 'Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.' + example: Role Composition Description + required: + - remediatorRef + sourcesWithOrphanEntitlements: + type: array + description: A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). + readOnly: true + items: + type: object + properties: + id: + type: string + description: Id of the source + example: 2c90ad2a70ace7d50170acf22ca90010 + type: + type: string + enum: + - SOURCE + description: Type + example: SOURCE + name: + type: string + description: Name of the source + example: Source with orphan entitlements + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + required: + - name + - description + - created + - modified + - campaign + examples: + Manager: + value: + id: e7dbec99d49349c8951bd84f58a05120 + name: Manager Review + created: 2022-08-02T19:16:42.632Z + modified: null + description: A review of everyone's access by their manager. + deadlineDuration: P14D + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Manager Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Manager Review + description: Review everyone's access. + deadline: null + type: MANAGER + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + Search: + value: + id: b7e6459eed5247ac8b98a5fed81fe27f + name: Reporting Access Review + created: 2022-07-28T19:19:40.035Z + modified: null + description: A review of everyone's access to the reporting system. + deadlineDuration: P14D + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Search Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: + type: ACCESS + description: Identities with reporting abilities + reviewerId: null + reviewer: null + query: '@access(name: ("reporter"))' + identityIds: null + accessConstraints: [] + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Search Campaign Review + description: Review everyone's access to the reporting system. + deadline: null + type: SEARCH + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + Source Owner: + value: + id: b9f41bc69e7a4291b9de0630396d030d + name: AD Source Review + created: 2022-08-02T13:40:36.857Z + modified: null + description: A review of our AD source. + deadlineDuration: P1M + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Source Owner Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: + sourceIds: + - 2c918084707deba501709d45ce4e5569 + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: AD Source Review + description: Review everyone's access. + deadline: null + type: SOURCE_OWNER + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + RoleComposition: + value: + id: b9f41bc69e7a4291b9de0630396d030d + name: Campaign With Admin Role + created: 2022-08-02T13:40:36.857Z + modified: null + description: Campaign With Admin Role + deadlineDuration: null + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: null + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: + remediatorRef: + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + reviewerId: null + reviewer: null + roleIds: + - b15d609fc5c8434b865fe552315fda8f + query: null + description: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Campaign With Admin Role + description: Campaign With Admin Role + deadline: null + type: ROLE_COMPOSITION + status: null + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: getCampaignTemplates + tags: + - Certification Campaigns + summary: List Campaign Templates + description: | + Use this API to get a list of all campaign templates. Scope can be reduced through standard V3 query params. + + The API returns all campaign templates matching the query parameters. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign-template:read' + - 'idn:campaign-template:manage' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, created, modified** + example: name + - in: query + name: filters + schema: + type: string + format: comma-separated + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *eq, ge, gt, in, le, lt, ne, sw* + + **id**: *eq, ge, gt, in, le, lt, ne, sw* + example: name eq "manager template" + responses: + '200': + description: List of campaign template objects. + content: + application/json: + schema: + type: array + items: + type: object + description: Campaign Template + properties: + id: + type: string + description: Id of the campaign template + example: 2c9079b270a266a60170a277bb960008 + name: + type: string + description: This template's name. Has no bearing on generated campaigns' names. + example: Manager Campaign Template + description: + type: string + description: This template's description. Has no bearing on generated campaigns' descriptions. + example: Template for the annual manager campaign. + created: + type: string + description: Creation date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:44:00.364Z' + modified: + type: string + description: Modification date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:52:09.969Z' + scheduled: + type: boolean + readOnly: true + description: Indicates if this campaign template has been scheduled. + example: false + default: false + ownerRef: + type: object + readOnly: true + description: 'The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.' + properties: + id: + type: string + description: Id of the owner + example: 2c918086676d3e0601677611dbde220f + type: + type: string + enum: + - IDENTITY + description: Type of the owner + example: IDENTITY + name: + type: string + description: Name of the owner + example: Mister Manager + email: + type: string + description: Email of the owner + example: mr.manager@example.com + deadlineDuration: + type: string + description: 'The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign''s deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was "P2W" (two weeks), the resulting campaign''s deadline would be 2020-01-15 (the current date plus 14 days).' + example: P2W + campaign: + type: object + description: 'This will hold campaign related information like name, description etc.' + title: Campaign + allOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + properties: + modified: + type: string + readOnly: true + format: date-time + description: Modified time of the campaign + example: '2020-03-03T22:20:12.674Z' + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + filter: + type: object + description: Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank. + properties: + id: + type: string + description: The ID of whatever type of filter is being used. + example: 0fbe863c063c4c88a35fd7f17e8a3df5 + type: + type: string + description: Type of the filter + enum: + - CAMPAIGN_FILTER + - RULE + example: CAMPAIGN_FILTER + name: + type: string + description: Name of the filter + example: Test Filter + sunsetCommentsRequired: + type: boolean + description: Determines if comments on sunset date changes are required. + default: true + example: true + sourceOwnerCampaignInfo: + type: object + description: Must be set only if the campaign type is SOURCE_OWNER. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + searchCampaignInfo: + type: object + description: Must be set only if the campaign type is SEARCH. + properties: + type: + type: string + description: The type of search campaign represented. + enum: + - IDENTITY + - ACCESS + example: ACCESS + description: + type: string + description: 'Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.' + example: Search Campaign description + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + query: + type: string + description: The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set. + example: Search Campaign query description + identityIds: + type: array + description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set. + items: + type: string + maxItems: 1000 + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + accessConstraints: + type: array + description: Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access. + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + description: Type of Access + example: ENTITLEMENT + ids: + description: Must be set only if operator is SELECTED. + type: array + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + operator: + type: string + enum: + - ALL + - SELECTED + description: Used to determine whether the scope of the campaign should be reduced for selected ids or all. + example: SELECTED + required: + - type + - operator + maxItems: 1000 + required: + - type + roleCompositionCampaignInfo: + type: object + description: Optional configuration options for role composition campaigns. + properties: + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + roleIds: + type: array + description: 'Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + remediatorRef: + type: object + description: 'This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is ''IDENTITY'', and the chosen identity must be a Role Admin or Org Admin.' + properties: + type: + type: string + enum: + - IDENTITY + description: Legal Remediator Type + example: IDENTITY + id: + type: string + description: The ID of the remediator. + example: 2c90ad2a70ace7d50170acf22ca90010 + name: + type: string + description: The name of the remediator. + readOnly: true + example: Role Admin + required: + - type + - id + query: + type: string + description: 'Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + example: Search Query + description: + type: string + description: 'Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.' + example: Role Composition Description + required: + - remediatorRef + sourcesWithOrphanEntitlements: + type: array + description: A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). + readOnly: true + items: + type: object + properties: + id: + type: string + description: Id of the source + example: 2c90ad2a70ace7d50170acf22ca90010 + type: + type: string + enum: + - SOURCE + description: Type + example: SOURCE + name: + type: string + description: Name of the source + example: Source with orphan entitlements + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + required: + - name + - description + - created + - modified + - campaign + example: + - id: e7dbec99d49349c8951bd84f58a05120 + name: Manager Review + created: 2022-08-02T19:16:42.632Z + modified: null + description: A review of everyone's access by their manager. + deadlineDuration: P14D + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Manager Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Manager Review + description: Review everyone's access. + deadline: null + type: MANAGER + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + mandatoryCommentRequirement: NO_DECISIONS + - id: b7e6459eed5247ac8b98a5fed81fe27f + name: Reporting Access Review + created: 2022-07-28T19:19:40.035Z + modified: null + description: A review of everyone's access to the reporting system. + deadlineDuration: P14D + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Search Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: + type: ACCESS + description: Identities with reporting abilities + reviewerId: null + reviewer: null + query: '@access(name: ("reporter"))' + identityIds: null + accessConstraints: [] + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Search Campaign + description: Review everyone's access to the reporting system. + deadline: null + type: SEARCH + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + mandatoryCommentRequirement: NO_DECISIONS + - id: b9f41bc69e7a4291b9de0630396d030d + name: Campaign With Admin Role + created: 2022-08-02T13:40:36.857Z + modified: null + description: Campaign With Admin Role + deadlineDuration: null + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: null + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: + remediatorRef: + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + reviewerId: null + reviewer: null + roleIds: + - b15d609fc5c8434b865fe552315fda8f + query: null + description: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Campaign With Admin Role + description: Campaign With Admin Role + deadline: null + type: ROLE_COMPOSITION + status: null + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + mandatoryCommentRequirement: NO_DECISIONS + - id: b9f41bc69e7a4291b9de0630396d030d + name: AD Source Review + created: 2022-08-02T13:40:36.857Z + modified: null + description: A review of our AD source. + deadlineDuration: P1M + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Source Owner Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: + sourceIds: + - 2c918084707deba501709d45ce4e5569 + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: AD Source Review + description: Review everyone's access. + deadline: null + type: SOURCE_OWNER + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaign-templates/{id}': + patch: + operationId: patchCampaignTemplate + tags: + - Certification Campaigns + summary: Update a Campaign Template + description: | + Use this API to update individual fields on a certification campaign template, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign-template:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the campaign template being modified. + example: 2c9180835d191a86015d28455b4a2329 + requestBody: + required: true + description: | + A list of campaign update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + The following fields are patchable: + * name + * description + * deadlineDuration + * campaign (all fields that are allowed during create) + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /description + value: Updated description! + - op: replace + path: /campaign/filter/id + value: ff80818155fe8c080155fe8d925b0316 + responses: + '200': + description: 'This response indicates that the PATCH operation succeeded, and the API returns the template''s new representation.' + content: + application/json: + schema: + type: object + description: Campaign Template + properties: + id: + type: string + description: Id of the campaign template + example: 2c9079b270a266a60170a277bb960008 + name: + type: string + description: This template's name. Has no bearing on generated campaigns' names. + example: Manager Campaign Template + description: + type: string + description: This template's description. Has no bearing on generated campaigns' descriptions. + example: Template for the annual manager campaign. + created: + type: string + description: Creation date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:44:00.364Z' + modified: + type: string + description: Modification date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:52:09.969Z' + scheduled: + type: boolean + readOnly: true + description: Indicates if this campaign template has been scheduled. + example: false + default: false + ownerRef: + type: object + readOnly: true + description: 'The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.' + properties: + id: + type: string + description: Id of the owner + example: 2c918086676d3e0601677611dbde220f + type: + type: string + enum: + - IDENTITY + description: Type of the owner + example: IDENTITY + name: + type: string + description: Name of the owner + example: Mister Manager + email: + type: string + description: Email of the owner + example: mr.manager@example.com + deadlineDuration: + type: string + description: 'The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign''s deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was "P2W" (two weeks), the resulting campaign''s deadline would be 2020-01-15 (the current date plus 14 days).' + example: P2W + campaign: + type: object + description: 'This will hold campaign related information like name, description etc.' + title: Campaign + allOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + properties: + modified: + type: string + readOnly: true + format: date-time + description: Modified time of the campaign + example: '2020-03-03T22:20:12.674Z' + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + filter: + type: object + description: Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank. + properties: + id: + type: string + description: The ID of whatever type of filter is being used. + example: 0fbe863c063c4c88a35fd7f17e8a3df5 + type: + type: string + description: Type of the filter + enum: + - CAMPAIGN_FILTER + - RULE + example: CAMPAIGN_FILTER + name: + type: string + description: Name of the filter + example: Test Filter + sunsetCommentsRequired: + type: boolean + description: Determines if comments on sunset date changes are required. + default: true + example: true + sourceOwnerCampaignInfo: + type: object + description: Must be set only if the campaign type is SOURCE_OWNER. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + searchCampaignInfo: + type: object + description: Must be set only if the campaign type is SEARCH. + properties: + type: + type: string + description: The type of search campaign represented. + enum: + - IDENTITY + - ACCESS + example: ACCESS + description: + type: string + description: 'Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.' + example: Search Campaign description + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + query: + type: string + description: The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set. + example: Search Campaign query description + identityIds: + type: array + description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set. + items: + type: string + maxItems: 1000 + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + accessConstraints: + type: array + description: Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access. + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + description: Type of Access + example: ENTITLEMENT + ids: + description: Must be set only if operator is SELECTED. + type: array + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + operator: + type: string + enum: + - ALL + - SELECTED + description: Used to determine whether the scope of the campaign should be reduced for selected ids or all. + example: SELECTED + required: + - type + - operator + maxItems: 1000 + required: + - type + roleCompositionCampaignInfo: + type: object + description: Optional configuration options for role composition campaigns. + properties: + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + roleIds: + type: array + description: 'Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + remediatorRef: + type: object + description: 'This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is ''IDENTITY'', and the chosen identity must be a Role Admin or Org Admin.' + properties: + type: + type: string + enum: + - IDENTITY + description: Legal Remediator Type + example: IDENTITY + id: + type: string + description: The ID of the remediator. + example: 2c90ad2a70ace7d50170acf22ca90010 + name: + type: string + description: The name of the remediator. + readOnly: true + example: Role Admin + required: + - type + - id + query: + type: string + description: 'Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + example: Search Query + description: + type: string + description: 'Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.' + example: Role Composition Description + required: + - remediatorRef + sourcesWithOrphanEntitlements: + type: array + description: A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). + readOnly: true + items: + type: object + properties: + id: + type: string + description: Id of the source + example: 2c90ad2a70ace7d50170acf22ca90010 + type: + type: string + enum: + - SOURCE + description: Type + example: SOURCE + name: + type: string + description: Name of the source + example: Source with orphan entitlements + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + required: + - name + - description + - created + - modified + - campaign + examples: + Manager: + value: + id: e7dbec99d49349c8951bd84f58a05120 + name: Manager Review + created: 2022-08-02T19:16:42.632Z + modified: null + description: A review of everyone's access by their manager. + deadlineDuration: P14D + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Manager Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Manager Review + description: Review everyone's access. + deadline: null + type: MANAGER + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + Search: + value: + id: b7e6459eed5247ac8b98a5fed81fe27f + name: Reporting Access Review + created: 2022-07-28T19:19:40.035Z + modified: null + description: A review of everyone's access to the reporting system. + deadlineDuration: P14D + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Search Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: + type: ACCESS + description: Identities with reporting abilities + reviewerId: null + reviewer: null + query: '@access(name: ("reporter"))' + identityIds: null + accessConstraints: [] + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Search Campaign Review + description: Review everyone's access to the reporting system. + deadline: null + type: SEARCH + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + Source Owner: + value: + id: b9f41bc69e7a4291b9de0630396d030d + name: AD Source Review + created: 2022-08-02T13:40:36.857Z + modified: null + description: A review of our AD source. + deadlineDuration: P1M + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Source Owner Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: + sourceIds: + - 2c918084707deba501709d45ce4e5569 + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: AD Source Review + description: Review everyone's access. + deadline: null + type: SOURCE_OWNER + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + RoleComposition: + value: + id: b9f41bc69e7a4291b9de0630396d030d + name: Campaign With Admin Role + created: 2022-08-02T13:40:36.857Z + modified: null + description: Campaign With Admin Role + deadlineDuration: null + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: null + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: + remediatorRef: + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + reviewerId: null + reviewer: null + roleIds: + - b15d609fc5c8434b865fe552315fda8f + query: null + description: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Campaign With Admin Role + description: Campaign With Admin Role + deadline: null + type: ROLE_COMPOSITION + status: null + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: getCampaignTemplate + tags: + - Certification Campaigns + summary: Get a Campaign Template + description: | + Use this API to fetch a certification campaign template by ID. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign-template:read' + - 'idn:campaign-template:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Requested campaign template's ID. + example: 2c9180835d191a86015d28455b4a2329 + responses: + '200': + description: Data for the campaign matching the given ID. + content: + application/json: + schema: + type: object + description: Campaign Template + properties: + id: + type: string + description: Id of the campaign template + example: 2c9079b270a266a60170a277bb960008 + name: + type: string + description: This template's name. Has no bearing on generated campaigns' names. + example: Manager Campaign Template + description: + type: string + description: This template's description. Has no bearing on generated campaigns' descriptions. + example: Template for the annual manager campaign. + created: + type: string + description: Creation date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:44:00.364Z' + modified: + type: string + description: Modification date of Campaign Template + readOnly: true + format: date-time + example: '2020-03-05T22:52:09.969Z' + scheduled: + type: boolean + readOnly: true + description: Indicates if this campaign template has been scheduled. + example: false + default: false + ownerRef: + type: object + readOnly: true + description: 'The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.' + properties: + id: + type: string + description: Id of the owner + example: 2c918086676d3e0601677611dbde220f + type: + type: string + enum: + - IDENTITY + description: Type of the owner + example: IDENTITY + name: + type: string + description: Name of the owner + example: Mister Manager + email: + type: string + description: Email of the owner + example: mr.manager@example.com + deadlineDuration: + type: string + description: 'The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign''s deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was "P2W" (two weeks), the resulting campaign''s deadline would be 2020-01-15 (the current date plus 14 days).' + example: P2W + campaign: + type: object + description: 'This will hold campaign related information like name, description etc.' + title: Campaign + allOf: + - type: object + title: Slim Campaign + required: + - name + - description + - type + properties: + id: + type: string + readOnly: true + description: Id of the campaign + example: 2c9079b270a266a60170a2779fcb0007 + name: + description: 'The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + type: string + example: Manager Campaign + description: + type: string + description: 'The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.' + example: Everyone needs to be reviewed by their manager + deadline: + type: string + format: date-time + description: 'The campaign''s completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.' + example: '2020-03-15T10:00:01.456Z' + type: + type: string + description: The type of campaign. Could be extended in the future. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + emailNotificationEnabled: + type: boolean + description: Enables email notification for this campaign + default: false + example: false + autoRevokeAllowed: + type: boolean + description: Allows auto revoke for this campaign + default: false + example: false + recommendationsEnabled: + type: boolean + description: Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. + default: false + example: true + status: + type: string + description: The campaign's current status. + readOnly: true + enum: + - PENDING + - STAGED + - CANCELING + - ACTIVATING + - ACTIVE + - COMPLETING + - COMPLETED + - ERROR + - ARCHIVED + example: ACTIVE + correlatedStatus: + type: string + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + created: + type: string + readOnly: true + format: date-time + description: Created time of the campaign + example: '2020-03-03T22:15:13.611Z' + totalCertifications: + type: integer + format: int32 + description: The total number of certifications in this campaign. + readOnly: true + example: 100 + completedCertifications: + type: integer + format: int32 + description: The number of completed certifications in this campaign. + readOnly: true + example: 10 + alerts: + type: array + description: A list of errors and warnings that have accumulated. + readOnly: true + items: + type: object + properties: + level: + type: string + enum: + - ERROR + - WARN + - INFO + description: Denotes the level of the message + example: ERROR + localizations: + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + - type: object + properties: + modified: + type: string + readOnly: true + format: date-time + description: Modified time of the campaign + example: '2020-03-03T22:20:12.674Z' + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + filter: + type: object + description: Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank. + properties: + id: + type: string + description: The ID of whatever type of filter is being used. + example: 0fbe863c063c4c88a35fd7f17e8a3df5 + type: + type: string + description: Type of the filter + enum: + - CAMPAIGN_FILTER + - RULE + example: CAMPAIGN_FILTER + name: + type: string + description: Name of the filter + example: Test Filter + sunsetCommentsRequired: + type: boolean + description: Determines if comments on sunset date changes are required. + default: true + example: true + sourceOwnerCampaignInfo: + type: object + description: Must be set only if the campaign type is SOURCE_OWNER. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + searchCampaignInfo: + type: object + description: Must be set only if the campaign type is SEARCH. + properties: + type: + type: string + description: The type of search campaign represented. + enum: + - IDENTITY + - ACCESS + example: ACCESS + description: + type: string + description: 'Describes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.' + example: Search Campaign description + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + query: + type: string + description: The scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of `query` or `identityIds` must be set. + example: Search Campaign query description + identityIds: + type: array + description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set. + items: + type: string + maxItems: 1000 + example: + - 0fbe863c063c4c88a35fd7f17e8a3df5 + accessConstraints: + type: array + description: Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do not have this access. + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + description: Type of Access + example: ENTITLEMENT + ids: + description: Must be set only if operator is SELECTED. + type: array + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + operator: + type: string + enum: + - ALL + - SELECTED + description: Used to determine whether the scope of the campaign should be reduced for selected ids or all. + example: SELECTED + required: + - type + - operator + maxItems: 1000 + required: + - type + roleCompositionCampaignInfo: + type: object + description: Optional configuration options for role composition campaigns. + properties: + reviewer: + type: object + description: 'If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP.' + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The reviewer's name. + example: William Wilson + roleIds: + type: array + description: 'Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + remediatorRef: + type: object + description: 'This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is ''IDENTITY'', and the chosen identity must be a Role Admin or Org Admin.' + properties: + type: + type: string + enum: + - IDENTITY + description: Legal Remediator Type + example: IDENTITY + id: + type: string + description: The ID of the remediator. + example: 2c90ad2a70ace7d50170acf22ca90010 + name: + type: string + description: The name of the remediator. + readOnly: true + example: Role Admin + required: + - type + - id + query: + type: string + description: 'Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may be set; if neither are set, all roles are included.' + example: Search Query + description: + type: string + description: 'Describes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.' + example: Role Composition Description + required: + - remediatorRef + sourcesWithOrphanEntitlements: + type: array + description: A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). + readOnly: true + items: + type: object + properties: + id: + type: string + description: Id of the source + example: 2c90ad2a70ace7d50170acf22ca90010 + type: + type: string + enum: + - SOURCE + description: Type + example: SOURCE + name: + type: string + description: Name of the source + example: Source with orphan entitlements + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + required: + - name + - description + - created + - modified + - campaign + examples: + Manager: + value: + id: e7dbec99d49349c8951bd84f58a05120 + name: Manager Review + created: 2022-08-02T19:16:42.632Z + modified: null + description: A review of everyone's access by their manager. + deadlineDuration: P14D + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Manager Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Manager Review + description: Review everyone's access. + deadline: null + type: MANAGER + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + Search: + value: + id: b7e6459eed5247ac8b98a5fed81fe27f + name: Reporting Access Review + created: 2022-07-28T19:19:40.035Z + modified: null + description: A review of everyone's access to the reporting system. + deadlineDuration: P14D + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Search Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: + type: ACCESS + description: Identities with reporting abilities + reviewerId: null + reviewer: null + query: '@access(name: ("reporter"))' + identityIds: null + accessConstraints: [] + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Search Campaign Review + description: Review everyone's access to the reporting system. + deadline: null + type: SEARCH + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + Source Owner: + value: + id: b9f41bc69e7a4291b9de0630396d030d + name: AD Source Review + created: 2022-08-02T13:40:36.857Z + modified: null + description: A review of our AD source. + deadlineDuration: P1M + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: + type: CAMPAIGN_FILTER + id: e0adaae69852e8fe8b8a3d48e5ce757c + name: Test Source Owner Filter + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: + sourceIds: + - 2c918084707deba501709d45ce4e5569 + searchCampaignInfo: null + roleCompositionCampaignInfo: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: AD Source Review + description: Review everyone's access. + deadline: null + type: SOURCE_OWNER + status: null + emailNotificationEnabled: true + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + RoleComposition: + value: + id: b9f41bc69e7a4291b9de0630396d030d + name: Campaign With Admin Role + created: 2022-08-02T13:40:36.857Z + modified: null + description: Campaign With Admin Role + deadlineDuration: null + ownerRef: + email: support@testmail.identitysoon.com + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + scheduled: false + campaign: + created: null + modified: null + filter: null + sunsetCommentsRequired: true + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: + remediatorRef: + type: IDENTITY + id: 7ec252acbd4245548bc25df22348cb75 + name: SailPoint Support + reviewerId: null + reviewer: null + roleIds: + - b15d609fc5c8434b865fe552315fda8f + query: null + description: null + alerts: null + totalCertifications: null + completedCertifications: null + sourcesWithOrphanEntitlements: null + id: null + name: Campaign With Admin Role + description: Campaign With Admin Role + deadline: null + type: ROLE_COMPOSITION + status: null + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + correlatedStatus: CORRELATED + mandatoryCommentRequirement: NO_DECISIONS + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteCampaignTemplate + tags: + - Certification Campaigns + summary: Delete a Campaign Template + description: | + Use this API to delete a certification campaign template by ID. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:campaign-template:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the campaign template being deleted. + example: 2c9180835d191a86015d28455b4a2329 + responses: + '204': + description: The campaign template was successfully deleted. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaign-templates/{id}/schedule': + get: + operationId: getCampaignTemplateSchedule + tags: + - Certification Campaigns + summary: Get Campaign Template Schedule + description: | + Use this API to get the schedule for a certification campaign template. The API returns a 404 if there is no schedule set. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: [] + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the campaign template whose schedule is being fetched. + example: 04bedce387bd47b2ae1f86eb0bb36dee + responses: + '200': + description: 'Current schedule for the campaign template. See the [Set Campaign Template Schedule endpoint documentation](https://developer.sailpoint.com/docs/api/v3/set-campaign-template-schedule) for more examples.' + content: + application/json: + schema: + type: object + properties: + type: + type: string + description: 'Determines the overall schedule cadence. In general, all time period fields smaller than the chosen type can be configured. For example, a DAILY schedule can have ''hours'' set, but not ''days''; a WEEKLY schedule can have both ''hours'' and ''days'' set.' + enum: + - WEEKLY + - MONTHLY + - ANNUALLY + - CALENDAR + example: WEEKLY + months: + type: object + description: | + Specifies which months of a schedule are active. Only valid for ANNUALLY schedule types. Examples: + + On February and March: + * type LIST + * values "2", "3" + + Every 3 months, starting in January (quarterly): + * type LIST + * values "1" + * interval 3 + + Every two months between July and December: + * type RANGE + * values "7", "12" + * interval 2 + properties: + type: + type: string + description: Enum type to specify months value + enum: + - LIST + - RANGE + example: LIST + values: + type: array + description: Values of the months based on the enum type mentioned above + items: + type: string + example: + - '1' + interval: + type: integer + example: 2 + format: int64 + description: Interval between the cert generations + required: + - type + - values + days: + type: object + description: | + Specifies which day(s) a schedule is active for. This is required for all schedule types. + The "values" field holds different data depending on the type of schedule: + * WEEKLY: days of the week (1-7) + * MONTHLY: days of the month (1-31, L, L-1...) + * ANNUALLY: if the "months" field is also set: days of the month (1-31, L, L-1...); otherwise: ISO-8601 dates without year ("--12-31") + * CALENDAR: ISO-8601 dates ("2020-12-31") + + Note that CALENDAR only supports the LIST type, and ANNUALLY does not support the RANGE type when provided + with ISO-8601 dates without year. + + Examples: + + On Sundays: + * type LIST + * values "1" + + The second to last day of the month: + * type LIST + * values "L-1" + + From the 20th to the last day of the month: + * type RANGE + * values "20", "L" + + Every March 2nd: + * type LIST + * values "--03-02" + + On March 2nd, 2021: + * type: LIST + * values "2021-03-02" + properties: + type: + type: string + description: Enum type to specify days value + enum: + - LIST + - RANGE + example: LIST + values: + type: array + description: Values of the days based on the enum type mentioned above + items: + type: string + example: + - '1' + interval: + type: integer + example: 2 + format: int64 + description: Interval between the cert generations + required: + - type + - values + hours: + type: object + description: | + Specifies which hour(s) a schedule is active for. Examples: + + Every three hours starting from 8AM, inclusive: + * type LIST + * values "8" + * interval 3 + + During business hours: + * type RANGE + * values "9", "5" + + At 5AM, noon, and 5PM: + * type LIST + * values "5", "12", "17" + properties: + type: + type: string + description: Enum type to specify hours value + enum: + - LIST + - RANGE + example: LIST + values: + type: array + description: Values of the days based on the enum type mentioned above + items: + type: string + example: + - '1' + interval: + type: integer + format: int64 + example: 2 + description: Interval between the cert generations + required: + - type + - values + expiration: + type: string + format: date-time + description: Specifies the time after which this schedule will no longer occur. + example: '2022-09-19 13:55:26' + timeZoneId: + type: string + description: 'The time zone to use when running the schedule. For instance, if the schedule is scheduled to run at 1AM, and this field is set to "CST", the schedule will run at 1AM CST.' + example: CST + required: + - type + - hours + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: setCampaignTemplateSchedule + tags: + - Certification Campaigns + summary: Set Campaign Template Schedule + description: | + Use this API to set the schedule for a certification campaign template. If a schedule already exists, the API overwrites it with the new one. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: [] + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the campaign template being scheduled. + example: 04bedce387bd47b2ae1f86eb0bb36dee + requestBody: + content: + application/json: + schema: + type: object + properties: + type: + type: string + description: 'Determines the overall schedule cadence. In general, all time period fields smaller than the chosen type can be configured. For example, a DAILY schedule can have ''hours'' set, but not ''days''; a WEEKLY schedule can have both ''hours'' and ''days'' set.' + enum: + - WEEKLY + - MONTHLY + - ANNUALLY + - CALENDAR + example: WEEKLY + months: + type: object + description: | + Specifies which months of a schedule are active. Only valid for ANNUALLY schedule types. Examples: + + On February and March: + * type LIST + * values "2", "3" + + Every 3 months, starting in January (quarterly): + * type LIST + * values "1" + * interval 3 + + Every two months between July and December: + * type RANGE + * values "7", "12" + * interval 2 + properties: + type: + type: string + description: Enum type to specify months value + enum: + - LIST + - RANGE + example: LIST + values: + type: array + description: Values of the months based on the enum type mentioned above + items: + type: string + example: + - '1' + interval: + type: integer + example: 2 + format: int64 + description: Interval between the cert generations + required: + - type + - values + days: + type: object + description: | + Specifies which day(s) a schedule is active for. This is required for all schedule types. + The "values" field holds different data depending on the type of schedule: + * WEEKLY: days of the week (1-7) + * MONTHLY: days of the month (1-31, L, L-1...) + * ANNUALLY: if the "months" field is also set: days of the month (1-31, L, L-1...); otherwise: ISO-8601 dates without year ("--12-31") + * CALENDAR: ISO-8601 dates ("2020-12-31") + + Note that CALENDAR only supports the LIST type, and ANNUALLY does not support the RANGE type when provided + with ISO-8601 dates without year. + + Examples: + + On Sundays: + * type LIST + * values "1" + + The second to last day of the month: + * type LIST + * values "L-1" + + From the 20th to the last day of the month: + * type RANGE + * values "20", "L" + + Every March 2nd: + * type LIST + * values "--03-02" + + On March 2nd, 2021: + * type: LIST + * values "2021-03-02" + properties: + type: + type: string + description: Enum type to specify days value + enum: + - LIST + - RANGE + example: LIST + values: + type: array + description: Values of the days based on the enum type mentioned above + items: + type: string + example: + - '1' + interval: + type: integer + example: 2 + format: int64 + description: Interval between the cert generations + required: + - type + - values + hours: + type: object + description: | + Specifies which hour(s) a schedule is active for. Examples: + + Every three hours starting from 8AM, inclusive: + * type LIST + * values "8" + * interval 3 + + During business hours: + * type RANGE + * values "9", "5" + + At 5AM, noon, and 5PM: + * type LIST + * values "5", "12", "17" + properties: + type: + type: string + description: Enum type to specify hours value + enum: + - LIST + - RANGE + example: LIST + values: + type: array + description: Values of the days based on the enum type mentioned above + items: + type: string + example: + - '1' + interval: + type: integer + format: int64 + example: 2 + description: Interval between the cert generations + required: + - type + - values + expiration: + type: string + format: date-time + description: Specifies the time after which this schedule will no longer occur. + example: '2022-09-19 13:55:26' + timeZoneId: + type: string + description: 'The time zone to use when running the schedule. For instance, if the schedule is scheduled to run at 1AM, and this field is set to "CST", the schedule will run at 1AM CST.' + example: CST + required: + - type + - hours + examples: + Monthly: + description: 'Runs on the 15th and last day of the month, at 5PM.' + value: + type: MONTHLY + hours: + type: LIST + values: + - '17' + days: + type: LIST + values: + - '15' + Once a year: + description: Runs every January 1st at midnight. + value: + type: ANNUALLY + hours: + type: LIST + values: + - '0' + days: + type: LIST + values: + - '--01-01' + Quarterly: + description: Runs once a quarter (every 3 months) on the first of the month at 1AM. + value: + type: ANNUALLY + hours: + type: LIST + values: + - '1' + days: + type: LIST + values: + - '1' + months: + type: LIST + values: + - '1' + interval: 3 + Yearly on Specific Days: + description: 'Runs on March 12 and December 5 at 1AM, every year.' + value: + type: ANNUALLY + hours: + type: LIST + values: + - '1' + days: + type: LIST + values: + - '--03-12' + - '--12-05' + On a Specific Date: + description: 'Runs at 1AM on February 18th, 2020' + value: + type: CALENDAR + hours: + type: LIST + values: + - '1' + days: + type: LIST + values: + - '2020-02-18' + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteCampaignTemplateSchedule + tags: + - Certification Campaigns + summary: Delete Campaign Template Schedule + description: | + Use this API to delete the schedule for a certification campaign template. The API returns a 404 if there is no schedule set. + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + security: + - UserContextAuth: [] + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the campaign template whose schedule is being deleted. + example: 04bedce387bd47b2ae1f86eb0bb36dee + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/campaign-templates/{id}/generate': + post: + operationId: startGenerateCampaignTemplate + tags: + - Certification Campaigns + summary: Generate a Campaign from Template + security: + - UserContextAuth: + - 'idn:campaign-template:manage' + description: | + Use this API to generate a new certification campaign from a campaign template. + + The campaign object contained in the template has special formatting applied to its name and description + fields that determine the generated campaign's name/description. Placeholders in those fields are + formatted with the current date and time upon generation. + + Placeholders consist of a percent sign followed by a letter indicating what should be inserted. For + example, "%Y" inserts the current year, and a campaign template named "Campaign for %y" generates a + campaign called "Campaign for 2020" (assuming the year at generation time is 2020). + + Valid placeholders are the date/time conversion suffix characters supported by [java.util.Formatter](https://docs.oracle.com/javase/8/docs/api/java/util/Formatter.html). + + A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the campaign template to use for generation. + example: 2c9180835d191a86015d28455b4a2329 + responses: + '200': + description: 'This response indicates that a campaign was successfully generated from this template, and the API returns a reference to the new campaign.' + content: + application/json: + schema: + type: object + required: + - id + - name + - type + - campaignType + - description + - correlatedStatus + - mandatoryCommentRequirement + properties: + id: + type: string + description: The unique ID of the campaign. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the campaign. + example: Campaign Name + type: + type: string + enum: + - CAMPAIGN + description: The type of object that is being referenced. + example: CAMPAIGN + campaignType: + type: string + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + description: The type of the campaign. + example: MANAGER + description: + type: string + description: The description of the campaign set by the admin who created it. + nullable: true + example: A description of the campaign + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /certifications: + get: + operationId: listIdentityCertifications + tags: + - Certifications + summary: List Identity Campaign Certifications + description: 'Use this API to get a list of identity campaign certifications for the specified query parameters. Any authenticated token can call this API, but only certifications you are authorized to review will be returned. This API does not support requests for certifications assigned to governance groups.' + parameters: + - in: query + name: reviewer-identity + schema: + type: string + example: me + description: Reviewer's identity. *me* indicates the current user. + required: false + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + required: false + schema: + type: string + example: id eq "ef38f94347e94562b5bb8424a56397d8" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **campaign.id**: *eq, in* + + **phase**: *eq* + + **completed**: *eq, ne* + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'name,due' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, due, signed** + responses: + '200': + description: List of identity campaign certifications. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + example: 2c9180835d2e5168015d32f890ca1581 + type: string + description: id of the certification + name: + example: 'Source Owner Access Review for Employees [source]' + type: string + description: name of the certification + campaign: + type: object + required: + - id + - name + - type + - campaignType + - description + - correlatedStatus + - mandatoryCommentRequirement + properties: + id: + type: string + description: The unique ID of the campaign. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the campaign. + example: Campaign Name + type: + type: string + enum: + - CAMPAIGN + description: The type of object that is being referenced. + example: CAMPAIGN + campaignType: + type: string + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + description: The type of the campaign. + example: MANAGER + description: + type: string + description: The description of the campaign set by the admin who created it. + nullable: true + example: A description of the campaign + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + completed: + type: boolean + description: Have all decisions been made? + example: true + identitiesCompleted: + type: integer + description: The number of identities for whom all decisions have been made and are complete. + example: 5 + format: int32 + identitiesTotal: + type: integer + description: 'The total number of identities in the Certification, both complete and incomplete.' + example: 10 + format: int32 + created: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: created date + modified: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: modified date + decisionsMade: + type: integer + description: The number of approve/revoke/acknowledge decisions that have been made. + example: 20 + format: int32 + decisionsTotal: + type: integer + description: The total number of approve/revoke/acknowledge decisions. + example: 40 + format: int32 + due: + type: string + format: date-time + description: The due date of the certification. + example: '2018-10-19T13:49:37.385Z' + signed: + type: string + format: date-time + nullable: true + description: The date the reviewer signed off on the Certification. + example: '2018-10-19T13:49:37.385Z' + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + reassignment: + type: object + nullable: true + properties: + from: + type: object + properties: + id: + type: string + description: The id of the certification. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the certification. + example: Certification Name + type: + type: string + enum: + - CERTIFICATION + example: CERTIFICATION + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + comment: + type: string + description: The comment entered when the Certification was reassigned + example: Reassigned for a reason + hasErrors: + description: Identifies if the certification has an error + type: boolean + example: false + errorMessage: + description: Description of the certification error + nullable: true + type: string + example: The certification has an error + phase: + type: string + description: | + The current phase of the campaign. + * `STAGED`: The campaign is waiting to be activated. + * `ACTIVE`: The campaign is active. + * `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete. + enum: + - STAGED + - ACTIVE + - SIGNED + example: ACTIVE + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}': + get: + operationId: getIdentityCertification + tags: + - Certifications + summary: Identity Certification by ID + description: This API returns a single identity campaign certification by its ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The certification id + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: An identity campaign certification object + content: + application/json: + schema: + type: object + properties: + id: + example: 2c9180835d2e5168015d32f890ca1581 + type: string + description: id of the certification + name: + example: 'Source Owner Access Review for Employees [source]' + type: string + description: name of the certification + campaign: + type: object + required: + - id + - name + - type + - campaignType + - description + - correlatedStatus + - mandatoryCommentRequirement + properties: + id: + type: string + description: The unique ID of the campaign. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the campaign. + example: Campaign Name + type: + type: string + enum: + - CAMPAIGN + description: The type of object that is being referenced. + example: CAMPAIGN + campaignType: + type: string + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + description: The type of the campaign. + example: MANAGER + description: + type: string + description: The description of the campaign set by the admin who created it. + nullable: true + example: A description of the campaign + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + completed: + type: boolean + description: Have all decisions been made? + example: true + identitiesCompleted: + type: integer + description: The number of identities for whom all decisions have been made and are complete. + example: 5 + format: int32 + identitiesTotal: + type: integer + description: 'The total number of identities in the Certification, both complete and incomplete.' + example: 10 + format: int32 + created: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: created date + modified: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: modified date + decisionsMade: + type: integer + description: The number of approve/revoke/acknowledge decisions that have been made. + example: 20 + format: int32 + decisionsTotal: + type: integer + description: The total number of approve/revoke/acknowledge decisions. + example: 40 + format: int32 + due: + type: string + format: date-time + description: The due date of the certification. + example: '2018-10-19T13:49:37.385Z' + signed: + type: string + format: date-time + nullable: true + description: The date the reviewer signed off on the Certification. + example: '2018-10-19T13:49:37.385Z' + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + reassignment: + type: object + nullable: true + properties: + from: + type: object + properties: + id: + type: string + description: The id of the certification. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the certification. + example: Certification Name + type: + type: string + enum: + - CERTIFICATION + example: CERTIFICATION + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + comment: + type: string + description: The comment entered when the Certification was reassigned + example: Reassigned for a reason + hasErrors: + description: Identifies if the certification has an error + type: boolean + example: false + errorMessage: + description: Description of the certification error + nullable: true + type: string + example: The certification has an error + phase: + type: string + description: | + The current phase of the campaign. + * `STAGED`: The campaign is waiting to be activated. + * `ACTIVE`: The campaign is active. + * `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete. + enum: + - STAGED + - ACTIVE + - SIGNED + example: ACTIVE + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/access-review-items': + get: + operationId: listIdentityAccessReviewItems + tags: + - Certifications + summary: List of Access Review Items + description: This API returns a list of access review items for an identity campaign certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity campaign certification ID + example: ef38f94347e94562b5bb8424a56397d8 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + required: false + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **type**: *eq* + + **access.type**: *eq* + + **completed**: *eq, ne* + + **identitySummary.id**: *eq, in* + + **identitySummary.name**: *eq, sw* + + **access.id**: *eq, in* + + **access.name**: *eq, sw* + + **entitlement.sourceName**: *eq, sw* + + **accessProfile.sourceName**: *eq, sw* + example: id eq "ef38f94347e94562b5bb8424a56397d8" + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'access.name,-accessProfile.sourceName' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName** + - in: query + name: entitlements + required: false + schema: + type: string + example: identityEntitlement + description: |- + Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs. + + An error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time. + - in: query + name: access-profiles + required: false + schema: + type: string + example: accessProfile1 + description: |- + Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs. + + An error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time. + - in: query + name: roles + required: false + schema: + type: string + example: userRole + description: |- + Filter results to view access review items that pertain to any of the specified comma-separated role IDs. + + An error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time. + responses: + '200': + description: A list of access review items + content: + application/json: + schema: + type: array + items: + type: object + properties: + accessSummary: + type: object + description: An object holding the access that is being reviewed + properties: + access: + type: object + properties: + type: + description: The type of item being certified + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + example: IDENTITY + id: + type: string + description: The ID of the item being certified + example: 2c9180867160846801719932c5153fb7 + name: + type: string + description: The name of the item being certified + example: Entitlement for Company Database + entitlement: + type: object + nullable: true + properties: + id: + type: string + description: The id for the entitlement + example: 2c918085718230600171993742c63558 + name: + type: string + description: The name of the entitlement + example: CN=entitlement.bbb7c650 + description: + nullable: true + type: string + description: Information about the entitlement + example: Gives read/write access to the company database + privileged: + type: boolean + example: false + default: false + description: Indicates if the entitlement is a privileged entitlement + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + attributeName: + type: string + description: The name of the attribute on the source + example: memberOf + attributeValue: + type: string + description: The value of the attribute on the source + example: CN=entitlement.bbb7c650 + sourceSchemaObjectType: + type: string + description: The schema object type on the source used to represent the entitlement and its attributes + example: groups + sourceName: + type: string + description: The name of the source for which this entitlement belongs + example: ODS-AD-Source + sourceType: + type: string + description: The type of the source for which the entitlement belongs + example: Active Directory - Direct + sourceId: + type: string + description: The ID of the source for which the entitlement belongs + example: 78ca6be511cb41fbb86dba2fcca7780c + hasPermissions: + type: boolean + default: false + description: Indicates if the entitlement has permissions + example: false + isPermission: + type: boolean + default: false + description: Indicates if the entitlement is a representation of an account permission + example: false + revocable: + type: boolean + default: false + description: Indicates whether the entitlement can be revoked + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: false + containsDataAccess: + type: boolean + description: True if the entitlement has DAS data + default: false + example: true + dataAccess: + type: object + description: DAS data for the entitlement + nullable: true + properties: + policies: + type: array + description: List of classification policies that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the policy + example: GDPR-20 + categories: + type: array + description: List of classification categories that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the category + example: email-7 + matchCount: + type: integer + description: Number of matched for each category + example: 10 + impactScore: + type: object + properties: + value: + type: string + description: Impact Score for this data + example: Medium + account: + type: object + nullable: true + description: Information about the status of the entitlement + properties: + nativeIdentity: + type: string + description: The native identity for this account + example: CN=Alison Ferguso + disabled: + type: boolean + default: false + example: false + description: Indicates whether this account is currently disabled + locked: + type: boolean + default: false + example: false + description: Indicates whether this account is currently locked + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + nullable: true + type: string + description: The id associated with the account + example: 2c9180857182305e0171993737eb29e6 + name: + nullable: true + type: string + description: The account name + example: Alison Ferguso + created: + nullable: true + type: string + format: date-time + description: When the account was created + example: '2020-04-20T20:11:05.067Z' + modified: + nullable: true + type: string + format: date-time + description: When the account was last modified + example: '2020-05-20T18:57:16.987Z' + activityInsights: + type: object + description: Insights into account activity + properties: + accountID: + type: string + description: UUID of the account + example: c4ddd5421d8549f0abd309162cafd3b1 + usageDays: + type: integer + format: int32 + minimum: 0 + maximum: 90 + description: The number of days of activity + example: 45 + usageDaysState: + type: string + enum: + - COMPLETE + - UNKNOWN + description: Status indicating if the activity is complete or unknown + example: COMPLETE + accessProfile: + type: object + properties: + id: + type: string + description: The id of the Access Profile + example: 2c91808a7190d06e01719938fcd20792 + name: + type: string + description: Name of the Access Profile + example: Employee-database-read-write + description: + type: string + description: Information about the Access Profile + example: Collection of entitlements to read/write the employee database + privileged: + type: boolean + description: Indicates if the entitlement is a privileged entitlement + example: false + cloudGoverned: + type: boolean + description: True if the entitlement is cloud governed + example: false + endDate: + nullable: true + type: string + format: date-time + description: The date at which a user's access expires + example: '2021-12-25T00:00:00.000Z' + owner: + description: Owner of the Access Profile + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + entitlements: + type: array + description: A list of entitlements associated with this Access Profile + items: + type: object + nullable: true + properties: + id: + type: string + description: The id for the entitlement + example: 2c918085718230600171993742c63558 + name: + type: string + description: The name of the entitlement + example: CN=entitlement.bbb7c650 + description: + nullable: true + type: string + description: Information about the entitlement + example: Gives read/write access to the company database + privileged: + type: boolean + example: false + default: false + description: Indicates if the entitlement is a privileged entitlement + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + attributeName: + type: string + description: The name of the attribute on the source + example: memberOf + attributeValue: + type: string + description: The value of the attribute on the source + example: CN=entitlement.bbb7c650 + sourceSchemaObjectType: + type: string + description: The schema object type on the source used to represent the entitlement and its attributes + example: groups + sourceName: + type: string + description: The name of the source for which this entitlement belongs + example: ODS-AD-Source + sourceType: + type: string + description: The type of the source for which the entitlement belongs + example: Active Directory - Direct + sourceId: + type: string + description: The ID of the source for which the entitlement belongs + example: 78ca6be511cb41fbb86dba2fcca7780c + hasPermissions: + type: boolean + default: false + description: Indicates if the entitlement has permissions + example: false + isPermission: + type: boolean + default: false + description: Indicates if the entitlement is a representation of an account permission + example: false + revocable: + type: boolean + default: false + description: Indicates whether the entitlement can be revoked + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: false + containsDataAccess: + type: boolean + description: True if the entitlement has DAS data + default: false + example: true + dataAccess: + type: object + description: DAS data for the entitlement + nullable: true + properties: + policies: + type: array + description: List of classification policies that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the policy + example: GDPR-20 + categories: + type: array + description: List of classification categories that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the category + example: email-7 + matchCount: + type: integer + description: Number of matched for each category + example: 10 + impactScore: + type: object + properties: + value: + type: string + description: Impact Score for this data + example: Medium + account: + type: object + nullable: true + description: Information about the status of the entitlement + properties: + nativeIdentity: + type: string + description: The native identity for this account + example: CN=Alison Ferguso + disabled: + type: boolean + default: false + example: false + description: Indicates whether this account is currently disabled + locked: + type: boolean + default: false + example: false + description: Indicates whether this account is currently locked + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + nullable: true + type: string + description: The id associated with the account + example: 2c9180857182305e0171993737eb29e6 + name: + nullable: true + type: string + description: The account name + example: Alison Ferguso + created: + nullable: true + type: string + format: date-time + description: When the account was created + example: '2020-04-20T20:11:05.067Z' + modified: + nullable: true + type: string + format: date-time + description: When the account was last modified + example: '2020-05-20T18:57:16.987Z' + activityInsights: + type: object + description: Insights into account activity + properties: + accountID: + type: string + description: UUID of the account + example: c4ddd5421d8549f0abd309162cafd3b1 + usageDays: + type: integer + format: int32 + minimum: 0 + maximum: 90 + description: The number of days of activity + example: 45 + usageDaysState: + type: string + enum: + - COMPLETE + - UNKNOWN + description: Status indicating if the activity is complete or unknown + example: COMPLETE + created: + type: string + description: Date the Access Profile was created. + format: date-time + example: '2021-01-01T22:32:58.104Z' + modified: + type: string + description: Date the Access Profile was last modified. + format: date-time + example: '2021-02-01T22:32:58.104Z' + role: + type: object + nullable: true + properties: + id: + type: string + description: The id for the Role + example: 2c91808a7190d06e0171993907fd0794 + name: + type: string + description: The name of the Role + example: Accounting-Employees + description: + type: string + description: Information about the Role + example: Role for members of the accounting department with the necessary Access Profiles + privileged: + type: boolean + description: Indicates if the entitlement is a privileged entitlement + example: false + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + revocable: + type: boolean + description: Indicates whether the Role can be revoked or requested + example: false + endDate: + type: string + format: date-time + description: The date when a user's access expires. + example: '2021-12-25T00:00:00.000Z' + accessProfiles: + type: array + description: The list of Access Profiles associated with this Role + items: + type: object + properties: + id: + type: string + description: The id of the Access Profile + example: 2c91808a7190d06e01719938fcd20792 + name: + type: string + description: Name of the Access Profile + example: Employee-database-read-write + description: + type: string + description: Information about the Access Profile + example: Collection of entitlements to read/write the employee database + privileged: + type: boolean + description: Indicates if the entitlement is a privileged entitlement + example: false + cloudGoverned: + type: boolean + description: True if the entitlement is cloud governed + example: false + endDate: + nullable: true + type: string + format: date-time + description: The date at which a user's access expires + example: '2021-12-25T00:00:00.000Z' + owner: + description: Owner of the Access Profile + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + entitlements: + type: array + description: A list of entitlements associated with this Access Profile + items: + type: object + nullable: true + properties: + id: + type: string + description: The id for the entitlement + example: 2c918085718230600171993742c63558 + name: + type: string + description: The name of the entitlement + example: CN=entitlement.bbb7c650 + description: + nullable: true + type: string + description: Information about the entitlement + example: Gives read/write access to the company database + privileged: + type: boolean + example: false + default: false + description: Indicates if the entitlement is a privileged entitlement + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + attributeName: + type: string + description: The name of the attribute on the source + example: memberOf + attributeValue: + type: string + description: The value of the attribute on the source + example: CN=entitlement.bbb7c650 + sourceSchemaObjectType: + type: string + description: The schema object type on the source used to represent the entitlement and its attributes + example: groups + sourceName: + type: string + description: The name of the source for which this entitlement belongs + example: ODS-AD-Source + sourceType: + type: string + description: The type of the source for which the entitlement belongs + example: Active Directory - Direct + sourceId: + type: string + description: The ID of the source for which the entitlement belongs + example: 78ca6be511cb41fbb86dba2fcca7780c + hasPermissions: + type: boolean + default: false + description: Indicates if the entitlement has permissions + example: false + isPermission: + type: boolean + default: false + description: Indicates if the entitlement is a representation of an account permission + example: false + revocable: + type: boolean + default: false + description: Indicates whether the entitlement can be revoked + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: false + containsDataAccess: + type: boolean + description: True if the entitlement has DAS data + default: false + example: true + dataAccess: + type: object + description: DAS data for the entitlement + nullable: true + properties: + policies: + type: array + description: List of classification policies that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the policy + example: GDPR-20 + categories: + type: array + description: List of classification categories that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the category + example: email-7 + matchCount: + type: integer + description: Number of matched for each category + example: 10 + impactScore: + type: object + properties: + value: + type: string + description: Impact Score for this data + example: Medium + account: + type: object + nullable: true + description: Information about the status of the entitlement + properties: + nativeIdentity: + type: string + description: The native identity for this account + example: CN=Alison Ferguso + disabled: + type: boolean + default: false + example: false + description: Indicates whether this account is currently disabled + locked: + type: boolean + default: false + example: false + description: Indicates whether this account is currently locked + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + nullable: true + type: string + description: The id associated with the account + example: 2c9180857182305e0171993737eb29e6 + name: + nullable: true + type: string + description: The account name + example: Alison Ferguso + created: + nullable: true + type: string + format: date-time + description: When the account was created + example: '2020-04-20T20:11:05.067Z' + modified: + nullable: true + type: string + format: date-time + description: When the account was last modified + example: '2020-05-20T18:57:16.987Z' + activityInsights: + type: object + description: Insights into account activity + properties: + accountID: + type: string + description: UUID of the account + example: c4ddd5421d8549f0abd309162cafd3b1 + usageDays: + type: integer + format: int32 + minimum: 0 + maximum: 90 + description: The number of days of activity + example: 45 + usageDaysState: + type: string + enum: + - COMPLETE + - UNKNOWN + description: Status indicating if the activity is complete or unknown + example: COMPLETE + created: + type: string + description: Date the Access Profile was created. + format: date-time + example: '2021-01-01T22:32:58.104Z' + modified: + type: string + description: Date the Access Profile was last modified. + format: date-time + example: '2021-02-01T22:32:58.104Z' + entitlements: + type: array + description: The list of entitlements associated with this Role + items: + type: object + nullable: true + properties: + id: + type: string + description: The id for the entitlement + example: 2c918085718230600171993742c63558 + name: + type: string + description: The name of the entitlement + example: CN=entitlement.bbb7c650 + description: + nullable: true + type: string + description: Information about the entitlement + example: Gives read/write access to the company database + privileged: + type: boolean + example: false + default: false + description: Indicates if the entitlement is a privileged entitlement + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + attributeName: + type: string + description: The name of the attribute on the source + example: memberOf + attributeValue: + type: string + description: The value of the attribute on the source + example: CN=entitlement.bbb7c650 + sourceSchemaObjectType: + type: string + description: The schema object type on the source used to represent the entitlement and its attributes + example: groups + sourceName: + type: string + description: The name of the source for which this entitlement belongs + example: ODS-AD-Source + sourceType: + type: string + description: The type of the source for which the entitlement belongs + example: Active Directory - Direct + sourceId: + type: string + description: The ID of the source for which the entitlement belongs + example: 78ca6be511cb41fbb86dba2fcca7780c + hasPermissions: + type: boolean + default: false + description: Indicates if the entitlement has permissions + example: false + isPermission: + type: boolean + default: false + description: Indicates if the entitlement is a representation of an account permission + example: false + revocable: + type: boolean + default: false + description: Indicates whether the entitlement can be revoked + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: false + containsDataAccess: + type: boolean + description: True if the entitlement has DAS data + default: false + example: true + dataAccess: + type: object + description: DAS data for the entitlement + nullable: true + properties: + policies: + type: array + description: List of classification policies that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the policy + example: GDPR-20 + categories: + type: array + description: List of classification categories that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the category + example: email-7 + matchCount: + type: integer + description: Number of matched for each category + example: 10 + impactScore: + type: object + properties: + value: + type: string + description: Impact Score for this data + example: Medium + account: + type: object + nullable: true + description: Information about the status of the entitlement + properties: + nativeIdentity: + type: string + description: The native identity for this account + example: CN=Alison Ferguso + disabled: + type: boolean + default: false + example: false + description: Indicates whether this account is currently disabled + locked: + type: boolean + default: false + example: false + description: Indicates whether this account is currently locked + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + nullable: true + type: string + description: The id associated with the account + example: 2c9180857182305e0171993737eb29e6 + name: + nullable: true + type: string + description: The account name + example: Alison Ferguso + created: + nullable: true + type: string + format: date-time + description: When the account was created + example: '2020-04-20T20:11:05.067Z' + modified: + nullable: true + type: string + format: date-time + description: When the account was last modified + example: '2020-05-20T18:57:16.987Z' + activityInsights: + type: object + description: Insights into account activity + properties: + accountID: + type: string + description: UUID of the account + example: c4ddd5421d8549f0abd309162cafd3b1 + usageDays: + type: integer + format: int32 + minimum: 0 + maximum: 90 + description: The number of days of activity + example: 45 + usageDaysState: + type: string + enum: + - COMPLETE + - UNKNOWN + description: Status indicating if the activity is complete or unknown + example: COMPLETE + identitySummary: + type: object + properties: + id: + type: string + description: The ID of the identity summary + example: 2c91808772a504f50172a9540e501ba7 + name: + type: string + description: Name of the linked identity + example: Alison Ferguso + identityId: + type: string + description: The ID of the identity being certified + example: 2c9180857182306001719937377a33de + completed: + type: boolean + description: Indicates whether the review items for the linked identity's certification have been completed + example: true + id: + type: string + description: The review item's id + example: ef38f94347e94562b5bb8424a56397d8 + completed: + type: boolean + description: Whether the review item is complete + example: false + newAccess: + type: boolean + description: Indicates whether the review item is for new access to a source + example: false + decision: + type: string + description: The decision to approve or revoke the review item + enum: + - APPROVE + - REVOKE + example: APPROVE + comments: + nullable: true + type: string + description: Comments for this review item + example: This user still needs access to this source + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/decide': + post: + operationId: makeIdentityDecision + tags: + - Certifications + summary: Decide on a Certification Item + description: The API makes a decision to approve or revoke one or more identity campaign certification items. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the identity campaign certification on which to make decisions + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + description: A non-empty array of decisions to be made. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The id of the review decision + example: ef38f94347e94562b5bb8424a56397d8 + decision: + type: string + description: The decision to approve or revoke the review item + enum: + - APPROVE + - REVOKE + example: APPROVE + proposedEndDate: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: The date at which a user's access should be taken away. Should only be set for `REVOKE` decisions. + bulk: + type: boolean + description: Indicates whether decision should be marked as part of a larger bulk decision + example: true + recommendation: + nullable: true + type: object + properties: + recommendation: + type: string + description: The recommendation from IAI at the time of the decision. This field will be null if no recommendation was made. + example: null + nullable: true + reasons: + type: array + items: + type: string + description: A list of reasons for the recommendation. + example: + - Reason 1 + - Reason 2 + timestamp: + type: string + format: date-time + description: The time at which the recommendation was recorded. + example: '2020-06-01T13:49:37.385Z' + comments: + type: string + description: Comments recorded when the decision was made + example: This user no longer needs access to this source + required: + - id + - decision + - bulk + minItems: 1 + maxItems: 250 + example: + - id: ef38f94347e94562b5bb8424a56396b5 + decision: APPROVE + bulk: true + comments: This user still needs access to this source. + - id: ef38f94347e94562b5bb8424a56397d8 + decision: APPROVE + bulk: true + comments: This user still needs access to this source too. + responses: + '200': + description: An identity campaign certification object + content: + application/json: + schema: + type: object + properties: + id: + example: 2c9180835d2e5168015d32f890ca1581 + type: string + description: id of the certification + name: + example: 'Source Owner Access Review for Employees [source]' + type: string + description: name of the certification + campaign: + type: object + required: + - id + - name + - type + - campaignType + - description + - correlatedStatus + - mandatoryCommentRequirement + properties: + id: + type: string + description: The unique ID of the campaign. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the campaign. + example: Campaign Name + type: + type: string + enum: + - CAMPAIGN + description: The type of object that is being referenced. + example: CAMPAIGN + campaignType: + type: string + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + description: The type of the campaign. + example: MANAGER + description: + type: string + description: The description of the campaign set by the admin who created it. + nullable: true + example: A description of the campaign + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + completed: + type: boolean + description: Have all decisions been made? + example: true + identitiesCompleted: + type: integer + description: The number of identities for whom all decisions have been made and are complete. + example: 5 + format: int32 + identitiesTotal: + type: integer + description: 'The total number of identities in the Certification, both complete and incomplete.' + example: 10 + format: int32 + created: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: created date + modified: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: modified date + decisionsMade: + type: integer + description: The number of approve/revoke/acknowledge decisions that have been made. + example: 20 + format: int32 + decisionsTotal: + type: integer + description: The total number of approve/revoke/acknowledge decisions. + example: 40 + format: int32 + due: + type: string + format: date-time + description: The due date of the certification. + example: '2018-10-19T13:49:37.385Z' + signed: + type: string + format: date-time + nullable: true + description: The date the reviewer signed off on the Certification. + example: '2018-10-19T13:49:37.385Z' + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + reassignment: + type: object + nullable: true + properties: + from: + type: object + properties: + id: + type: string + description: The id of the certification. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the certification. + example: Certification Name + type: + type: string + enum: + - CERTIFICATION + example: CERTIFICATION + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + comment: + type: string + description: The comment entered when the Certification was reassigned + example: Reassigned for a reason + hasErrors: + description: Identifies if the certification has an error + type: boolean + example: false + errorMessage: + description: Description of the certification error + nullable: true + type: string + example: The certification has an error + phase: + type: string + description: | + The current phase of the campaign. + * `STAGED`: The campaign is waiting to be activated. + * `ACTIVE`: The campaign is active. + * `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete. + enum: + - STAGED + - ACTIVE + - SIGNED + example: ACTIVE + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/reassign': + post: + operationId: reassignIdentityCertifications + tags: + - Certifications + summary: Reassign Identities or Items + description: This API reassigns up to 50 identities or items in an identity campaign certification to another reviewer. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity campaign certification ID + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + reassign: + type: array + items: + type: object + properties: + id: + type: string + description: The ID of item or identity being reassigned. + example: ef38f94347e94562b5bb8424a56397d8 + type: + type: string + description: The type of item or identity being reassigned. + enum: + - TARGET_SUMMARY + - ITEM + - IDENTITY_SUMMARY + example: ITEM + required: + - id + - type + reassignTo: + type: string + description: The ID of the identity to which the certification is reassigned + example: ef38f94347e94562b5bb8424a56397d8 + reason: + type: string + description: The reason comment for why the reassign was made + example: reassigned for some reason + required: + - reassign + - reassignTo + - reason + responses: + '200': + description: An identity campaign certification details after completing the reassignment. + content: + application/json: + schema: + type: object + properties: + id: + example: 2c9180835d2e5168015d32f890ca1581 + type: string + description: id of the certification + name: + example: 'Source Owner Access Review for Employees [source]' + type: string + description: name of the certification + campaign: + type: object + required: + - id + - name + - type + - campaignType + - description + - correlatedStatus + - mandatoryCommentRequirement + properties: + id: + type: string + description: The unique ID of the campaign. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the campaign. + example: Campaign Name + type: + type: string + enum: + - CAMPAIGN + description: The type of object that is being referenced. + example: CAMPAIGN + campaignType: + type: string + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + description: The type of the campaign. + example: MANAGER + description: + type: string + description: The description of the campaign set by the admin who created it. + nullable: true + example: A description of the campaign + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + completed: + type: boolean + description: Have all decisions been made? + example: true + identitiesCompleted: + type: integer + description: The number of identities for whom all decisions have been made and are complete. + example: 5 + format: int32 + identitiesTotal: + type: integer + description: 'The total number of identities in the Certification, both complete and incomplete.' + example: 10 + format: int32 + created: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: created date + modified: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: modified date + decisionsMade: + type: integer + description: The number of approve/revoke/acknowledge decisions that have been made. + example: 20 + format: int32 + decisionsTotal: + type: integer + description: The total number of approve/revoke/acknowledge decisions. + example: 40 + format: int32 + due: + type: string + format: date-time + description: The due date of the certification. + example: '2018-10-19T13:49:37.385Z' + signed: + type: string + format: date-time + nullable: true + description: The date the reviewer signed off on the Certification. + example: '2018-10-19T13:49:37.385Z' + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + reassignment: + type: object + nullable: true + properties: + from: + type: object + properties: + id: + type: string + description: The id of the certification. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the certification. + example: Certification Name + type: + type: string + enum: + - CERTIFICATION + example: CERTIFICATION + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + comment: + type: string + description: The comment entered when the Certification was reassigned + example: Reassigned for a reason + hasErrors: + description: Identifies if the certification has an error + type: boolean + example: false + errorMessage: + description: Description of the certification error + nullable: true + type: string + example: The certification has an error + phase: + type: string + description: | + The current phase of the campaign. + * `STAGED`: The campaign is waiting to be activated. + * `ACTIVE`: The campaign is active. + * `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete. + enum: + - STAGED + - ACTIVE + - SIGNED + example: ACTIVE + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/sign-off': + post: + operationId: signOffIdentityCertification + tags: + - Certifications + summary: Finalize Identity Certification Decisions + description: This API finalizes all decisions made on an identity campaign certification and initiates any remediations required. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity campaign certification ID + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: An identity campaign certification object + content: + application/json: + schema: + type: object + properties: + id: + example: 2c9180835d2e5168015d32f890ca1581 + type: string + description: id of the certification + name: + example: 'Source Owner Access Review for Employees [source]' + type: string + description: name of the certification + campaign: + type: object + required: + - id + - name + - type + - campaignType + - description + - correlatedStatus + - mandatoryCommentRequirement + properties: + id: + type: string + description: The unique ID of the campaign. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the campaign. + example: Campaign Name + type: + type: string + enum: + - CAMPAIGN + description: The type of object that is being referenced. + example: CAMPAIGN + campaignType: + type: string + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + description: The type of the campaign. + example: MANAGER + description: + type: string + description: The description of the campaign set by the admin who created it. + nullable: true + example: A description of the campaign + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + completed: + type: boolean + description: Have all decisions been made? + example: true + identitiesCompleted: + type: integer + description: The number of identities for whom all decisions have been made and are complete. + example: 5 + format: int32 + identitiesTotal: + type: integer + description: 'The total number of identities in the Certification, both complete and incomplete.' + example: 10 + format: int32 + created: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: created date + modified: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: modified date + decisionsMade: + type: integer + description: The number of approve/revoke/acknowledge decisions that have been made. + example: 20 + format: int32 + decisionsTotal: + type: integer + description: The total number of approve/revoke/acknowledge decisions. + example: 40 + format: int32 + due: + type: string + format: date-time + description: The due date of the certification. + example: '2018-10-19T13:49:37.385Z' + signed: + type: string + format: date-time + nullable: true + description: The date the reviewer signed off on the Certification. + example: '2018-10-19T13:49:37.385Z' + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + reassignment: + type: object + nullable: true + properties: + from: + type: object + properties: + id: + type: string + description: The id of the certification. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the certification. + example: Certification Name + type: + type: string + enum: + - CERTIFICATION + example: CERTIFICATION + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + comment: + type: string + description: The comment entered when the Certification was reassigned + example: Reassigned for a reason + hasErrors: + description: Identifies if the certification has an error + type: boolean + example: false + errorMessage: + description: Description of the certification error + nullable: true + type: string + example: The certification has an error + phase: + type: string + description: | + The current phase of the campaign. + * `STAGED`: The campaign is waiting to be activated. + * `ACTIVE`: The campaign is active. + * `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete. + enum: + - STAGED + - ACTIVE + - SIGNED + example: ACTIVE + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/decision-summary': + get: + operationId: getIdentityDecisionSummary + tags: + - Certification Summaries + summary: Summary of Certification Decisions + description: This API returns a summary of the decisions made on an identity campaign certification. The decisions are summarized by type. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The certification ID + example: ef38f94347e94562b5bb8424a56397d8 + - in: query + name: filters + required: false + schema: + type: string + example: identitySummary.id eq "ef38f94347e94562b5bb8424a56397d8" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **identitySummary.id**: *eq, in* + responses: + '200': + description: Summary of the decisions made + content: + application/json: + schema: + type: object + properties: + entitlementDecisionsMade: + type: integer + description: Number of entitlement decisions that have been made + example: 3 + format: int32 + accessProfileDecisionsMade: + type: integer + description: Number of access profile decisions that have been made + example: 5 + format: int32 + roleDecisionsMade: + type: integer + description: Number of role decisions that have been made + example: 2 + format: int32 + accountDecisionsMade: + type: integer + description: Number of account decisions that have been made + example: 4 + format: int32 + entitlementDecisionsTotal: + type: integer + description: 'The total number of entitlement decisions on the certification, both complete and incomplete' + example: 6 + format: int32 + accessProfileDecisionsTotal: + type: integer + description: 'The total number of access profile decisions on the certification, both complete and incomplete' + example: 10 + format: int32 + roleDecisionsTotal: + type: integer + description: 'The total number of role decisions on the certification, both complete and incomplete' + example: 4 + format: int32 + accountDecisionsTotal: + type: integer + description: 'The total number of account decisions on the certification, both complete and incomplete' + example: 8 + format: int32 + entitlementsApproved: + type: integer + description: The number of entitlement decisions that have been made which were approved + example: 2 + format: int32 + entitlementsRevoked: + type: integer + description: The number of entitlement decisions that have been made which were revoked + example: 1 + format: int32 + accessProfilesApproved: + type: integer + description: The number of access profile decisions that have been made which were approved + example: 3 + format: int32 + accessProfilesRevoked: + type: integer + description: The number of access profile decisions that have been made which were revoked + example: 2 + format: int32 + rolesApproved: + type: integer + description: The number of role decisions that have been made which were approved + example: 2 + format: int32 + rolesRevoked: + type: integer + description: The number of role decisions that have been made which were revoked + example: 0 + format: int32 + accountsApproved: + type: integer + description: The number of account decisions that have been made which were approved + example: 1 + format: int32 + accountsRevoked: + type: integer + description: The number of account decisions that have been made which were revoked + example: 3 + format: int32 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/identity-summaries': + get: + operationId: getIdentitySummaries + tags: + - Certification Summaries + summary: Identity Summaries for Campaign Certification + description: This API returns a list of the identity summaries for a specific identity campaign certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity campaign certification ID + example: ef38f94347e94562b5bb8424a56397d8 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + required: false + schema: + type: string + example: id eq "ef38f94347e94562b5bb8424a56397d8" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **completed**: *eq, ne* + + **name**: *eq, sw* + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: name + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name** + responses: + '200': + description: List of identity summaries + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The ID of the identity summary + example: 2c91808772a504f50172a9540e501ba7 + name: + type: string + description: Name of the linked identity + example: Alison Ferguso + identityId: + type: string + description: The ID of the identity being certified + example: 2c9180857182306001719937377a33de + completed: + type: boolean + description: Indicates whether the review items for the linked identity's certification have been completed + example: true + example: + - id: 2c91808772a504f50172a9540e501ba7 + name: Aaron Grey + identityId: 2c9180857182306001719937379633e4 + completed: false + - id: 2c91808772a504f50172a9540e501ba8 + name: Aglae Wilson + identityId: 2c9180857182306001719937377a33de + completed: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/access-summaries/{type}': + get: + operationId: getIdentityAccessSummaries + tags: + - Certification Summaries + summary: Access Summaries + description: This API returns a list of access summaries for the specified identity campaign certification and type. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. + security: + - oauth2: + - 'idn:certification:read' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity campaign certification ID + example: ef38f94347e94562b5bb8424a56397d8 + - in: path + name: type + schema: + type: string + enum: + - ROLE + - ACCESS_PROFILE + - ENTITLEMENT + required: true + description: The type of access review item to retrieve summaries for + example: ACCESS_PROFILE + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + required: false + schema: + type: string + example: access.id eq "ef38f94347e94562b5bb8424a56397d8" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **completed**: *eq, ne* + + **access.id**: *eq, in* + + **access.name**: *eq, sw* + + **entitlement.sourceName**: *eq, sw* + + **accessProfile.sourceName**: *eq, sw* + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: access.name + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **access.name** + responses: + '200': + description: List of access summaries + content: + application/json: + schema: + type: array + items: + type: object + description: An object holding the access that is being reviewed + properties: + access: + type: object + properties: + type: + description: The type of item being certified + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + example: IDENTITY + id: + type: string + description: The ID of the item being certified + example: 2c9180867160846801719932c5153fb7 + name: + type: string + description: The name of the item being certified + example: Entitlement for Company Database + entitlement: + type: object + nullable: true + properties: + id: + type: string + description: The id for the entitlement + example: 2c918085718230600171993742c63558 + name: + type: string + description: The name of the entitlement + example: CN=entitlement.bbb7c650 + description: + nullable: true + type: string + description: Information about the entitlement + example: Gives read/write access to the company database + privileged: + type: boolean + example: false + default: false + description: Indicates if the entitlement is a privileged entitlement + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + attributeName: + type: string + description: The name of the attribute on the source + example: memberOf + attributeValue: + type: string + description: The value of the attribute on the source + example: CN=entitlement.bbb7c650 + sourceSchemaObjectType: + type: string + description: The schema object type on the source used to represent the entitlement and its attributes + example: groups + sourceName: + type: string + description: The name of the source for which this entitlement belongs + example: ODS-AD-Source + sourceType: + type: string + description: The type of the source for which the entitlement belongs + example: Active Directory - Direct + sourceId: + type: string + description: The ID of the source for which the entitlement belongs + example: 78ca6be511cb41fbb86dba2fcca7780c + hasPermissions: + type: boolean + default: false + description: Indicates if the entitlement has permissions + example: false + isPermission: + type: boolean + default: false + description: Indicates if the entitlement is a representation of an account permission + example: false + revocable: + type: boolean + default: false + description: Indicates whether the entitlement can be revoked + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: false + containsDataAccess: + type: boolean + description: True if the entitlement has DAS data + default: false + example: true + dataAccess: + type: object + description: DAS data for the entitlement + nullable: true + properties: + policies: + type: array + description: List of classification policies that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the policy + example: GDPR-20 + categories: + type: array + description: List of classification categories that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the category + example: email-7 + matchCount: + type: integer + description: Number of matched for each category + example: 10 + impactScore: + type: object + properties: + value: + type: string + description: Impact Score for this data + example: Medium + account: + type: object + nullable: true + description: Information about the status of the entitlement + properties: + nativeIdentity: + type: string + description: The native identity for this account + example: CN=Alison Ferguso + disabled: + type: boolean + default: false + example: false + description: Indicates whether this account is currently disabled + locked: + type: boolean + default: false + example: false + description: Indicates whether this account is currently locked + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + nullable: true + type: string + description: The id associated with the account + example: 2c9180857182305e0171993737eb29e6 + name: + nullable: true + type: string + description: The account name + example: Alison Ferguso + created: + nullable: true + type: string + format: date-time + description: When the account was created + example: '2020-04-20T20:11:05.067Z' + modified: + nullable: true + type: string + format: date-time + description: When the account was last modified + example: '2020-05-20T18:57:16.987Z' + activityInsights: + type: object + description: Insights into account activity + properties: + accountID: + type: string + description: UUID of the account + example: c4ddd5421d8549f0abd309162cafd3b1 + usageDays: + type: integer + format: int32 + minimum: 0 + maximum: 90 + description: The number of days of activity + example: 45 + usageDaysState: + type: string + enum: + - COMPLETE + - UNKNOWN + description: Status indicating if the activity is complete or unknown + example: COMPLETE + accessProfile: + type: object + properties: + id: + type: string + description: The id of the Access Profile + example: 2c91808a7190d06e01719938fcd20792 + name: + type: string + description: Name of the Access Profile + example: Employee-database-read-write + description: + type: string + description: Information about the Access Profile + example: Collection of entitlements to read/write the employee database + privileged: + type: boolean + description: Indicates if the entitlement is a privileged entitlement + example: false + cloudGoverned: + type: boolean + description: True if the entitlement is cloud governed + example: false + endDate: + nullable: true + type: string + format: date-time + description: The date at which a user's access expires + example: '2021-12-25T00:00:00.000Z' + owner: + description: Owner of the Access Profile + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + entitlements: + type: array + description: A list of entitlements associated with this Access Profile + items: + type: object + nullable: true + properties: + id: + type: string + description: The id for the entitlement + example: 2c918085718230600171993742c63558 + name: + type: string + description: The name of the entitlement + example: CN=entitlement.bbb7c650 + description: + nullable: true + type: string + description: Information about the entitlement + example: Gives read/write access to the company database + privileged: + type: boolean + example: false + default: false + description: Indicates if the entitlement is a privileged entitlement + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + attributeName: + type: string + description: The name of the attribute on the source + example: memberOf + attributeValue: + type: string + description: The value of the attribute on the source + example: CN=entitlement.bbb7c650 + sourceSchemaObjectType: + type: string + description: The schema object type on the source used to represent the entitlement and its attributes + example: groups + sourceName: + type: string + description: The name of the source for which this entitlement belongs + example: ODS-AD-Source + sourceType: + type: string + description: The type of the source for which the entitlement belongs + example: Active Directory - Direct + sourceId: + type: string + description: The ID of the source for which the entitlement belongs + example: 78ca6be511cb41fbb86dba2fcca7780c + hasPermissions: + type: boolean + default: false + description: Indicates if the entitlement has permissions + example: false + isPermission: + type: boolean + default: false + description: Indicates if the entitlement is a representation of an account permission + example: false + revocable: + type: boolean + default: false + description: Indicates whether the entitlement can be revoked + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: false + containsDataAccess: + type: boolean + description: True if the entitlement has DAS data + default: false + example: true + dataAccess: + type: object + description: DAS data for the entitlement + nullable: true + properties: + policies: + type: array + description: List of classification policies that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the policy + example: GDPR-20 + categories: + type: array + description: List of classification categories that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the category + example: email-7 + matchCount: + type: integer + description: Number of matched for each category + example: 10 + impactScore: + type: object + properties: + value: + type: string + description: Impact Score for this data + example: Medium + account: + type: object + nullable: true + description: Information about the status of the entitlement + properties: + nativeIdentity: + type: string + description: The native identity for this account + example: CN=Alison Ferguso + disabled: + type: boolean + default: false + example: false + description: Indicates whether this account is currently disabled + locked: + type: boolean + default: false + example: false + description: Indicates whether this account is currently locked + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + nullable: true + type: string + description: The id associated with the account + example: 2c9180857182305e0171993737eb29e6 + name: + nullable: true + type: string + description: The account name + example: Alison Ferguso + created: + nullable: true + type: string + format: date-time + description: When the account was created + example: '2020-04-20T20:11:05.067Z' + modified: + nullable: true + type: string + format: date-time + description: When the account was last modified + example: '2020-05-20T18:57:16.987Z' + activityInsights: + type: object + description: Insights into account activity + properties: + accountID: + type: string + description: UUID of the account + example: c4ddd5421d8549f0abd309162cafd3b1 + usageDays: + type: integer + format: int32 + minimum: 0 + maximum: 90 + description: The number of days of activity + example: 45 + usageDaysState: + type: string + enum: + - COMPLETE + - UNKNOWN + description: Status indicating if the activity is complete or unknown + example: COMPLETE + created: + type: string + description: Date the Access Profile was created. + format: date-time + example: '2021-01-01T22:32:58.104Z' + modified: + type: string + description: Date the Access Profile was last modified. + format: date-time + example: '2021-02-01T22:32:58.104Z' + role: + type: object + nullable: true + properties: + id: + type: string + description: The id for the Role + example: 2c91808a7190d06e0171993907fd0794 + name: + type: string + description: The name of the Role + example: Accounting-Employees + description: + type: string + description: Information about the Role + example: Role for members of the accounting department with the necessary Access Profiles + privileged: + type: boolean + description: Indicates if the entitlement is a privileged entitlement + example: false + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + revocable: + type: boolean + description: Indicates whether the Role can be revoked or requested + example: false + endDate: + type: string + format: date-time + description: The date when a user's access expires. + example: '2021-12-25T00:00:00.000Z' + accessProfiles: + type: array + description: The list of Access Profiles associated with this Role + items: + type: object + properties: + id: + type: string + description: The id of the Access Profile + example: 2c91808a7190d06e01719938fcd20792 + name: + type: string + description: Name of the Access Profile + example: Employee-database-read-write + description: + type: string + description: Information about the Access Profile + example: Collection of entitlements to read/write the employee database + privileged: + type: boolean + description: Indicates if the entitlement is a privileged entitlement + example: false + cloudGoverned: + type: boolean + description: True if the entitlement is cloud governed + example: false + endDate: + nullable: true + type: string + format: date-time + description: The date at which a user's access expires + example: '2021-12-25T00:00:00.000Z' + owner: + description: Owner of the Access Profile + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + entitlements: + type: array + description: A list of entitlements associated with this Access Profile + items: + type: object + nullable: true + properties: + id: + type: string + description: The id for the entitlement + example: 2c918085718230600171993742c63558 + name: + type: string + description: The name of the entitlement + example: CN=entitlement.bbb7c650 + description: + nullable: true + type: string + description: Information about the entitlement + example: Gives read/write access to the company database + privileged: + type: boolean + example: false + default: false + description: Indicates if the entitlement is a privileged entitlement + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + attributeName: + type: string + description: The name of the attribute on the source + example: memberOf + attributeValue: + type: string + description: The value of the attribute on the source + example: CN=entitlement.bbb7c650 + sourceSchemaObjectType: + type: string + description: The schema object type on the source used to represent the entitlement and its attributes + example: groups + sourceName: + type: string + description: The name of the source for which this entitlement belongs + example: ODS-AD-Source + sourceType: + type: string + description: The type of the source for which the entitlement belongs + example: Active Directory - Direct + sourceId: + type: string + description: The ID of the source for which the entitlement belongs + example: 78ca6be511cb41fbb86dba2fcca7780c + hasPermissions: + type: boolean + default: false + description: Indicates if the entitlement has permissions + example: false + isPermission: + type: boolean + default: false + description: Indicates if the entitlement is a representation of an account permission + example: false + revocable: + type: boolean + default: false + description: Indicates whether the entitlement can be revoked + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: false + containsDataAccess: + type: boolean + description: True if the entitlement has DAS data + default: false + example: true + dataAccess: + type: object + description: DAS data for the entitlement + nullable: true + properties: + policies: + type: array + description: List of classification policies that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the policy + example: GDPR-20 + categories: + type: array + description: List of classification categories that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the category + example: email-7 + matchCount: + type: integer + description: Number of matched for each category + example: 10 + impactScore: + type: object + properties: + value: + type: string + description: Impact Score for this data + example: Medium + account: + type: object + nullable: true + description: Information about the status of the entitlement + properties: + nativeIdentity: + type: string + description: The native identity for this account + example: CN=Alison Ferguso + disabled: + type: boolean + default: false + example: false + description: Indicates whether this account is currently disabled + locked: + type: boolean + default: false + example: false + description: Indicates whether this account is currently locked + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + nullable: true + type: string + description: The id associated with the account + example: 2c9180857182305e0171993737eb29e6 + name: + nullable: true + type: string + description: The account name + example: Alison Ferguso + created: + nullable: true + type: string + format: date-time + description: When the account was created + example: '2020-04-20T20:11:05.067Z' + modified: + nullable: true + type: string + format: date-time + description: When the account was last modified + example: '2020-05-20T18:57:16.987Z' + activityInsights: + type: object + description: Insights into account activity + properties: + accountID: + type: string + description: UUID of the account + example: c4ddd5421d8549f0abd309162cafd3b1 + usageDays: + type: integer + format: int32 + minimum: 0 + maximum: 90 + description: The number of days of activity + example: 45 + usageDaysState: + type: string + enum: + - COMPLETE + - UNKNOWN + description: Status indicating if the activity is complete or unknown + example: COMPLETE + created: + type: string + description: Date the Access Profile was created. + format: date-time + example: '2021-01-01T22:32:58.104Z' + modified: + type: string + description: Date the Access Profile was last modified. + format: date-time + example: '2021-02-01T22:32:58.104Z' + entitlements: + type: array + description: The list of entitlements associated with this Role + items: + type: object + nullable: true + properties: + id: + type: string + description: The id for the entitlement + example: 2c918085718230600171993742c63558 + name: + type: string + description: The name of the entitlement + example: CN=entitlement.bbb7c650 + description: + nullable: true + type: string + description: Information about the entitlement + example: Gives read/write access to the company database + privileged: + type: boolean + example: false + default: false + description: Indicates if the entitlement is a privileged entitlement + owner: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + attributeName: + type: string + description: The name of the attribute on the source + example: memberOf + attributeValue: + type: string + description: The value of the attribute on the source + example: CN=entitlement.bbb7c650 + sourceSchemaObjectType: + type: string + description: The schema object type on the source used to represent the entitlement and its attributes + example: groups + sourceName: + type: string + description: The name of the source for which this entitlement belongs + example: ODS-AD-Source + sourceType: + type: string + description: The type of the source for which the entitlement belongs + example: Active Directory - Direct + sourceId: + type: string + description: The ID of the source for which the entitlement belongs + example: 78ca6be511cb41fbb86dba2fcca7780c + hasPermissions: + type: boolean + default: false + description: Indicates if the entitlement has permissions + example: false + isPermission: + type: boolean + default: false + description: Indicates if the entitlement is a representation of an account permission + example: false + revocable: + type: boolean + default: false + description: Indicates whether the entitlement can be revoked + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: false + containsDataAccess: + type: boolean + description: True if the entitlement has DAS data + default: false + example: true + dataAccess: + type: object + description: DAS data for the entitlement + nullable: true + properties: + policies: + type: array + description: List of classification policies that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the policy + example: GDPR-20 + categories: + type: array + description: List of classification categories that apply to resources the entitlement \ groups has access to + items: + type: object + properties: + value: + type: string + description: Value of the category + example: email-7 + matchCount: + type: integer + description: Number of matched for each category + example: 10 + impactScore: + type: object + properties: + value: + type: string + description: Impact Score for this data + example: Medium + account: + type: object + nullable: true + description: Information about the status of the entitlement + properties: + nativeIdentity: + type: string + description: The native identity for this account + example: CN=Alison Ferguso + disabled: + type: boolean + default: false + example: false + description: Indicates whether this account is currently disabled + locked: + type: boolean + default: false + example: false + description: Indicates whether this account is currently locked + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + nullable: true + type: string + description: The id associated with the account + example: 2c9180857182305e0171993737eb29e6 + name: + nullable: true + type: string + description: The account name + example: Alison Ferguso + created: + nullable: true + type: string + format: date-time + description: When the account was created + example: '2020-04-20T20:11:05.067Z' + modified: + nullable: true + type: string + format: date-time + description: When the account was last modified + example: '2020-05-20T18:57:16.987Z' + activityInsights: + type: object + description: Insights into account activity + properties: + accountID: + type: string + description: UUID of the account + example: c4ddd5421d8549f0abd309162cafd3b1 + usageDays: + type: integer + format: int32 + minimum: 0 + maximum: 90 + description: The number of days of activity + example: 45 + usageDaysState: + type: string + enum: + - COMPLETE + - UNKNOWN + description: Status indicating if the activity is complete or unknown + example: COMPLETE + example: + - access: + type: ENTITLEMENT + id: 2c9180857182305e01719937429e2bad + name: CN=Engineering + entitlement: + id: 2c9180857182305e01719937429e2bad + name: CN=Engineering + description: Access to the engineering database + privileged: false + owner: + email: brandon.gray@acme-solar.com + type: IDENTITY + id: 2c9180867160846801719932c5153fb7 + name: Brandon Gray + attributeName: memberOf + attributeValue: CN=Engineering + sourceName: ODS-AD-Source + hasPermissions: true + revocable: true + containsDataAccess: true + dataAccess: + policies: + - value: GDPR-1 + - value: GDPR-2 + categories: + - value: email-7 + matchCount: 74 + - value: email-9 + matchCount: 30 + impactScore: + value: Medium + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/identity-summaries/{identitySummaryId}': + get: + operationId: getIdentitySummary + tags: + - Certification Summaries + summary: Summary for Identity + description: This API returns the summary for an identity on a specified identity campaign certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity campaign certification ID + example: ef38f94347e94562b5bb8424a56397d8 + - in: path + name: identitySummaryId + schema: + type: string + required: true + description: The identity summary ID + example: 2c91808772a504f50172a9540e501ba8 + responses: + '200': + description: An identity summary + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The ID of the identity summary + example: 2c91808772a504f50172a9540e501ba7 + name: + type: string + description: Name of the linked identity + example: Alison Ferguso + identityId: + type: string + description: The ID of the identity being certified + example: 2c9180857182306001719937377a33de + completed: + type: boolean + description: Indicates whether the review items for the linked identity's certification have been completed + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{certificationId}/access-review-items/{itemId}/permissions': + get: + operationId: getIdentityCertificationItemPermissions + tags: + - Certifications + summary: Permissions for Entitlement Certification Item + description: This API returns the permissions associated with an entitlement certification item based on the certification item's ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. + security: + - UserContextAuth: + - 'idn:certification:read' + parameters: + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **target**: *eq, sw* + + **rights**: *ca* + + Supported composite operators: *and, or* + + All field values (second filter operands) are case-insensitive for this API. + + Only a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field. + + For example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22` + + The following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1 + example: target eq "SYS.OBJAUTH2" + - in: path + name: certificationId + schema: + type: string + required: true + description: The certification ID + example: ef38f94347e94562b5bb8424a56397d8 + - in: path + name: itemId + schema: + type: string + required: true + description: The certification item ID + example: 2c91808671bcbab40171bd945d961227 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + responses: + '200': + description: A list of permissions associated with the given itemId + content: + application/json: + schema: + type: array + items: + type: object + description: 'Simplified DTO for the Permission objects stored in SailPoint''s database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.' + properties: + rights: + type: array + description: All the rights (e.g. actions) that this permission allows on the target + readOnly: true + items: + type: string + example: SELECT + target: + type: string + description: The target the permission would grants rights on. + readOnly: true + example: SYS.GV_$TRANSACTION + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/reviewers': + get: + operationId: listCertificationReviewers + tags: + - Certifications + summary: List of Reviewers for certification + description: This API returns a list of reviewers for the certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. + security: + - UserContextAuth: + - 'idn:certification:read' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The certification ID + example: ef38f94347e94562b5bb8424a56397d8 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, sw* + + **email**: *eq, sw* + example: name eq "Bob" + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, email** + example: name + responses: + '200': + description: A list of reviewers + content: + application/json: + schema: + type: array + items: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certifications/{id}/reassign-async': + post: + operationId: submitReassignCertsAsync + tags: + - Certifications + summary: Reassign Certifications Asynchronously + description: This API initiates a task to reassign up to 500 identities or items in an identity campaign certification to another reviewer. The `certification-tasks` API can be used to get an updated status on the task and determine when the reassignment is complete. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. + security: + - UserContextAuth: + - 'idn:certification:write' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity campaign certification ID + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + reassign: + type: array + items: + type: object + properties: + id: + type: string + description: The ID of item or identity being reassigned. + example: ef38f94347e94562b5bb8424a56397d8 + type: + type: string + description: The type of item or identity being reassigned. + enum: + - TARGET_SUMMARY + - ITEM + - IDENTITY_SUMMARY + example: ITEM + required: + - id + - type + reassignTo: + type: string + description: The ID of the identity to which the certification is reassigned + example: ef38f94347e94562b5bb8424a56397d8 + reason: + type: string + description: The reason comment for why the reassign was made + example: reassigned for some reason + required: + - reassign + - reassignTo + - reason + responses: + '200': + description: A certification task object for the reassignment which can be queried for status. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The ID of the certification task. + example: 2c918086719eec070171a7e3355a360a + type: + type: string + description: The type of the certification task. More values may be added in the future. + enum: + - REASSIGN + - ADMIN_REASSIGN + - COMPLETE_CERTIFICATION + - FINISH_CERTIFICATION + - COMPLETE_CAMPAIGN + - ACTIVATE_CAMPAIGN + - CAMPAIGN_CREATE + - CAMPAIGN_DELETE + example: ADMIN_REASSIGN + targetType: + type: string + description: The type of item that is being operated on by this task whose ID is stored in the targetId field. + enum: + - CERTIFICATION + - CAMPAIGN + example: CAMPAIGN + targetId: + type: string + description: The ID of the item being operated on by this task. + example: 2c918086719eec070171a7e3355a834c + status: + type: string + description: The status of the task. + enum: + - QUEUED + - IN_PROGRESS + - SUCCESS + - ERROR + example: QUEUED + errors: + description: A list of errors that have been encountered by the task. + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + reassignmentTrailDTOs: + description: Reassignment trails that lead to self certification identity + type: array + items: + type: object + properties: + previousOwner: + type: string + description: The ID of previous owner identity. + example: ef38f94347e94562b5bb8424a56397d8 + newOwner: + type: string + description: The ID of new owner identity. + example: ef38f94347e94562b5bb8424a56397a3 + reassignmentType: + type: string + description: The type of reassignment. + example: AUTOMATIC_REASSIGNMENT + example: + previousOwner: ef38f94347e94562b5bb8424a56397d8 + newOwner: ef38f94347e94562b5bb8424a56397a3 + reassignmentType: AUTOMATIC_REASSIGNMENT + created: + type: string + description: The date and time on which this task was created. + format: date-time + example: '2020-09-24T18:10:47.693Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/certification-tasks/{id}': + get: + operationId: getCertificationTask + tags: + - Certifications + summary: Certification Task by ID + description: This API returns the certification task for the specified ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for the specified certification can also call this API. + security: + - UserContextAuth: + - 'idn:certification:read' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The task ID + example: 63b32151-26c0-42f4-9299-8898dc1c9daa + responses: + '200': + description: A certification task + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The ID of the certification task. + example: 2c918086719eec070171a7e3355a360a + type: + type: string + description: The type of the certification task. More values may be added in the future. + enum: + - REASSIGN + - ADMIN_REASSIGN + - COMPLETE_CERTIFICATION + - FINISH_CERTIFICATION + - COMPLETE_CAMPAIGN + - ACTIVATE_CAMPAIGN + - CAMPAIGN_CREATE + - CAMPAIGN_DELETE + example: ADMIN_REASSIGN + targetType: + type: string + description: The type of item that is being operated on by this task whose ID is stored in the targetId field. + enum: + - CERTIFICATION + - CAMPAIGN + example: CAMPAIGN + targetId: + type: string + description: The ID of the item being operated on by this task. + example: 2c918086719eec070171a7e3355a834c + status: + type: string + description: The status of the task. + enum: + - QUEUED + - IN_PROGRESS + - SUCCESS + - ERROR + example: QUEUED + errors: + description: A list of errors that have been encountered by the task. + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + reassignmentTrailDTOs: + description: Reassignment trails that lead to self certification identity + type: array + items: + type: object + properties: + previousOwner: + type: string + description: The ID of previous owner identity. + example: ef38f94347e94562b5bb8424a56397d8 + newOwner: + type: string + description: The ID of new owner identity. + example: ef38f94347e94562b5bb8424a56397a3 + reassignmentType: + type: string + description: The type of reassignment. + example: AUTOMATIC_REASSIGNMENT + example: + previousOwner: ef38f94347e94562b5bb8424a56397d8 + newOwner: ef38f94347e94562b5bb8424a56397a3 + reassignmentType: AUTOMATIC_REASSIGNMENT + created: + type: string + description: The date and time on which this task was created. + format: date-time + example: '2020-09-24T18:10:47.693Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /certification-tasks: + get: + operationId: getPendingCertificationTasks + tags: + - Certifications + summary: List of Pending Certification Tasks + description: 'This API returns a list of pending (`QUEUED` or `IN_PROGRESS`) certification tasks. Any authenticated token can call this API, but only certification tasks you are authorized to review will be returned.' + security: + - UserContextAuth: + - 'idn:certification:read' + parameters: + - in: query + name: reviewer-identity + schema: + type: string + example: Ada.1de82e55078344 + description: The ID of reviewer identity. *me* indicates the current user. + required: false + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + example: type eq "ADMIN_REASSIGN" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **targetId**: *eq, in* + + **type**: *eq, in* + responses: + '200': + description: A list of pending certification tasks + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The ID of the certification task. + example: 2c918086719eec070171a7e3355a360a + type: + type: string + description: The type of the certification task. More values may be added in the future. + enum: + - REASSIGN + - ADMIN_REASSIGN + - COMPLETE_CERTIFICATION + - FINISH_CERTIFICATION + - COMPLETE_CAMPAIGN + - ACTIVATE_CAMPAIGN + - CAMPAIGN_CREATE + - CAMPAIGN_DELETE + example: ADMIN_REASSIGN + targetType: + type: string + description: The type of item that is being operated on by this task whose ID is stored in the targetId field. + enum: + - CERTIFICATION + - CAMPAIGN + example: CAMPAIGN + targetId: + type: string + description: The ID of the item being operated on by this task. + example: 2c918086719eec070171a7e3355a834c + status: + type: string + description: The status of the task. + enum: + - QUEUED + - IN_PROGRESS + - SUCCESS + - ERROR + example: QUEUED + errors: + description: A list of errors that have been encountered by the task. + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + reassignmentTrailDTOs: + description: Reassignment trails that lead to self certification identity + type: array + items: + type: object + properties: + previousOwner: + type: string + description: The ID of previous owner identity. + example: ef38f94347e94562b5bb8424a56397d8 + newOwner: + type: string + description: The ID of new owner identity. + example: ef38f94347e94562b5bb8424a56397a3 + reassignmentType: + type: string + description: The type of reassignment. + example: AUTOMATIC_REASSIGNMENT + example: + previousOwner: ef38f94347e94562b5bb8424a56397d8 + newOwner: ef38f94347e94562b5bb8424a56397a3 + reassignmentType: AUTOMATIC_REASSIGNMENT + created: + type: string + description: The date and time on which this task was created. + format: date-time + example: '2020-09-24T18:10:47.693Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/configuration-hub/object-mappings/{sourceOrg}': + get: + operationId: getObjectMappings + security: + - UserContextAuth: + - 'sp:config-object-mapping:read' + - 'sp:config-object-mapping:manage' + tags: + - Configuration Hub + summary: Gets list of object mappings + description: |- + This gets a list of existing object mappings between current org and source org. + Source org should be "default" when getting object mappings that are not associated to any particular org. + The request will need the following security scope: + - sp:config-object-mapping:read + parameters: + - in: path + name: sourceOrg + schema: + type: string + required: true + description: The name of the source org. + example: source-org + responses: + '200': + description: List of existing object mappings between current org and source org. + content: + application/json: + schema: + type: array + items: + type: object + title: Object Mapping Response + properties: + objectMappingId: + type: string + description: Id of the object mapping + example: 3d6e0144-963f-4bd6-8d8d-d77b4e507ce4 + objectType: + type: string + description: Type of the object the mapping value applies to + example: IDENTITY + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - ENTITLEMENT + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + jsonPath: + type: string + description: JSONPath expression denoting the path within the object where the mapping value should be applied + example: $.name + sourceValue: + type: string + description: Original value at the jsonPath location within the object + example: My Governance Group Name + targetValue: + type: string + description: Value to be assigned at the jsonPath location within the object + example: My New Governance Group Name + enabled: + type: boolean + description: Whether or not this object mapping is enabled + default: false + example: false + created: + type: string + description: Object mapping creation timestamp + example: 2024-03-19T23:18:53.732Z + modified: + type: string + description: Object mapping latest update timestamp + example: 2024-03-19T23:18:53.732Z + example: + - objectMappingId: 3d6e0144-963f-4bd6-8d8d-d77b4e507ce4 + objectType: GOVERNANCE_GROUP + jsonPath: $.description + sourceValue: Sample Governance Group + targetValue: Sample Governance Group - Updated + enabled: true + created: '2024-03-19T23:18:53.732Z' + modified: '2024-03-19T23:18:53.732Z' + - objectMappingId: e1d5cb80-65e2-4f92-ae2e-9588f61cc4cd + objectType: IDENTITY + jsonPath: $.name + sourceValue: SailPoint Support + targetValue: john.doe + enabled: false + created: '2024-03-19T23:18:06.238Z' + modified: '2024-03-19T23:18:06.238Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createObjectMapping + security: + - UserContextAuth: + - 'sp:config-object-mapping:manage' + tags: + - Configuration Hub + summary: Creates an object mapping + description: |- + This creates an object mapping between current org and source org. + Source org should be "default" when creating an object mapping that is not to be associated to any particular org. + The request will need the following security scope: + - sp:config-object-mapping:manage + parameters: + - in: path + name: sourceOrg + schema: + type: string + required: true + description: The name of the source org. + example: source-org + requestBody: + description: The object mapping request body. + required: true + content: + application/json: + schema: + type: object + title: Object Mapping Request + required: + - objectType + - jsonPath + - sourceValue + - targetValue + properties: + objectType: + type: string + description: 'Type of the object the mapping value applies to, must be one from enum' + example: IDENTITY + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - ENTITLEMENT + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + jsonPath: + type: string + description: JSONPath expression denoting the path within the object where the mapping value should be applied + example: $.name + sourceValue: + type: string + description: Original value at the jsonPath location within the object + example: My Governance Group Name + targetValue: + type: string + description: Value to be assigned at the jsonPath location within the object + example: My New Governance Group Name + enabled: + type: boolean + description: Whether or not this object mapping is enabled + default: false + example: false + example: + objectType: GOVERNANCE_GROUP + jsonPath: $.description + sourceValue: Sample Governance Group + targetValue: Sample Governance Group - Updated + enabled: true + responses: + '200': + description: The created object mapping between current org and source org. + content: + application/json: + schema: + type: object + title: Object Mapping Response + properties: + objectMappingId: + type: string + description: Id of the object mapping + example: 3d6e0144-963f-4bd6-8d8d-d77b4e507ce4 + objectType: + type: string + description: Type of the object the mapping value applies to + example: IDENTITY + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - ENTITLEMENT + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + jsonPath: + type: string + description: JSONPath expression denoting the path within the object where the mapping value should be applied + example: $.name + sourceValue: + type: string + description: Original value at the jsonPath location within the object + example: My Governance Group Name + targetValue: + type: string + description: Value to be assigned at the jsonPath location within the object + example: My New Governance Group Name + enabled: + type: boolean + description: Whether or not this object mapping is enabled + default: false + example: false + created: + type: string + description: Object mapping creation timestamp + example: 2024-03-19T23:18:53.732Z + modified: + type: string + description: Object mapping latest update timestamp + example: 2024-03-19T23:18:53.732Z + example: + objectMappingId: 3d6e0144-963f-4bd6-8d8d-d77b4e507ce4 + objectType: GOVERNANCE_GROUP + jsonPath: $.description + sourceValue: Sample Governance Group + targetValue: Sample Governance Group - Updated + enabled: true + created: '2024-03-19T23:18:53.732Z' + modified: '2024-03-19T23:18:53.732Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/configuration-hub/object-mappings/{sourceOrg}/{objectMappingId}': + delete: + operationId: deleteObjectMapping + security: + - UserContextAuth: + - 'sp:config-object-mapping:manage' + tags: + - Configuration Hub + summary: Deletes an object mapping + description: |- + This deletes an existing object mapping. + Source org should be "default" when deleting an object mapping that is not associated to any particular org. + The request will need the following security scope: + - sp:config-object-mapping:manage + parameters: + - in: path + name: sourceOrg + schema: + type: string + required: true + description: The name of the source org. + example: source-org + - in: path + name: objectMappingId + schema: + type: string + required: true + description: The id of the object mapping to be deleted. + example: 3d6e0144-963f-4bd6-8d8d-d77b4e507ce4 + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/configuration-hub/object-mappings/{sourceOrg}/bulk-create': + post: + operationId: createObjectMappings + security: + - UserContextAuth: + - 'sp:config-object-mapping:manage' + tags: + - Configuration Hub + summary: Bulk creates object mappings + description: |- + This creates a set of object mappings (Max 25) between current org and source org. + Source org should be "default" when creating object mappings that are not to be associated to any particular org. + The request will need the following security scope: + - sp:config-object-mapping:manage + parameters: + - in: path + name: sourceOrg + schema: + type: string + required: true + description: The name of the source org. + example: source-org + requestBody: + description: The bulk create object mapping request body. + required: true + content: + application/json: + schema: + type: object + title: Bulk Create Object Mapping Request + required: + - newObjectMappings + properties: + newObjectMappings: + type: array + items: + type: object + title: Object Mapping Request + required: + - objectType + - jsonPath + - sourceValue + - targetValue + properties: + objectType: + type: string + description: 'Type of the object the mapping value applies to, must be one from enum' + example: IDENTITY + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - ENTITLEMENT + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + jsonPath: + type: string + description: JSONPath expression denoting the path within the object where the mapping value should be applied + example: $.name + sourceValue: + type: string + description: Original value at the jsonPath location within the object + example: My Governance Group Name + targetValue: + type: string + description: Value to be assigned at the jsonPath location within the object + example: My New Governance Group Name + enabled: + type: boolean + description: Whether or not this object mapping is enabled + default: false + example: false + example: + newObjectsMappings: + - objectType: SOURCE + jsonPath: $.name + sourceValue: Original SOURCE Name + targetValue: New SOURCE Name + enabled: true + - objectType: IDENTITY + jsonPath: $.name + sourceValue: Original IDENTITY Name + targetValue: 'New IDENTITY Name ' + enabled: true + responses: + '200': + description: The created object mapping between current org and source org. + content: + application/json: + schema: + type: object + title: Bulk Create Object Mapping Response + properties: + addedObjects: + type: array + items: + type: object + title: Object Mapping Response + properties: + objectMappingId: + type: string + description: Id of the object mapping + example: 3d6e0144-963f-4bd6-8d8d-d77b4e507ce4 + objectType: + type: string + description: Type of the object the mapping value applies to + example: IDENTITY + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - ENTITLEMENT + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + jsonPath: + type: string + description: JSONPath expression denoting the path within the object where the mapping value should be applied + example: $.name + sourceValue: + type: string + description: Original value at the jsonPath location within the object + example: My Governance Group Name + targetValue: + type: string + description: Value to be assigned at the jsonPath location within the object + example: My New Governance Group Name + enabled: + type: boolean + description: Whether or not this object mapping is enabled + default: false + example: false + created: + type: string + description: Object mapping creation timestamp + example: 2024-03-19T23:18:53.732Z + modified: + type: string + description: Object mapping latest update timestamp + example: 2024-03-19T23:18:53.732Z + example: + addedObjects: + - objectMappingId: 603b1a61-d03d-4ed1-864f-a508fbd1995d + objectType: SOURCE + jsonPath: $.name + sourceValue: Original SOURCE Name + targetValue: New SOURCE Name + enabled: true + created: '2024-03-25T15:50:41.314Z' + modified: '2024-03-25T15:50:41.299Z' + - objectMappingId: 00bece34-f50d-4227-8878-76f620b5a971 + objectType: IDENTITY + jsonPath: $.name + sourceValue: Original IDENTITY Name + targetValue: 'New IDENTITY Name ' + enabled: true + created: '2024-03-25T15:50:41.316Z' + modified: '2024-03-25T15:50:41.316Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/configuration-hub/object-mappings/{sourceOrg}/bulk-patch': + post: + operationId: updateObjectMappings + security: + - UserContextAuth: + - 'sp:config-object-mapping:manage' + tags: + - Configuration Hub + summary: Bulk updates object mappings + description: |- + This updates a set of object mappings, only enabled and targetValue fields can be updated. + Source org should be "default" when updating object mappings that are not associated to any particular org. + The request will need the following security scope: + - sp:config-object-mapping:manage + parameters: + - in: path + name: sourceOrg + schema: + type: string + required: true + description: The name of the source org. + example: source-org + requestBody: + description: The object mapping request body. + required: true + content: + application/json: + schema: + type: object + title: Bulk Update Object Mapping Request + required: + - patches + properties: + patches: + description: Map of id of the object mapping to a JsonPatchOperation describing what to patch on that object mapping. + type: object + additionalProperties: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + 603b1a61-d03d-4ed1-864f-a508fbd1995d: + - op: replace + path: /enabled + value: true + 00bece34-f50d-4227-8878-76f620b5a971: + - op: replace + path: /targetValue + value: New Target Value + example: + patches: + 603b1a61-d03d-4ed1-864f-a508fbd1995d: + - op: replace + path: /enabled + value: true + 00bece34-f50d-4227-8878-76f620b5a971: + - op: replace + path: /targetValue + value: New Target Value + responses: + '200': + description: The updated object mappings. + content: + application/json: + schema: + type: object + title: Bulk Update Object Mapping Response + properties: + patchedObjects: + type: array + items: + type: object + title: Object Mapping Response + properties: + objectMappingId: + type: string + description: Id of the object mapping + example: 3d6e0144-963f-4bd6-8d8d-d77b4e507ce4 + objectType: + type: string + description: Type of the object the mapping value applies to + example: IDENTITY + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - ENTITLEMENT + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + jsonPath: + type: string + description: JSONPath expression denoting the path within the object where the mapping value should be applied + example: $.name + sourceValue: + type: string + description: Original value at the jsonPath location within the object + example: My Governance Group Name + targetValue: + type: string + description: Value to be assigned at the jsonPath location within the object + example: My New Governance Group Name + enabled: + type: boolean + description: Whether or not this object mapping is enabled + default: false + example: false + created: + type: string + description: Object mapping creation timestamp + example: 2024-03-19T23:18:53.732Z + modified: + type: string + description: Object mapping latest update timestamp + example: 2024-03-19T23:18:53.732Z + example: + patchedObjects: + - objectMappingId: 603b1a61-d03d-4ed1-864f-a508fbd1995d + objectType: SOURCE + jsonPath: $.name + sourceValue: Original SOURCE Name + targetValue: New SOURCE Name + enabled: true + created: '2024-03-25T15:50:41.314Z' + modified: '2024-03-25T15:50:41.299Z' + - objectMappingId: 00bece34-f50d-4227-8878-76f620b5a971 + objectType: IDENTITY + jsonPath: $.name + sourceValue: Original IDENTITY Name + targetValue: 'New IDENTITY Name ' + enabled: true + created: '2024-03-25T15:50:41.316Z' + modified: '2024-03-25T15:50:41.316Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /configuration-hub/backups/uploads: + post: + operationId: importUploadedBackup + security: + - UserContextAuth: + - 'sp:config-backups:manage' + tags: + - Configuration Hub + summary: Uploads a backup file + description: |- + This post will upload a JSON backup file into a tenant. Configuration files can be managed and deployed via Configuration Hub by uploading a json file which contains configuration data. The JSON file should be the same as the one used by our import endpoints. The object types that currently support by upload file functionality are the same as the ones supported by our regular backup functionality. here: [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects). + + The request will need the following security scope: + - sp:config:manage + requestBody: + description: | + The body will consist of "data" which should contain the json file and name wish should be the name you want to assign to the uploaded file" + + __Example__ + + data: "uploaded.json", + name: "A_NEW_UPLOADED_BACKUP" + + __Sample Upload File__ + + { + "version": 1, + "tenant": "a-sample-tenant", + "objects": + [ + { + "version": 1, + "self": + { + "id": "0a59c7196d2917f8aa6d29686e6600fb", + "type": "SOURCE", + "name": "Extended Form" + }, + "object": + { + "id": "0a59c7196d2917f8aa6d29686e6600fb", + "name": "Extended Form", + "type": "DelimitedFile", + "connectorClass": "sailpoint.connector.DelimitedFileConnector", + "connectorScriptName": "delimited-file-angularsc", + "description": "Migrated app - Extended Form (original ID: 0a59c7196d2917f8aa6d29686e6600fb)", + "deleteThreshold": 10, + "provisionAsCsv": false, + "owner": + { + "type": "IDENTITY", + "id": "0a59c7196d2917f8816d29685fed00c3", + "name": "slpt.services" + }, + "connectorAttributes": + { + "beforemoveAccount": "Do Nothing", + "beforemoverAccount": "Do Nothing", + "busApp": "false", + "file": "Empty", + "filetransport": "local", + "filterEmptyRecords": "true", + "group.filetransport": "local", + "group.filterEmptyRecords": "true", + "group.partitionMode": "auto", + "hasHeader": "true", + "indexColumn": "ID", + "isCaseInsensitiveMerge": "false", + "isSortedByIndexColumn": "false", + "loaProcess": "Do Nothing", + "ltdProcess": "Do Nothing", + "mergeRows": "false", + "moverProcess": "Do Nothing", + "moverRevocation": "Do Nothing", + "nativeChangeDetectionAttributeScope": "entitlements", + "nativeChangeDetectionEnabled": "false", + "nativeChangeProcess": "Do Nothing", + "parseType": "delimited", + "partitionMode": "auto", + "policyType": "Do Nothing", + "rehireProcess": "Do Nothing", + "reverseleaverProcess": "Do Nothing", + "rtwloaProcess": "Do Nothing", + "rtwltdProcess": "Do Nothing", + "stopIfLineHasWrongColumnLength": "false", + "templateApplication": "DelimitedFile Template", + "terminationProcess": "Do Nothing" + }, + "schemas": + [], + "provisioningPolicies": + [], + "features": + [ + "DIRECT_PERMISSIONS", + "NO_RANDOM_ACCESS", + "DISCOVER_SCHEMA" + ] + } + } + ] + } + required: true + content: + multipart/form-data: + schema: + type: object + properties: + data: + type: string + format: binary + description: JSON file containing the objects to be imported. + name: + type: string + description: Name that will be assigned to the uploaded file. + required: + - data + - name + responses: + '202': + description: Upload job accepted and queued for processing. + content: + application/json: + schema: + type: object + properties: + jobId: + type: string + description: Unique id assigned to this job. + example: 3469b87d-48ca-439a-868f-2160001da8c1 + status: + type: string + description: Status of the job. + enum: + - NOT_STARTED + - IN_PROGRESS + - COMPLETE + - CANCELLED + - FAILED + example: COMPLETE + type: + type: string + description: 'Type of the job, either Backup or Draft.' + enum: + - BACKUP + - DRAFT + example: BACKUP + tenant: + type: string + description: The name of the tenant performing the upload + example: uploaderTenant + requesterName: + type: string + description: The name of the requester. + example: support + created: + type: string + format: date-time + description: The time the job was started. + example: '2021-05-11T22:23:16Z' + modified: + type: string + format: date-time + description: The time of the last update to the job. + example: '2021-05-11T22:23:16Z' + name: + type: string + description: The name assigned to the upload file in the request body. + example: A_NEW_UPLOADED_BACKUP + userCanDelete: + type: boolean + default: true + description: 'Is the job a regular backup job, if so is the user allowed to delete the backup file. Since this is an upload job it remains as false.' + example: false + isPartial: + type: boolean + default: false + description: 'Is the job a regular backup job, if so is it partial. Since this is an upload job it remains as false.' + example: false + backupType: + type: string + description: What kind of backup is this being treated as. + enum: + - UPLOADED + - AUTOMATED + - MANUAL + example: UPLOADED + hydrationStatus: + type: string + description: have the objects contained in the upload file been hydrated. + enum: + - HYDRATED + - NOT_HYDRATED + example: NOT_HYDRATED + required: + - jobId + - status + - type + - created + - modified + '400': + description: | + Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: getUploadedBackups + security: + - UserContextAuth: + - 'sp:config-backups:read' + tags: + - Configuration Hub + summary: Gets list of Uploaded backups + description: |- + Returns a list of the current uploaded backups associated with the current tenant. + A filter "status" can be added to only return the Completed, Failed, or Successful uploads + parameters: + - in: query + name: status + schema: + type: string + required: false + description: Filter listed uploaded backups by status of operation + example: COMPLETE + responses: + '200': + description: List of existing uploaded backups. + content: + application/json: + schema: + type: array + items: + type: object + properties: + jobId: + type: string + description: Unique id assigned to this job. + example: 3469b87d-48ca-439a-868f-2160001da8c1 + status: + type: string + description: Status of the job. + enum: + - NOT_STARTED + - IN_PROGRESS + - COMPLETE + - CANCELLED + - FAILED + example: COMPLETE + type: + type: string + description: 'Type of the job, either Backup or Draft.' + enum: + - BACKUP + - DRAFT + example: BACKUP + tenant: + type: string + description: The name of the tenant performing the upload + example: uploaderTenant + requesterName: + type: string + description: The name of the requester. + example: support + created: + type: string + format: date-time + description: The time the job was started. + example: '2021-05-11T22:23:16Z' + modified: + type: string + format: date-time + description: The time of the last update to the job. + example: '2021-05-11T22:23:16Z' + name: + type: string + description: The name assigned to the upload file in the request body. + example: A_NEW_UPLOADED_BACKUP + userCanDelete: + type: boolean + default: true + description: 'Is the job a regular backup job, if so is the user allowed to delete the backup file. Since this is an upload job it remains as false.' + example: false + isPartial: + type: boolean + default: false + description: 'Is the job a regular backup job, if so is it partial. Since this is an upload job it remains as false.' + example: false + backupType: + type: string + description: What kind of backup is this being treated as. + enum: + - UPLOADED + - AUTOMATED + - MANUAL + example: UPLOADED + hydrationStatus: + type: string + description: have the objects contained in the upload file been hydrated. + enum: + - HYDRATED + - NOT_HYDRATED + example: NOT_HYDRATED + required: + - jobId + - status + - type + - created + - modified + example: + - jobId: 3d0fe04b-57df-4a46-a83b-8f04b0f9d10b + status: FAILED + type: BACKUP + tenant: someTenant + message: 'com.sailpoint.sp.config.exception.IncorrectBackupUploadFormatException: Uploaded backup file could not be parsed to correct format.' + requesterName: support + fileExists: false + created: '2024-04-04T17:29:16.904Z' + modified: '2024-04-04T17:29:17.076Z' + name: dfs + userCanDelete: false + isPartial: false + backupType: UPLOADED + hydrationStatus: NOT_HYDRATED + totalObjectCount: 0 + - jobId: 281d421c-0643-4004-9fe5-29a95d2f73df + status: COMPLETE + type: BACKUP + tenant: someTenant + requesterName: support + fileExists: true + created: '2024-03-07T21:11:00.375Z' + modified: '2024-03-07T21:11:25.046Z' + completed: '2024-03-07T21:11:00.66Z' + name: test1 + userCanDelete: false + isPartial: false + backupType: UPLOADED + hydrationStatus: HYDRATED + totalObjectCount: 64 + - jobId: 4831ad5c-f6cf-42a6-a191-8c4abec30006 + status: COMPLETE + type: BACKUP + tenant: someTenant + requesterName: support + fileExists: true + created: '2024-02-26T18:19:26.312Z' + modified: '2024-02-26T18:19:40.773Z' + completed: '2024-02-26T18:19:26.545Z' + name: testing Daniel + userCanDelete: false + isPartial: false + backupType: UPLOADED + hydrationStatus: HYDRATED + totalObjectCount: 64 + - jobId: 2ea830f3-2b14-4772-8a20-3d006742e419 + status: COMPLETE + type: BACKUP + tenant: someTenant + requesterName: support + fileExists: true + created: '2024-02-20T22:08:31.064Z' + modified: '2024-02-20T22:13:15.662Z' + completed: '2024-02-20T22:08:31.689Z' + name: something new + userCanDelete: false + isPartial: false + backupType: UPLOADED + hydrationStatus: HYDRATED + totalObjectCount: 2 + - jobId: 473b5cef-90e4-4cb3-ad43-7671c17d3a46 + status: COMPLETE + type: BACKUP + tenant: someTenant + requesterName: support + fileExists: true + created: '2024-02-19T21:30:07.947Z' + modified: '2024-02-19T21:31:01.65Z' + completed: '2024-02-19T21:30:08.195Z' + name: test upload + userCanDelete: false + isPartial: false + backupType: UPLOADED + hydrationStatus: HYDRATED + totalObjectCount: 2 + - jobId: 09491993-9cb6-49a7-8d37-8bef54d33502 + status: COMPLETE + type: BACKUP + tenant: someTenant + requesterName: support + fileExists: true + created: '2024-02-19T19:54:15.373Z' + modified: '2024-02-19T20:39:00.341Z' + completed: '2024-02-19T19:54:15.605Z' + name: Testing Daniel + userCanDelete: false + isPartial: false + backupType: UPLOADED + hydrationStatus: HYDRATED + totalObjectCount: 2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/configuration-hub/backups/uploads/{id}': + delete: + operationId: deleteUploadedBackup + security: + - UserContextAuth: + - 'sp:config-backups:manage' + - 'sp:config-backups:read' + tags: + - Configuration Hub + summary: Deletes an uploaded backup file + description: |- + This deletes an Uploaded backup based on job ID. + On success, this endpoint will return an empty response. + The job id can be obtained from the response after a successful upload, or the list uploads endpoint. + The following scopes are required to access this endpoint: sp:config:manage + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The id of the uploaded backup. + example: 3d0fe04b-57df-4a46-a83b-8f04b0f9d10b + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: getUploadedBackup + security: + - UserContextAuth: + - 'sp:config-backups:read' + tags: + - Configuration Hub + summary: Get an uploaded backup's information + description: |- + Returns all the information and status of an upload job. + - sp:config-backups:read + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The id of the uploaded backup. + example: 3d0fe04b-57df-4a46-a83b-8f04b0f9d10b + responses: + '200': + description: List of existing uploaded backups. + content: + application/json: + schema: + type: object + items: + type: object + properties: + jobId: + type: string + description: Unique id assigned to this job. + example: 3469b87d-48ca-439a-868f-2160001da8c1 + status: + type: string + description: Status of the job. + enum: + - NOT_STARTED + - IN_PROGRESS + - COMPLETE + - CANCELLED + - FAILED + example: COMPLETE + type: + type: string + description: 'Type of the job, either Backup or Draft.' + enum: + - BACKUP + - DRAFT + example: BACKUP + tenant: + type: string + description: The name of the tenant performing the upload + example: uploaderTenant + requesterName: + type: string + description: The name of the requester. + example: support + created: + type: string + format: date-time + description: The time the job was started. + example: '2021-05-11T22:23:16Z' + modified: + type: string + format: date-time + description: The time of the last update to the job. + example: '2021-05-11T22:23:16Z' + name: + type: string + description: The name assigned to the upload file in the request body. + example: A_NEW_UPLOADED_BACKUP + userCanDelete: + type: boolean + default: true + description: 'Is the job a regular backup job, if so is the user allowed to delete the backup file. Since this is an upload job it remains as false.' + example: false + isPartial: + type: boolean + default: false + description: 'Is the job a regular backup job, if so is it partial. Since this is an upload job it remains as false.' + example: false + backupType: + type: string + description: What kind of backup is this being treated as. + enum: + - UPLOADED + - AUTOMATED + - MANUAL + example: UPLOADED + hydrationStatus: + type: string + description: have the objects contained in the upload file been hydrated. + enum: + - HYDRATED + - NOT_HYDRATED + example: NOT_HYDRATED + required: + - jobId + - status + - type + - created + - modified + example: + jobId: 2ea830f3-2b14-4772-8a20-3d006742e419 + status: COMPLETE + type: BACKUP + tenant: someTenant + requesterName: support + fileExists: true + created: '2024-02-20T22:08:31.064Z' + modified: '2024-02-20T22:13:15.662Z' + completed: '2024-02-20T22:08:31.689Z' + name: something new + userCanDelete: false + isPartial: false + backupType: UPLOADED + hydrationStatus: HYDRATED + totalObjectCount: 2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/connectors/{scriptName}': + get: + tags: + - Connectors + operationId: getConnector + summary: Gets connector by script name + description: |- + Fetches a connector that using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + - in: query + name: locale + schema: + type: string + enum: + - de + - 'no' + - fi + - sv + - ru + - pt + - ko + - zh-TW + - en + - it + - fr + - zh-CN + - hu + - es + - cs + - ja + - pl + - da + - nl + example: de + description: 'The locale to apply to the config. If no viable locale is given, it will default to "en"' + responses: + '200': + description: A Connector Dto object + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: The connector name + example: name + type: + type: string + description: The connector type + example: ServiceNow + className: + type: string + description: The connector class name + example: class name + scriptName: + type: string + description: The connector script name + example: servicenow + applicationXml: + type: string + description: The connector application xml + example: | + + + + correlationConfigXml: + type: string + description: The connector correlation config xml + example: "\n\n\n\n\n\n\t\n\t\t\n\t\t\n\t\t\n\t\n\n" + sourceConfigXml: + type: string + description: The connector source config xml + example: |- +
+ + + + + + +
+ sourceConfig: + type: string + description: The connector source config + example: |- +
+ + + + + + +
+ sourceConfigFrom: + type: string + description: The connector source config origin + example: sp-connect + s3Location: + type: string + description: storage path key for this connector + example: custom-connector/scriptname + uploadedFiles: + type: array + description: The list of uploaded files supported by the connector. If there was any executable files uploaded to thee connector. Typically this be empty as the executable be uploaded at source creation. + nullable: true + items: + type: string + example: + - pod/org/connectorFiles/testconnector/test1.jar + fileUpload: + type: boolean + description: true if the source is file upload + example: true + default: false + directConnect: + type: boolean + description: true if the source is a direct connect source + example: true + default: false + translationProperties: + type: object + description: A map containing translation attributes by loacale key + additionalProperties: true + example: + de: |- + # Copyright (C) 2024 SailPoint Technologies, Inc. All rights reserved. + # DO NOT EDIT. This file is generated by "sailpointTranslate" command. + menuLabel_ConnectionSettings=Verbindungseinstellungen + menuLabel_AggregationSettings=Aggregationseinstellungen + sectionLabel_AuthenticationSettings=Verbindungseinstellungen + sectionLabel_AggregationSettings=Aggregationseinstellungen + sectionInfo_AuthenticationSettings=Konfigurieren Sie eine direkte Verbindung zwischen der Quelle Delinea Secret Server On-Premise und IdentityNow.

Geben Sie bei Zeit\u00fcberschreitung bei Verbindung die maximal erlaubte Zeitdauer (in Minuten) f\u00fcr die Verbindung von IdentityNow mit der Quelle ein.

Geben Sie die Host-URL der Delinea-SCIM-Serverquelle ein.

Geben Sie den API-Token der Quelle zur Authentifizierung ein. + sectionInfo_AggregationSettings=Geben Sie die Einstellungen f\u00fcr Ihre Aggregation an.

Geben Sie in das Feld Seitengr\u00f6\u00dfe die Anzahl an Kontoeintr\u00e4gen ein, die auf einer einzelnen Seite aggregiert werden sollen, wenn gro\u00dfe Datens\u00e4tze durchlaufen werden.
\n
Geben Sie im Kontofilter die Bedingungen f\u00fcr den Kontofilter an. Beispiel: userName sw "S"

Geben Sie im Gruppenfilter die Gruppenfilterbedingungen an. Beispiel: displayName sw "S". + placeHolder_accAggregation=userName sw "S" + placeHolder_grpAggregation=displayName sw "S" + placeHolder_host=https://{Delinea_SCIM_Server_host}/v2 + docLinkLabel_AuthenticationSettings=Mehr \u00fcber Verbindungseinstellungen + docLinkLabel_Filters=Mehr \u00fcber Konto- und Gruppenfilter + HostURL=Host-URL + ConnectionTimeout=Zeit\u00fcberschreitung bei Verbindung + API_TOKEN=API-Token + JSONPathMapping=JSON-Path-Attribut-Mapping + FilterConditionForAccounts=Kontofilter + FilterConditionForGroups=Gruppenfilter + Page_Size=Seitengr\u00f6\u00dfe + SchemaAttribute=Schema-Attribut + JSONpath=JSON-Pfad + ShortDesc=Das Integrationsmodul IdentityNow f\u00fcr Delinea Secret Server On-Premise bietet die M\u00f6glichkeit einer tiefen Governance f\u00fcr Konten und Gruppen. Es unterst\u00fctzt au\u00dferdem das End-to-End-Lebenszyklus-Management. + connectorMetadata: + type: object + description: A map containing metadata pertinent to the UI to be used + additionalProperties: true + example: + supportedUI: EXTJS + platform: ccg + shortDesc: connector description + status: + type: string + enum: + - DEPRECATED + - DEVELOPMENT + - DEMO + - RELEASED + description: The connector status + example: RELEASED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:read' + delete: + tags: + - Connectors + operationId: deleteCustomConnector + summary: Deletes connector by script name + description: |- + Delete a custom connector that using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + responses: + '204': + description: The custom connector was successfully deleted. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:delete' + patch: + tags: + - Connectors + operationId: updateConnector + summary: Update connector by script name + description: |- + Patch a custom connector that using its script name. + A token with ORG_ADMIN authority is required to call this API. The following fields are patchable: * connectorMetadata * applicationXml * correlationConfigXml * sourceConfigXml + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + requestBody: + required: true + description: 'A list of connector detail update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.' + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + responses: + '200': + description: A updated Connector Dto object + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: The connector name + example: name + type: + type: string + description: The connector type + example: ServiceNow + className: + type: string + description: The connector class name + example: class name + scriptName: + type: string + description: The connector script name + example: servicenow + applicationXml: + type: string + description: The connector application xml + example: | + + + + correlationConfigXml: + type: string + description: The connector correlation config xml + example: "\n\n\n\n\n\n\t\n\t\t\n\t\t\n\t\t\n\t\n\n" + sourceConfigXml: + type: string + description: The connector source config xml + example: |- +
+ + + + + + +
+ sourceConfig: + type: string + description: The connector source config + example: |- +
+ + + + + + +
+ sourceConfigFrom: + type: string + description: The connector source config origin + example: sp-connect + s3Location: + type: string + description: storage path key for this connector + example: custom-connector/scriptname + uploadedFiles: + type: array + description: The list of uploaded files supported by the connector. If there was any executable files uploaded to thee connector. Typically this be empty as the executable be uploaded at source creation. + nullable: true + items: + type: string + example: + - pod/org/connectorFiles/testconnector/test1.jar + fileUpload: + type: boolean + description: true if the source is file upload + example: true + default: false + directConnect: + type: boolean + description: true if the source is a direct connect source + example: true + default: false + translationProperties: + type: object + description: A map containing translation attributes by loacale key + additionalProperties: true + example: + de: |- + # Copyright (C) 2024 SailPoint Technologies, Inc. All rights reserved. + # DO NOT EDIT. This file is generated by "sailpointTranslate" command. + menuLabel_ConnectionSettings=Verbindungseinstellungen + menuLabel_AggregationSettings=Aggregationseinstellungen + sectionLabel_AuthenticationSettings=Verbindungseinstellungen + sectionLabel_AggregationSettings=Aggregationseinstellungen + sectionInfo_AuthenticationSettings=Konfigurieren Sie eine direkte Verbindung zwischen der Quelle Delinea Secret Server On-Premise und IdentityNow.

Geben Sie bei Zeit\u00fcberschreitung bei Verbindung die maximal erlaubte Zeitdauer (in Minuten) f\u00fcr die Verbindung von IdentityNow mit der Quelle ein.

Geben Sie die Host-URL der Delinea-SCIM-Serverquelle ein.

Geben Sie den API-Token der Quelle zur Authentifizierung ein. + sectionInfo_AggregationSettings=Geben Sie die Einstellungen f\u00fcr Ihre Aggregation an.

Geben Sie in das Feld Seitengr\u00f6\u00dfe die Anzahl an Kontoeintr\u00e4gen ein, die auf einer einzelnen Seite aggregiert werden sollen, wenn gro\u00dfe Datens\u00e4tze durchlaufen werden.
\n
Geben Sie im Kontofilter die Bedingungen f\u00fcr den Kontofilter an. Beispiel: userName sw "S"

Geben Sie im Gruppenfilter die Gruppenfilterbedingungen an. Beispiel: displayName sw "S". + placeHolder_accAggregation=userName sw "S" + placeHolder_grpAggregation=displayName sw "S" + placeHolder_host=https://{Delinea_SCIM_Server_host}/v2 + docLinkLabel_AuthenticationSettings=Mehr \u00fcber Verbindungseinstellungen + docLinkLabel_Filters=Mehr \u00fcber Konto- und Gruppenfilter + HostURL=Host-URL + ConnectionTimeout=Zeit\u00fcberschreitung bei Verbindung + API_TOKEN=API-Token + JSONPathMapping=JSON-Path-Attribut-Mapping + FilterConditionForAccounts=Kontofilter + FilterConditionForGroups=Gruppenfilter + Page_Size=Seitengr\u00f6\u00dfe + SchemaAttribute=Schema-Attribut + JSONpath=JSON-Pfad + ShortDesc=Das Integrationsmodul IdentityNow f\u00fcr Delinea Secret Server On-Premise bietet die M\u00f6glichkeit einer tiefen Governance f\u00fcr Konten und Gruppen. Es unterst\u00fctzt au\u00dferdem das End-to-End-Lebenszyklus-Management. + connectorMetadata: + type: object + description: A map containing metadata pertinent to the UI to be used + additionalProperties: true + example: + supportedUI: EXTJS + platform: ccg + shortDesc: connector description + status: + type: string + enum: + - DEPRECATED + - DEVELOPMENT + - DEMO + - RELEASED + description: The connector status + example: RELEASED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:update' + /connectors: + get: + tags: + - Connectors + operationId: getConnectorList + summary: Gets connector list + description: |- + Fetches list of connectors that have 'RELEASED' status using filtering and pagination. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *sw, co* + + **type**: *sw, co, eq* + + **directConnect**: *eq* + + **category**: *eq* + + **features**: *ca* + + **labels**: *ca* + example: directConnect eq "true" + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: locale + schema: + type: string + enum: + - de + - 'no' + - fi + - sv + - ru + - pt + - ko + - zh-TW + - en + - it + - fr + - zh-CN + - hu + - es + - cs + - ja + - pl + - da + - nl + example: de + description: 'The locale to apply to the config. If no viable locale is given, it will default to "en"' + responses: + '200': + description: A Connector Dto object + content: + application/json: + schema: + type: array + items: + title: custom connector response object + type: object + properties: + name: + type: string + description: The connector name + example: name + type: + type: string + description: The connector type + example: ServiceNow + scriptName: + type: string + description: The connector script name + example: servicenow + className: + type: string + nullable: true + description: The connector class name. + example: sailpoint.connector.OpenConnectorAdapter + features: + type: array + description: The list of features supported by the connector + nullable: true + items: + type: string + example: + - PROVISIONING + - SYNC_PROVISIONING + - SEARCH + - UNSTRUCTURED_TARGETS + directConnect: + type: boolean + description: true if the source is a direct connect source + example: true + default: false + connectorMetadata: + type: object + additionalProperties: true + description: A map containing metadata pertinent to the connector + example: + supportedUI: ANGULAR + platform: ccg + shortDesc: connector description + status: + type: string + enum: + - DEPRECATED + - DEVELOPMENT + - DEMO + - RELEASED + description: The connector status + example: RELEASED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-source-config:read' + post: + tags: + - Connectors + operationId: createCustomConnector + summary: Create custom connector + description: |- + Create custom connector. + A token with ORG_ADMIN authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + title: custom connector create request + type: object + required: + - name + - className + properties: + name: + type: string + description: The connector name. Need to be unique per tenant. The name will able be used to derive a url friendly unique scriptname that will be in response. Script name can then be used for all update endpoints + example: custom connector + type: + type: string + description: The connector type. If not specified will be defaulted to 'custom '+name + example: custom connector type + className: + type: string + description: 'The connector class name. If you are implementing openconnector standard (what is recommended), then this need to be set to sailpoint.connector.OpenConnectorAdapter' + example: sailpoint.connector.OpenConnectorAdapter + directConnect: + type: boolean + description: true if the source is a direct connect source + default: true + example: true + status: + type: string + enum: + - DEVELOPMENT + - DEMO + - RELEASED + description: The connector status + example: RELEASED + responses: + '200': + description: A Connector Dto object + content: + application/json: + schema: + title: custom connector response object + type: object + properties: + name: + type: string + description: The connector name + example: name + type: + type: string + description: The connector type + example: ServiceNow + scriptName: + type: string + description: The connector script name + example: servicenow + className: + type: string + nullable: true + description: The connector class name. + example: sailpoint.connector.OpenConnectorAdapter + features: + type: array + description: The list of features supported by the connector + nullable: true + items: + type: string + example: + - PROVISIONING + - SYNC_PROVISIONING + - SEARCH + - UNSTRUCTURED_TARGETS + directConnect: + type: boolean + description: true if the source is a direct connect source + example: true + default: false + connectorMetadata: + type: object + additionalProperties: true + description: A map containing metadata pertinent to the connector + example: + supportedUI: ANGULAR + platform: ccg + shortDesc: connector description + status: + type: string + enum: + - DEPRECATED + - DEVELOPMENT + - DEMO + - RELEASED + description: The connector status + example: RELEASED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:create' + '/connectors/{scriptName}/source-config': + get: + tags: + - Connectors + operationId: getConnectorSourceConfig + description: |- + Fetches a connector's source config using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + responses: + '200': + description: The connector's source template + content: + application/xml: + schema: + type: string + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:read' + put: + tags: + - Connectors + operationId: putSourceConfig + description: |- + Update a connector's source config using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + required: + - file + properties: + file: + type: string + description: connector source config xml file + format: binary + responses: + '200': + description: The connector's update detail + content: + application/json: + schema: + type: object + properties: + message: + type: string + description: The detailed message for an update. Typically the relevent error message when status is error. + example: 'unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config' + scriptName: + type: string + description: The connector script name + example: servicenow + updatedFiles: + type: array + description: The list of updated files supported by the connector + nullable: true + items: + type: string + example: + - pod/org/connectorFiles/testconnector/test1.jar + status: + type: string + enum: + - ERROR + - UPDATED + - UNCHANGED + - SKIPPED + description: The connector update status + example: ERROR + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:update' + '/connectors/{scriptName}/translations/{locale}': + get: + tags: + - Connectors + operationId: getConnectorTranslations + description: |- + Fetches a connector's translations using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + - name: locale + in: path + required: true + schema: + type: string + enum: + - de + - 'no' + - fi + - sv + - ru + - pt + - ko + - zh-TW + - en + - it + - fr + - zh-CN + - hu + - es + - cs + - ja + - pl + - da + - nl + example: de + description: 'The locale to apply to the config. If no viable locale is given, it will default to "en"' + responses: + '200': + description: The connector's translations + content: + text/plain: + schema: + type: string + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:read' + put: + tags: + - Connectors + operationId: putTranslations + description: |- + Update a connector's translations using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + - name: locale + in: path + required: true + schema: + type: string + enum: + - de + - 'no' + - fi + - sv + - ru + - pt + - ko + - zh-TW + - en + - it + - fr + - zh-CN + - hu + - es + - cs + - ja + - pl + - da + - nl + example: de + description: 'The locale to apply to the config. If no viable locale is given, it will default to "en"' + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + responses: + '200': + description: The connector's update detail + content: + application/json: + schema: + type: object + properties: + message: + type: string + description: The detailed message for an update. Typically the relevent error message when status is error. + example: 'unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config' + scriptName: + type: string + description: The connector script name + example: servicenow + updatedFiles: + type: array + description: The list of updated files supported by the connector + nullable: true + items: + type: string + example: + - pod/org/connectorFiles/testconnector/test1.jar + status: + type: string + enum: + - ERROR + - UPDATED + - UNCHANGED + - SKIPPED + description: The connector update status + example: ERROR + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:update' + '/connectors/{scriptName}/source-template': + get: + tags: + - Connectors + operationId: getConnectorSourceTemplate + description: |- + Fetches a connector's source template using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + responses: + '200': + description: The connector's source template + content: + application/xml: + schema: + type: string + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:read' + put: + tags: + - Connectors + operationId: putSourceTemplate + description: |- + Update a connector's source template using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + required: + - file + properties: + file: + type: string + description: connector source template xml file + format: binary + responses: + '200': + description: The connector's update detail + content: + application/json: + schema: + type: object + properties: + message: + type: string + description: The detailed message for an update. Typically the relevent error message when status is error. + example: 'unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config' + scriptName: + type: string + description: The connector script name + example: servicenow + updatedFiles: + type: array + description: The list of updated files supported by the connector + nullable: true + items: + type: string + example: + - pod/org/connectorFiles/testconnector/test1.jar + status: + type: string + enum: + - ERROR + - UPDATED + - UNCHANGED + - SKIPPED + description: The connector update status + example: ERROR + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:update' + '/connectors/{scriptName}/correlation-config': + get: + tags: + - Connectors + operationId: getConnectorCorrelationConfig + description: |- + Fetches a connector's correlation config using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + responses: + '200': + description: The connector's correlation config + content: + application/xml: + schema: + type: string + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:read' + put: + tags: + - Connectors + operationId: putCorrelationConfig + description: |- + Update a connector's correlation config using its script name. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: scriptName + in: path + description: The scriptName value of the connector. Scriptname is the unique id generated at connector creation. + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + required: + - file + properties: + file: + type: string + description: connector correlation config xml file + format: binary + responses: + '200': + description: The connector's update detail + content: + application/json: + schema: + type: object + properties: + message: + type: string + description: The detailed message for an update. Typically the relevent error message when status is error. + example: 'unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config' + scriptName: + type: string + description: The connector script name + example: servicenow + updatedFiles: + type: array + description: The list of updated files supported by the connector + nullable: true + items: + type: string + example: + - pod/org/connectorFiles/testconnector/test1.jar + status: + type: string + enum: + - ERROR + - UPDATED + - UNCHANGED + - SKIPPED + description: The connector update status + example: ERROR + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:connector-config:update' + '/identities/{identity-id}/set-lifecycle-state': + post: + operationId: setLifecycleState + tags: + - Lifecycle States + summary: Set Lifecycle State + description: |- + Use this API to set/update an identity's lifecycle state to the one provided and update the corresponding identity profile. + A token with ORG_ADMIN or API authority and the appropriate user context is required to call this API. + security: + - UserContextAuth: + - 'idn:identity-lifecycle-state:update' + parameters: + - in: path + name: identity-id + description: ID of the identity to update. + required: true + example: 2c9180857893f1290178944561990364 + schema: + type: string + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + lifecycleStateId: + type: string + description: ID of the lifecycle state to set. + example: 2c9180877a86e408017a8c19fefe046c + responses: + '200': + description: The request was successfully accepted into the system. + content: + application/json: + schema: + type: object + properties: + accountActivityId: + type: string + example: 2c9180837ab5b716017ab7c6c9ef1e20 + description: 'ID of the IdentityRequest object that is generated when the workflow launches. To follow the IdentityRequest, you can provide this ID with a [Get Account Activity request](https://developer.sailpoint.com/docs/api/v3/get-account-activity/). The response will contain relevant information about the IdentityRequest, such as its status.' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/identity-profiles/{identity-profile-id}/lifecycle-states': + get: + operationId: getLifecycleStates + tags: + - Lifecycle States + summary: Lists LifecycleStates + description: |- + Use this endpoint to list all lifecycle states by their associated identity profiles. + A token with API, or ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:identity-profile-lifecycle-state:read' + parameters: + - in: path + name: identity-profile-id + description: Identity profile ID. + required: true + schema: + type: string + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'created,modified' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **created, modified** + responses: + '200': + description: List of LifecycleState objects. + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - technicalName + properties: + enabled: + type: boolean + default: false + example: true + description: Indicates whether the lifecycle state is enabled or disabled. + technicalName: + type: string + example: Technical Name + description: The lifecycle state's technical name. This is for internal use. + description: + type: string + example: Lifecycle description + description: Lifecycle state's description. + identityCount: + type: integer + format: int32 + example: 42 + readOnly: true + description: Number of identities that have the lifecycle state. + emailNotificationOption: + type: object + description: This is used for representing email configuration for a lifecycle state + properties: + notifyManagers: + type: boolean + default: false + example: true + description: 'If true, then the manager is notified of the lifecycle state change.' + notifyAllAdmins: + type: boolean + default: false + example: true + description: 'If true, then all the admins are notified of the lifecycle state change.' + notifySpecificUsers: + type: boolean + default: false + example: true + description: 'If true, then the users specified in "emailAddressList" below are notified of lifecycle state change.' + emailAddressList: + type: array + example: + - test@test.com + - test2@test.com + items: + type: string + description: 'List of user email addresses. If "notifySpecificUsers" option is true, then these users are notified of lifecycle state change.' + accountActions: + type: array + items: + type: object + description: Object for specifying Actions to be performed on a specified list of sources' account. + properties: + action: + example: ENABLE + type: string + description: Describes if action will be enabled or disabled + enum: + - ENABLE + - DISABLE + sourceIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique source IDs. The sources must have the ENABLE feature or flat file source. See "/sources" endpoint for source features. + accessProfileIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique access-profile IDs that are associated with the lifecycle state. + identityState: + type: string + nullable: true + example: null + description: The lifecycle state's associated identity state. This field is generally 'null'. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createLifecycleState + tags: + - Lifecycle States + summary: Create Lifecycle State + description: |- + Use this endpoint to create a lifecycle state. + A token with ORG_ADMIN or API authority is required to call this API. + security: + - UserContextAuth: + - 'idn:identity-profile-lifecycle-state:manage' + parameters: + - in: path + name: identity-profile-id + description: Identity profile ID. + required: true + schema: + type: string + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + requestBody: + description: Lifecycle state to be created. + required: true + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - technicalName + properties: + enabled: + type: boolean + default: false + example: true + description: Indicates whether the lifecycle state is enabled or disabled. + technicalName: + type: string + example: Technical Name + description: The lifecycle state's technical name. This is for internal use. + description: + type: string + example: Lifecycle description + description: Lifecycle state's description. + identityCount: + type: integer + format: int32 + example: 42 + readOnly: true + description: Number of identities that have the lifecycle state. + emailNotificationOption: + type: object + description: This is used for representing email configuration for a lifecycle state + properties: + notifyManagers: + type: boolean + default: false + example: true + description: 'If true, then the manager is notified of the lifecycle state change.' + notifyAllAdmins: + type: boolean + default: false + example: true + description: 'If true, then all the admins are notified of the lifecycle state change.' + notifySpecificUsers: + type: boolean + default: false + example: true + description: 'If true, then the users specified in "emailAddressList" below are notified of lifecycle state change.' + emailAddressList: + type: array + example: + - test@test.com + - test2@test.com + items: + type: string + description: 'List of user email addresses. If "notifySpecificUsers" option is true, then these users are notified of lifecycle state change.' + accountActions: + type: array + items: + type: object + description: Object for specifying Actions to be performed on a specified list of sources' account. + properties: + action: + example: ENABLE + type: string + description: Describes if action will be enabled or disabled + enum: + - ENABLE + - DISABLE + sourceIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique source IDs. The sources must have the ENABLE feature or flat file source. See "/sources" endpoint for source features. + accessProfileIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique access-profile IDs that are associated with the lifecycle state. + identityState: + type: string + nullable: true + example: null + description: The lifecycle state's associated identity state. This field is generally 'null'. + responses: + '201': + description: Created LifecycleState object. + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - technicalName + properties: + enabled: + type: boolean + default: false + example: true + description: Indicates whether the lifecycle state is enabled or disabled. + technicalName: + type: string + example: Technical Name + description: The lifecycle state's technical name. This is for internal use. + description: + type: string + example: Lifecycle description + description: Lifecycle state's description. + identityCount: + type: integer + format: int32 + example: 42 + readOnly: true + description: Number of identities that have the lifecycle state. + emailNotificationOption: + type: object + description: This is used for representing email configuration for a lifecycle state + properties: + notifyManagers: + type: boolean + default: false + example: true + description: 'If true, then the manager is notified of the lifecycle state change.' + notifyAllAdmins: + type: boolean + default: false + example: true + description: 'If true, then all the admins are notified of the lifecycle state change.' + notifySpecificUsers: + type: boolean + default: false + example: true + description: 'If true, then the users specified in "emailAddressList" below are notified of lifecycle state change.' + emailAddressList: + type: array + example: + - test@test.com + - test2@test.com + items: + type: string + description: 'List of user email addresses. If "notifySpecificUsers" option is true, then these users are notified of lifecycle state change.' + accountActions: + type: array + items: + type: object + description: Object for specifying Actions to be performed on a specified list of sources' account. + properties: + action: + example: ENABLE + type: string + description: Describes if action will be enabled or disabled + enum: + - ENABLE + - DISABLE + sourceIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique source IDs. The sources must have the ENABLE feature or flat file source. See "/sources" endpoint for source features. + accessProfileIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique access-profile IDs that are associated with the lifecycle state. + identityState: + type: string + nullable: true + example: null + description: The lifecycle state's associated identity state. This field is generally 'null'. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/identity-profiles/{identity-profile-id}/lifecycle-states/{lifecycle-state-id}': + get: + operationId: getLifecycleState + tags: + - Lifecycle States + summary: Get Lifecycle State + description: |- + Use this endpoint to get a lifecycle state by its ID and its associated identity profile ID. + A token with ORG_ADMIN or API authority is required to call this API. + security: + - UserContextAuth: + - 'idn:identity-profile-lifecycle-state:read' + parameters: + - in: path + name: identity-profile-id + description: Identity profile ID. + required: true + schema: + type: string + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + - in: path + name: lifecycle-state-id + description: Lifecycle state ID. + required: true + schema: + type: string + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: The requested LifecycleState was successfully retrieved. + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - technicalName + properties: + enabled: + type: boolean + default: false + example: true + description: Indicates whether the lifecycle state is enabled or disabled. + technicalName: + type: string + example: Technical Name + description: The lifecycle state's technical name. This is for internal use. + description: + type: string + example: Lifecycle description + description: Lifecycle state's description. + identityCount: + type: integer + format: int32 + example: 42 + readOnly: true + description: Number of identities that have the lifecycle state. + emailNotificationOption: + type: object + description: This is used for representing email configuration for a lifecycle state + properties: + notifyManagers: + type: boolean + default: false + example: true + description: 'If true, then the manager is notified of the lifecycle state change.' + notifyAllAdmins: + type: boolean + default: false + example: true + description: 'If true, then all the admins are notified of the lifecycle state change.' + notifySpecificUsers: + type: boolean + default: false + example: true + description: 'If true, then the users specified in "emailAddressList" below are notified of lifecycle state change.' + emailAddressList: + type: array + example: + - test@test.com + - test2@test.com + items: + type: string + description: 'List of user email addresses. If "notifySpecificUsers" option is true, then these users are notified of lifecycle state change.' + accountActions: + type: array + items: + type: object + description: Object for specifying Actions to be performed on a specified list of sources' account. + properties: + action: + example: ENABLE + type: string + description: Describes if action will be enabled or disabled + enum: + - ENABLE + - DISABLE + sourceIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique source IDs. The sources must have the ENABLE feature or flat file source. See "/sources" endpoint for source features. + accessProfileIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique access-profile IDs that are associated with the lifecycle state. + identityState: + type: string + nullable: true + example: null + description: The lifecycle state's associated identity state. This field is generally 'null'. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: updateLifecycleStates + tags: + - Lifecycle States + summary: Update Lifecycle State + description: |- + Use this endpoint to update individual lifecycle state fields, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + A token with ORG_ADMIN or API authority is required to call this API. + security: + - UserContextAuth: + - 'idn:identity-profile-lifecycle-state:manage' + parameters: + - in: path + name: identity-profile-id + description: Identity profile ID. + required: true + schema: + type: string + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + - in: path + name: lifecycle-state-id + description: Lifecycle state ID. + required: true + schema: + type: string + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + description: | + A list of lifecycle state update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + The following fields can be updated: + * enabled + * description + * accountActions + * accessProfileIds + * emailNotificationOption + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /description + value: Updated description! + - op: replace + path: /accessProfileIds + value: + - 2c918087742bab150174407a80f3125e + - 2c918087742bab150174407a80f3124f + - op: replace + path: /accountActions + value: + - action: ENABLE + sourceIds: + - 2c9180846a2f82fb016a481c1b1560c5 + - 2c9180846a2f82fb016a481c1b1560cc + - action: DISABLE + sourceIds: + - 2c91808869a0c9980169a207258513fb + - op: replace + path: /emailNotificationOption + value: + notifyManagers: true + notifyAllAdmins: false + notifySpecificUsers: false + emailAddressList: [] + responses: + '200': + description: The LifecycleState was successfully updated. + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - technicalName + properties: + enabled: + type: boolean + default: false + example: true + description: Indicates whether the lifecycle state is enabled or disabled. + technicalName: + type: string + example: Technical Name + description: The lifecycle state's technical name. This is for internal use. + description: + type: string + example: Lifecycle description + description: Lifecycle state's description. + identityCount: + type: integer + format: int32 + example: 42 + readOnly: true + description: Number of identities that have the lifecycle state. + emailNotificationOption: + type: object + description: This is used for representing email configuration for a lifecycle state + properties: + notifyManagers: + type: boolean + default: false + example: true + description: 'If true, then the manager is notified of the lifecycle state change.' + notifyAllAdmins: + type: boolean + default: false + example: true + description: 'If true, then all the admins are notified of the lifecycle state change.' + notifySpecificUsers: + type: boolean + default: false + example: true + description: 'If true, then the users specified in "emailAddressList" below are notified of lifecycle state change.' + emailAddressList: + type: array + example: + - test@test.com + - test2@test.com + items: + type: string + description: 'List of user email addresses. If "notifySpecificUsers" option is true, then these users are notified of lifecycle state change.' + accountActions: + type: array + items: + type: object + description: Object for specifying Actions to be performed on a specified list of sources' account. + properties: + action: + example: ENABLE + type: string + description: Describes if action will be enabled or disabled + enum: + - ENABLE + - DISABLE + sourceIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique source IDs. The sources must have the ENABLE feature or flat file source. See "/sources" endpoint for source features. + accessProfileIds: + type: array + items: + type: string + uniqueItems: true + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + description: List of unique access-profile IDs that are associated with the lifecycle state. + identityState: + type: string + nullable: true + example: null + description: The lifecycle state's associated identity state. This field is generally 'null'. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteLifecycleState + tags: + - Lifecycle States + summary: Delete Lifecycle State + description: |- + Use this endpoint to delete the lifecycle state by its ID. + A token with API, or ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:identity-profile-lifecycle-state:manage' + parameters: + - in: path + name: identity-profile-id + description: Identity profile ID. + required: true + schema: + type: string + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + - in: path + name: lifecycle-state-id + description: Lifecycle state ID. + required: true + schema: + type: string + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '202': + description: The request was successfully accepted into the system. + content: + application/json: + schema: + type: object + description: Deleted lifecycle state. + properties: + type: + type: string + description: Deleted lifecycle state's DTO type. + enum: + - LIFECYCLE_STATE + example: LIFECYCLE_STATE + id: + type: string + description: Deleted lifecycle state ID. + example: 12345 + name: + type: string + description: Deleted lifecycle state's display name. + example: Contractor Lifecycle + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /identity-profiles: + get: + operationId: listIdentityProfiles + tags: + - Identity Profiles + summary: Identity Profiles List + description: |- + This returns a list of Identity Profiles based on the specified query parameters. + A token with ORG_ADMIN or API authority is required to call this API to get a list of Identity Profiles. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + required: false + schema: + type: string + example: id eq "ef38f94347e94562b5bb8424a56397d8" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, ne, ge, gt, in, le, lt, isnull, sw* + + **name**: *eq, ne, in, le, lt, isnull, sw* + + **priority**: *eq, ne* + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'id,name' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name** + responses: + '200': + description: List of identityProfiles. + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - authoritativeSource + properties: + description: + type: string + description: The description of the Identity Profile. + example: My custom flat file profile + nullable: true + owner: + type: object + description: The owner of the Identity Profile. + nullable: true + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + priority: + type: integer + format: int64 + description: The priority for an Identity Profile. + example: 10 + authoritativeSource: + type: object + properties: + type: + type: string + enum: + - SOURCE + description: Type of the object to which this reference applies + example: SOURCE + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: HR Active Directory + identityRefreshRequired: + type: boolean + default: false + description: True if a identity refresh is needed. Typically triggered when a change on the source has been made. + example: true + identityCount: + type: integer + description: The number of identities that belong to the Identity Profile. + format: int32 + example: 8 + identityAttributeConfig: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + identityExceptionReportReference: + type: object + nullable: true + properties: + taskResultId: + type: string + format: uuid + description: The id of the task result. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + reportName: + type: string + example: My annual report + description: The name of the report. + hasTimeBasedAttr: + description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. + type: boolean + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:read' + post: + operationId: createIdentityProfile + summary: Create an Identity Profile + description: |- + This creates an Identity Profile. + + A token with ORG_ADMIN authority is required to call this API to create an Identity Profile. + tags: + - Identity Profiles + requestBody: + required: true + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - authoritativeSource + properties: + description: + type: string + description: The description of the Identity Profile. + example: My custom flat file profile + nullable: true + owner: + type: object + description: The owner of the Identity Profile. + nullable: true + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + priority: + type: integer + format: int64 + description: The priority for an Identity Profile. + example: 10 + authoritativeSource: + type: object + properties: + type: + type: string + enum: + - SOURCE + description: Type of the object to which this reference applies + example: SOURCE + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: HR Active Directory + identityRefreshRequired: + type: boolean + default: false + description: True if a identity refresh is needed. Typically triggered when a change on the source has been made. + example: true + identityCount: + type: integer + description: The number of identities that belong to the Identity Profile. + format: int32 + example: 8 + identityAttributeConfig: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + identityExceptionReportReference: + type: object + nullable: true + properties: + taskResultId: + type: string + format: uuid + description: The id of the task result. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + reportName: + type: string + example: My annual report + description: The name of the report. + hasTimeBasedAttr: + description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. + type: boolean + default: false + example: true + responses: + '201': + description: The created Identity Profile + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - authoritativeSource + properties: + description: + type: string + description: The description of the Identity Profile. + example: My custom flat file profile + nullable: true + owner: + type: object + description: The owner of the Identity Profile. + nullable: true + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + priority: + type: integer + format: int64 + description: The priority for an Identity Profile. + example: 10 + authoritativeSource: + type: object + properties: + type: + type: string + enum: + - SOURCE + description: Type of the object to which this reference applies + example: SOURCE + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: HR Active Directory + identityRefreshRequired: + type: boolean + default: false + description: True if a identity refresh is needed. Typically triggered when a change on the source has been made. + example: true + identityCount: + type: integer + description: The number of identities that belong to the Identity Profile. + format: int32 + example: 8 + identityAttributeConfig: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + identityExceptionReportReference: + type: object + nullable: true + properties: + taskResultId: + type: string + format: uuid + description: The id of the task result. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + reportName: + type: string + example: My annual report + description: The name of the report. + hasTimeBasedAttr: + description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. + type: boolean + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:manage' + /identity-profiles/bulk-delete: + post: + operationId: deleteIdentityProfiles + tags: + - Identity Profiles + summary: Delete Identity Profiles + description: |- + This deletes multiple Identity Profiles via a list of supplied IDs. + + On success, this endpoint will return a reference to the bulk delete task result. + + A token with ORG_ADMIN authority is required to call this API. + + The following rights are required to access this endpoint: idn:identity-profile:delete + requestBody: + description: Identity Profile bulk delete request body. + required: true + content: + application/json: + schema: + description: List of Identity Profile IDs to delete. + type: array + items: + type: string + example: + - 2c9180867b2a34e0017b3078d60b0699 + - 2c9180867b2a34e0017b3078d60b0698 + responses: + '202': + description: Accepted - Returns a TaskResult object referencing the bulk delete job created. + content: + application/json: + schema: + description: An object with a TaskResult reference of the bulk delete job + type: object + properties: + id: + type: string + description: Task identifier + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: Task name + example: Background Object Terminator c8f030f2-b1a6-4e33-99e8-6935bc18735d + description: + type: string + description: Task description + example: 'Generic task for terminating data in the overlay, used by the TerminationService.' + launcher: + type: string + description: User or process who launched the task + example: support + completed: + type: string + format: date-time + description: Date time of completion + example: 'Mon Aug 21 14:57:39 CDT 2023' + launched: + type: string + format: date-time + description: Date time when the task was launched + example: 'Mon Aug 21 14:55:39 CDT 2023' + completionStatus: + type: string + enum: + - Success + - Warning + - Error + - Terminated + - TempError + description: Task result status + example: Success + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:delete' + /identity-profiles/export: + get: + operationId: exportIdentityProfiles + tags: + - Identity Profiles + summary: Export Identity Profiles + description: This exports existing identity profiles in the format specified by the sp-config service. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + required: false + schema: + type: string + example: id eq "ef38f94347e94562b5bb8424a56397d8" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, ne* + + **name**: *eq, ne* + + **priority**: *eq, ne* + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'id,name' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, name, priority** + responses: + '200': + description: List of export objects with identity profiles. + content: + application/json: + schema: + type: array + items: + type: object + description: Identity profile exported object. + properties: + version: + type: integer + example: 1 + description: Version or object from the target service. + format: int32 + self: + type: object + description: Self block for exported object. + properties: + type: + type: string + description: Exported object's DTO type. + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + example: SOURCE + id: + type: string + description: Exported object's ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Exported object's display name. + example: HR Active Directory + object: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - authoritativeSource + properties: + description: + type: string + description: The description of the Identity Profile. + example: My custom flat file profile + nullable: true + owner: + type: object + description: The owner of the Identity Profile. + nullable: true + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + priority: + type: integer + format: int64 + description: The priority for an Identity Profile. + example: 10 + authoritativeSource: + type: object + properties: + type: + type: string + enum: + - SOURCE + description: Type of the object to which this reference applies + example: SOURCE + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: HR Active Directory + identityRefreshRequired: + type: boolean + default: false + description: True if a identity refresh is needed. Typically triggered when a change on the source has been made. + example: true + identityCount: + type: integer + description: The number of identities that belong to the Identity Profile. + format: int32 + example: 8 + identityAttributeConfig: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + identityExceptionReportReference: + type: object + nullable: true + properties: + taskResultId: + type: string + format: uuid + description: The id of the task result. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + reportName: + type: string + example: My annual report + description: The name of the report. + hasTimeBasedAttr: + description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. + type: boolean + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:read' + /identity-profiles/import: + post: + operationId: importIdentityProfiles + summary: Import Identity Profiles + description: This imports previously exported identity profiles. + tags: + - Identity Profiles + requestBody: + description: Previously exported Identity Profiles. + required: true + content: + application/json: + schema: + type: array + items: + type: object + description: Identity profile exported object. + properties: + version: + type: integer + example: 1 + description: Version or object from the target service. + format: int32 + self: + type: object + description: Self block for exported object. + properties: + type: + type: string + description: Exported object's DTO type. + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + example: SOURCE + id: + type: string + description: Exported object's ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Exported object's display name. + example: HR Active Directory + object: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - authoritativeSource + properties: + description: + type: string + description: The description of the Identity Profile. + example: My custom flat file profile + nullable: true + owner: + type: object + description: The owner of the Identity Profile. + nullable: true + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + priority: + type: integer + format: int64 + description: The priority for an Identity Profile. + example: 10 + authoritativeSource: + type: object + properties: + type: + type: string + enum: + - SOURCE + description: Type of the object to which this reference applies + example: SOURCE + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: HR Active Directory + identityRefreshRequired: + type: boolean + default: false + description: True if a identity refresh is needed. Typically triggered when a change on the source has been made. + example: true + identityCount: + type: integer + description: The number of identities that belong to the Identity Profile. + format: int32 + example: 8 + identityAttributeConfig: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + identityExceptionReportReference: + type: object + nullable: true + properties: + taskResultId: + type: string + format: uuid + description: The id of the task result. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + reportName: + type: string + example: My annual report + description: The name of the report. + hasTimeBasedAttr: + description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. + type: boolean + default: false + example: true + responses: + '200': + description: The result of importing Identity Profiles. + content: + application/json: + schema: + type: object + title: Import Object Response Body + description: Response model for import of a single object. + properties: + infos: + description: Informational messages returned from the target service on import. + type: array + items: + type: object + title: Config Import/Export Message + description: Message model for Config Import/Export. + properties: + key: + type: string + description: Message key. + example: UNKNOWN_REFERENCE_RESOLVER + text: + type: string + description: Message text. + example: 'Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]' + details: + type: object + description: 'Message details if any, in key:value pairs.' + additionalProperties: true + example: + details: message details + required: + - key + - text + - details + warnings: + description: Warning messages returned from the target service on import. + type: array + items: + type: object + title: Config Import/Export Message + description: Message model for Config Import/Export. + properties: + key: + type: string + description: Message key. + example: UNKNOWN_REFERENCE_RESOLVER + text: + type: string + description: Message text. + example: 'Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]' + details: + type: object + description: 'Message details if any, in key:value pairs.' + additionalProperties: true + example: + details: message details + required: + - key + - text + - details + errors: + description: Error messages returned from the target service on import. + type: array + items: + type: object + title: Config Import/Export Message + description: Message model for Config Import/Export. + properties: + key: + type: string + description: Message key. + example: UNKNOWN_REFERENCE_RESOLVER + text: + type: string + description: Message text. + example: 'Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]' + details: + type: object + description: 'Message details if any, in key:value pairs.' + additionalProperties: true + example: + details: message details + required: + - key + - text + - details + importedObjects: + description: References to objects that were created or updated by the import. + type: array + items: + type: object + description: Object created or updated by import. + properties: + type: + type: string + description: DTO type of object created or updated by import. + enum: + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - RULE + - SOURCE + - TRANSFORM + - TRIGGER_SUBSCRIPTION + example: SOURCE + id: + type: string + description: ID of object created or updated by import. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Display name of object created or updated by import. + example: HR Active Directory + required: + - infos + - warnings + - errors + - importedObjects + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:manage' + '/identity-profiles/{identity-profile-id}': + get: + operationId: getIdentityProfile + tags: + - Identity Profiles + summary: Get single Identity Profile + description: |- + This returns a single Identity Profile based on ID. + + A token with ORG_ADMIN or API authority is required to call this API. + parameters: + - in: path + name: identity-profile-id + schema: + type: string + format: uuid + required: true + description: The Identity Profile ID. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + responses: + '200': + description: An Identity Profile object. + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - authoritativeSource + properties: + description: + type: string + description: The description of the Identity Profile. + example: My custom flat file profile + nullable: true + owner: + type: object + description: The owner of the Identity Profile. + nullable: true + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + priority: + type: integer + format: int64 + description: The priority for an Identity Profile. + example: 10 + authoritativeSource: + type: object + properties: + type: + type: string + enum: + - SOURCE + description: Type of the object to which this reference applies + example: SOURCE + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: HR Active Directory + identityRefreshRequired: + type: boolean + default: false + description: True if a identity refresh is needed. Typically triggered when a change on the source has been made. + example: true + identityCount: + type: integer + description: The number of identities that belong to the Identity Profile. + format: int32 + example: 8 + identityAttributeConfig: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + identityExceptionReportReference: + type: object + nullable: true + properties: + taskResultId: + type: string + format: uuid + description: The id of the task result. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + reportName: + type: string + example: My annual report + description: The name of the report. + hasTimeBasedAttr: + description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. + type: boolean + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:read' + delete: + operationId: deleteIdentityProfile + tags: + - Identity Profiles + summary: Delete an Identity Profile + description: |- + This deletes an Identity Profile based on ID. + + On success, this endpoint will return a reference to the bulk delete task result. + + A token with ORG_ADMIN authority is required to call this API. + + The following rights are required to access this endpoint: idn:identity-profile:delete + parameters: + - in: path + name: identity-profile-id + schema: + type: string + format: uuid + required: true + description: The Identity Profile ID. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '202': + description: Accepted - Returns a TaskResult object referencing the bulk delete job created. + content: + application/json: + schema: + description: An object with a TaskResult reference of the delete job. + type: object + properties: + id: + type: string + description: Task identifier + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: Task name + example: Background Object Terminator c8f030f2-b1a6-4e33-99e8-6935bc18735d + description: + type: string + description: Task description + example: 'Generic task for terminating data in the overlay, used by the TerminationService.' + launcher: + type: string + description: User or process who launched the task + example: support + completed: + type: string + format: date-time + description: Date time of completion + example: 'Mon Aug 21 14:57:39 CDT 2023' + launched: + type: string + format: date-time + description: Date time when the task was launched + example: 'Mon Aug 21 14:55:39 CDT 2023' + completionStatus: + type: string + enum: + - Success + - Warning + - Error + - Terminated + - TempError + description: Task result status + example: Success + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:delete' + patch: + operationId: updateIdentityProfile + tags: + - Identity Profiles + summary: Update the Identity Profile + description: |- + This updates the specified Identity Profile. + + A token with ORG_ADMIN authority is required to call this API to update the Identity Profile. + + Some fields of the Schema cannot be updated. These fields are listed below: + * id + * name + * created + * modified + * identityCount + * identityRefreshRequired + * Authoritative Source and Identity Attribute Configuration cannot be modified at once. + parameters: + - in: path + name: identity-profile-id + schema: + type: string + format: uuid + required: true + description: The Identity Profile ID + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + description: 'A list of Identity Profile update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.' + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + examples: + add-attribute-transform: + summary: Add an attribute transform + value: + - op: add + path: /identityAttributeConfig/attributeTransforms/0 + value: + identityAttributeName: location + transformDefinition: + type: accountAttribute + attributes: + sourceName: Employees + attributeName: location + sourceId: 2c91808878b7d63b0178c66ffcdc4ce4 + responses: + '200': + description: The updated Identity Profile. + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - authoritativeSource + properties: + description: + type: string + description: The description of the Identity Profile. + example: My custom flat file profile + nullable: true + owner: + type: object + description: The owner of the Identity Profile. + nullable: true + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + priority: + type: integer + format: int64 + description: The priority for an Identity Profile. + example: 10 + authoritativeSource: + type: object + properties: + type: + type: string + enum: + - SOURCE + description: Type of the object to which this reference applies + example: SOURCE + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: HR Active Directory + identityRefreshRequired: + type: boolean + default: false + description: True if a identity refresh is needed. Typically triggered when a change on the source has been made. + example: true + identityCount: + type: integer + description: The number of identities that belong to the Identity Profile. + format: int32 + example: 8 + identityAttributeConfig: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + identityExceptionReportReference: + type: object + nullable: true + properties: + taskResultId: + type: string + format: uuid + description: The id of the task result. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + reportName: + type: string + example: My annual report + description: The name of the report. + hasTimeBasedAttr: + description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. + type: boolean + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:manage' + '/identity-profiles/{identity-profile-id}/default-identity-attribute-config': + get: + operationId: getDefaultIdentityAttributeConfig + tags: + - Identity Profiles + summary: Get default Identity Attribute Config + description: |- + This returns the default identity attribute config. + A token with ORG_ADMIN authority is required to call this API to get the default identity attribute config. + parameters: + - in: path + name: identity-profile-id + schema: + type: string + format: uuid + required: true + description: The Identity Profile ID. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + responses: + '200': + description: An Identity Attribute Config object. + content: + application/json: + schema: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:manage' + '/identity-profiles/{identity-profile-id}/process-identities': + post: + operationId: syncIdentityProfile + tags: + - Identity Profiles + summary: Process identities under profile + description: |- + Process identities under the profile + This operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing) and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing) that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized. + This should only be run on identity profiles that have the `identityRefreshRequired` attribute set to `true`. If `identityRefreshRequired` is false, then there is no benefit to running this operation. Typically, this operation is performed when a change is made to the identity profile or its related lifecycle states that requires a refresh. + This operation will perform the following activities on all identities under the identity profile. + 1. Updates identity attribute according to the identity profile mappings. 2. Determines the identity's correct manager through manager correlation. 3. Updates the identity's access according to their assigned lifecycle state. 4. Updates the identity's access based on role assignment criteria. + A token with ORG_ADMIN authority is required to call this API. + externalDocs: + description: Learn more about manually processing identities here + url: 'https://documentation.sailpoint.com/saas/help/setup/identity_processing.html' + parameters: + - in: path + name: identity-profile-id + schema: + type: string + format: uuid + required: true + description: The Identity Profile ID to be processed + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '202': + description: Accepted status after refresh has launched + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:refresh' + /managed-clients: + get: + tags: + - Managed Clients + summary: Get Managed Clients + description: Get a list of Managed Clients. + operationId: getManagedClients + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq* + + **name**: *eq* + + **clientId**: *eq* + + **clusterId**: *eq* + example: name eq "client name" + responses: + '200': + description: Responds with a list of ManagedClient based on the query params provided + content: + application/json: + schema: + type: array + items: + description: Managed Client + type: object + required: + - clientId + - clusterId + - description + - type + properties: + id: + description: ManagedClient ID + readOnly: true + nullable: true + type: string + example: 2c9180878eaf4204018eb019c3570003 + alertKey: + description: ManagedClient alert key + readOnly: true + nullable: true + type: string + example: CLIENT_STATUS_NOT_CONFIGURED + apiGatewayBaseUrl: + nullable: true + type: string + cookbook: + nullable: true + type: string + ccId: + description: Previous CC ID to be used in data migration. (This field will be deleted after CC migration!) + nullable: true + type: integer + format: int64 + example: 2248 + clientId: + description: The client ID used in API management + type: string + example: 00be54a2-bb6d-402f-9159-beb2d5319347 + clusterId: + description: Cluster ID that the ManagedClient is linked to + type: string + example: e1ff7bb24c934240bbf55e1aa39e41c5 + description: + description: ManagedClient description + type: string + default: '' + example: A short description of the ManagedClient + ipAddress: + description: The public IP address of the ManagedClient + readOnly: true + nullable: true + type: string + example: 123.456.78.90 + lastSeen: + description: When the ManagedClient was last seen by the server + readOnly: true + nullable: true + type: string + format: date-time + example: '2020-01-01T00:00:00.000000Z' + name: + description: ManagedClient name + nullable: true + type: string + default: VA-$clientId + example: aName + sinceLastSeen: + description: Milliseconds since the ManagedClient has polled the server + readOnly: true + nullable: true + type: string + example: 15000 + status: + description: Status of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - NORMAL + - UNDEFINED + - NOT_CONFIGURED + - CONFIGURING + - WARNING + - ERROR + - FAILED + - null + example: NORMAL + type: + description: 'Type of the ManagedClient (VA, CCG)' + type: string + example: VA + clusterType: + description: Cluster Type of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - null + - idn + - iai + - spConnectCluster + - sqsCluster + - das-rc + - das-pc + - das-dc + example: idn + vaDownloadUrl: + description: ManagedClient VA download URL + readOnly: true + nullable: true + type: string + example: aUrl + vaVersion: + description: Version that the ManagedClient's VA is running + readOnly: true + nullable: true + type: string + example: va-megapod-useast1-610-1621372012 + secret: + description: Client's apiKey + nullable: true + type: string + example: ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381 + createdAt: + description: The date/time this ManagedClient was created + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + updatedAt: + description: The date/time this ManagedClient was last updated + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + provisionStatus: + description: The provisioning status of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - null + - PROVISIONED + - DRAFT + example: PROVISIONED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:read' + - 'idn:remote-client:manage' + post: + tags: + - Managed Clients + summary: Create a new Managed Client + description: |- + Create a new Managed Client. + The API returns a result that includes the Managed Client ID. + operationId: createManagedClient + requestBody: + required: true + content: + application/json: + schema: + description: Managed Client Request + type: object + required: + - clusterId + properties: + clusterId: + description: Cluster ID that the ManagedClient is linked to + type: string + example: aClusterId + description: + description: description for the ManagedClient to create + type: string + nullable: true + example: A short description of the ManagedClient + name: + description: name for the ManagedClient to create + type: string + nullable: true + example: aName + type: + description: 'Type of the ManagedClient (VA, CCG) to create' + type: string + nullable: true + example: VA + responses: + '200': + description: The created ManagedClient + content: + application/json: + schema: + description: Managed Client + type: object + required: + - clientId + - clusterId + - description + - type + properties: + id: + description: ManagedClient ID + readOnly: true + nullable: true + type: string + example: 2c9180878eaf4204018eb019c3570003 + alertKey: + description: ManagedClient alert key + readOnly: true + nullable: true + type: string + example: CLIENT_STATUS_NOT_CONFIGURED + apiGatewayBaseUrl: + nullable: true + type: string + cookbook: + nullable: true + type: string + ccId: + description: Previous CC ID to be used in data migration. (This field will be deleted after CC migration!) + nullable: true + type: integer + format: int64 + example: 2248 + clientId: + description: The client ID used in API management + type: string + example: 00be54a2-bb6d-402f-9159-beb2d5319347 + clusterId: + description: Cluster ID that the ManagedClient is linked to + type: string + example: e1ff7bb24c934240bbf55e1aa39e41c5 + description: + description: ManagedClient description + type: string + default: '' + example: A short description of the ManagedClient + ipAddress: + description: The public IP address of the ManagedClient + readOnly: true + nullable: true + type: string + example: 123.456.78.90 + lastSeen: + description: When the ManagedClient was last seen by the server + readOnly: true + nullable: true + type: string + format: date-time + example: '2020-01-01T00:00:00.000000Z' + name: + description: ManagedClient name + nullable: true + type: string + default: VA-$clientId + example: aName + sinceLastSeen: + description: Milliseconds since the ManagedClient has polled the server + readOnly: true + nullable: true + type: string + example: 15000 + status: + description: Status of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - NORMAL + - UNDEFINED + - NOT_CONFIGURED + - CONFIGURING + - WARNING + - ERROR + - FAILED + - null + example: NORMAL + type: + description: 'Type of the ManagedClient (VA, CCG)' + type: string + example: VA + clusterType: + description: Cluster Type of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - null + - idn + - iai + - spConnectCluster + - sqsCluster + - das-rc + - das-pc + - das-dc + example: idn + vaDownloadUrl: + description: ManagedClient VA download URL + readOnly: true + nullable: true + type: string + example: aUrl + vaVersion: + description: Version that the ManagedClient's VA is running + readOnly: true + nullable: true + type: string + example: va-megapod-useast1-610-1621372012 + secret: + description: Client's apiKey + nullable: true + type: string + example: ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381 + createdAt: + description: The date/time this ManagedClient was created + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + updatedAt: + description: The date/time this ManagedClient was last updated + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + provisionStatus: + description: The provisioning status of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - null + - PROVISIONED + - DRAFT + example: PROVISIONED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:manage' + '/managed-clients/{id}': + get: + tags: + - Managed Clients + summary: Get a Managed Client + description: Get a Managed Client. + operationId: getManagedClient + parameters: + - name: id + in: path + description: Managed Client ID. + required: true + example: 4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7 + schema: + type: string + responses: + '200': + description: Responds with a Managed Client + content: + application/json: + schema: + description: Managed Client + type: object + required: + - clientId + - clusterId + - description + - type + properties: + id: + description: ManagedClient ID + readOnly: true + nullable: true + type: string + example: 2c9180878eaf4204018eb019c3570003 + alertKey: + description: ManagedClient alert key + readOnly: true + nullable: true + type: string + example: CLIENT_STATUS_NOT_CONFIGURED + apiGatewayBaseUrl: + nullable: true + type: string + cookbook: + nullable: true + type: string + ccId: + description: Previous CC ID to be used in data migration. (This field will be deleted after CC migration!) + nullable: true + type: integer + format: int64 + example: 2248 + clientId: + description: The client ID used in API management + type: string + example: 00be54a2-bb6d-402f-9159-beb2d5319347 + clusterId: + description: Cluster ID that the ManagedClient is linked to + type: string + example: e1ff7bb24c934240bbf55e1aa39e41c5 + description: + description: ManagedClient description + type: string + default: '' + example: A short description of the ManagedClient + ipAddress: + description: The public IP address of the ManagedClient + readOnly: true + nullable: true + type: string + example: 123.456.78.90 + lastSeen: + description: When the ManagedClient was last seen by the server + readOnly: true + nullable: true + type: string + format: date-time + example: '2020-01-01T00:00:00.000000Z' + name: + description: ManagedClient name + nullable: true + type: string + default: VA-$clientId + example: aName + sinceLastSeen: + description: Milliseconds since the ManagedClient has polled the server + readOnly: true + nullable: true + type: string + example: 15000 + status: + description: Status of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - NORMAL + - UNDEFINED + - NOT_CONFIGURED + - CONFIGURING + - WARNING + - ERROR + - FAILED + - null + example: NORMAL + type: + description: 'Type of the ManagedClient (VA, CCG)' + type: string + example: VA + clusterType: + description: Cluster Type of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - null + - idn + - iai + - spConnectCluster + - sqsCluster + - das-rc + - das-pc + - das-dc + example: idn + vaDownloadUrl: + description: ManagedClient VA download URL + readOnly: true + nullable: true + type: string + example: aUrl + vaVersion: + description: Version that the ManagedClient's VA is running + readOnly: true + nullable: true + type: string + example: va-megapod-useast1-610-1621372012 + secret: + description: Client's apiKey + nullable: true + type: string + example: ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381 + createdAt: + description: The date/time this ManagedClient was created + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + updatedAt: + description: The date/time this ManagedClient was last updated + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + provisionStatus: + description: The provisioning status of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - null + - PROVISIONED + - DRAFT + example: PROVISIONED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:read' + - 'idn:remote-client:manage' + - 'idn:managed-client-status:read' + - 'idn:managed-client-status:manage' + patch: + tags: + - Managed Clients + summary: Update a Managed Client + description: Update an existing Managed Client. + operationId: updateManagedClient + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Managed Client ID. + example: 4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7 + requestBody: + required: true + description: The JSONPatch payload used to update the object. + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + responses: + '200': + description: The updated Managed Client + content: + application/json: + schema: + description: Managed Client + type: object + required: + - clientId + - clusterId + - description + - type + properties: + id: + description: ManagedClient ID + readOnly: true + nullable: true + type: string + example: 2c9180878eaf4204018eb019c3570003 + alertKey: + description: ManagedClient alert key + readOnly: true + nullable: true + type: string + example: CLIENT_STATUS_NOT_CONFIGURED + apiGatewayBaseUrl: + nullable: true + type: string + cookbook: + nullable: true + type: string + ccId: + description: Previous CC ID to be used in data migration. (This field will be deleted after CC migration!) + nullable: true + type: integer + format: int64 + example: 2248 + clientId: + description: The client ID used in API management + type: string + example: 00be54a2-bb6d-402f-9159-beb2d5319347 + clusterId: + description: Cluster ID that the ManagedClient is linked to + type: string + example: e1ff7bb24c934240bbf55e1aa39e41c5 + description: + description: ManagedClient description + type: string + default: '' + example: A short description of the ManagedClient + ipAddress: + description: The public IP address of the ManagedClient + readOnly: true + nullable: true + type: string + example: 123.456.78.90 + lastSeen: + description: When the ManagedClient was last seen by the server + readOnly: true + nullable: true + type: string + format: date-time + example: '2020-01-01T00:00:00.000000Z' + name: + description: ManagedClient name + nullable: true + type: string + default: VA-$clientId + example: aName + sinceLastSeen: + description: Milliseconds since the ManagedClient has polled the server + readOnly: true + nullable: true + type: string + example: 15000 + status: + description: Status of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - NORMAL + - UNDEFINED + - NOT_CONFIGURED + - CONFIGURING + - WARNING + - ERROR + - FAILED + - null + example: NORMAL + type: + description: 'Type of the ManagedClient (VA, CCG)' + type: string + example: VA + clusterType: + description: Cluster Type of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - null + - idn + - iai + - spConnectCluster + - sqsCluster + - das-rc + - das-pc + - das-dc + example: idn + vaDownloadUrl: + description: ManagedClient VA download URL + readOnly: true + nullable: true + type: string + example: aUrl + vaVersion: + description: Version that the ManagedClient's VA is running + readOnly: true + nullable: true + type: string + example: va-megapod-useast1-610-1621372012 + secret: + description: Client's apiKey + nullable: true + type: string + example: ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381 + createdAt: + description: The date/time this ManagedClient was created + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + updatedAt: + description: The date/time this ManagedClient was last updated + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + provisionStatus: + description: The provisioning status of the ManagedClient + readOnly: true + nullable: true + type: string + enum: + - null + - PROVISIONED + - DRAFT + example: PROVISIONED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:manage' + delete: + operationId: deleteManagedClient + tags: + - Managed Clients + summary: Delete a Managed Client + description: Delete an existing Managed Client. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Managed Client ID. + example: 4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7 + responses: + '204': + description: The Managed Client was successfully deleted. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:manage' + '/managed-clients/{id}/status': + get: + tags: + - Managed Clients + summary: Get Managed Client Status. + description: Retrieve the Status of a Managed Client by ID. + operationId: getManagedClientStatus + parameters: + - name: id + in: path + description: ID of the Managed Client to get Status of + required: true + schema: + type: string + example: aClientId + - name: type + in: query + description: Type of the Managed Client to get Status of + required: true + schema: + example: VA + description: Managed Client type + type: string + nullable: true + enum: + - CCG + - VA + - INTERNAL + - IIQ_HARVESTER + - null + responses: + '200': + description: Responds with the Status of the Managed Client with the given ID and Type. + content: + application/json: + schema: + description: Managed Client Status + type: object + required: + - body + - status + - type + - timestamp + properties: + body: + description: ManagedClientStatus body information + type: object + example: + alertKey: '' + id: '5678' + clusterId: '1234' + ccg_etag: ccg_etag123xyz456 + ccg_pin: NONE + cookbook_etag: 20210420125956-20210511144538 + hostname: megapod-useast1-secret-hostname.sailpoint.com + internal_ip: 127.0.0.1 + lastSeen: '1620843964604' + sinceSeen: '14708' + sinceSeenMillis: '14708' + localDev: false + stacktrace: '' + state: null + status: NORMAL + uuid: null + product: idn + va_version: null + platform_version: '2' + os_version: 2345.3.1 + os_type: flatcar + hypervisor: unknown + status: + description: status of the Managed Client + example: NORMAL + type: string + enum: + - NORMAL + - UNDEFINED + - NOT_CONFIGURED + - CONFIGURING + - WARNING + - ERROR + - FAILED + type: + description: type of the Managed Client + example: CCG + type: string + nullable: true + enum: + - CCG + - VA + - INTERNAL + - IIQ_HARVESTER + - null + timestamp: + description: timestamp on the Client Status update + type: string + format: date-time + example: '2020-01-01T00:00:00.000000Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:managed-client-status:read' + /managed-clusters: + get: + tags: + - Managed Clusters + summary: Retrieve all Managed Clusters. + description: 'Retrieve all Managed Clusters for the current Org, based on request context.' + operationId: getManagedClusters + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **operational**: *eq* + example: operational eq "operation" + responses: + '200': + description: Responds with a list of ManagedCluster. + content: + application/json: + schema: + type: array + items: + description: Managed Cluster + type: object + required: + - id + - clientType + - ccgVersion + properties: + id: + description: ManagedCluster ID + type: string + example: e1ff7bb24c934240bbf55e1aa39e41c5 + name: + description: ManagedCluster name + type: string + example: Managed Cluster Name + pod: + description: ManagedCluster pod + type: string + example: megapod-useast1 + org: + description: ManagedCluster org + type: string + example: denali + type: + description: The Type of Cluster + example: idn + nullable: false + default: idn + type: string + enum: + - idn + - iai + configuration: + description: ManagedProcess configuration map + type: object + additionalProperties: + type: string + example: + clusterExternalId: e1ff7bb24c934240bbf55e1aa39e41c5 + clusterType: sqsCluster + gmtOffset: '-5' + keyPair: + description: key pair for the ManagedCluster + type: object + properties: + publicKey: + nullable: true + description: ManagedCluster publicKey + type: string + example: '-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----' + publicKeyThumbprint: + nullable: true + description: ManagedCluster publicKeyThumbprint + type: string + example: 6CMlaJIV44-xJxcB3CJBjDUUn54 + publicKeyCertificate: + nullable: true + description: ManagedCluster publicKeyCertificate + type: string + example: '-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----' + attributes: + description: Specific Attributes for Configuring a ManagedCluster by Type + type: object + properties: + queue: + description: ManagedCluster keystore for sqsCluster type + type: object + properties: + name: + description: ManagedCluster queue name + type: string + example: megapod-useast1-denali-lwt-cluster-1533 + region: + description: ManagedCluster queue aws region + type: string + example: us-east-1 + keystore: + nullable: true + description: ManagedCluster keystore for spConnectCluster type + type: string + example: /u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW + description: + description: ManagedCluster description + type: string + default: q + example: A short description of the managed cluster. + redis: + description: Redis configuration for the ManagedCluster + type: object + properties: + redisHost: + description: ManagedCluster redisHost + type: string + example: megapod-useast1-shared-redis.cloud.sailpoint.com + redisPort: + description: ManagedCluster redisPort + type: integer + format: int32 + example: 6379 + clientType: + description: type of client for the ManagedCluster + type: string + example: CCG + nullable: true + enum: + - CCG + - VA + - INTERNAL + - IIQ_HARVESTER + - null + ccgVersion: + description: CCG version used by the ManagedCluster + type: string + example: v01 + pinnedConfig: + description: boolean flag indiacting whether or not the cluster configuration is pinned + type: boolean + default: false + example: false + logConfiguration: + description: client log configuration for the cluster + example: '{ "rootLevel": "WARN", "logLevels": { "foobar": "WARN" } }' + nullable: true + type: object + required: + - durationMinutes + - rootLevel + properties: + clientId: + description: Log configuration's client ID + type: string + example: aClientId + durationMinutes: + description: Duration in minutes for log configuration to remain in effect before resetting to defaults + type: integer + format: int32 + example: 120 + minimum: 5 + maximum: 1440 + expiration: + description: Expiration date-time of the log configuration request + example: '2020-12-15T19:13:36.079Z' + type: string + format: date-time + rootLevel: + description: 'Root log level to apply, the default level for all logs. For more information about logging levels, refer to the "Logging Levels" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).' + default: INFO + example: TRACE + type: string + enum: + - 'OFF' + - FATAL + - ERROR + - WARN + - INFO + - DEBUG + - TRACE + logLevels: + description: 'Map of log level by key. The keys are logging classes, and the values are logging levels. To see the available connectors and their logging classes, refer to the "Logging Classes" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).' + example: + sailpoint.connector.ADLDAPConnector: TRACE + type: object + additionalProperties: + default: INFO + example: TRACE + description: Standard Log4j log level + type: string + enum: + - 'OFF' + - FATAL + - ERROR + - WARN + - INFO + - DEBUG + - TRACE + operational: + description: Whether or not the cluster is operational or not + type: boolean + default: false + example: false + status: + description: Cluster status + type: string + example: NORMAL + publicKeyCertificate: + nullable: true + description: Public key certificate + type: string + example: '-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----' + publicKeyThumbprint: + nullable: true + description: Public key thumbprint + type: string + example: obc6pLiulGbtZ + publicKey: + nullable: true + description: Public key + type: string + example: '-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----' + alertKey: + description: Key describing any immediate cluster alerts + type: string + example: LIMITED_RESOURCES + clientIds: + type: array + description: List of clients in a cluster + items: + type: string + example: + - '1244' + - '1245' + serviceCount: + description: Number of services bound to a cluster + type: integer + format: int32 + default: 0 + example: 6 + ccId: + description: 'CC ID only used in calling CC, will be removed without notice when Migration to CEGS is finished' + type: string + default: '0' + example: '1533' + createdAt: + description: The date/time this cluster was created + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + updatedAt: + description: The date/time this cluster was last updated + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:read' + - 'idn:remote-client:manage' + post: + tags: + - Managed Clusters + summary: Create a new Managed Cluster + description: |- + Create a new Managed Cluster. + The API returns a result that includes the Managed Cluster ID. + operationId: createManagedCluster + requestBody: + required: true + content: + application/json: + schema: + description: Request to create Managed Cluster + type: object + required: + - name + properties: + name: + description: ManagedCluster name + type: string + nullable: false + example: Managed Cluster Name + type: + description: The Type of Cluster + example: idn + type: string + enum: + - idn + - iai + configuration: + description: ManagedProcess configuration map + type: object + additionalProperties: + type: string + example: + clusterExternalId: externalId + ccgVersion: 77.0.0 + description: + description: ManagedCluster description + type: string + nullable: true + example: A short description of the managed cluster. + responses: + '200': + description: The created ManagedClient + content: + application/json: + schema: + description: Managed Cluster + type: object + required: + - id + - clientType + - ccgVersion + properties: + id: + description: ManagedCluster ID + type: string + example: e1ff7bb24c934240bbf55e1aa39e41c5 + name: + description: ManagedCluster name + type: string + example: Managed Cluster Name + pod: + description: ManagedCluster pod + type: string + example: megapod-useast1 + org: + description: ManagedCluster org + type: string + example: denali + type: + description: The Type of Cluster + example: idn + nullable: false + default: idn + type: string + enum: + - idn + - iai + configuration: + description: ManagedProcess configuration map + type: object + additionalProperties: + type: string + example: + clusterExternalId: e1ff7bb24c934240bbf55e1aa39e41c5 + clusterType: sqsCluster + gmtOffset: '-5' + keyPair: + description: key pair for the ManagedCluster + type: object + properties: + publicKey: + nullable: true + description: ManagedCluster publicKey + type: string + example: '-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----' + publicKeyThumbprint: + nullable: true + description: ManagedCluster publicKeyThumbprint + type: string + example: 6CMlaJIV44-xJxcB3CJBjDUUn54 + publicKeyCertificate: + nullable: true + description: ManagedCluster publicKeyCertificate + type: string + example: '-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----' + attributes: + description: Specific Attributes for Configuring a ManagedCluster by Type + type: object + properties: + queue: + description: ManagedCluster keystore for sqsCluster type + type: object + properties: + name: + description: ManagedCluster queue name + type: string + example: megapod-useast1-denali-lwt-cluster-1533 + region: + description: ManagedCluster queue aws region + type: string + example: us-east-1 + keystore: + nullable: true + description: ManagedCluster keystore for spConnectCluster type + type: string + example: /u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW + description: + description: ManagedCluster description + type: string + default: q + example: A short description of the managed cluster. + redis: + description: Redis configuration for the ManagedCluster + type: object + properties: + redisHost: + description: ManagedCluster redisHost + type: string + example: megapod-useast1-shared-redis.cloud.sailpoint.com + redisPort: + description: ManagedCluster redisPort + type: integer + format: int32 + example: 6379 + clientType: + description: type of client for the ManagedCluster + type: string + example: CCG + nullable: true + enum: + - CCG + - VA + - INTERNAL + - IIQ_HARVESTER + - null + ccgVersion: + description: CCG version used by the ManagedCluster + type: string + example: v01 + pinnedConfig: + description: boolean flag indiacting whether or not the cluster configuration is pinned + type: boolean + default: false + example: false + logConfiguration: + description: client log configuration for the cluster + example: '{ "rootLevel": "WARN", "logLevels": { "foobar": "WARN" } }' + nullable: true + type: object + required: + - durationMinutes + - rootLevel + properties: + clientId: + description: Log configuration's client ID + type: string + example: aClientId + durationMinutes: + description: Duration in minutes for log configuration to remain in effect before resetting to defaults + type: integer + format: int32 + example: 120 + minimum: 5 + maximum: 1440 + expiration: + description: Expiration date-time of the log configuration request + example: '2020-12-15T19:13:36.079Z' + type: string + format: date-time + rootLevel: + description: 'Root log level to apply, the default level for all logs. For more information about logging levels, refer to the "Logging Levels" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).' + default: INFO + example: TRACE + type: string + enum: + - 'OFF' + - FATAL + - ERROR + - WARN + - INFO + - DEBUG + - TRACE + logLevels: + description: 'Map of log level by key. The keys are logging classes, and the values are logging levels. To see the available connectors and their logging classes, refer to the "Logging Classes" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).' + example: + sailpoint.connector.ADLDAPConnector: TRACE + type: object + additionalProperties: + default: INFO + example: TRACE + description: Standard Log4j log level + type: string + enum: + - 'OFF' + - FATAL + - ERROR + - WARN + - INFO + - DEBUG + - TRACE + operational: + description: Whether or not the cluster is operational or not + type: boolean + default: false + example: false + status: + description: Cluster status + type: string + example: NORMAL + publicKeyCertificate: + nullable: true + description: Public key certificate + type: string + example: '-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----' + publicKeyThumbprint: + nullable: true + description: Public key thumbprint + type: string + example: obc6pLiulGbtZ + publicKey: + nullable: true + description: Public key + type: string + example: '-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----' + alertKey: + description: Key describing any immediate cluster alerts + type: string + example: LIMITED_RESOURCES + clientIds: + type: array + description: List of clients in a cluster + items: + type: string + example: + - '1244' + - '1245' + serviceCount: + description: Number of services bound to a cluster + type: integer + format: int32 + default: 0 + example: 6 + ccId: + description: 'CC ID only used in calling CC, will be removed without notice when Migration to CEGS is finished' + type: string + default: '0' + example: '1533' + createdAt: + description: The date/time this cluster was created + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + updatedAt: + description: The date/time this cluster was last updated + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:manage' + '/managed-clusters/{id}': + get: + tags: + - Managed Clusters + summary: Get a specified Managed Cluster. + description: Retrieve a ManagedCluster by ID. + operationId: getManagedCluster + parameters: + - name: id + in: path + description: ManagedCluster ID. + required: true + example: 2c9180897de347a2017de8859e8c5039 + style: simple + explode: false + schema: + type: string + responses: + '200': + description: Responds with ManagedCluster having the given ID. + content: + application/json: + schema: + description: Managed Cluster + type: object + required: + - id + - clientType + - ccgVersion + properties: + id: + description: ManagedCluster ID + type: string + example: e1ff7bb24c934240bbf55e1aa39e41c5 + name: + description: ManagedCluster name + type: string + example: Managed Cluster Name + pod: + description: ManagedCluster pod + type: string + example: megapod-useast1 + org: + description: ManagedCluster org + type: string + example: denali + type: + description: The Type of Cluster + example: idn + nullable: false + default: idn + type: string + enum: + - idn + - iai + configuration: + description: ManagedProcess configuration map + type: object + additionalProperties: + type: string + example: + clusterExternalId: e1ff7bb24c934240bbf55e1aa39e41c5 + clusterType: sqsCluster + gmtOffset: '-5' + keyPair: + description: key pair for the ManagedCluster + type: object + properties: + publicKey: + nullable: true + description: ManagedCluster publicKey + type: string + example: '-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----' + publicKeyThumbprint: + nullable: true + description: ManagedCluster publicKeyThumbprint + type: string + example: 6CMlaJIV44-xJxcB3CJBjDUUn54 + publicKeyCertificate: + nullable: true + description: ManagedCluster publicKeyCertificate + type: string + example: '-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----' + attributes: + description: Specific Attributes for Configuring a ManagedCluster by Type + type: object + properties: + queue: + description: ManagedCluster keystore for sqsCluster type + type: object + properties: + name: + description: ManagedCluster queue name + type: string + example: megapod-useast1-denali-lwt-cluster-1533 + region: + description: ManagedCluster queue aws region + type: string + example: us-east-1 + keystore: + nullable: true + description: ManagedCluster keystore for spConnectCluster type + type: string + example: /u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW + description: + description: ManagedCluster description + type: string + default: q + example: A short description of the managed cluster. + redis: + description: Redis configuration for the ManagedCluster + type: object + properties: + redisHost: + description: ManagedCluster redisHost + type: string + example: megapod-useast1-shared-redis.cloud.sailpoint.com + redisPort: + description: ManagedCluster redisPort + type: integer + format: int32 + example: 6379 + clientType: + description: type of client for the ManagedCluster + type: string + example: CCG + nullable: true + enum: + - CCG + - VA + - INTERNAL + - IIQ_HARVESTER + - null + ccgVersion: + description: CCG version used by the ManagedCluster + type: string + example: v01 + pinnedConfig: + description: boolean flag indiacting whether or not the cluster configuration is pinned + type: boolean + default: false + example: false + logConfiguration: + description: client log configuration for the cluster + example: '{ "rootLevel": "WARN", "logLevels": { "foobar": "WARN" } }' + nullable: true + type: object + required: + - durationMinutes + - rootLevel + properties: + clientId: + description: Log configuration's client ID + type: string + example: aClientId + durationMinutes: + description: Duration in minutes for log configuration to remain in effect before resetting to defaults + type: integer + format: int32 + example: 120 + minimum: 5 + maximum: 1440 + expiration: + description: Expiration date-time of the log configuration request + example: '2020-12-15T19:13:36.079Z' + type: string + format: date-time + rootLevel: + description: 'Root log level to apply, the default level for all logs. For more information about logging levels, refer to the "Logging Levels" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).' + default: INFO + example: TRACE + type: string + enum: + - 'OFF' + - FATAL + - ERROR + - WARN + - INFO + - DEBUG + - TRACE + logLevels: + description: 'Map of log level by key. The keys are logging classes, and the values are logging levels. To see the available connectors and their logging classes, refer to the "Logging Classes" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).' + example: + sailpoint.connector.ADLDAPConnector: TRACE + type: object + additionalProperties: + default: INFO + example: TRACE + description: Standard Log4j log level + type: string + enum: + - 'OFF' + - FATAL + - ERROR + - WARN + - INFO + - DEBUG + - TRACE + operational: + description: Whether or not the cluster is operational or not + type: boolean + default: false + example: false + status: + description: Cluster status + type: string + example: NORMAL + publicKeyCertificate: + nullable: true + description: Public key certificate + type: string + example: '-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----' + publicKeyThumbprint: + nullable: true + description: Public key thumbprint + type: string + example: obc6pLiulGbtZ + publicKey: + nullable: true + description: Public key + type: string + example: '-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----' + alertKey: + description: Key describing any immediate cluster alerts + type: string + example: LIMITED_RESOURCES + clientIds: + type: array + description: List of clients in a cluster + items: + type: string + example: + - '1244' + - '1245' + serviceCount: + description: Number of services bound to a cluster + type: integer + format: int32 + default: 0 + example: 6 + ccId: + description: 'CC ID only used in calling CC, will be removed without notice when Migration to CEGS is finished' + type: string + default: '0' + example: '1533' + createdAt: + description: The date/time this cluster was created + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + updatedAt: + description: The date/time this cluster was last updated + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:read' + - 'idn:remote-client:manage' + patch: + tags: + - Managed Clusters + summary: Update a Managed Cluster + description: Update an existing Managed Cluster. + operationId: updateManagedCluster + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Managed Cluster ID. + example: 2c9180897de347a2017de8859e8c5039 + requestBody: + required: true + description: The JSONPatch payload used to update the object. + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + responses: + '200': + description: The updated Managed Cluster + content: + application/json: + schema: + description: Managed Cluster + type: object + required: + - id + - clientType + - ccgVersion + properties: + id: + description: ManagedCluster ID + type: string + example: e1ff7bb24c934240bbf55e1aa39e41c5 + name: + description: ManagedCluster name + type: string + example: Managed Cluster Name + pod: + description: ManagedCluster pod + type: string + example: megapod-useast1 + org: + description: ManagedCluster org + type: string + example: denali + type: + description: The Type of Cluster + example: idn + nullable: false + default: idn + type: string + enum: + - idn + - iai + configuration: + description: ManagedProcess configuration map + type: object + additionalProperties: + type: string + example: + clusterExternalId: e1ff7bb24c934240bbf55e1aa39e41c5 + clusterType: sqsCluster + gmtOffset: '-5' + keyPair: + description: key pair for the ManagedCluster + type: object + properties: + publicKey: + nullable: true + description: ManagedCluster publicKey + type: string + example: '-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----' + publicKeyThumbprint: + nullable: true + description: ManagedCluster publicKeyThumbprint + type: string + example: 6CMlaJIV44-xJxcB3CJBjDUUn54 + publicKeyCertificate: + nullable: true + description: ManagedCluster publicKeyCertificate + type: string + example: '-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----' + attributes: + description: Specific Attributes for Configuring a ManagedCluster by Type + type: object + properties: + queue: + description: ManagedCluster keystore for sqsCluster type + type: object + properties: + name: + description: ManagedCluster queue name + type: string + example: megapod-useast1-denali-lwt-cluster-1533 + region: + description: ManagedCluster queue aws region + type: string + example: us-east-1 + keystore: + nullable: true + description: ManagedCluster keystore for spConnectCluster type + type: string + example: /u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW + description: + description: ManagedCluster description + type: string + default: q + example: A short description of the managed cluster. + redis: + description: Redis configuration for the ManagedCluster + type: object + properties: + redisHost: + description: ManagedCluster redisHost + type: string + example: megapod-useast1-shared-redis.cloud.sailpoint.com + redisPort: + description: ManagedCluster redisPort + type: integer + format: int32 + example: 6379 + clientType: + description: type of client for the ManagedCluster + type: string + example: CCG + nullable: true + enum: + - CCG + - VA + - INTERNAL + - IIQ_HARVESTER + - null + ccgVersion: + description: CCG version used by the ManagedCluster + type: string + example: v01 + pinnedConfig: + description: boolean flag indiacting whether or not the cluster configuration is pinned + type: boolean + default: false + example: false + logConfiguration: + description: client log configuration for the cluster + example: '{ "rootLevel": "WARN", "logLevels": { "foobar": "WARN" } }' + nullable: true + type: object + required: + - durationMinutes + - rootLevel + properties: + clientId: + description: Log configuration's client ID + type: string + example: aClientId + durationMinutes: + description: Duration in minutes for log configuration to remain in effect before resetting to defaults + type: integer + format: int32 + example: 120 + minimum: 5 + maximum: 1440 + expiration: + description: Expiration date-time of the log configuration request + example: '2020-12-15T19:13:36.079Z' + type: string + format: date-time + rootLevel: + description: 'Root log level to apply, the default level for all logs. For more information about logging levels, refer to the "Logging Levels" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).' + default: INFO + example: TRACE + type: string + enum: + - 'OFF' + - FATAL + - ERROR + - WARN + - INFO + - DEBUG + - TRACE + logLevels: + description: 'Map of log level by key. The keys are logging classes, and the values are logging levels. To see the available connectors and their logging classes, refer to the "Logging Classes" table in [Enabling Connector Logging in IdentityNow](https://community.sailpoint.com/t5/IdentityNow-Articles/Enabling-Connector-Logging-in-IdentityNow/ta-p/188107).' + example: + sailpoint.connector.ADLDAPConnector: TRACE + type: object + additionalProperties: + default: INFO + example: TRACE + description: Standard Log4j log level + type: string + enum: + - 'OFF' + - FATAL + - ERROR + - WARN + - INFO + - DEBUG + - TRACE + operational: + description: Whether or not the cluster is operational or not + type: boolean + default: false + example: false + status: + description: Cluster status + type: string + example: NORMAL + publicKeyCertificate: + nullable: true + description: Public key certificate + type: string + example: '-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----' + publicKeyThumbprint: + nullable: true + description: Public key thumbprint + type: string + example: obc6pLiulGbtZ + publicKey: + nullable: true + description: Public key + type: string + example: '-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----' + alertKey: + description: Key describing any immediate cluster alerts + type: string + example: LIMITED_RESOURCES + clientIds: + type: array + description: List of clients in a cluster + items: + type: string + example: + - '1244' + - '1245' + serviceCount: + description: Number of services bound to a cluster + type: integer + format: int32 + default: 0 + example: 6 + ccId: + description: 'CC ID only used in calling CC, will be removed without notice when Migration to CEGS is finished' + type: string + default: '0' + example: '1533' + createdAt: + description: The date/time this cluster was created + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + updatedAt: + description: The date/time this cluster was last updated + example: '2023-08-04T20:48:01.865Z' + nullable: true + type: string + format: date-time + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:manage' + delete: + operationId: deleteManagedCluster + tags: + - Managed Clusters + summary: Delete a Managed Cluster + description: Delete an existing Managed Cluster. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Managed Cluster ID. + example: 2c9180897de347a2017de8859e8c5039 + - in: query + name: removeClients + schema: + type: boolean + default: false + required: false + description: Flag to determine the need to delete a cluster with clients + example: false + responses: + '204': + description: The Managed Cluster was successfully deleted. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:remote-client:manage' + /mfa/okta-verify/config: + get: + operationId: getMFAOktaConfig + tags: + - MFA Configuration + summary: Configuration of Okta MFA method + description: This API returns the configuration of an Okta MFA method. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:mfa-configuration:read' + - 'idn:mfa-configuration:manage' + responses: + '200': + description: The configuration of an Okta MFA method. + content: + application/json: + schema: + type: object + properties: + mfaMethod: + type: string + nullable: true + description: Mfa method name + example: okta-verify + enabled: + type: boolean + description: If MFA method is enabled. + default: false + example: true + host: + type: string + nullable: true + description: The server host name or IP address of the MFA provider. + example: example.com + accessKey: + type: string + nullable: true + description: The secret key for authenticating requests to the MFA provider. + example: qw123Y3QlA5UqocYpdU3rEkzrK2D497y + identityAttribute: + type: string + nullable: true + description: Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider. + example: email + example: + mfaMethod: okta-verify + enabled: true + host: www.example.com + accessKey: d******Y + identityAttribute: email + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: setMFAOktaConfig + tags: + - MFA Configuration + summary: Set Okta MFA configuration + description: This API sets the configuration of an Okta MFA method. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:mfa-configuration:manage' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + mfaMethod: + type: string + nullable: true + description: Mfa method name + example: okta-verify + enabled: + type: boolean + description: If MFA method is enabled. + default: false + example: true + host: + type: string + nullable: true + description: The server host name or IP address of the MFA provider. + example: example.com + accessKey: + type: string + nullable: true + description: The secret key for authenticating requests to the MFA provider. + example: qw123Y3QlA5UqocYpdU3rEkzrK2D497y + identityAttribute: + type: string + nullable: true + description: Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider. + example: email + example: + mfaMethod: okta-verify + enabled: true + host: www.example.com + accessKey: dk778Y3QlA5UqocYpdU3rEkzrK2D497y + identityAttribute: email + responses: + '200': + description: MFA configuration of an Okta MFA method. + content: + application/json: + schema: + type: object + properties: + mfaMethod: + type: string + nullable: true + description: Mfa method name + example: okta-verify + enabled: + type: boolean + description: If MFA method is enabled. + default: false + example: true + host: + type: string + nullable: true + description: The server host name or IP address of the MFA provider. + example: example.com + accessKey: + type: string + nullable: true + description: The secret key for authenticating requests to the MFA provider. + example: qw123Y3QlA5UqocYpdU3rEkzrK2D497y + identityAttribute: + type: string + nullable: true + description: Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider. + example: email + example: + mfaMethod: okta-verify + enabled: true + host: www.example.com + accessKey: d******Y + identityAttribute: email + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /mfa/duo-web/config: + get: + operationId: getMFADuoConfig + tags: + - MFA Configuration + summary: Configuration of Duo MFA method + description: This API returns the configuration of an Duo MFA method. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:mfa-configuration:read' + - 'idn:mfa-configuration:manage' + responses: + '200': + description: The configuration of an Duo MFA method. + content: + application/json: + schema: + type: object + properties: + mfaMethod: + type: string + nullable: true + description: Mfa method name + example: duo-web + enabled: + type: boolean + description: If MFA method is enabled. + default: false + example: true + host: + type: string + nullable: true + description: The server host name or IP address of the MFA provider. + example: example.com + accessKey: + type: string + nullable: true + description: The secret key for authenticating requests to the MFA provider. + example: qw123Y3QlA5UqocYpdU3rEkzrK2D497y + identityAttribute: + type: string + nullable: true + description: Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider. + example: email + configProperties: + description: A map with additional config properties for the given MFA method - duo-web. + type: object + nullable: true + additionalProperties: true + example: + skey: qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x + ikey: Q123WE45R6TY7890ZXCV + example: + mfaMethod: duo-web + enabled: true + host: www.example.com + accessKey: d******Y + identityAttribute: email + configProperties: + skey: 6******B + ikey: Q123WE45R6TY7890ZXCV + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: setMFADuoConfig + tags: + - MFA Configuration + summary: Set Duo MFA configuration + description: This API sets the configuration of an Duo MFA method. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:mfa-configuration:manage' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + mfaMethod: + type: string + nullable: true + description: Mfa method name + example: duo-web + enabled: + type: boolean + description: If MFA method is enabled. + default: false + example: true + host: + type: string + nullable: true + description: The server host name or IP address of the MFA provider. + example: example.com + accessKey: + type: string + nullable: true + description: The secret key for authenticating requests to the MFA provider. + example: qw123Y3QlA5UqocYpdU3rEkzrK2D497y + identityAttribute: + type: string + nullable: true + description: Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider. + example: email + configProperties: + description: A map with additional config properties for the given MFA method - duo-web. + type: object + nullable: true + additionalProperties: true + example: + skey: qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x + ikey: Q123WE45R6TY7890ZXCV + example: + mfaMethod: duo-web + enabled: true + host: www.example.com + accessKey: qw123Y3QlA5UqocYpdU3rEkzrK2D497y + identityAttribute: email + configProperties: + skey: 12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B + ikey: Q123WE45R6TY7890ZXCV + responses: + '200': + description: MFA configuration of an Duo MFA method. + content: + application/json: + schema: + type: object + properties: + mfaMethod: + type: string + nullable: true + description: Mfa method name + example: duo-web + enabled: + type: boolean + description: If MFA method is enabled. + default: false + example: true + host: + type: string + nullable: true + description: The server host name or IP address of the MFA provider. + example: example.com + accessKey: + type: string + nullable: true + description: The secret key for authenticating requests to the MFA provider. + example: qw123Y3QlA5UqocYpdU3rEkzrK2D497y + identityAttribute: + type: string + nullable: true + description: Optional. The name of the attribute for mapping IdentityNow identity to the MFA provider. + example: email + configProperties: + description: A map with additional config properties for the given MFA method - duo-web. + type: object + nullable: true + additionalProperties: true + example: + skey: qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x + ikey: Q123WE45R6TY7890ZXCV + example: + mfaMethod: duo-web + enabled: true + host: www.example.com + accessKey: q******y + identityAttribute: email + configProperties: + skey: 1******B + ikey: Q123WE45R6TY7890ZXCV + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /mfa/kba/config: + get: + operationId: getMFAKbaConfig + tags: + - MFA Configuration + summary: Configuration of KBA MFA method + description: This API returns the KBA configuration for MFA. A token with USER or ORG_ADMIN authority is required to call this API. + parameters: + - in: query + name: allLanguages + required: false + schema: + type: boolean + description: |- + Indicator whether the question text should be returned in all configured languages + * If true, the question text is returned in all languages that it is configured in. + * If false, the question text is returned in the user locale if available, else for the default locale. + * If not passed, it behaves the same way as passing this parameter as false + example: allLanguages=true + security: + - UserContextAuth: + - 'idn:mfa-kba:read' + responses: + '200': + description: The configuration for KBA MFA method. + content: + application/json: + schema: + type: array + items: + description: KBA Configuration + type: object + properties: + id: + type: string + nullable: false + description: KBA Question Id + example: 143cfd3b-c23f-426b-ae5f-d3db06fa5919 + text: + type: string + nullable: false + description: KBA Question description + example: '[{"text":"Nouvelle question MFA -1 ?","locale":"fr"},{"text":"MFA new question -1 ?","locale":""}]' + hasAnswer: + type: boolean + nullable: false + description: Denotes whether the KBA question has an answer configured for any user in the tenant + example: true + numAnswers: + type: integer + format: int32 + nullable: false + description: Denotes the number of KBA configurations for this question + example: 5 + required: + - id + - text + - hasAnswer + - numAnswers + example: + - id: 143cfd3b-c23f-426b-ae5f-d3db06fa5919 + text: MFA new question -1 ? + hasAnswer: false + numAnswers: 0 + - id: '173421' + text: What is your alphanumeric PIN? + hasAnswer: false + numAnswers: 3 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /mfa/kba/config/answers: + post: + operationId: setMFAKBAConfig + tags: + - MFA Configuration + summary: Set MFA KBA configuration + description: |- + This API sets answers to challenge questions. Any configured questions omitted from the request are removed from user KBA configuration. + A token with USER authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + nullable: false + description: Question Id + example: c54fee53-2d63-4fc5-9259-3e93b9994135 + answer: + type: string + nullable: false + description: An answer for the KBA question + example: Your answer + required: + - id + - answer + example: + - id: '173423' + answer: 822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34 + - id: c54fee53-2d63-4fc5-9259-3e93b9994135 + answer: 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 + security: + - UserContextAuth: + - 'idn:mfa-kba:authenticate' + responses: + '200': + description: The new KBA configuration for the user. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + nullable: false + description: Question Id + example: c54fee53-2d63-4fc5-9259-3e93b9994135 + question: + type: string + nullable: false + description: Question description + example: '[{"text":"Nouvelle question MFA -1 ?","locale":"fr"},{"text":"MFA new question -1 ?","locale":""}]' + hasAnswer: + type: boolean + nullable: false + description: Denotes whether the KBA question has an answer configured for the current user + example: true + required: + - id + - question + - hasAnswer + example: + - id: 143cfd3b-c23f-426b-ae5f-d3db06fa5919 + question: '[{"text":"Nouvelle question MFA -1 ?","locale":"fr"},{"text":"MFA new question -1 ?","locale":""}]' + hasAnswer: false + - id: '173421' + question: '[{"text":"What is your alphanumeric PIN?","locale":""}]' + hasAnswer: true + - id: c54fee53-2d63-4fc5-9259-3e93b9994135 + question: '[{"text":"Nouvelle question MFA - 2 ?","locale":"fr"},{"text":"MFA new question - 2 ?","locale":""}]' + hasAnswer: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/mfa/{method}/test': + get: + operationId: testMFAConfig + tags: + - MFA Configuration + summary: MFA method's test configuration + description: |- + This API validates that the configuration is valid and will properly authenticate with the MFA provider identified by the method path parameter. + A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:mfa-configuration:read' + - 'idn:mfa-configuration:manage' + parameters: + - in: path + name: method + schema: + type: string + example: okta-verify + required: true + description: The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'. + responses: + '200': + description: The result of configuration test for the MFA provider. + content: + application/json: + schema: + description: Response model for configuration test of a given MFA method + type: object + properties: + state: + type: string + enum: + - SUCCESS + - FAILED + description: The configuration test result. + example: SUCCESS + readOnly: true + error: + type: string + example: MFA Method is disabled. + description: The error message to indicate the failure of configuration test. + readOnly: true + example: + state: SUCCESS + error: null + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /non-employee-records: + post: + operationId: createNonEmployeeRecord + tags: + - Non-Employee Lifecycle Management + summary: Create Non-Employee Record + description: |- + This request will create a non-employee record. + Requires role context of `idn:nesr:create` + requestBody: + description: Non-Employee record creation request body. + required: true + content: + application/json: + schema: + type: object + properties: + accountName: + type: string + description: Requested identity account name. + example: william.smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + sourceId: + type: string + description: Non-Employee's source id. + example: 2c91808568c529c60168cca6f90c1313 + data: + type: object + additionalProperties: + type: string + description: 'Attribute blob/bag for a non-employee, 10 attributes is the maximum size supported.' + example: + description: Auditing + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2020-03-24T00:00:00-05:00' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2021-03-25T00:00:00-05:00' + required: + - accountName + - firstName + - lastName + - email + - phone + - manager + - sourceId + - startDate + - endDate + responses: + '200': + description: Created non-employee record. + content: + application/json: + schema: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee record id. + example: ef38f94347e94562b5bb8424a56397d8 + accountName: + type: string + description: Requested identity account name. + example: Abby.Smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + sourceId: + type: string + description: Non-Employee's source id. + example: 2c91808568c529c60168cca6f90c1313 + data: + type: object + additionalProperties: + type: string + description: Attribute blob/bag for a non-employee. + example: + description: Auditing + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2019-08-23T18:52:59.162Z' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2020-08-23T18:52:59.162Z' + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: listNonEmployeeRecords + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: List Non-Employee Records + description: |- + This gets a list of non-employee records. There are two contextual uses for this endpoint: + 1. The user has the role context of `idn:nesr:read`, in which case they can get a list of all of the non-employees. + 2. The user is an account manager, in which case they can get a list of the non-employees that they manage. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'accountName,sourceId' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, accountName, sourceId, manager, firstName, lastName, email, phone, startDate, endDate, created, modified** + - in: query + name: filters + required: false + schema: + type: string + example: sourceId eq "2c91808568c529c60168cca6f90c1313" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **sourceId**: *eq* + responses: + '200': + description: Non-Employee record objects + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee record id. + example: ef38f94347e94562b5bb8424a56397d8 + accountName: + type: string + description: Requested identity account name. + example: Abby.Smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + sourceId: + type: string + description: Non-Employee's source id. + example: 2c91808568c529c60168cca6f90c1313 + data: + type: object + additionalProperties: + type: string + description: Attribute blob/bag for a non-employee. + example: + description: Auditing + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2019-08-23T18:52:59.162Z' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2020-08-23T18:52:59.162Z' + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-records/{id}': + get: + operationId: getNonEmployeeRecord + tags: + - Non-Employee Lifecycle Management + summary: Get a Non-Employee Record + description: |- + This gets a non-employee record. + Requires role context of `idn:nesr:read` + parameters: + - in: path + name: id + description: Non-Employee record id (UUID) + required: true + example: ef38f94347e94562b5bb8424a56397d8 + schema: + type: string + responses: + '200': + description: Non-Employee record object + content: + application/json: + schema: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee record id. + example: ef38f94347e94562b5bb8424a56397d8 + accountName: + type: string + description: Requested identity account name. + example: Abby.Smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + sourceId: + type: string + description: Non-Employee's source id. + example: 2c91808568c529c60168cca6f90c1313 + data: + type: object + additionalProperties: + type: string + description: Attribute blob/bag for a non-employee. + example: + description: Auditing + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2019-08-23T18:52:59.162Z' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2020-08-23T18:52:59.162Z' + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: updateNonEmployeeRecord + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Update Non-Employee Record + description: |- + This request will update a non-employee record. There are two contextual uses for this endpoint: + 1. The user has the role context of `idn:nesr:update`, in which case they + update all available fields. + 2. The user is owner of the source, in this case they can only update the + end date. + parameters: + - in: path + name: id + description: Non-employee record id (UUID) + example: ef38f94347e94562b5bb8424a56397d8 + required: true + schema: + type: string + requestBody: + description: Non-employee record creation request body. Attributes are restricted by user type. Owner of source can update end date. Organization admins can update all available fields. + required: true + content: + application/json: + schema: + type: object + properties: + accountName: + type: string + description: Requested identity account name. + example: william.smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + sourceId: + type: string + description: Non-Employee's source id. + example: 2c91808568c529c60168cca6f90c1313 + data: + type: object + additionalProperties: + type: string + description: 'Attribute blob/bag for a non-employee, 10 attributes is the maximum size supported.' + example: + description: Auditing + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2020-03-24T00:00:00-05:00' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2021-03-25T00:00:00-05:00' + required: + - accountName + - firstName + - lastName + - email + - phone + - manager + - sourceId + - startDate + - endDate + responses: + '200': + description: An updated non-employee record. + content: + application/json: + schema: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee record id. + example: ef38f94347e94562b5bb8424a56397d8 + accountName: + type: string + description: Requested identity account name. + example: Abby.Smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + sourceId: + type: string + description: Non-Employee's source id. + example: 2c91808568c529c60168cca6f90c1313 + data: + type: object + additionalProperties: + type: string + description: Attribute blob/bag for a non-employee. + example: + description: Auditing + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2019-08-23T18:52:59.162Z' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2020-08-23T18:52:59.162Z' + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchNonEmployeeRecord + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Patch Non-Employee Record + description: |- + This request will patch a non-employee record. There are two contextual uses for this endpoint: + 1. The user has the role context of `idn:nesr:update`, in which case they + update all available fields. + 2. The user is owner of the source, in this case they can only update the + end date. + parameters: + - in: path + name: id + description: Non-employee record id (UUID) + example: ef38f94347e94562b5bb8424a56397d8 + required: true + schema: + type: string + requestBody: + description: 'A list of non-employee update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Attributes are restricted by user type. Owner of source can update end date. Organization admins can update all available fields.' + required: true + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /endDate + value: '2019-08-23T18:40:35.772Z' + responses: + '200': + description: A patched non-employee record. + content: + application/json: + schema: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee record id. + example: ef38f94347e94562b5bb8424a56397d8 + accountName: + type: string + description: Requested identity account name. + example: Abby.Smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + sourceId: + type: string + description: Non-Employee's source id. + example: 2c91808568c529c60168cca6f90c1313 + data: + type: object + additionalProperties: + type: string + description: Attribute blob/bag for a non-employee. + example: + description: Auditing + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2019-08-23T18:52:59.162Z' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2020-08-23T18:52:59.162Z' + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteNonEmployeeRecord + tags: + - Non-Employee Lifecycle Management + summary: Delete Non-Employee Record + description: |- + This request will delete a non-employee record. + Requires role context of `idn:nesr:delete` + parameters: + - in: path + name: id + description: Non-Employee record id (UUID) + example: ef38f94347e94562b5bb8424a56397d8 + required: true + schema: + type: string + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /non-employee-records/bulk-delete: + post: + operationId: deleteNonEmployeeRecordsInBulk + tags: + - Non-Employee Lifecycle Management + summary: Delete Multiple Non-Employee Records + description: 'This request will delete multiple non-employee records based on the non-employee ids provided. Requires role context of `idn:nesr:delete`' + requestBody: + description: Non-Employee bulk delete request body. + required: true + content: + application/json: + schema: + type: object + properties: + ids: + description: List of non-employee ids. + type: array + items: + type: string + format: uuid + example: + - 2b838de9-db9b-abcf-e646-d4f274ad4238 + - 2d838de9-db9b-abcf-e646-d4f274ad4238 + required: + - ids + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /non-employee-requests: + post: + operationId: createNonEmployeeRequest + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Create Non-Employee Request + description: 'This request will create a non-employee request and notify the approver. Requires role context of `idn:nesr:create` or the user must own the source.' + requestBody: + description: Non-Employee creation request body + required: true + content: + application/json: + schema: + type: object + properties: + accountName: + type: string + description: Requested identity account name. + example: william.smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + sourceId: + type: string + description: Non-Employee's source id. + example: 2c91808568c529c60168cca6f90c1313 + data: + type: object + additionalProperties: + type: string + description: 'Attribute blob/bag for a non-employee, 10 attributes is the maximum size supported.' + example: + description: Auditing + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2020-03-24T00:00:00-05:00' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2021-03-25T00:00:00-05:00' + required: + - accountName + - firstName + - lastName + - email + - phone + - manager + - sourceId + - startDate + - endDate + responses: + '200': + description: Non-Employee request creation object + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + - type: object + properties: + accountName: + type: string + description: Requested identity account name. + example: william.smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + nonEmployeeSource: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + data: + type: object + additionalProperties: + type: string + description: Attribute blob/bag for a non-employee. + example: + description: Auditing + approvalItems: + description: List of approval item for the request + type: array + items: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee approval item id + example: 2c1e388b-1e55-4b0a-ab5c-897f1204159c + approver: + description: Reference to the associated Identity + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountName: + type: string + description: Requested identity account name + example: test.account + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + approvalOrder: + type: number + description: Approval order + example: 1 + format: float + comment: + type: string + description: comment of approver + example: I approve + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + comment: + type: string + description: comment of requester + example: approved + completionDate: + type: string + format: date-time + description: When the request was completely approved. + example: '2020-03-24T11:11:41.139-05:00' + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2020-03-24T00:00:00-05:00' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2021-03-25T00:00:00-05:00' + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2020-03-24T11:11:41.139-05:00' + created: + type: string + format: date-time + description: When the request was created. + example: '2020-03-24T11:11:41.139-05:00' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + 400.1 Bad Request Content: + description: Response for bad request content + value: + detailCode: 400.1 Bad Request Content + trackingId: e7eab60924f64aa284175b9fa3309599 + messages: + - locale: en + localeOrigin: REQUEST + text: firstName is required; accountName is required; + 400.1.409 Reference conflict: + description: Response for reference conflict + value: + detailCode: 400.1.409 Reference conflict + trackingId: e7eab60924f64aa284175b9fa3309599 + messages: + - locale: en + localeOrigin: REQUEST + text: Unable to create Non-Employee because the accountName "existed" is already being used. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: listNonEmployeeRequests + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: List Non-Employee Requests + description: |- + This gets a list of non-employee requests. There are two contextual uses for the `requested-for` path parameter: + 1. The user has the role context of `idn:nesr:read`, in which case he or + she may request a list non-employee requests assigned to a particular account manager by passing in that manager's id. + 2. The current user is an account manager, in which case "me" should be + provided as the `requested-for` value. This will provide the user with a list of the non-employee requests in the source(s) he or she manages. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: requested-for + required: true + schema: + type: string + example: e136567de87e4d029e60b3c3c55db56d + description: The identity for whom the request was made. *me* indicates the current user. + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'created,approvalStatus' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **created, approvalStatus, firstName, lastName, email, phone, accountName, startDate, endDate** + - in: query + name: filters + required: false + schema: + type: string + example: sourceId eq "2c91808568c529c60168cca6f90c1313" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **sourceId**: *eq* + responses: + '200': + description: List of non-employee request objects. + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + - type: object + properties: + accountName: + type: string + description: Requested identity account name. + example: william.smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + nonEmployeeSource: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + data: + type: object + additionalProperties: + type: string + description: Attribute blob/bag for a non-employee. + example: + description: Auditing + approvalItems: + description: List of approval item for the request + type: array + items: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee approval item id + example: 2c1e388b-1e55-4b0a-ab5c-897f1204159c + approver: + description: Reference to the associated Identity + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountName: + type: string + description: Requested identity account name + example: test.account + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + approvalOrder: + type: number + description: Approval order + example: 1 + format: float + comment: + type: string + description: comment of approver + example: I approve + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + comment: + type: string + description: comment of requester + example: approved + completionDate: + type: string + format: date-time + description: When the request was completely approved. + example: '2020-03-24T11:11:41.139-05:00' + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2020-03-24T00:00:00-05:00' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2021-03-25T00:00:00-05:00' + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2020-03-24T11:11:41.139-05:00' + created: + type: string + format: date-time + description: When the request was created. + example: '2020-03-24T11:11:41.139-05:00' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-requests/{id}': + get: + operationId: getNonEmployeeRequest + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Get a Non-Employee Request + description: |- + This gets a non-employee request. + There are two contextual uses for this endpoint: + 1. The user has the role context of `idn:nesr:read`, in this case the user + can get the non-employee request for any user. + 2. The user must be the owner of the non-employee request. + parameters: + - in: path + name: id + description: Non-Employee request id (UUID) + example: ac110005-7156-1150-8171-5b292e3e0084 + required: true + schema: + type: string + responses: + '200': + description: Non-Employee request object. + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + - type: object + properties: + accountName: + type: string + description: Requested identity account name. + example: william.smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + nonEmployeeSource: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + data: + type: object + additionalProperties: + type: string + description: Attribute blob/bag for a non-employee. + example: + description: Auditing + approvalItems: + description: List of approval item for the request + type: array + items: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee approval item id + example: 2c1e388b-1e55-4b0a-ab5c-897f1204159c + approver: + description: Reference to the associated Identity + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountName: + type: string + description: Requested identity account name + example: test.account + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + approvalOrder: + type: number + description: Approval order + example: 1 + format: float + comment: + type: string + description: comment of approver + example: I approve + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + comment: + type: string + description: comment of requester + example: approved + completionDate: + type: string + format: date-time + description: When the request was completely approved. + example: '2020-03-24T11:11:41.139-05:00' + startDate: + type: string + format: date-time + description: Non-Employee employment start date. + example: '2020-03-24T00:00:00-05:00' + endDate: + type: string + format: date-time + description: Non-Employee employment end date. + example: '2021-03-25T00:00:00-05:00' + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2020-03-24T11:11:41.139-05:00' + created: + type: string + format: date-time + description: When the request was created. + example: '2020-03-24T11:11:41.139-05:00' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteNonEmployeeRequest + tags: + - Non-Employee Lifecycle Management + summary: Delete Non-Employee Request + description: |- + This request will delete a non-employee request. + Requires role context of `idn:nesr:delete` + parameters: + - in: path + name: id + description: Non-Employee request id in the UUID format + required: true + schema: + type: string + format: uuid + example: ac110005-7156-1150-8171-5b292e3e0084 + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-requests/summary/{requested-for}': + get: + operationId: getNonEmployeeRequestSummary + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Get Summary of Non-Employee Requests + description: |- + This request will retrieve a summary of non-employee requests. There are two contextual uses for the `requested-for` path parameter: + 1. The user has the role context of `idn:nesr:read`, in which case he or + she may request a summary of all non-employee approval requests assigned to a particular account manager by passing in that manager's id. + 2. The current user is an account manager, in which case "me" should be + provided as the `requested-for` value. This will provide the user with a summary of the non-employee requests in the source(s) he or she manages. + parameters: + - in: path + name: requested-for + description: The identity (UUID) of the non-employee account manager for whom the summary is being retrieved. Use "me" instead to indicate the current user. + required: true + schema: + type: string + format: uuid (if user is Org Admin) + example: 2c91808280430dfb0180431a59440460 + responses: + '200': + description: Non-Employee request summary object. + content: + application/json: + schema: + type: object + properties: + approved: + type: integer + description: The number of approved non-employee requests on all sources that *requested-for* user manages. + example: 2 + format: int32 + rejected: + type: integer + description: The number of rejected non-employee requests on all sources that *requested-for* user manages. + example: 2 + format: int32 + pending: + type: integer + description: The number of pending non-employee requests on all sources that *requested-for* user manages. + example: 2 + format: int32 + nonEmployeeCount: + type: integer + description: The number of non-employee records on all sources that *requested-for* user manages. + example: 2 + format: int32 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /non-employee-sources: + post: + operationId: createNonEmployeeSource + tags: + - Non-Employee Lifecycle Management + summary: Create Non-Employee Source + description: 'This request will create a non-employee source. Requires role context of `idn:nesr:create`' + requestBody: + description: Non-Employee source creation request body. + required: true + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: Name of non-employee source. + example: Retail + description: + type: string + description: Description of non-employee source. + example: Source description + owner: + description: Owner of non-employee source. + type: object + properties: + id: + type: string + format: UUID + description: Identity id. + example: 2c91808570313110017040b06f344ec9 + required: + - id + managementWorkgroup: + type: string + description: The ID for the management workgroup that contains source sub-admins + example: '123299' + approvers: + description: List of approvers. + type: array + items: + type: object + properties: + id: + type: string + format: UUID + description: Identity id. + example: 2c91808570313110017040b06f344ec9 + required: + - id + maxItems: 3 + accountManagers: + description: List of account managers. + type: array + items: + type: object + properties: + id: + type: string + format: UUID + description: Identity id. + example: 2c91808570313110017040b06f344ec9 + required: + - id + maxItems: 10 + required: + - owner + - name + - description + responses: + '200': + description: Created non-employee source. + content: + application/json: + schema: + allOf: + - allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + - type: object + properties: + approvers: + description: List of approvers + type: array + items: + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountManagers: + description: List of account managers + type: array + items: + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + - type: object + properties: + cloudExternalId: + type: string + description: Legacy ID used for sources from the V1 API. This attribute will be removed from a future version of the API and will not be considered a breaking change. No clients should rely on this ID always being present. + example: '99999' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: listNonEmployeeSources + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: List Non-Employee Sources + description: |- + This gets a list of non-employee sources. There are two contextual uses for the requested-for path parameter: + 1. The user has the role context of `idn:nesr:read`, in which case he or + she may request a list sources assigned to a particular account manager by passing in that manager's id. + 2. The current user is an account manager, in which case "me" should be + provided as the `requested-for` value. This will provide the user with a list of the sources that he or she owns. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: requested-for + required: true + schema: + type: string + example: me + description: The identity for whom the request was made. *me* indicates the current user. + - in: query + name: non-employee-count + required: false + example: true + schema: + type: boolean + description: The flag to determine whether return a non-employee count associate with source. + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'name,created' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, created, sourceId** + responses: + '200': + description: List of non-employee sources objects. + content: + application/json: + schema: + type: array + items: + allOf: + - allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + - type: object + properties: + approvers: + description: List of approvers + type: array + items: + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountManagers: + description: List of account managers + type: array + items: + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + - type: object + properties: + nonEmployeeCount: + type: integer + description: Number of non-employee records associated with this source. + format: int32 + example: 120 + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-sources/{sourceId}': + get: + operationId: getNonEmployeeSource + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Get a Non-Employee Source + description: |- + This gets a non-employee source. There are two contextual uses for the requested-for path parameter: + 1. The user has the role context of `idn:nesr:read`, in which case he or + she may request any source. + 2. The current user is an account manager, in which case the user can only + request sources that they own. + parameters: + - in: path + name: sourceId + description: Source Id + example: 2c91808b7c28b350017c2a2ec5790aa1 + required: true + schema: + type: string + responses: + '200': + description: Non-Employee source object. + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + - type: object + properties: + approvers: + description: List of approvers + type: array + items: + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountManagers: + description: List of account managers + type: array + items: + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchNonEmployeeSource + tags: + - Non-Employee Lifecycle Management + summary: Patch a Non-Employee Source + description: 'patch a non-employee source. (partial update)
Patchable field: **name, description, approvers, accountManagers** Requires role context of `idn:nesr:update`.' + parameters: + - in: path + name: sourceId + description: Source Id + required: true + schema: + type: string + example: e136567de87e4d029e60b3c3c55db56d + requestBody: + description: 'A list of non-employee source update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.' + required: true + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /name + value: + new name: null + - op: replace + path: /approvers + value: + - 2c91809f703bb37a017040a2fe8748c7 + - 48b1f463c9e8427db5a5071bd81914b8 + responses: + '200': + description: A patched non-employee source object. + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + - type: object + properties: + approvers: + description: List of approvers + type: array + items: + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountManagers: + description: List of account managers + type: array + items: + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteNonEmployeeSource + tags: + - Non-Employee Lifecycle Management + summary: Delete Non-Employee Source + description: 'This request will delete a non-employee source. Requires role context of `idn:nesr:delete`.' + parameters: + - in: path + name: sourceId + description: Source Id + required: true + schema: + type: string + example: e136567de87e4d029e60b3c3c55db56d + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-sources/{id}/non-employees/download': + get: + operationId: exportNonEmployeeRecords + tags: + - Non-Employee Lifecycle Management + summary: Exports Non-Employee Records to CSV + description: 'This requests a CSV download for all non-employees from a provided source. Requires role context of `idn:nesr:read`' + parameters: + - in: path + name: id + description: Source Id (UUID) + required: true + schema: + type: string + example: e136567de87e4d029e60b3c3c55db56d + responses: + '200': + description: Exported CSV + content: + text/csv: + example: | + accountName,firstName,lastName,phone,email,manager,startDate,endDate + Jon.Smith, Jon, Smith, 555-555-5555, jon@jon.doe.nope.com, Jim Smith, 2020-04-05T08:00:00-10:00,2020-08-07T19:00:00-10:00 + William.Chaffin, William, Chaffin, 555-555-5555, william@chaffins.nope.com, Bertram Chaffin, 2020-04-05T08:00:00-10:00,2020-08-07T19:00:00-10:00 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-sources/{id}/non-employee-bulk-upload': + post: + operationId: importNonEmployeeRecordsInBulk + security: + - UserContextAuth: + - 'idn:nelm:manage' + tags: + - Non-Employee Lifecycle Management + summary: 'Imports, or Updates, Non-Employee Records' + description: 'This post will import, or update, Non-Employee records found in the CSV. Requires role context of `idn:nesr:create`' + parameters: + - in: path + name: id + description: Source Id (UUID) + required: true + schema: + type: string + example: e136567de87e4d029e60b3c3c55db56d + requestBody: + content: + multipart/form-data: + schema: + type: object + properties: + data: + type: string + format: binary + required: + - data + responses: + '202': + description: The CSV was accepted to be bulk inserted now or at a later time. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The bulk upload job's ID. (UUID) + example: 2c91808568c529c60168cca6f90cffff + sourceId: + type: string + description: The ID of the source to bulk-upload non-employees to. (UUID) + example: 2c91808568c529c60168cca6f90c1313 + created: + type: string + format: date-time + description: The date-time the job was submitted. + example: '2019-08-23T18:52:59.162Z' + modified: + type: string + format: date-time + description: The date-time that the job was last updated. + example: '2019-08-23T18:52:59.162Z' + status: + type: string + enum: + - PENDING + - IN_PROGRESS + - COMPLETED + - ERROR + description: | + Returns the following values indicating the progress or result of the bulk upload job. + "PENDING" means the job is queued and waiting to be processed. + "IN_PROGRESS" means the job is currently being processed. + "COMPLETED" means the job has been completed without any errors. + "ERROR" means the job failed to process with errors. + example: PENDING + '400': + description: | + Client Error - Returned if the request body is invalid. + The response body will contain the list of specific errors with one on each line. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-sources/{id}/non-employee-bulk-upload/status': + get: + operationId: getNonEmployeeBulkUploadStatus + tags: + - Non-Employee Lifecycle Management + summary: Obtain the status of bulk upload on the source + description: | + The nonEmployeeBulkUploadStatus API returns the status of the newest bulk upload job for the specified source. + Requires role context of `idn:nesr:read` + parameters: + - in: path + name: id + description: Source ID (UUID) + required: true + schema: + type: string + example: e136567de87e4d029e60b3c3c55db56d + responses: + '200': + description: 'Status of the newest bulk-upload job, if any.' + content: + application/json: + schema: + type: object + properties: + status: + type: string + enum: + - PENDING + - IN_PROGRESS + - COMPLETED + - ERROR + description: | + Returns the following values indicating the progress or result of the bulk upload job. + "PENDING" means the job is queued and waiting to be processed. + "IN_PROGRESS" means the job is currently being processed. + "COMPLETED" means the job has been completed without any errors. + "ERROR" means the job failed to process with errors. + null means job has been submitted to the source. + example: PENDING + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-sources/{id}/schema-attributes-template/download': + get: + operationId: exportNonEmployeeSourceSchemaTemplate + tags: + - Non-Employee Lifecycle Management + summary: Exports Source Schema Template + description: 'This requests a download for the Source Schema Template for a provided source. Requires role context of `idn:nesr:read`' + parameters: + - in: path + name: id + description: Source Id (UUID) + required: true + example: ef38f94347e94562b5bb8424a56397d8 + schema: + type: string + responses: + '200': + description: Exported Source Schema Template + content: + text/csv: + example: | + accountName,firstName,lastName,phone,email,manager,startDate,endDate + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /non-employee-approvals: + get: + operationId: listNonEmployeeApprovals + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Get List of Non-Employee Approval Requests + description: |- + This gets a list of non-employee approval requests. + There are two contextual uses for this endpoint: + 1. The user has the role context of `idn:nesr:read`, in which case they + can list the approvals for any approver. + 2. The user owns the requested approval. + parameters: + - in: query + name: requested-for + schema: + type: string + description: The identity for whom the request was made. *me* indicates the current user. + required: false + example: 2c91808280430dfb0180431a59440460 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **approvalStatus**: *eq* + example: approvalStatus eq "Pending" + required: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **created, modified** + required: false + example: created + responses: + '200': + description: List of approval items. + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee approval item id + example: 2c1e388b-1e55-4b0a-ab5c-897f1204159c + approver: + description: Reference to the associated Identity + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountName: + type: string + description: Requested identity account name + example: test.account + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + approvalOrder: + type: number + description: Approval order + example: 1 + format: float + comment: + type: string + description: comment of approver + example: I approve + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + - type: object + properties: + nonEmployeeRequest: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee request id. + example: ac110005-7156-1150-8171-5b292e3e0084 + requester: + example: + type: IDENTITY + id: 2c9180866166b5b0016167c32ef31a66 + name: William Smith + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-approvals/{id}': + get: + operationId: getNonEmployeeApproval + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Get a non-employee approval item detail + description: |- + Gets a non-employee approval item detail. There are two contextual uses for this endpoint: + 1. The user has the role context of `idn:nesr:read`, in which case they + can get any approval. + 2. The user owns the requested approval. + parameters: + - in: path + name: id + description: Non-Employee approval item id (UUID) + required: true + schema: + type: string + example: e136567de87e4d029e60b3c3c55db56d + - in: query + name: include-detail + description: The object nonEmployeeRequest will not be included detail when set to false. *Default value is true* + required: false + schema: + type: boolean + example: true + responses: + '200': + description: Non-Employee approval item object. + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee approval item id + example: 2c1e388b-1e55-4b0a-ab5c-897f1204159c + approver: + description: Reference to the associated Identity + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountName: + type: string + description: Requested identity account name + example: test.account + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + approvalOrder: + type: number + description: Approval order + example: 1 + format: float + comment: + type: string + description: comment of approver + example: I approve + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + - type: object + properties: + nonEmployeeRequest: + description: Non-Employee request associated to this approval + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee request id. + example: ac110005-7156-1150-8171-5b292e3e0084 + requester: + example: + type: IDENTITY + id: 2c9180866166b5b0016167c32ef31a66 + name: William Smith + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + - type: object + properties: + accountName: + type: string + description: Requested identity account name. + example: william.smith + firstName: + type: string + description: Non-Employee's first name. + example: William + lastName: + type: string + description: Non-Employee's last name. + example: Smith + email: + type: string + description: Non-Employee's email. + example: william.smith@example.com + phone: + type: string + description: Non-Employee's phone. + example: '5555555555' + manager: + type: string + description: The account ID of a valid identity to serve as this non-employee's manager. + example: jane.doe + nonEmployeeSource: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee source id. + example: a0303682-5e4a-44f7-bdc2-6ce6112549c1 + sourceId: + type: string + description: Source Id associated with this non-employee source. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Source name associated with this non-employee source. + example: Retail + description: + type: string + description: Source description associated with this non-employee source. + example: Source description + - type: object + properties: + schemaAttributes: + description: List of schema attributes associated with this non-employee source. + type: array + items: + type: object + properties: + id: + type: string + format: UUID + example: ac110005-7156-1150-8171-5b292e3e0084 + description: Schema Attribute Id + system: + type: boolean + description: True if this schema attribute is mandatory on all non-employees sources. + example: true + modified: + type: string + format: date-time + description: When the schema attribute was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the schema attribute was created. + example: '2019-08-23T18:40:35.772Z' + type: + type: string + enum: + - TEXT + - DATE + - IDENTITY + description: Enum representing the type of data a schema attribute accepts. + example: TEXT + label: + type: string + description: Label displayed on the UI for this schema attribute. + example: Account Name + technicalName: + type: string + description: The technical name of the attribute. Must be unique per source. + example: account.name + helpText: + type: string + description: help text displayed by UI. + example: The unique identifier for the account + placeholder: + type: string + description: Hint text that fills UI box. + example: Enter a unique user name for this account. + required: + type: boolean + description: 'If true, the schema attribute is required for all non-employees in the source' + example: true + required: + - type + - technicalName + - label + data: + type: object + additionalProperties: + type: string + description: Attribute blob/bag for a non-employee. + example: + description: Auditing + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + comment: + type: string + description: comment of requester + example: approved + completionDate: + type: string + format: date-time + description: When the request was completely approved. + example: '2020-03-24T11:11:41.139-05:00' + startDate: + type: string + format: date + description: Non-Employee employment start date. + example: '2020-03-24' + endDate: + type: string + format: date + description: Non-Employee employment end date. + example: '2021-03-25' + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2020-03-24T11:11:41.139-05:00' + created: + type: string + format: date-time + description: When the request was created. + example: '2020-03-24T11:11:41.139-05:00' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-approvals/{id}/approve': + post: + operationId: approveNonEmployeeRequest + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Approve a Non-Employee Request + description: Approves a non-employee approval request and notifies the next approver. The current user must be the requested approver. + parameters: + - in: path + name: id + description: Non-Employee approval item id (UUID) + required: true + schema: + type: string + example: e136567de87e4d029e60b3c3c55db56d + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + comment: + type: string + description: Comment on the approval item. + maxLength: 4000 + example: Approved by manager + responses: + '200': + description: Non-Employee approval item object. + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee approval item id + example: 2c1e388b-1e55-4b0a-ab5c-897f1204159c + approver: + description: Reference to the associated Identity + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountName: + type: string + description: Requested identity account name + example: test.account + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + approvalOrder: + type: number + description: Approval order + example: 1 + format: float + comment: + type: string + description: comment of approver + example: I approve + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + - type: object + properties: + nonEmployeeRequest: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee request id. + example: ac110005-7156-1150-8171-5b292e3e0084 + requester: + example: + type: IDENTITY + id: 2c9180866166b5b0016167c32ef31a66 + name: William Smith + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-approvals/{id}/reject': + post: + operationId: rejectNonEmployeeRequest + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Reject a Non-Employee Request + description: This endpoint will reject an approval item request and notify user. The current user must be the requested approver. + parameters: + - in: path + name: id + description: Non-Employee approval item id (UUID) + required: true + schema: + type: string + example: e136567de87e4d029e60b3c3c55db56d + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + comment: + type: string + description: Comment on the approval item. + maxLength: 4000 + example: approved + required: + - comment + responses: + '200': + description: Non-Employee approval item object. + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + format: UUID + description: Non-Employee approval item id + example: 2c1e388b-1e55-4b0a-ab5c-897f1204159c + approver: + description: Reference to the associated Identity + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + accountName: + type: string + description: Requested identity account name + example: test.account + approvalStatus: + type: string + enum: + - APPROVED + - REJECTED + - PENDING + - NOT_READY + - CANCELLED + description: Enum representing the non-employee request approval status + example: APPROVED + approvalOrder: + type: number + description: Approval order + example: 1 + format: float + comment: + type: string + description: comment of approver + example: I approve + modified: + type: string + format: date-time + description: When the request was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the request was created. + example: '2019-08-23T18:40:35.772Z' + - type: object + properties: + nonEmployeeRequest: + type: object + properties: + id: + type: string + format: UUID + description: Non-Employee request id. + example: ac110005-7156-1150-8171-5b292e3e0084 + requester: + example: + type: IDENTITY + id: 2c9180866166b5b0016167c32ef31a66 + name: William Smith + type: object + properties: + type: + type: string + enum: + - GOVERNANCE_GROUP + - IDENTITY + example: IDENTITY + description: Identifies if the identity is a normal identity or a governance group + id: + type: string + description: Identity id + example: 5168015d32f890ca15812c9180835d2e + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-approvals/summary/{requested-for}': + get: + operationId: getNonEmployeeApprovalSummary + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Get Summary of Non-Employee Approval Requests + description: |- + This request will retrieve a summary of non-employee approval requests. There are two contextual uses for the `requested-for` path parameter: + 1. The user has the role context of `idn:nesr:read`, in which case he or + she may request a summary of all non-employee approval requests assigned to a particular approver by passing in that approver's id. + 2. The current user is an approver, in which case "me" should be provided + as the `requested-for` value. This will provide the approver with a summary of the approval items assigned to him or her. + parameters: + - in: path + name: requested-for + schema: + type: string + description: The identity (UUID) of the approver for whom for whom the summary is being retrieved. Use "me" instead to indicate the current user. + required: true + example: 2c91808280430dfb0180431a59440460 + responses: + '200': + description: summary of non-employee approval requests + content: + application/json: + schema: + type: object + properties: + approved: + type: integer + description: The number of approved non-employee approval requests. + format: int32 + example: 2 + pending: + type: integer + description: The number of pending non-employee approval requests. + format: int32 + example: 2 + rejected: + type: integer + description: The number of rejected non-employee approval requests. + format: int32 + example: 2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-sources/{sourceId}/schema-attributes': + get: + operationId: getNonEmployeeSourceSchemaAttributes + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: List Schema Attributes Non-Employee Source + description: |- + This API gets the list of schema attributes for the specified Non-Employee SourceId. There are 8 mandatory attributes added to each new Non-Employee Source automatically. Additionaly, user can add up to 10 custom attributes. This interface returns all the mandatory attributes followed by any custom attributes. At most, a total of 18 attributes will be returned. + Requires role context of `idn:nesr:read` or the user must be an account manager of the source. + parameters: + - in: path + name: sourceId + schema: + type: string + required: true + example: ef38f94347e94562b5bb8424a56397d8 + description: The Source id + responses: + '200': + description: A list of Schema Attributes + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + format: UUID + example: ac110005-7156-1150-8171-5b292e3e0084 + description: Schema Attribute Id + system: + type: boolean + description: True if this schema attribute is mandatory on all non-employees sources. + example: true + modified: + type: string + format: date-time + description: When the schema attribute was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the schema attribute was created. + example: '2019-08-23T18:40:35.772Z' + type: + type: string + enum: + - TEXT + - DATE + - IDENTITY + description: Enum representing the type of data a schema attribute accepts. + example: TEXT + label: + type: string + description: Label displayed on the UI for this schema attribute. + example: Account Name + technicalName: + type: string + description: The technical name of the attribute. Must be unique per source. + example: account.name + helpText: + type: string + description: help text displayed by UI. + example: The unique identifier for the account + placeholder: + type: string + description: Hint text that fills UI box. + example: Enter a unique user name for this account. + required: + type: boolean + description: 'If true, the schema attribute is required for all non-employees in the source' + example: true + required: + - type + - technicalName + - label + maxItems: 18 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createNonEmployeeSourceSchemaAttributes + tags: + - Non-Employee Lifecycle Management + summary: Create a new Schema Attribute for Non-Employee Source + description: |- + This API creates a new schema attribute for Non-Employee Source. The schema technical name must be unique in the source. Attempts to create a schema attribute with an existing name will result in a "400.1.409 Reference conflict" response. At most, 10 custom attributes can be created per schema. Attempts to create more than 10 will result in a "400.1.4 Limit violation" response. + Requires role context of `idn:nesr:create` + parameters: + - in: path + name: sourceId + schema: + type: string + required: true + description: The Source id + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + type: + type: string + description: Type of the attribute. Only type 'TEXT' is supported for custom attributes. + example: TEXT + label: + type: string + description: Label displayed on the UI for this schema attribute. + example: Account Name + technicalName: + type: string + description: The technical name of the attribute. Must be unique per source. + example: account.name + helpText: + type: string + description: help text displayed by UI. + example: The unique identifier for the account + placeholder: + type: string + description: Hint text that fills UI box. + example: Enter a unique user name for this account. + required: + type: boolean + description: 'If true, the schema attribute is required for all non-employees in the source' + example: true + required: + - type + - technicalName + - label + responses: + '200': + description: Schema Attribute created. + content: + application/json: + schema: + type: object + properties: + id: + type: string + format: UUID + example: ac110005-7156-1150-8171-5b292e3e0084 + description: Schema Attribute Id + system: + type: boolean + description: True if this schema attribute is mandatory on all non-employees sources. + example: true + modified: + type: string + format: date-time + description: When the schema attribute was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the schema attribute was created. + example: '2019-08-23T18:40:35.772Z' + type: + type: string + enum: + - TEXT + - DATE + - IDENTITY + description: Enum representing the type of data a schema attribute accepts. + example: TEXT + label: + type: string + description: Label displayed on the UI for this schema attribute. + example: Account Name + technicalName: + type: string + description: The technical name of the attribute. Must be unique per source. + example: account.name + helpText: + type: string + description: help text displayed by UI. + example: The unique identifier for the account + placeholder: + type: string + description: Hint text that fills UI box. + example: Enter a unique user name for this account. + required: + type: boolean + description: 'If true, the schema attribute is required for all non-employees in the source' + example: true + required: + - type + - technicalName + - label + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteNonEmployeeSourceSchemaAttributes + tags: + - Non-Employee Lifecycle Management + summary: Delete all custom schema attributes for Non-Employee Source + description: 'This end-point deletes all custom schema attributes for a non-employee source. Requires role context of `idn:nesr:delete`' + parameters: + - in: path + name: sourceId + schema: + type: string + required: true + description: The Source id + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '204': + description: All custon Schema Attributes were successfully deleted. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/non-employee-sources/{sourceId}/schema-attributes/{attributeId}': + get: + operationId: getNonEmployeeSchemaAttribute + security: + - UserContextAuth: [] + tags: + - Non-Employee Lifecycle Management + summary: Get Schema Attribute Non-Employee Source + description: 'This API gets a schema attribute by Id for the specified Non-Employee SourceId. Requires role context of `idn:nesr:read` or the user must be an account manager of the source.' + parameters: + - in: path + name: attributeId + schema: + type: string + required: true + example: ef38f94347e94562b5bb8424a56397d8 + description: The Schema Attribute Id (UUID) + - in: path + name: sourceId + schema: + type: string + required: true + example: ef38f94347e94562b5bb8424a56397d8 + description: The Source id + responses: + '200': + description: The Schema Attribute + content: + application/json: + schema: + type: object + properties: + id: + type: string + format: UUID + example: ac110005-7156-1150-8171-5b292e3e0084 + description: Schema Attribute Id + system: + type: boolean + description: True if this schema attribute is mandatory on all non-employees sources. + example: true + modified: + type: string + format: date-time + description: When the schema attribute was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the schema attribute was created. + example: '2019-08-23T18:40:35.772Z' + type: + type: string + enum: + - TEXT + - DATE + - IDENTITY + description: Enum representing the type of data a schema attribute accepts. + example: TEXT + label: + type: string + description: Label displayed on the UI for this schema attribute. + example: Account Name + technicalName: + type: string + description: The technical name of the attribute. Must be unique per source. + example: account.name + helpText: + type: string + description: help text displayed by UI. + example: The unique identifier for the account + placeholder: + type: string + description: Hint text that fills UI box. + example: Enter a unique user name for this account. + required: + type: boolean + description: 'If true, the schema attribute is required for all non-employees in the source' + example: true + required: + - type + - technicalName + - label + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchNonEmployeeSchemaAttribute + tags: + - Non-Employee Lifecycle Management + summary: Patch a Schema Attribute for Non-Employee Source + description: | + This end-point patches a specific schema attribute for a non-employee SourceId. + Requires role context of `idn:nesr:update` + parameters: + - in: path + name: attributeId + schema: + type: string + required: true + description: The Schema Attribute Id (UUID) + example: ef38f94347e94562b5bb8424a56397d8 + - in: path + name: sourceId + schema: + type: string + required: true + description: The Source id + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + description: 'A list of schema attribute update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following properties are allowed for update '':'' ''label'', ''helpText'', ''placeholder'', ''required''.' + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /label + value: + new attribute label: null + required: true + responses: + '200': + description: The Schema Attribute was successfully patched. + content: + application/json: + schema: + type: object + properties: + id: + type: string + format: UUID + example: ac110005-7156-1150-8171-5b292e3e0084 + description: Schema Attribute Id + system: + type: boolean + description: True if this schema attribute is mandatory on all non-employees sources. + example: true + modified: + type: string + format: date-time + description: When the schema attribute was last modified. + example: '2019-08-23T18:52:59.162Z' + created: + type: string + format: date-time + description: When the schema attribute was created. + example: '2019-08-23T18:40:35.772Z' + type: + type: string + enum: + - TEXT + - DATE + - IDENTITY + description: Enum representing the type of data a schema attribute accepts. + example: TEXT + label: + type: string + description: Label displayed on the UI for this schema attribute. + example: Account Name + technicalName: + type: string + description: The technical name of the attribute. Must be unique per source. + example: account.name + helpText: + type: string + description: help text displayed by UI. + example: The unique identifier for the account + placeholder: + type: string + description: Hint text that fills UI box. + example: Enter a unique user name for this account. + required: + type: boolean + description: 'If true, the schema attribute is required for all non-employees in the source' + example: true + required: + - type + - technicalName + - label + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteNonEmployeeSchemaAttribute + tags: + - Non-Employee Lifecycle Management + summary: Delete a Schema Attribute for Non-Employee Source + description: | + This end-point deletes a specific schema attribute for a non-employee source. + Requires role context of `idn:nesr:delete` + parameters: + - in: path + name: attributeId + schema: + type: string + required: true + description: The Schema Attribute Id (UUID) + example: ef38f94347e94562b5bb8424a56397d8 + - in: path + name: sourceId + schema: + type: string + required: true + description: The Source id + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '204': + description: The Schema Attribute was successfully deleted. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /oauth-clients: + get: + operationId: listOauthClients + security: + - UserContextAuth: + - 'sp:oauth-client:manage' + tags: + - OAuth Clients + summary: List OAuth Clients + description: This gets a list of OAuth clients. + parameters: + - in: query + name: filters + required: false + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **lastUsed**: *le, isnull* + example: 'lastUsed le 2023-02-05T10:59:27.214Z' + responses: + '200': + description: List of OAuth clients. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: ID of the OAuth client + example: 2c9180835d2e5168015d32f890ca1581 + businessName: + type: string + nullable: true + description: The name of the business the API Client should belong to + example: Acme-Solar + homepageUrl: + type: string + nullable: true + description: The homepage URL associated with the owner of the API Client + example: 'http://localhost:12345' + name: + type: string + description: A human-readable name for the API Client + example: Demo API Client + description: + type: string + nullable: true + description: A description of the API Client + example: 'An API client used for the authorization_code, refresh_token, and client_credentials flows' + accessTokenValiditySeconds: + type: integer + format: int32 + description: The number of seconds an access token generated for this API Client is valid for + example: 750 + refreshTokenValiditySeconds: + type: integer + format: int32 + description: The number of seconds a refresh token generated for this API Client is valid for + example: 86400 + redirectUris: + type: array + nullable: true + items: + type: string + description: A list of the approved redirect URIs used with the authorization_code flow + example: + - 'http://localhost:12345' + grantTypes: + type: array + items: + description: OAuth2 Grant Type + type: string + example: CLIENT_CREDENTIALS + enum: + - CLIENT_CREDENTIALS + - AUTHORIZATION_CODE + - REFRESH_TOKEN + description: A list of OAuth 2.0 grant types this API Client can be used with + example: + - AUTHORIZATION_CODE + - CLIENT_CREDENTIALS + - REFRESH_TOKEN + accessType: + description: The access type (online or offline) of this API Client + example: OFFLINE + type: string + enum: + - ONLINE + - OFFLINE + type: + description: The type of the API Client (public or confidential) + example: CONFIDENTIAL + type: string + enum: + - CONFIDENTIAL + - PUBLIC + internal: + type: boolean + description: An indicator of whether the API Client can be used for requests internal to IDN + example: false + enabled: + type: boolean + description: An indicator of whether the API Client is enabled for use + example: true + strongAuthSupported: + type: boolean + description: An indicator of whether the API Client supports strong authentication + example: false + claimsSupported: + type: boolean + description: An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow + example: false + created: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when the API Client was created' + example: '2017-07-11T18:45:37.098Z' + modified: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when the API Client was last updated' + example: '2018-06-25T20:22:28.104Z' + secret: + type: string + nullable: true + metadata: + type: string + nullable: true + lastUsed: + type: string + nullable: true + format: date-time + description: 'The date and time, down to the millisecond, when this API Client was last used to generate an access token. This timestamp does not get updated on every API Client usage, but only once a day. This property can be useful for identifying which API Clients are no longer actively used and can be removed.' + example: '2017-07-11T18:45:37.098Z' + scope: + type: array + nullable: true + items: + type: string + default: 'sp:scopes:all' + description: Scopes of the API Client. + example: + - 'demo:api-client-scope:first' + - 'demo:api-client-scope:second' + required: + - id + - businessName + - homepageUrl + - name + - description + - accessTokenValiditySeconds + - refreshTokenValiditySeconds + - redirectUris + - grantTypes + - accessType + - type + - internal + - enabled + - strongAuthSupported + - claimsSupported + - created + - modified + - scope + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createOauthClient + security: + - UserContextAuth: + - 'sp:oauth-client:manage' + tags: + - OAuth Clients + summary: Create OAuth Client + description: This creates an OAuth client. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + businessName: + type: string + nullable: true + description: The name of the business the API Client should belong to + example: Acme-Solar + homepageUrl: + type: string + nullable: true + description: The homepage URL associated with the owner of the API Client + example: 'http://localhost:12345' + name: + type: string + nullable: true + description: A human-readable name for the API Client + example: Demo API Client + description: + type: string + nullable: true + description: A description of the API Client + example: 'An API client used for the authorization_code, refresh_token, and client_credentials flows' + accessTokenValiditySeconds: + description: The number of seconds an access token generated for this API Client is valid for + type: integer + format: int32 + example: 750 + refreshTokenValiditySeconds: + description: The number of seconds a refresh token generated for this API Client is valid for + example: 86400 + type: integer + format: int32 + redirectUris: + type: array + nullable: true + items: + type: string + description: A list of the approved redirect URIs. Provide one or more URIs when assigning the AUTHORIZATION_CODE grant type to a new OAuth Client. + example: + - 'http://localhost:12345' + grantTypes: + type: array + nullable: true + items: + description: OAuth2 Grant Type + type: string + example: CLIENT_CREDENTIALS + enum: + - CLIENT_CREDENTIALS + - AUTHORIZATION_CODE + - REFRESH_TOKEN + description: A list of OAuth 2.0 grant types this API Client can be used with + example: + - AUTHORIZATION_CODE + - CLIENT_CREDENTIALS + - REFRESH_TOKEN + accessType: + description: The access type (online or offline) of this API Client + example: OFFLINE + type: string + enum: + - ONLINE + - OFFLINE + type: + description: The type of the API Client (public or confidential) + example: CONFIDENTIAL + type: string + enum: + - CONFIDENTIAL + - PUBLIC + internal: + type: boolean + description: An indicator of whether the API Client can be used for requests internal within the product. + example: false + enabled: + type: boolean + description: An indicator of whether the API Client is enabled for use + example: true + strongAuthSupported: + type: boolean + description: An indicator of whether the API Client supports strong authentication + example: false + claimsSupported: + type: boolean + description: An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow + example: false + scope: + type: array + nullable: true + items: + type: string + default: 'sp:scopes:all' + description: 'Scopes of the API Client. If no scope is specified, the client will be created with the default scope "sp:scopes:all". This means the API Client will have all the rights of the owner who created it.' + example: + - 'demo:api-client-scope:first' + - 'demo:api-client-scope:second' + required: + - name + - description + - accessTokenValiditySeconds + - grantTypes + - accessType + - enabled + responses: + '200': + description: Request succeeded. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the OAuth client + example: 2c9180835d2e5168015d32f890ca1581 + secret: + type: string + description: Secret of the OAuth client (This field is only returned on the intial create call.) + example: 5c32dd9b21adb51c77794d46e71de117a1d0ddb36a7ff941fa28014ab7de2cf3 + businessName: + type: string + description: The name of the business the API Client should belong to + example: Acme-Solar + homepageUrl: + type: string + description: The homepage URL associated with the owner of the API Client + example: 'http://localhost:12345' + name: + type: string + description: A human-readable name for the API Client + example: Demo API Client + description: + type: string + description: A description of the API Client + example: 'An API client used for the authorization_code, refresh_token, and client_credentials flows' + accessTokenValiditySeconds: + description: The number of seconds an access token generated for this API Client is valid for + example: 750 + type: integer + format: int32 + refreshTokenValiditySeconds: + description: The number of seconds a refresh token generated for this API Client is valid for + example: 86400 + type: integer + format: int32 + redirectUris: + type: array + items: + type: string + description: A list of the approved redirect URIs used with the authorization_code flow + example: + - 'http://localhost:12345' + grantTypes: + type: array + items: + description: OAuth2 Grant Type + type: string + example: CLIENT_CREDENTIALS + enum: + - CLIENT_CREDENTIALS + - AUTHORIZATION_CODE + - REFRESH_TOKEN + description: A list of OAuth 2.0 grant types this API Client can be used with + example: + - AUTHORIZATION_CODE + - CLIENT_CREDENTIALS + - REFRESH_TOKEN + accessType: + description: The access type (online or offline) of this API Client + example: OFFLINE + type: string + enum: + - ONLINE + - OFFLINE + type: + description: The type of the API Client (public or confidential) + example: CONFIDENTIAL + type: string + enum: + - CONFIDENTIAL + - PUBLIC + internal: + type: boolean + description: An indicator of whether the API Client can be used for requests internal to IDN + example: false + enabled: + type: boolean + description: An indicator of whether the API Client is enabled for use + example: true + strongAuthSupported: + type: boolean + description: An indicator of whether the API Client supports strong authentication + example: false + claimsSupported: + type: boolean + description: An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow + example: false + created: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when the API Client was created' + example: '2017-07-11T18:45:37.098Z' + modified: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when the API Client was last updated' + example: '2018-06-25T20:22:28.104Z' + scope: + type: array + nullable: true + items: + type: string + default: 'sp:scopes:all' + description: Scopes of the API Client. + example: + - 'demo:api-client-scope:first' + - 'demo:api-client-scope:second' + required: + - id + - secret + - businessName + - homepageUrl + - name + - description + - accessTokenValiditySeconds + - refreshTokenValiditySeconds + - redirectUris + - grantTypes + - accessType + - type + - internal + - enabled + - strongAuthSupported + - claimsSupported + - created + - modified + - scope + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/oauth-clients/{id}': + get: + operationId: getOauthClient + security: + - UserContextAuth: + - 'sp:oauth-client:manage' + - 'sp:oauth-client:read' + tags: + - OAuth Clients + summary: Get OAuth Client + description: This gets details of an OAuth client. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The OAuth client id + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: Request succeeded. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the OAuth client + example: 2c9180835d2e5168015d32f890ca1581 + businessName: + type: string + nullable: true + description: The name of the business the API Client should belong to + example: Acme-Solar + homepageUrl: + type: string + nullable: true + description: The homepage URL associated with the owner of the API Client + example: 'http://localhost:12345' + name: + type: string + description: A human-readable name for the API Client + example: Demo API Client + description: + type: string + nullable: true + description: A description of the API Client + example: 'An API client used for the authorization_code, refresh_token, and client_credentials flows' + accessTokenValiditySeconds: + type: integer + format: int32 + description: The number of seconds an access token generated for this API Client is valid for + example: 750 + refreshTokenValiditySeconds: + type: integer + format: int32 + description: The number of seconds a refresh token generated for this API Client is valid for + example: 86400 + redirectUris: + type: array + nullable: true + items: + type: string + description: A list of the approved redirect URIs used with the authorization_code flow + example: + - 'http://localhost:12345' + grantTypes: + type: array + items: + description: OAuth2 Grant Type + type: string + example: CLIENT_CREDENTIALS + enum: + - CLIENT_CREDENTIALS + - AUTHORIZATION_CODE + - REFRESH_TOKEN + description: A list of OAuth 2.0 grant types this API Client can be used with + example: + - AUTHORIZATION_CODE + - CLIENT_CREDENTIALS + - REFRESH_TOKEN + accessType: + description: The access type (online or offline) of this API Client + example: OFFLINE + type: string + enum: + - ONLINE + - OFFLINE + type: + description: The type of the API Client (public or confidential) + example: CONFIDENTIAL + type: string + enum: + - CONFIDENTIAL + - PUBLIC + internal: + type: boolean + description: An indicator of whether the API Client can be used for requests internal to IDN + example: false + enabled: + type: boolean + description: An indicator of whether the API Client is enabled for use + example: true + strongAuthSupported: + type: boolean + description: An indicator of whether the API Client supports strong authentication + example: false + claimsSupported: + type: boolean + description: An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow + example: false + created: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when the API Client was created' + example: '2017-07-11T18:45:37.098Z' + modified: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when the API Client was last updated' + example: '2018-06-25T20:22:28.104Z' + secret: + type: string + nullable: true + metadata: + type: string + nullable: true + lastUsed: + type: string + nullable: true + format: date-time + description: 'The date and time, down to the millisecond, when this API Client was last used to generate an access token. This timestamp does not get updated on every API Client usage, but only once a day. This property can be useful for identifying which API Clients are no longer actively used and can be removed.' + example: '2017-07-11T18:45:37.098Z' + scope: + type: array + nullable: true + items: + type: string + default: 'sp:scopes:all' + description: Scopes of the API Client. + example: + - 'demo:api-client-scope:first' + - 'demo:api-client-scope:second' + required: + - id + - businessName + - homepageUrl + - name + - description + - accessTokenValiditySeconds + - refreshTokenValiditySeconds + - redirectUris + - grantTypes + - accessType + - type + - internal + - enabled + - strongAuthSupported + - claimsSupported + - created + - modified + - scope + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteOauthClient + security: + - UserContextAuth: + - 'sp:oauth-client:manage' + tags: + - OAuth Clients + summary: Delete OAuth Client + description: This deletes an OAuth client. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The OAuth client id + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '204': + description: No content. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchOauthClient + security: + - UserContextAuth: + - 'sp:oauth-client:manage' + tags: + - OAuth Clients + summary: Patch OAuth Client + description: This performs a targeted update to the field(s) of an OAuth client. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The OAuth client id + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + description: | + A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + The following fields are patchable: + * tenant + * businessName + * homepageUrl + * name + * description + * accessTokenValiditySeconds + * refreshTokenValiditySeconds + * redirectUris + * grantTypes + * accessType + * enabled + * strongAuthSupported + * claimsSupported + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /strongAuthSupported + value: true + - op: replace + path: /businessName + value: acme-solar + responses: + '200': + description: 'Indicates the PATCH operation succeeded, and returns the OAuth client''s new representation.' + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the OAuth client + example: 2c9180835d2e5168015d32f890ca1581 + businessName: + type: string + nullable: true + description: The name of the business the API Client should belong to + example: Acme-Solar + homepageUrl: + type: string + nullable: true + description: The homepage URL associated with the owner of the API Client + example: 'http://localhost:12345' + name: + type: string + description: A human-readable name for the API Client + example: Demo API Client + description: + type: string + nullable: true + description: A description of the API Client + example: 'An API client used for the authorization_code, refresh_token, and client_credentials flows' + accessTokenValiditySeconds: + type: integer + format: int32 + description: The number of seconds an access token generated for this API Client is valid for + example: 750 + refreshTokenValiditySeconds: + type: integer + format: int32 + description: The number of seconds a refresh token generated for this API Client is valid for + example: 86400 + redirectUris: + type: array + nullable: true + items: + type: string + description: A list of the approved redirect URIs used with the authorization_code flow + example: + - 'http://localhost:12345' + grantTypes: + type: array + items: + description: OAuth2 Grant Type + type: string + example: CLIENT_CREDENTIALS + enum: + - CLIENT_CREDENTIALS + - AUTHORIZATION_CODE + - REFRESH_TOKEN + description: A list of OAuth 2.0 grant types this API Client can be used with + example: + - AUTHORIZATION_CODE + - CLIENT_CREDENTIALS + - REFRESH_TOKEN + accessType: + description: The access type (online or offline) of this API Client + example: OFFLINE + type: string + enum: + - ONLINE + - OFFLINE + type: + description: The type of the API Client (public or confidential) + example: CONFIDENTIAL + type: string + enum: + - CONFIDENTIAL + - PUBLIC + internal: + type: boolean + description: An indicator of whether the API Client can be used for requests internal to IDN + example: false + enabled: + type: boolean + description: An indicator of whether the API Client is enabled for use + example: true + strongAuthSupported: + type: boolean + description: An indicator of whether the API Client supports strong authentication + example: false + claimsSupported: + type: boolean + description: An indicator of whether the API Client supports the serialization of SAML claims when used with the authorization_code flow + example: false + created: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when the API Client was created' + example: '2017-07-11T18:45:37.098Z' + modified: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when the API Client was last updated' + example: '2018-06-25T20:22:28.104Z' + secret: + type: string + nullable: true + metadata: + type: string + nullable: true + lastUsed: + type: string + nullable: true + format: date-time + description: 'The date and time, down to the millisecond, when this API Client was last used to generate an access token. This timestamp does not get updated on every API Client usage, but only once a day. This property can be useful for identifying which API Clients are no longer actively used and can be removed.' + example: '2017-07-11T18:45:37.098Z' + scope: + type: array + nullable: true + items: + type: string + default: 'sp:scopes:all' + description: Scopes of the API Client. + example: + - 'demo:api-client-scope:first' + - 'demo:api-client-scope:second' + required: + - id + - businessName + - homepageUrl + - name + - description + - accessTokenValiditySeconds + - refreshTokenValiditySeconds + - redirectUris + - grantTypes + - accessType + - type + - internal + - enabled + - strongAuthSupported + - claimsSupported + - created + - modified + - scope + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /password-sync-groups: + get: + operationId: getPasswordSyncGroups + tags: + - Password Sync Groups + summary: Get Password Sync Group List + description: This API returns a list of password sync groups. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:password-sync-group-management:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + responses: + '200': + description: A list of password sync groups. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: ID of the sync group + example: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: + description: Name of the sync group + type: string + example: Password Sync Group 1 + passwordPolicyId: + type: string + description: ID of the password policy + example: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + type: array + description: List of password managed sources IDs + items: + type: string + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + created: + type: string + description: The date and time this sync group was created + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + modified: + type: string + description: The date and time this sync group was last modified + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createPasswordSyncGroup + tags: + - Password Sync Groups + summary: Create Password Sync Group + description: This API creates a password sync group based on the specifications provided. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:password-sync-group-management:write' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the sync group + example: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: + description: Name of the sync group + type: string + example: Password Sync Group 1 + passwordPolicyId: + type: string + description: ID of the password policy + example: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + type: array + description: List of password managed sources IDs + items: + type: string + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + created: + type: string + description: The date and time this sync group was created + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + modified: + type: string + description: The date and time this sync group was last modified + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + example: + name: Password Sync Group 2 + passwordPolicyId: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + responses: + '200': + description: Reference to the password sync group. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the sync group + example: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: + description: Name of the sync group + type: string + example: Password Sync Group 1 + passwordPolicyId: + type: string + description: ID of the password policy + example: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + type: array + description: List of password managed sources IDs + items: + type: string + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + created: + type: string + description: The date and time this sync group was created + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + modified: + type: string + description: The date and time this sync group was last modified + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + example: + id: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: Password Sync Group 2 + passwordPolicyId: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/password-sync-groups/{id}': + get: + operationId: getPasswordSyncGroup + tags: + - Password Sync Groups + summary: Get Password Sync Group by ID + description: This API returns the sync group for the specified ID. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:password-sync-group-management:read' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of password sync group to retrieve. + example: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + responses: + '200': + description: Reference to the password sync group. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the sync group + example: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: + description: Name of the sync group + type: string + example: Password Sync Group 1 + passwordPolicyId: + type: string + description: ID of the password policy + example: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + type: array + description: List of password managed sources IDs + items: + type: string + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + created: + type: string + description: The date and time this sync group was created + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + modified: + type: string + description: The date and time this sync group was last modified + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + example: + id: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: Password Sync Group 1 + passwordPolicyId: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: updatePasswordSyncGroup + tags: + - Password Sync Groups + summary: Update Password Sync Group by ID + description: This API updates the specified password sync group. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:password-sync-group-management:write' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of password sync group to update. + example: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the sync group + example: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: + description: Name of the sync group + type: string + example: Password Sync Group 1 + passwordPolicyId: + type: string + description: ID of the password policy + example: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + type: array + description: List of password managed sources IDs + items: + type: string + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + created: + type: string + description: The date and time this sync group was created + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + modified: + type: string + description: The date and time this sync group was last modified + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + example: + id: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: Password Sync Group 2 + passwordPolicyId: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + responses: + '200': + description: Reference to the password sync group. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the sync group + example: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: + description: Name of the sync group + type: string + example: Password Sync Group 1 + passwordPolicyId: + type: string + description: ID of the password policy + example: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + type: array + description: List of password managed sources IDs + items: + type: string + example: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + created: + type: string + description: The date and time this sync group was created + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + modified: + type: string + description: The date and time this sync group was last modified + format: date-time + example: '2023-03-16T04:00:00Z' + nullable: true + example: + id: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + name: Password Sync Group 2 + passwordPolicyId: 2c91808d744ba0ce01746f93b6204501 + sourceIds: + - 2c918084660f45d6016617daa9210584 + - 2c918084660f45d6016617daa9210500 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deletePasswordSyncGroup + tags: + - Password Sync Groups + summary: Delete Password Sync Group by ID + description: This API deletes the specified password sync group. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:password-sync-group-management:write' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of password sync group to delete. + example: 6881f631-3bd5-4213-9c75-8e05cc3e35dd + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/password-policies/{id}': + get: + operationId: getPasswordPolicyById + tags: + - Password Policies + summary: Get Password Policy by ID + description: This API returns the password policy for the specified ID. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:password-policy:read' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of password policy to retrieve. + example: ff808081838d9e9d01838da6a03e0005 + responses: + '200': + description: Reference to the password policy. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The password policy Id. + example: 2c91808e7d976f3b017d9f5ceae440c8 + description: + type: string + nullable: true + description: Description for current password policy. + example: Information about the Password Policy + name: + type: string + description: The name of the password policy. + example: PasswordPolicy Example + dateCreated: + type: string + format: date-time + description: Date the Password Policy was created. + example: 1639056206564 + lastUpdated: + type: string + nullable: true + format: date-time + description: Date the Password Policy was updated. + example: 1939056206564 + firstExpirationReminder: + type: integer + format: int64 + description: The number of days before expiration remaninder. + example: 45 + accountIdMinWordLength: + type: integer + format: int64 + description: The minimun length of account Id. By default is equals to -1. + example: 4 + accountNameMinWordLength: + type: integer + format: int64 + description: The minimun length of account name. By default is equals to -1. + example: 6 + minAlpha: + type: integer + format: int64 + description: Maximum alpha. By default is equals to 0. + example: 5 + minCharacterTypes: + type: integer + format: int64 + description: MinCharacterTypes. By default is equals to -1. + example: 5 + maxLength: + type: integer + format: int64 + description: Maximum length of the password. + example: 25 + minLength: + type: integer + format: int64 + description: Minimum length of the password. By default is equals to 0. + example: 8 + maxRepeatedChars: + type: integer + format: int64 + description: Maximum repetition of the same character in the password. By default is equals to -1. + example: 3 + minLower: + type: integer + format: int64 + description: Minimum amount of lower case character in the password. By default is equals to 0. + example: 8 + minNumeric: + type: integer + format: int64 + description: Minimum amount of numeric characters in the password. By default is equals to 0. + example: 8 + minSpecial: + type: integer + format: int64 + description: Minimum amount of special symbols in the password. By default is equals to 0. + example: 8 + minUpper: + type: integer + format: int64 + description: Minimum amount of upper case symbols in the password. By default is equals to 0. + example: 8 + passwordExpiration: + type: integer + format: int64 + description: Number of days before current password expires. By default is equals to 90. + example: 8 + defaultPolicy: + type: boolean + description: Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default. + example: true + default: false + enablePasswdExpiration: + type: boolean + description: Defines whether this policy is enabled to expire or not. This field is false by default. + example: true + default: false + requireStrongAuthn: + type: boolean + description: Defines whether this policy require strong Auth or not. This field is false by default. + example: true + default: false + requireStrongAuthOffNetwork: + type: boolean + description: Defines whether this policy require strong Auth of network or not. This field is false by default. + example: true + default: false + requireStrongAuthUntrustedGeographies: + type: boolean + description: Defines whether this policy require strong Auth for untrusted geographies. This field is false by default. + example: true + default: false + useAccountAttributes: + type: boolean + description: Defines whether this policy uses account attributes or not. This field is false by default. + example: false + default: false + useDictionary: + type: boolean + description: Defines whether this policy uses dictionary or not. This field is false by default. + example: false + default: false + useIdentityAttributes: + type: boolean + description: Defines whether this policy uses identity attributes or not. This field is false by default. + example: false + default: false + validateAgainstAccountId: + type: boolean + description: Defines whether this policy validate against account id or not. This field is false by default. + example: false + default: false + validateAgainstAccountName: + type: boolean + description: Defines whether this policy validate against account name or not. This field is false by default. + example: true + default: false + created: + type: string + nullable: true + modified: + type: string + nullable: true + sourceIds: + type: array + description: List of sources IDs managed by this password policy. + items: + type: string + example: + - 2c91808382ffee0b01830de154f14034 + - 2f98808382ffee0b01830de154f12134 + example: + description: Default Password Policy + id: 2c91808e7d976f3b017d9f5ceae440c8 + name: Example PP + dateCreated: 1639056206564 + lastUpdated: 1662385430753 + firstExpirationReminder: 90 + accountIdMinWordLength: 3 + accountNameMinWordLength: 3 + maxLength: 0 + maxRepeatedChars: 4 + minAlpha: 1 + minCharacterTypes: -1 + minLength: 8 + minLower: 0 + minNumeric: 1 + minSpecial: 0 + minUpper: 0 + passwordExpiration: 90 + defaultPolicy: true + enablePasswdExpiration: false + requireStrongAuthn: false + requireStrongAuthOffNetwork: false + requireStrongAuthUntrustedGeographies: false + useAccountAttributes: false + useDictionary: false + useIdentityAttributes: false + validateAgainstAccountId: true + validateAgainstAccountName: true + sourceIds: + - 2c91808382ffee0b01830de154f14034 + - 2c91808582ffee0c01830de36511405f + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: setPasswordPolicy + tags: + - Password Policies + summary: Update Password Policy by ID + description: This API updates the specified password policy. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:password-policy:write' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of password policy to update. + example: ff808081838d9e9d01838da6a03e0007 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The password policy Id. + example: 2c91808e7d976f3b017d9f5ceae440c8 + description: + type: string + nullable: true + description: Description for current password policy. + example: Information about the Password Policy + name: + type: string + description: The name of the password policy. + example: PasswordPolicy Example + dateCreated: + type: string + format: date-time + description: Date the Password Policy was created. + example: 1639056206564 + lastUpdated: + type: string + nullable: true + format: date-time + description: Date the Password Policy was updated. + example: 1939056206564 + firstExpirationReminder: + type: integer + format: int64 + description: The number of days before expiration remaninder. + example: 45 + accountIdMinWordLength: + type: integer + format: int64 + description: The minimun length of account Id. By default is equals to -1. + example: 4 + accountNameMinWordLength: + type: integer + format: int64 + description: The minimun length of account name. By default is equals to -1. + example: 6 + minAlpha: + type: integer + format: int64 + description: Maximum alpha. By default is equals to 0. + example: 5 + minCharacterTypes: + type: integer + format: int64 + description: MinCharacterTypes. By default is equals to -1. + example: 5 + maxLength: + type: integer + format: int64 + description: Maximum length of the password. + example: 25 + minLength: + type: integer + format: int64 + description: Minimum length of the password. By default is equals to 0. + example: 8 + maxRepeatedChars: + type: integer + format: int64 + description: Maximum repetition of the same character in the password. By default is equals to -1. + example: 3 + minLower: + type: integer + format: int64 + description: Minimum amount of lower case character in the password. By default is equals to 0. + example: 8 + minNumeric: + type: integer + format: int64 + description: Minimum amount of numeric characters in the password. By default is equals to 0. + example: 8 + minSpecial: + type: integer + format: int64 + description: Minimum amount of special symbols in the password. By default is equals to 0. + example: 8 + minUpper: + type: integer + format: int64 + description: Minimum amount of upper case symbols in the password. By default is equals to 0. + example: 8 + passwordExpiration: + type: integer + format: int64 + description: Number of days before current password expires. By default is equals to 90. + example: 8 + defaultPolicy: + type: boolean + description: Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default. + example: true + default: false + enablePasswdExpiration: + type: boolean + description: Defines whether this policy is enabled to expire or not. This field is false by default. + example: true + default: false + requireStrongAuthn: + type: boolean + description: Defines whether this policy require strong Auth or not. This field is false by default. + example: true + default: false + requireStrongAuthOffNetwork: + type: boolean + description: Defines whether this policy require strong Auth of network or not. This field is false by default. + example: true + default: false + requireStrongAuthUntrustedGeographies: + type: boolean + description: Defines whether this policy require strong Auth for untrusted geographies. This field is false by default. + example: true + default: false + useAccountAttributes: + type: boolean + description: Defines whether this policy uses account attributes or not. This field is false by default. + example: false + default: false + useDictionary: + type: boolean + description: Defines whether this policy uses dictionary or not. This field is false by default. + example: false + default: false + useIdentityAttributes: + type: boolean + description: Defines whether this policy uses identity attributes or not. This field is false by default. + example: false + default: false + validateAgainstAccountId: + type: boolean + description: Defines whether this policy validate against account id or not. This field is false by default. + example: false + default: false + validateAgainstAccountName: + type: boolean + description: Defines whether this policy validate against account name or not. This field is false by default. + example: true + default: false + created: + type: string + nullable: true + modified: + type: string + nullable: true + sourceIds: + type: array + description: List of sources IDs managed by this password policy. + items: + type: string + example: + - 2c91808382ffee0b01830de154f14034 + - 2f98808382ffee0b01830de154f12134 + example: + description: Password Policy after update. + id: 2c91808e7d976f3b017d9f5ceae440c8 + name: Improved Password Policy + dateCreated: 1639056206564 + lastUpdated: 1662385430753 + firstExpirationReminder: 90 + accountIdMinWordLength: 3 + accountNameMinWordLength: 3 + maxLength: 0 + maxRepeatedChars: 4 + minAlpha: 1 + minCharacterTypes: -1 + minLength: 8 + minLower: 0 + minNumeric: 1 + minSpecial: 0 + minUpper: 0 + passwordExpiration: 90 + defaultPolicy: false + enablePasswdExpiration: false + requireStrongAuthn: false + requireStrongAuthOffNetwork: false + requireStrongAuthUntrustedGeographies: false + useAccountAttributes: false + useDictionary: false + useIdentityAttributes: false + validateAgainstAccountId: true + validateAgainstAccountName: true + sourceIds: + - 2c91808382ffee0b01830de154f14034 + - 2c91808582ffee0c01830de36511405f + responses: + '200': + description: Reference to the password policy. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The password policy Id. + example: 2c91808e7d976f3b017d9f5ceae440c8 + description: + type: string + nullable: true + description: Description for current password policy. + example: Information about the Password Policy + name: + type: string + description: The name of the password policy. + example: PasswordPolicy Example + dateCreated: + type: string + format: date-time + description: Date the Password Policy was created. + example: 1639056206564 + lastUpdated: + type: string + nullable: true + format: date-time + description: Date the Password Policy was updated. + example: 1939056206564 + firstExpirationReminder: + type: integer + format: int64 + description: The number of days before expiration remaninder. + example: 45 + accountIdMinWordLength: + type: integer + format: int64 + description: The minimun length of account Id. By default is equals to -1. + example: 4 + accountNameMinWordLength: + type: integer + format: int64 + description: The minimun length of account name. By default is equals to -1. + example: 6 + minAlpha: + type: integer + format: int64 + description: Maximum alpha. By default is equals to 0. + example: 5 + minCharacterTypes: + type: integer + format: int64 + description: MinCharacterTypes. By default is equals to -1. + example: 5 + maxLength: + type: integer + format: int64 + description: Maximum length of the password. + example: 25 + minLength: + type: integer + format: int64 + description: Minimum length of the password. By default is equals to 0. + example: 8 + maxRepeatedChars: + type: integer + format: int64 + description: Maximum repetition of the same character in the password. By default is equals to -1. + example: 3 + minLower: + type: integer + format: int64 + description: Minimum amount of lower case character in the password. By default is equals to 0. + example: 8 + minNumeric: + type: integer + format: int64 + description: Minimum amount of numeric characters in the password. By default is equals to 0. + example: 8 + minSpecial: + type: integer + format: int64 + description: Minimum amount of special symbols in the password. By default is equals to 0. + example: 8 + minUpper: + type: integer + format: int64 + description: Minimum amount of upper case symbols in the password. By default is equals to 0. + example: 8 + passwordExpiration: + type: integer + format: int64 + description: Number of days before current password expires. By default is equals to 90. + example: 8 + defaultPolicy: + type: boolean + description: Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default. + example: true + default: false + enablePasswdExpiration: + type: boolean + description: Defines whether this policy is enabled to expire or not. This field is false by default. + example: true + default: false + requireStrongAuthn: + type: boolean + description: Defines whether this policy require strong Auth or not. This field is false by default. + example: true + default: false + requireStrongAuthOffNetwork: + type: boolean + description: Defines whether this policy require strong Auth of network or not. This field is false by default. + example: true + default: false + requireStrongAuthUntrustedGeographies: + type: boolean + description: Defines whether this policy require strong Auth for untrusted geographies. This field is false by default. + example: true + default: false + useAccountAttributes: + type: boolean + description: Defines whether this policy uses account attributes or not. This field is false by default. + example: false + default: false + useDictionary: + type: boolean + description: Defines whether this policy uses dictionary or not. This field is false by default. + example: false + default: false + useIdentityAttributes: + type: boolean + description: Defines whether this policy uses identity attributes or not. This field is false by default. + example: false + default: false + validateAgainstAccountId: + type: boolean + description: Defines whether this policy validate against account id or not. This field is false by default. + example: false + default: false + validateAgainstAccountName: + type: boolean + description: Defines whether this policy validate against account name or not. This field is false by default. + example: true + default: false + created: + type: string + nullable: true + modified: + type: string + nullable: true + sourceIds: + type: array + description: List of sources IDs managed by this password policy. + items: + type: string + example: + - 2c91808382ffee0b01830de154f14034 + - 2f98808382ffee0b01830de154f12134 + example: + description: Password Policy after update. + id: 2c91808e7d976f3b017d9f5ceae440c8 + name: Improved Password Policy + dateCreated: 1639056206564 + lastUpdated: 1662385430753 + firstExpirationReminder: 90 + accountIdMinWordLength: 3 + accountNameMinWordLength: 3 + maxLength: 0 + maxRepeatedChars: 4 + minAlpha: 1 + minCharacterTypes: -1 + minLength: 8 + minLower: 0 + minNumeric: 1 + minSpecial: 0 + minUpper: 0 + passwordExpiration: 90 + defaultPolicy: false + enablePasswdExpiration: false + requireStrongAuthn: false + requireStrongAuthOffNetwork: false + requireStrongAuthUntrustedGeographies: false + useAccountAttributes: false + useDictionary: false + useIdentityAttributes: false + validateAgainstAccountId: true + validateAgainstAccountName: true + sourceIds: + - 2c91808382ffee0b01830de154f14034 + - 2c91808582ffee0c01830de36511405f + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deletePasswordPolicy + tags: + - Password Policies + summary: Delete Password Policy by ID + description: This API deletes the specified password policy. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:password-policy:write' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of password policy to delete. + example: ff808081838d9e9d01838da6a03e0002 + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /password-policies: + post: + operationId: createPasswordPolicy + tags: + - Password Policies + summary: Create Password Policy + description: This API creates the specified password policy. A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:password-policy:write' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The password policy Id. + example: 2c91808e7d976f3b017d9f5ceae440c8 + description: + type: string + nullable: true + description: Description for current password policy. + example: Information about the Password Policy + name: + type: string + description: The name of the password policy. + example: PasswordPolicy Example + dateCreated: + type: string + format: date-time + description: Date the Password Policy was created. + example: 1639056206564 + lastUpdated: + type: string + nullable: true + format: date-time + description: Date the Password Policy was updated. + example: 1939056206564 + firstExpirationReminder: + type: integer + format: int64 + description: The number of days before expiration remaninder. + example: 45 + accountIdMinWordLength: + type: integer + format: int64 + description: The minimun length of account Id. By default is equals to -1. + example: 4 + accountNameMinWordLength: + type: integer + format: int64 + description: The minimun length of account name. By default is equals to -1. + example: 6 + minAlpha: + type: integer + format: int64 + description: Maximum alpha. By default is equals to 0. + example: 5 + minCharacterTypes: + type: integer + format: int64 + description: MinCharacterTypes. By default is equals to -1. + example: 5 + maxLength: + type: integer + format: int64 + description: Maximum length of the password. + example: 25 + minLength: + type: integer + format: int64 + description: Minimum length of the password. By default is equals to 0. + example: 8 + maxRepeatedChars: + type: integer + format: int64 + description: Maximum repetition of the same character in the password. By default is equals to -1. + example: 3 + minLower: + type: integer + format: int64 + description: Minimum amount of lower case character in the password. By default is equals to 0. + example: 8 + minNumeric: + type: integer + format: int64 + description: Minimum amount of numeric characters in the password. By default is equals to 0. + example: 8 + minSpecial: + type: integer + format: int64 + description: Minimum amount of special symbols in the password. By default is equals to 0. + example: 8 + minUpper: + type: integer + format: int64 + description: Minimum amount of upper case symbols in the password. By default is equals to 0. + example: 8 + passwordExpiration: + type: integer + format: int64 + description: Number of days before current password expires. By default is equals to 90. + example: 8 + defaultPolicy: + type: boolean + description: Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default. + example: true + default: false + enablePasswdExpiration: + type: boolean + description: Defines whether this policy is enabled to expire or not. This field is false by default. + example: true + default: false + requireStrongAuthn: + type: boolean + description: Defines whether this policy require strong Auth or not. This field is false by default. + example: true + default: false + requireStrongAuthOffNetwork: + type: boolean + description: Defines whether this policy require strong Auth of network or not. This field is false by default. + example: true + default: false + requireStrongAuthUntrustedGeographies: + type: boolean + description: Defines whether this policy require strong Auth for untrusted geographies. This field is false by default. + example: true + default: false + useAccountAttributes: + type: boolean + description: Defines whether this policy uses account attributes or not. This field is false by default. + example: false + default: false + useDictionary: + type: boolean + description: Defines whether this policy uses dictionary or not. This field is false by default. + example: false + default: false + useIdentityAttributes: + type: boolean + description: Defines whether this policy uses identity attributes or not. This field is false by default. + example: false + default: false + validateAgainstAccountId: + type: boolean + description: Defines whether this policy validate against account id or not. This field is false by default. + example: false + default: false + validateAgainstAccountName: + type: boolean + description: Defines whether this policy validate against account name or not. This field is false by default. + example: true + default: false + created: + type: string + nullable: true + modified: + type: string + nullable: true + sourceIds: + type: array + description: List of sources IDs managed by this password policy. + items: + type: string + example: + - 2c91808382ffee0b01830de154f14034 + - 2f98808382ffee0b01830de154f12134 + example: + description: New Password Policy with high requirements to password complexity. + id: null + name: High security Password Policy + dateCreated: 1639056206564 + lastUpdated: 1662385430753 + firstExpirationReminder: 90 + accountIdMinWordLength: 3 + accountNameMinWordLength: 3 + maxLength: 0 + maxRepeatedChars: 4 + minAlpha: 1 + minCharacterTypes: -1 + minLength: 8 + minLower: 0 + minNumeric: 1 + minSpecial: 0 + minUpper: 0 + passwordExpiration: 90 + defaultPolicy: false + enablePasswdExpiration: false + requireStrongAuthn: false + requireStrongAuthOffNetwork: false + requireStrongAuthUntrustedGeographies: false + useAccountAttributes: false + useDictionary: false + useIdentityAttributes: false + validateAgainstAccountId: true + validateAgainstAccountName: true + sourceIds: + - 2c91808382ffee0b01830de154f14034 + - 2c91808582ffee0c01830de36511405f + responses: + '200': + description: Reference to the password policy. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The password policy Id. + example: 2c91808e7d976f3b017d9f5ceae440c8 + description: + type: string + nullable: true + description: Description for current password policy. + example: Information about the Password Policy + name: + type: string + description: The name of the password policy. + example: PasswordPolicy Example + dateCreated: + type: string + format: date-time + description: Date the Password Policy was created. + example: 1639056206564 + lastUpdated: + type: string + nullable: true + format: date-time + description: Date the Password Policy was updated. + example: 1939056206564 + firstExpirationReminder: + type: integer + format: int64 + description: The number of days before expiration remaninder. + example: 45 + accountIdMinWordLength: + type: integer + format: int64 + description: The minimun length of account Id. By default is equals to -1. + example: 4 + accountNameMinWordLength: + type: integer + format: int64 + description: The minimun length of account name. By default is equals to -1. + example: 6 + minAlpha: + type: integer + format: int64 + description: Maximum alpha. By default is equals to 0. + example: 5 + minCharacterTypes: + type: integer + format: int64 + description: MinCharacterTypes. By default is equals to -1. + example: 5 + maxLength: + type: integer + format: int64 + description: Maximum length of the password. + example: 25 + minLength: + type: integer + format: int64 + description: Minimum length of the password. By default is equals to 0. + example: 8 + maxRepeatedChars: + type: integer + format: int64 + description: Maximum repetition of the same character in the password. By default is equals to -1. + example: 3 + minLower: + type: integer + format: int64 + description: Minimum amount of lower case character in the password. By default is equals to 0. + example: 8 + minNumeric: + type: integer + format: int64 + description: Minimum amount of numeric characters in the password. By default is equals to 0. + example: 8 + minSpecial: + type: integer + format: int64 + description: Minimum amount of special symbols in the password. By default is equals to 0. + example: 8 + minUpper: + type: integer + format: int64 + description: Minimum amount of upper case symbols in the password. By default is equals to 0. + example: 8 + passwordExpiration: + type: integer + format: int64 + description: Number of days before current password expires. By default is equals to 90. + example: 8 + defaultPolicy: + type: boolean + description: Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default. + example: true + default: false + enablePasswdExpiration: + type: boolean + description: Defines whether this policy is enabled to expire or not. This field is false by default. + example: true + default: false + requireStrongAuthn: + type: boolean + description: Defines whether this policy require strong Auth or not. This field is false by default. + example: true + default: false + requireStrongAuthOffNetwork: + type: boolean + description: Defines whether this policy require strong Auth of network or not. This field is false by default. + example: true + default: false + requireStrongAuthUntrustedGeographies: + type: boolean + description: Defines whether this policy require strong Auth for untrusted geographies. This field is false by default. + example: true + default: false + useAccountAttributes: + type: boolean + description: Defines whether this policy uses account attributes or not. This field is false by default. + example: false + default: false + useDictionary: + type: boolean + description: Defines whether this policy uses dictionary or not. This field is false by default. + example: false + default: false + useIdentityAttributes: + type: boolean + description: Defines whether this policy uses identity attributes or not. This field is false by default. + example: false + default: false + validateAgainstAccountId: + type: boolean + description: Defines whether this policy validate against account id or not. This field is false by default. + example: false + default: false + validateAgainstAccountName: + type: boolean + description: Defines whether this policy validate against account name or not. This field is false by default. + example: true + default: false + created: + type: string + nullable: true + modified: + type: string + nullable: true + sourceIds: + type: array + description: List of sources IDs managed by this password policy. + items: + type: string + example: + - 2c91808382ffee0b01830de154f14034 + - 2f98808382ffee0b01830de154f12134 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: listPasswordPolicies + tags: + - Password Policies + summary: List Password Policies + description: |- + This gets list of all Password Policies. + Requires role of ORG_ADMIN + security: + - UserContextAuth: + - 'idn:password-policy:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + responses: + '200': + description: List of all Password Policies. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The password policy Id. + example: 2c91808e7d976f3b017d9f5ceae440c8 + description: + type: string + nullable: true + description: Description for current password policy. + example: Information about the Password Policy + name: + type: string + description: The name of the password policy. + example: PasswordPolicy Example + dateCreated: + type: string + format: date-time + description: Date the Password Policy was created. + example: 1639056206564 + lastUpdated: + type: string + nullable: true + format: date-time + description: Date the Password Policy was updated. + example: 1939056206564 + firstExpirationReminder: + type: integer + format: int64 + description: The number of days before expiration remaninder. + example: 45 + accountIdMinWordLength: + type: integer + format: int64 + description: The minimun length of account Id. By default is equals to -1. + example: 4 + accountNameMinWordLength: + type: integer + format: int64 + description: The minimun length of account name. By default is equals to -1. + example: 6 + minAlpha: + type: integer + format: int64 + description: Maximum alpha. By default is equals to 0. + example: 5 + minCharacterTypes: + type: integer + format: int64 + description: MinCharacterTypes. By default is equals to -1. + example: 5 + maxLength: + type: integer + format: int64 + description: Maximum length of the password. + example: 25 + minLength: + type: integer + format: int64 + description: Minimum length of the password. By default is equals to 0. + example: 8 + maxRepeatedChars: + type: integer + format: int64 + description: Maximum repetition of the same character in the password. By default is equals to -1. + example: 3 + minLower: + type: integer + format: int64 + description: Minimum amount of lower case character in the password. By default is equals to 0. + example: 8 + minNumeric: + type: integer + format: int64 + description: Minimum amount of numeric characters in the password. By default is equals to 0. + example: 8 + minSpecial: + type: integer + format: int64 + description: Minimum amount of special symbols in the password. By default is equals to 0. + example: 8 + minUpper: + type: integer + format: int64 + description: Minimum amount of upper case symbols in the password. By default is equals to 0. + example: 8 + passwordExpiration: + type: integer + format: int64 + description: Number of days before current password expires. By default is equals to 90. + example: 8 + defaultPolicy: + type: boolean + description: Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default. + example: true + default: false + enablePasswdExpiration: + type: boolean + description: Defines whether this policy is enabled to expire or not. This field is false by default. + example: true + default: false + requireStrongAuthn: + type: boolean + description: Defines whether this policy require strong Auth or not. This field is false by default. + example: true + default: false + requireStrongAuthOffNetwork: + type: boolean + description: Defines whether this policy require strong Auth of network or not. This field is false by default. + example: true + default: false + requireStrongAuthUntrustedGeographies: + type: boolean + description: Defines whether this policy require strong Auth for untrusted geographies. This field is false by default. + example: true + default: false + useAccountAttributes: + type: boolean + description: Defines whether this policy uses account attributes or not. This field is false by default. + example: false + default: false + useDictionary: + type: boolean + description: Defines whether this policy uses dictionary or not. This field is false by default. + example: false + default: false + useIdentityAttributes: + type: boolean + description: Defines whether this policy uses identity attributes or not. This field is false by default. + example: false + default: false + validateAgainstAccountId: + type: boolean + description: Defines whether this policy validate against account id or not. This field is false by default. + example: false + default: false + validateAgainstAccountName: + type: boolean + description: Defines whether this policy validate against account name or not. This field is false by default. + example: true + default: false + created: + type: string + nullable: true + modified: + type: string + nullable: true + sourceIds: + type: array + description: List of sources IDs managed by this password policy. + items: + type: string + example: + - 2c91808382ffee0b01830de154f14034 + - 2f98808382ffee0b01830de154f12134 + example: + - description: Example Password Policy + id: 2c91808e7d976f3b017d9f5ceae440c8 + name: Example PP + dateCreated: 1639056206564 + lastUpdated: 1662385430753 + firstExpirationReminder: 90 + accountIdMinWordLength: 3 + accountNameMinWordLength: 3 + maxLength: 0 + maxRepeatedChars: 4 + minAlpha: 1 + minCharacterTypes: -1 + minLength: 8 + minLower: 0 + minNumeric: 1 + minSpecial: 0 + minUpper: 0 + passwordExpiration: 90 + defaultPolicy: false + enablePasswdExpiration: false + requireStrongAuthn: false + requireStrongAuthOffNetwork: false + requireStrongAuthUntrustedGeographies: false + useAccountAttributes: false + useDictionary: false + useIdentityAttributes: false + validateAgainstAccountId: true + validateAgainstAccountName: true + sourceIds: + - 2c91808382ffee0b01830de154f14034 + - 2c91808582ffee0c01830de36511405f + - description: null + id: 2c91808780b8b8430180ff7a093f3bf2 + name: Password Policy 1 test + dateCreated: 1653553629503 + lastUpdated: null + firstExpirationReminder: null + accountIdMinWordLength: -1 + accountNameMinWordLength: -1 + maxLength: 0 + maxRepeatedChars: -1 + minAlpha: 1 + minCharacterTypes: -1 + minLength: 8 + minLower: 0 + minNumeric: 1 + minSpecial: 0 + minUpper: 0 + passwordExpiration: 90 + defaultPolicy: false + enablePasswdExpiration: false + requireStrongAuthn: false + requireStrongAuthOffNetwork: false + requireStrongAuthUntrustedGeographies: false + useAccountAttributes: false + useDictionary: false + useIdentityAttributes: true + validateAgainstAccountId: false + validateAgainstAccountName: false + sourceIds: [] + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /personal-access-tokens: + get: + operationId: listPersonalAccessTokens + security: + - UserContextAuth: + - 'sp:my-personal-access-tokens:read' + - 'sp:my-personal-access-tokens:manage' + - 'sp:all-personal-access-tokens:read' + - 'sp:all-personal-access-tokens:manage' + tags: + - Personal Access Tokens + summary: List Personal Access Tokens + description: 'This gets a collection of personal access tokens associated with the optional `owner-id`. query parameter. If the `owner-id` query parameter is omitted, all personal access tokens for a tenant will be retrieved, but the caller must have the ''idn:all-personal-access-tokens:read'' right.' + parameters: + - in: query + name: owner-id + description: |- + The identity ID of the owner whose personal access tokens should be listed. If "me", the caller should have the following right: 'idn:my-personal-access-tokens:read' + If an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. + If the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read' + required: false + schema: + type: string + default: null + example: 2c9180867b50d088017b554662fb281e + - in: query + name: filters + required: false + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **lastUsed**: *le, isnull* + example: 'lastUsed le 2023-02-05T10:59:27.214Z' + responses: + '200': + description: List of personal access tokens. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The ID of the personal access token (to be used as the username for Basic Auth). + example: 86f1dc6fe8f54414950454cbb11278fa + name: + type: string + description: The name of the personal access token. Cannot be the same as other personal access tokens owned by a user. + example: NodeJS Integration + scope: + type: array + nullable: true + items: + type: string + default: 'sp:scopes:all' + description: Scopes of the personal access token. + example: + - 'demo:personal-access-token-scope:first' + - 'demo:personal-access-token-scope:second' + owner: + type: object + description: Personal access token owner's identity. + properties: + type: + type: string + description: Personal access token owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Personal access token owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Personal access token owner's human-readable display name. + example: Support + created: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when this personal access token was created.' + example: '2017-07-11T18:45:37.098Z' + lastUsed: + type: string + nullable: true + format: date-time + description: 'The date and time, down to the millisecond, when this personal access token was last used to generate an access token. This timestamp does not get updated on every PAT usage, but only once a day. This property can be useful for identifying which PATs are no longer actively used and can be removed.' + example: '2017-07-11T18:45:37.098Z' + managed: + type: boolean + default: false + example: false + description: 'If true, this token is managed by the SailPoint platform, and is not visible in the user interface. For example, Workflows will create managed personal access tokens for users who create workflows.' + required: + - id + - name + - scope + - owner + - created + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createPersonalAccessToken + security: + - UserContextAuth: + - 'sp:my-personal-access-tokens:manage' + - 'sp:all-personal-access-tokens:manage' + tags: + - Personal Access Tokens + summary: Create Personal Access Token + description: This creates a personal access token. + requestBody: + description: Name and scope of personal access token. + required: true + content: + application/json: + schema: + type: object + description: Object for specifying the name of a personal access token to create + properties: + name: + type: string + description: The name of the personal access token (PAT) to be created. Cannot be the same as another PAT owned by the user for whom this PAT is being created. + example: NodeJS Integration + scope: + type: array + nullable: true + items: + type: string + default: 'sp:scopes:all' + description: 'Scopes of the personal access token. If no scope is specified, the token will be created with the default scope "sp:scopes:all". This means the personal access token will have all the rights of the owner who created it.' + example: + - 'demo:personal-access-token-scope:first' + - 'demo:personal-access-token-scope:second' + required: + - name + responses: + '200': + description: Created. Note - this is the only time Personal Access Tokens' secret attribute will be displayed. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The ID of the personal access token (to be used as the username for Basic Auth). + example: 86f1dc6fe8f54414950454cbb11278fa + secret: + type: string + description: The secret of the personal access token (to be used as the password for Basic Auth). + example: 1d1bef2b9f426383447f64f69349fc7cac176042578d205c256ba3f37c59adb9 + scope: + type: array + nullable: true + items: + type: string + default: 'sp:scopes:all' + description: Scopes of the personal access token. + example: + - 'demo:personal-access-token-scope:first' + - 'demo:personal-access-token-scope:second' + name: + type: string + description: The name of the personal access token. Cannot be the same as other personal access tokens owned by a user. + example: NodeJS Integration + owner: + type: object + description: Personal access token owner's identity. + properties: + type: + type: string + description: Personal access token owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Personal access token owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Personal access token owner's human-readable display name. + example: Support + created: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when this personal access token was created.' + example: '2017-07-11T18:45:37.098Z' + required: + - id + - secret + - scope + - name + - owner + - created + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/personal-access-tokens/{id}': + patch: + operationId: patchPersonalAccessToken + security: + - UserContextAuth: + - 'sp:my-personal-access-tokens:manage' + tags: + - Personal Access Tokens + summary: Patch Personal Access Token + description: |- + This performs a targeted update to the field(s) of a Personal Access Token. + Changing scopes for a Personal Access Token does not impact existing bearer tokens. You will need to create a new bearer token to have the new scopes. Please note that it can take up to 20 minutes for scope changes to be seen on new bearer tokens. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The Personal Access Token id + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + description: | + A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + The following fields are patchable: + * name + * scope + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /name + value: New name + - op: replace + path: /scope + value: + - 'sp:scopes:all' + responses: + '200': + description: 'Indicates the PATCH operation succeeded, and returns the PAT''s new representation.' + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The ID of the personal access token (to be used as the username for Basic Auth). + example: 86f1dc6fe8f54414950454cbb11278fa + name: + type: string + description: The name of the personal access token. Cannot be the same as other personal access tokens owned by a user. + example: NodeJS Integration + scope: + type: array + nullable: true + items: + type: string + default: 'sp:scopes:all' + description: Scopes of the personal access token. + example: + - 'demo:personal-access-token-scope:first' + - 'demo:personal-access-token-scope:second' + owner: + type: object + description: Personal access token owner's identity. + properties: + type: + type: string + description: Personal access token owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Personal access token owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Personal access token owner's human-readable display name. + example: Support + created: + type: string + format: date-time + description: 'The date and time, down to the millisecond, when this personal access token was created.' + example: '2017-07-11T18:45:37.098Z' + lastUsed: + type: string + nullable: true + format: date-time + description: 'The date and time, down to the millisecond, when this personal access token was last used to generate an access token. This timestamp does not get updated on every PAT usage, but only once a day. This property can be useful for identifying which PATs are no longer actively used and can be removed.' + example: '2017-07-11T18:45:37.098Z' + managed: + type: boolean + default: false + example: false + description: 'If true, this token is managed by the SailPoint platform, and is not visible in the user interface. For example, Workflows will create managed personal access tokens for users who create workflows.' + required: + - id + - name + - scope + - owner + - created + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deletePersonalAccessToken + security: + - UserContextAuth: + - 'sp:my-personal-access-tokens:manage' + - 'sp:all-personal-access-tokens:manage' + tags: + - Personal Access Tokens + summary: Delete Personal Access Token + description: This deletes a personal access token. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The personal access token id + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '204': + description: No content. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /public-identities: + get: + operationId: getPublicIdentities + tags: + - Public Identities + summary: Get a list of public identities + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + required: false + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **alias**: *eq, sw* + + **email**: *eq, sw* + + **firstname**: *eq, sw* + + **lastname**: *eq, sw* + example: firstname eq "John" + - in: query + name: add-core-filters + description: |- + If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*: + - Should be either correlated or protected. + - Should not be "spadmin" or "cloudadmin". + - uid should not be null. + - lastname should not be null. + - email should not be null. + required: false + example: false + schema: + type: boolean + default: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + required: false + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name** + example: name + responses: + '200': + description: A list of public identity objects. + content: + application/json: + schema: + type: array + items: + type: object + title: Public Identity + description: Details about a public identity + properties: + id: + type: string + description: Identity id + example: 2c9180857182305e0171993735622948 + name: + type: string + description: Human-readable display name of identity. + example: Alison Ferguso + alias: + type: string + description: Alternate unique identifier for the identity. + example: alison.ferguso + email: + nullable: true + type: string + description: Email address of identity. + example: alison.ferguso@acme-solar.com + status: + nullable: true + type: string + description: The lifecycle status for the identity + example: Active + identityState: + nullable: true + type: string + enum: + - ACTIVE + - INACTIVE_SHORT_TERM + - INACTIVE_LONG_TERM + - null + example: ACTIVE + description: | + The current state of the identity, which determines how Identity Security Cloud interacts with the identity. + An identity that is Active will be included identity picklists in Request Center, identity processing, and more. + Identities that are Inactive will be excluded from these features. + manager: + description: An identity reference to the manager of this identity + type: object + nullable: true + properties: + type: + example: IDENTITY + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Human-readable display name of identity. + example: Thomas Edison + attributes: + type: array + description: The public identity attributes of the identity + items: + type: object + properties: + key: + type: string + description: The attribute key + example: country + name: + type: string + description: Human-readable display name of the attribute + example: Country + value: + type: string + description: The attribute value + example: US + example: + - id: 2c9180857182305e0171993735622948 + name: Alison Ferguso + alias: alison.ferguso + email: alison.ferguso@acme-solar.com + status: Active + manager: + type: IDENTITY + id: 2c9180a46faadee4016fb4e018c20639 + name: Thomas Edison + attributes: + - key: phone + name: Phone + value: '5125551234' + - key: country + name: Country + value: US + - id: 2c9180a46faadee4016fb4e018c20639 + name: Thomas Edison + alias: thomas.edison + email: thomas.edison@acme-solar.com + status: Active + manager: + type: IDENTITY + id: 2c918086676d3e0601677611dbde220f + name: Mister Manager + attributes: + - key: phone + name: Phone + value: '5125554321' + - key: country + name: Country + value: US + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /public-identities-config: + get: + operationId: getPublicIdentityConfig + tags: + - Public Identities Config + summary: Get the Public Identities Configuration + description: Returns the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns. A token with ORG ADMIN authority is required to call this API. + responses: + '200': + description: Request succeeded. + content: + application/json: + schema: + type: object + description: Details of up to 5 Identity attributes that will be publicly accessible for all Identities to anyone in the org. + properties: + attributes: + type: array + description: Up to 5 identity attributes that will be available to everyone in the org for all users in the org. + items: + type: object + description: Used to map an attribute key for an Identity to its display name. + properties: + key: + type: string + description: The attribute key + example: country + name: + type: string + description: The attribute display name + example: Country + modified: + nullable: true + type: string + description: When this configuration was last modified. + format: date-time + example: '2018-06-25T20:22:28.104Z' + modifiedBy: + description: The identity who last modified this configuration. + type: object + nullable: true + properties: + type: + example: IDENTITY + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Human-readable display name of identity. + example: Thomas Edison + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: updatePublicIdentityConfig + tags: + - Public Identities Config + summary: Update the Public Identities Configuration + description: Updates the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns. A token with ORG ADMIN authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Details of up to 5 Identity attributes that will be publicly accessible for all Identities to anyone in the org. + properties: + attributes: + type: array + description: Up to 5 identity attributes that will be available to everyone in the org for all users in the org. + items: + type: object + description: Used to map an attribute key for an Identity to its display name. + properties: + key: + type: string + description: The attribute key + example: country + name: + type: string + description: The attribute display name + example: Country + modified: + nullable: true + type: string + description: When this configuration was last modified. + format: date-time + example: '2018-06-25T20:22:28.104Z' + modifiedBy: + description: The identity who last modified this configuration. + type: object + nullable: true + properties: + type: + example: IDENTITY + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Human-readable display name of identity. + example: Thomas Edison + responses: + '200': + description: Request succeeded. + content: + application/json: + schema: + type: object + description: Details of up to 5 Identity attributes that will be publicly accessible for all Identities to anyone in the org. + properties: + attributes: + type: array + description: Up to 5 identity attributes that will be available to everyone in the org for all users in the org. + items: + type: object + description: Used to map an attribute key for an Identity to its display name. + properties: + key: + type: string + description: The attribute key + example: country + name: + type: string + description: The attribute display name + example: Country + modified: + nullable: true + type: string + description: When this configuration was last modified. + format: date-time + example: '2018-06-25T20:22:28.104Z' + modifiedBy: + description: The identity who last modified this configuration. + type: object + nullable: true + properties: + type: + example: IDENTITY + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Human-readable display name of identity. + example: Thomas Edison + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /requestable-objects: + get: + operationId: listRequestableObjects + tags: + - Requestable Objects + summary: Requestable Objects List + description: |- + This endpoint returns a list of acccess items that that can be requested through the Access Request endpoints. Access items are marked with AVAILABLE, PENDING or ASSIGNED with respect to the identity provided using *identity-id* query param. + Any authenticated token can call this endpoint to see their requestable access items. A token with ORG_ADMIN authority is required to call this endpoint to return a list of all of the requestable access items for the org or for another identity. + parameters: + - in: query + name: identity-id + required: false + schema: + type: string + example: e7eab60924f64aa284175b9fa3309599 + description: |- + If present, the value returns only requestable objects for the specified identity. + * Admin users can call this with any identity ID value. + * Non-admin users can only specify *me* or pass their own identity ID value. + * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result. + - in: query + name: types + description: 'Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.' + required: false + schema: + type: array + items: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: 'The currently supported requestable object types. ' + example: ACCESS_PROFILE + example: 'ROLE,ACCESS_PROFILE' + explode: false + - in: query + name: term + required: false + schema: + type: string + example: Finance Role + description: 'It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored.' + - in: query + name: statuses + description: 'Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.' + required: false + schema: + type: array + items: + type: string + enum: + - AVAILABLE + - PENDING + - ASSIGNED + - null + description: 'Status indicating the ability of an access request for the object to be made by or on behalf of the identity specified by *identity-id*. *AVAILABLE* indicates the object is available to request. *PENDING* indicates the object is unavailable because the identity has a pending request in flight. *ASSIGNED* indicates the object is unavailable because the identity already has the indicated role or access profile. If *identity-id* is not specified (allowed only for admin users), then status will be *AVAILABLE* for all results.' + example: AVAILABLE + explode: false + example: + - ASSIGNED + - PENDING + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + example: name sw "bob" + description: | + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, in, sw* + required: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + required: false + example: name + description: | + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name** + responses: + '200': + description: List of requestable objects + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Id of the requestable object itself + example: 2c9180835d2e5168015d32f890ca1581 + name: + type: string + description: Human-readable display name of the requestable object + example: Applied Research Access + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: The time when the requestable object was created + modified: + nullable: true + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: The time when the requestable object was last modified + description: + type: string + description: Description of the requestable object. + example: 'Access to research information, lab results, and schematics.' + nullable: true + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: 'The currently supported requestable object types. ' + example: ACCESS_PROFILE + requestStatus: + allOf: + - type: string + enum: + - AVAILABLE + - PENDING + - ASSIGNED + - null + description: 'Status indicating the ability of an access request for the object to be made by or on behalf of the identity specified by *identity-id*. *AVAILABLE* indicates the object is available to request. *PENDING* indicates the object is unavailable because the identity has a pending request in flight. *ASSIGNED* indicates the object is unavailable because the identity already has the indicated role or access profile. If *identity-id* is not specified (allowed only for admin users), then status will be *AVAILABLE* for all results.' + example: AVAILABLE + - nullable: true + identityRequestId: + type: string + description: 'If *requestStatus* is *PENDING*, indicates the id of the associated account activity.' + nullable: true + example: null + ownerRef: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + requestCommentsRequired: + type: boolean + description: Whether the requester must provide comments when requesting the object. + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /roles: + get: + operationId: listRoles + tags: + - Roles + summary: List Roles + description: |- + This API returns a list of Roles. + + A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. + parameters: + - in: query + name: for-subadmin + schema: + type: string + description: 'If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity''s ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.' + example: 5168015d32f890ca15812c9180835d2e + required: false + - in: query + name: limit + description: |- + Note that for this API the maximum value for limit is 50. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 50 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 50 + default: 50 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, sw* + + **created**: *gt, lt, ge, le* + + **modified**: *gt, lt, ge, le* + + **owner.id**: *eq, in* + + **requestable**: *eq* + example: requestable eq false + required: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, created, modified** + example: 'name,-modified' + required: false + - in: query + name: for-segment-ids + schema: + type: string + format: comma-separated + description: |- + If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. + + If segmentation is currently unavailable, specifying this parameter results in an error. + example: '0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d' + required: false + - in: query + name: include-unsegmented + schema: + type: boolean + default: true + description: 'Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.' + example: false + required: false + responses: + '200': + description: List of Roles + content: + application/json: + schema: + type: array + items: + type: object + description: A Role + properties: + id: + type: string + description: 'The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.' + example: 2c918086749d78830174a1a40e121518 + name: + type: string + description: The human-readable display name of the Role + maxLength: 128 + example: Role 2567 + created: + type: string + description: Date the Role was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Role was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + description: + type: string + nullable: true + description: A human-readable description of the Role + example: Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor. + owner: + type: object + nullable: false + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + description: ID of the Access Profile + example: ff808081751e6e129f1518161919ecca + type: + type: string + description: 'Type of requested object. This field must be either left null or set to ''ACCESS_PROFILE'' when creating an Access Profile, otherwise a 400 Bad Request error will result.' + enum: + - ACCESS_PROFILE + example: ACCESS_PROFILE + name: + type: string + description: Human-readable display name of the Access Profile. This field is ignored on input. + example: Access Profile 2567 + nullable: true + entitlements: + type: array + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + membership: + nullable: true + type: object + description: 'When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.' + properties: + type: + type: string + enum: + - STANDARD + - IDENTITY_LIST + description: |- + This enum characterizes the type of a Role's membership selector. Only the following two are fully supported: + + STANDARD: Indicates that Role membership is defined in terms of a criteria expression + + IDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed + example: IDENTITY_LIST + criteria: + nullable: true + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + nullable: true + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + identities: + type: array + items: + type: object + description: A reference to an Identity in an IDENTITY_LIST role membership criteria. + properties: + type: + nullable: true + example: IDENTITY + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + nullable: true + description: Human-readable display name of the Identity. + example: Thomas Edison + aliasName: + type: string + nullable: true + description: User name of the Identity + example: t.edison + nullable: true + description: 'Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST.' + legacyMembershipInfo: + type: object + nullable: true + description: 'This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.' + example: + type: IDENTITY_LIST + additionalProperties: true + enabled: + type: boolean + description: Whether the Role is enabled or not. + example: true + default: false + requestable: + type: boolean + description: Whether the Role can be the target of access requests. + example: true + default: false + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + default: null + description: Revocation request configuration for this object. + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: false + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: false + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Role is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + dimensional: + type: boolean + nullable: true + dimensionRefs: + type: string + nullable: true + required: + - name + - owner + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:role-unchecked:read' + - 'idn:role-unchecked:manage' + - 'idn:role-checked:manage' + - 'idn:role-checked:read' + post: + operationId: createRole + tags: + - Roles + summary: Create a Role + description: |- + This API creates a role. + + You must have a token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority to call this API. + + In addition, a ROLE_SUBADMIN may not create a role including an access profile if that access profile is associated with a source the ROLE_SUBADMIN is not associated with themselves. + + The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles. However, any new roles as well as any updates to existing descriptions will be limited to 2000 characters. + requestBody: + required: true + content: + application/json: + schema: + type: object + description: A Role + properties: + id: + type: string + description: 'The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.' + example: 2c918086749d78830174a1a40e121518 + name: + type: string + description: The human-readable display name of the Role + maxLength: 128 + example: Role 2567 + created: + type: string + description: Date the Role was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Role was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + description: + type: string + nullable: true + description: A human-readable description of the Role + example: Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor. + owner: + type: object + nullable: false + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + description: ID of the Access Profile + example: ff808081751e6e129f1518161919ecca + type: + type: string + description: 'Type of requested object. This field must be either left null or set to ''ACCESS_PROFILE'' when creating an Access Profile, otherwise a 400 Bad Request error will result.' + enum: + - ACCESS_PROFILE + example: ACCESS_PROFILE + name: + type: string + description: Human-readable display name of the Access Profile. This field is ignored on input. + example: Access Profile 2567 + nullable: true + entitlements: + type: array + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + membership: + nullable: true + type: object + description: 'When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.' + properties: + type: + type: string + enum: + - STANDARD + - IDENTITY_LIST + description: |- + This enum characterizes the type of a Role's membership selector. Only the following two are fully supported: + + STANDARD: Indicates that Role membership is defined in terms of a criteria expression + + IDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed + example: IDENTITY_LIST + criteria: + nullable: true + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + nullable: true + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + identities: + type: array + items: + type: object + description: A reference to an Identity in an IDENTITY_LIST role membership criteria. + properties: + type: + nullable: true + example: IDENTITY + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + nullable: true + description: Human-readable display name of the Identity. + example: Thomas Edison + aliasName: + type: string + nullable: true + description: User name of the Identity + example: t.edison + nullable: true + description: 'Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST.' + legacyMembershipInfo: + type: object + nullable: true + description: 'This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.' + example: + type: IDENTITY_LIST + additionalProperties: true + enabled: + type: boolean + description: Whether the Role is enabled or not. + example: true + default: false + requestable: + type: boolean + description: Whether the Role can be the target of access requests. + example: true + default: false + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + default: null + description: Revocation request configuration for this object. + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: false + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: false + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Role is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + dimensional: + type: boolean + nullable: true + dimensionRefs: + type: string + nullable: true + required: + - name + - owner + responses: + '201': + description: Role created + content: + application/json: + schema: + type: object + description: A Role + properties: + id: + type: string + description: 'The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.' + example: 2c918086749d78830174a1a40e121518 + name: + type: string + description: The human-readable display name of the Role + maxLength: 128 + example: Role 2567 + created: + type: string + description: Date the Role was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Role was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + description: + type: string + nullable: true + description: A human-readable description of the Role + example: Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor. + owner: + type: object + nullable: false + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + description: ID of the Access Profile + example: ff808081751e6e129f1518161919ecca + type: + type: string + description: 'Type of requested object. This field must be either left null or set to ''ACCESS_PROFILE'' when creating an Access Profile, otherwise a 400 Bad Request error will result.' + enum: + - ACCESS_PROFILE + example: ACCESS_PROFILE + name: + type: string + description: Human-readable display name of the Access Profile. This field is ignored on input. + example: Access Profile 2567 + nullable: true + entitlements: + type: array + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + membership: + nullable: true + type: object + description: 'When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.' + properties: + type: + type: string + enum: + - STANDARD + - IDENTITY_LIST + description: |- + This enum characterizes the type of a Role's membership selector. Only the following two are fully supported: + + STANDARD: Indicates that Role membership is defined in terms of a criteria expression + + IDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed + example: IDENTITY_LIST + criteria: + nullable: true + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + nullable: true + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + identities: + type: array + items: + type: object + description: A reference to an Identity in an IDENTITY_LIST role membership criteria. + properties: + type: + nullable: true + example: IDENTITY + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + nullable: true + description: Human-readable display name of the Identity. + example: Thomas Edison + aliasName: + type: string + nullable: true + description: User name of the Identity + example: t.edison + nullable: true + description: 'Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST.' + legacyMembershipInfo: + type: object + nullable: true + description: 'This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.' + example: + type: IDENTITY_LIST + additionalProperties: true + enabled: + type: boolean + description: Whether the Role is enabled or not. + example: true + default: false + requestable: + type: boolean + description: Whether the Role can be the target of access requests. + example: true + default: false + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + default: null + description: Revocation request configuration for this object. + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: false + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: false + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Role is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + dimensional: + type: boolean + nullable: true + dimensionRefs: + type: string + nullable: true + required: + - name + - owner + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:role-unchecked:manage' + - 'idn:role-checked:manage' + '/roles/{id}': + get: + operationId: getRole + tags: + - Roles + summary: Get a Role + description: |- + This API returns a Role by its ID. + + A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member. + parameters: + - in: path + name: id + required: true + schema: + type: string + description: ID of the Role + example: 2c91808a7813090a017814121e121518 + responses: + '200': + description: List of all Roles + content: + application/json: + schema: + type: object + description: A Role + properties: + id: + type: string + description: 'The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.' + example: 2c918086749d78830174a1a40e121518 + name: + type: string + description: The human-readable display name of the Role + maxLength: 128 + example: Role 2567 + created: + type: string + description: Date the Role was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Role was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + description: + type: string + nullable: true + description: A human-readable description of the Role + example: Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor. + owner: + type: object + nullable: false + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + description: ID of the Access Profile + example: ff808081751e6e129f1518161919ecca + type: + type: string + description: 'Type of requested object. This field must be either left null or set to ''ACCESS_PROFILE'' when creating an Access Profile, otherwise a 400 Bad Request error will result.' + enum: + - ACCESS_PROFILE + example: ACCESS_PROFILE + name: + type: string + description: Human-readable display name of the Access Profile. This field is ignored on input. + example: Access Profile 2567 + nullable: true + entitlements: + type: array + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + membership: + nullable: true + type: object + description: 'When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.' + properties: + type: + type: string + enum: + - STANDARD + - IDENTITY_LIST + description: |- + This enum characterizes the type of a Role's membership selector. Only the following two are fully supported: + + STANDARD: Indicates that Role membership is defined in terms of a criteria expression + + IDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed + example: IDENTITY_LIST + criteria: + nullable: true + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + nullable: true + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + identities: + type: array + items: + type: object + description: A reference to an Identity in an IDENTITY_LIST role membership criteria. + properties: + type: + nullable: true + example: IDENTITY + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + nullable: true + description: Human-readable display name of the Identity. + example: Thomas Edison + aliasName: + type: string + nullable: true + description: User name of the Identity + example: t.edison + nullable: true + description: 'Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST.' + legacyMembershipInfo: + type: object + nullable: true + description: 'This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.' + example: + type: IDENTITY_LIST + additionalProperties: true + enabled: + type: boolean + description: Whether the Role is enabled or not. + example: true + default: false + requestable: + type: boolean + description: Whether the Role can be the target of access requests. + example: true + default: false + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + default: null + description: Revocation request configuration for this object. + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: false + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: false + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Role is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + dimensional: + type: boolean + nullable: true + dimensionRefs: + type: string + nullable: true + required: + - name + - owner + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:role-unchecked:read' + - 'idn:role-unchecked:manage' + - 'idn:role-checked:manage' + - 'idn:role-checked:read' + patch: + operationId: patchRole + tags: + - Roles + summary: Patch a specified Role + description: |- + This API updates an existing role using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. + + The following fields are patchable: + + * name + * description + * enabled + * owner + * accessProfiles + * membership + * requestable + * accessRequestConfig + * revokeRequestConfig + * segments + + A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member. + + The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters. + + When you use this API to modify a role's membership identities, you can only modify up to a limit of 500 membership identities at a time. + parameters: + - name: id + in: path + description: ID of the Role to patch + required: true + schema: + type: string + example: 2c91808a7813090a017814121e121518 + requestBody: + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + examples: + Make a Role Requestable and Enable it in One Call: + description: This example shows how multiple fields may be updated with a single patch call. + value: + - op: replace + path: /requestable + value: true + - op: replace + path: /enabled + value: true + Assign a Role to a Segment: + description: This example illustrates the use of patch to assign a Role to a Segment by adding the Segment's ID to the Role's segments array. + value: + - op: add + path: /segments/- + value: f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + Set the Membership Selection Criteria to a List of Identities: + description: 'This example shows how to define a Role''s membershp by providing a list of Identities, referenced by their IDs.' + value: + - op: replace + path: /membership + value: + type: IDENTITY_LIST + identities: + - id: 2c91808973fe906c0174262092014ed9 + - id: 2c918086262092014ed94fb8a47612f3 + Set the Membership Selection Criteria to a Standard Expression: + description: 'This example shows how to define a Role''s membership using STANDARD criteria. In this case, the Role will be granted to all Identities which have the *Engineering* attribute from the indicated Source.' + value: + - op: replace + path: /membership + value: + type: STANDARD + criteria: + operation: OR + children: + - operation: EQUALS + key: + type: ENTITLEMENT + property: attribute.memberOf + sourceId: 2c9180887701fb2014213e122092014e + stringValue: Engineering + Add a New Clause as the Child of an Existing Standard Expression: + description: This example shows how to add a child clause to an existing STANDARD criteria expression. + value: + - op: add + path: /membership/criteria/children/- + value: + operation: ENDS_WITH + key: + type: IDENTITY + property: attribute.email + stringValue: '@identitynow.com' + required: true + responses: + '200': + description: Responds with the Role as updated. + content: + application/json: + schema: + type: object + description: A Role + properties: + id: + type: string + description: 'The id of the Role. This field must be left null when creating an Role, otherwise a 400 Bad Request error will result.' + example: 2c918086749d78830174a1a40e121518 + name: + type: string + description: The human-readable display name of the Role + maxLength: 128 + example: Role 2567 + created: + type: string + description: Date the Role was created + format: date-time + example: '2021-03-01T22:32:58.104Z' + readOnly: true + modified: + type: string + description: Date the Role was last modified. + format: date-time + example: '2021-03-02T20:22:28.104Z' + readOnly: true + description: + type: string + nullable: true + description: A human-readable description of the Role + example: Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor. + owner: + type: object + nullable: false + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + description: ID of the Access Profile + example: ff808081751e6e129f1518161919ecca + type: + type: string + description: 'Type of requested object. This field must be either left null or set to ''ACCESS_PROFILE'' when creating an Access Profile, otherwise a 400 Bad Request error will result.' + enum: + - ACCESS_PROFILE + example: ACCESS_PROFILE + name: + type: string + description: Human-readable display name of the Access Profile. This field is ignored on input. + example: Access Profile 2567 + nullable: true + entitlements: + type: array + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + nullable: true + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + membership: + nullable: true + type: object + description: 'When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or which are members of a given list of Identities.' + properties: + type: + type: string + enum: + - STANDARD + - IDENTITY_LIST + description: |- + This enum characterizes the type of a Role's membership selector. Only the following two are fully supported: + + STANDARD: Indicates that Role membership is defined in terms of a criteria expression + + IDENTITY_LIST: Indicates that Role membership is conferred on the specific identities listed + example: IDENTITY_LIST + criteria: + nullable: true + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + nullable: true + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + nullable: true + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + children: + type: array + items: + type: object + description: Defines STANDARD type Role membership + properties: + operation: + type: string + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - STARTS_WITH + - ENDS_WITH + - AND + - OR + description: An operation + example: EQUALS + key: + type: object + nullable: true + description: 'Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria' + properties: + type: + type: string + enum: + - IDENTITY + - ACCOUNT + - ENTITLEMENT + description: 'Indicates whether the associated criteria represents an expression on identity attributes, account attributes, or entitlements, respectively.' + example: ACCOUNT + property: + type: string + description: The name of the attribute or entitlement to which the associated criteria applies. + example: attribute.email + sourceId: + type: string + nullable: true + description: ID of the Source from which an account attribute or entitlement is drawn. Required if type is ACCOUNT or ENTITLEMENT + example: 2c9180867427f3a301745aec18211519 + required: + - type + - property + stringValue: + type: string + description: 'String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t the specified operation. If this criteria is a leaf node, that is, if the operation is one of EQUALS, NOT_EQUALS, CONTAINS, STARTS_WITH, or ENDS_WITH, this field is required. Otherwise, specifying it is an error.' + example: carlee.cert1c9f9b6fd@mailinator.com + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + nullable: true + description: 'Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. Additionally, AND nodes can only be children or OR nodes and vice-versa.' + identities: + type: array + items: + type: object + description: A reference to an Identity in an IDENTITY_LIST role membership criteria. + properties: + type: + nullable: true + example: IDENTITY + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + nullable: true + description: Human-readable display name of the Identity. + example: Thomas Edison + aliasName: + type: string + nullable: true + description: User name of the Identity + example: t.edison + nullable: true + description: 'Defines role membership as being exclusive to the specified Identities, when type is IDENTITY_LIST.' + legacyMembershipInfo: + type: object + nullable: true + description: 'This field is not directly modifiable and is generally expected to be *null*. In very rare instances, some Roles may have been created using membership selection criteria that are no longer fully supported. While these Roles will still work, they should be migrated to STANDARD or IDENTITY_LIST selection criteria. This field exists for informational purposes as an aid to such migration.' + example: + type: IDENTITY_LIST + additionalProperties: true + enabled: + type: boolean + description: Whether the Role is enabled or not. + example: true + default: false + requestable: + type: boolean + description: Whether the Role can be the target of access requests. + example: true + default: false + accessRequestConfig: + nullable: true + description: Access request configuration for this object + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: true + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: true + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + revocationRequestConfig: + nullable: true + default: null + description: Revocation request configuration for this object. + type: object + properties: + commentsRequired: + type: boolean + description: Whether the requester of the containing object must provide comments justifying the request + example: false + nullable: true + default: false + denialCommentsRequired: + type: boolean + description: Whether an approver must provide comments when denying the request + example: false + nullable: true + default: false + approvalSchemes: + type: array + description: List describing the steps in approving the revocation request + items: + type: object + properties: + approverType: + type: string + enum: + - OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **OWNER**: Owner of the associated Role + + **MANAGER**: Manager of the Identity making the request + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: 46c79819-a69f-49a2-becb-12c971ae66c6 + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Role is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + dimensional: + type: boolean + nullable: true + dimensionRefs: + type: string + nullable: true + required: + - name + - owner + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:role-unchecked:manage' + - 'idn:role-checked:manage' + delete: + operationId: deleteRole + tags: + - Roles + summary: Delete a Role + description: |- + This API deletes a Role by its ID. + + A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member. + parameters: + - in: path + name: id + required: true + schema: + type: string + description: ID of the Role + example: 2c91808a7813090a017814121e121518 + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:role-unchecked:manage' + - 'idn:role-checked:manage' + /roles/bulk-delete: + post: + operationId: deleteBulkRoles + summary: Delete Role(s) + tags: + - Roles + description: |- + This endpoint initiates a bulk deletion of one or more roles. + When the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information. + This endpoint can only bulk delete up to a limit of 50 roles per request. + A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this endpoint. In addition, a token with ROLE_SUBADMIN authority can only call this endpoint if all roles included in the request are associated with sources with management workgroups the ROLE_SUBADMIN is a member of. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + roleIds: + description: List of IDs of Roles to be deleted. + type: array + items: + type: string + example: + - 2c9180847812e0b1017817051919ecca + - 2c9180887812e0b201781e129f151816 + required: + - roleIds + example: + roleIds: + - 2c91808876438bb2017668b91919ecca + - 2c91808876438ba801766e129f151816 + responses: + '202': + description: Returns an object with the id of the task performing the delete operation. + content: + application/json: + schema: + type: object + description: Task result. + properties: + type: + type: string + description: Task result DTO type. + enum: + - TASK_RESULT + example: TASK_RESULT + id: + type: string + description: Task result ID. + example: 464ae7bf791e49fdb74606a2e4a89635 + name: + type: string + description: Task result display name. + nullable: true + example: null + example: + type: TASK_RESULT + id: 464ae7bf791e49fdb74606a2e4a89635 + name: null + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + 400.1 Bad Request Content: + description: Response for bad request content + value: + detailCode: 400.1 Bad Request Content + trackingId: 1ea1adcb84da4dcb890145e05745774e + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The request was syntactically correct but its content is semantically invalid. + 400.1 Role ids limit violation: + description: Role ids limit violation response + value: + detailCode: 400.1 Bad Request Content + trackingId: 77aa89ac6f0e422dbc588866abc22be9 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: roleIds count exceeded max limit of 50 for bulk-delete. + 400.1.404 Referenced object not found: + description: Referenced object not found response + value: + detailCode: 400.1.404 Referenced object not found + trackingId: 77aa89ac6f0e422dbc588866abc22be9 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: 'Referenced roleIds ["2c91808876438bb2017668b91919ecca"] was not found.' + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:role-unchecked:manage' + - 'idn:role-checked:manage' + '/roles/{id}/assigned-identities': + get: + operationId: getRoleAssignedIdentities + tags: + - Roles + summary: List Identities assigned a Role + parameters: + - in: path + name: id + schema: + type: string + description: ID of the Role for which the assigned Identities are to be listed + example: 2c91808a7813090a017814121e121518 + required: true + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **aliasName**: *eq, sw* + + **email**: *eq, sw* + + **name**: *eq, sw, co* + example: name sw Joe + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, name, aliasName, email** + example: 'aliasName,name' + responses: + '200': + description: List of Identities assigned the Role + content: + application/json: + schema: + type: array + items: + type: object + description: A subset of the fields of an Identity which is a member of a Role. + properties: + id: + type: string + description: The ID of the Identity + example: 2c9180a46faadee4016fb4e018c20639 + aliasName: + type: string + description: The alias / username of the Identity + example: t.edison + name: + type: string + description: The human-readable display name of the Identity + example: Thomas Edison + email: + type: string + description: Email address of the Identity + example: t.edison@identitynow.com + roleAssignmentSource: + type: string + enum: + - ACCESS_REQUEST + - ROLE_MEMBERSHIP + description: Type which indicates how a particular Identity obtained a particular Role + example: ACCESS_REQUEST + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:role-unchecked:read' + - 'idn:role-unchecked:manage' + - 'idn:role-checked:manage' + - 'idn:role-checked:read' + /saved-searches: + post: + security: + - UserContextAuth: + - 'sp:saved-search:create' + tags: + - Saved Search + description: | + Creates a new saved search. + summary: Create a saved search + operationId: createSavedSearch + requestBody: + description: The saved search to persist. + content: + application/json: + schema: + allOf: + - type: object + properties: + name: + description: | + The name of the saved search. + type: string + example: Disabled accounts + description: + description: | + The description of the saved search. + type: string + nullable: true + example: Disabled accounts + - type: object + properties: + created: + description: | + The date the saved search was initially created. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + description: | + The last date the saved search was modified. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + indices: + description: | + The names of the Elasticsearch indices in which to search. + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + columns: + description: | + The columns to be returned (specifies the order in which they will be presented) for each document type. + + The currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_. + type: object + additionalProperties: + type: array + items: + type: object + properties: + field: + description: | + The name of the field. + type: string + example: email + header: + description: | + The value of the header. + type: string + example: Work Email + required: + - field + example: + identity: + - field: displayName + header: Display Name + - field: e-mail + header: Work Email + query: + description: | + The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL. + type: string + example: '@accounts(disabled:true)' + fields: + description: | + The fields to be searched against in a multi-field query. + type: array + nullable: true + items: + type: string + example: + - disabled + orderBy: + description: | + Sort by index. This takes precedence over the `sort` property. + type: object + additionalProperties: + type: array + items: + type: string + nullable: true + example: + identity: + - lastName + - firstName + role: + - name + sort: + description: | + The fields to be used to sort the search results. + type: array + items: + type: string + example: + - displayName + nullable: true + filters: + nullable: true + allOf: + - type: object + description: The filters to be applied for each filtered field name. + example: + attributes.cloudAuthoritativeSource: + type: EXISTS + exclude: true + accessCount: + type: RANGE + range: + lower: + value: '3' + created: + type: RANGE + range: + lower: + value: '2019-12-01' + inclusive: true + upper: + value: '2020-01-01' + source.name: + type: TERMS + terms: + - HR Employees + - Corporate Active Directory + exclude: true + protected: + type: TERMS + terms: + - 'true' + - type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + required: + - indices + - query + required: true + responses: + '201': + description: The persisted saved search. + content: + application/json: + schema: + type: object + allOf: + - type: object + properties: + id: + description: | + The saved search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + owner: + description: | + The owner of the saved search. + type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + description: | + The id of the object. + type: string + example: 2c91808568c529c60168cca6f90c1313 + required: + - type + - id + ownerId: + type: string + description: The ID of the identity that owns this saved search. + example: 2c91808568c529c60168cca6f90c1313 + public: + type: boolean + description: Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time. + default: false + example: false + - type: object + properties: + name: + description: | + The name of the saved search. + type: string + example: Disabled accounts + description: + description: | + The description of the saved search. + type: string + nullable: true + example: Disabled accounts + - type: object + properties: + created: + description: | + The date the saved search was initially created. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + description: | + The last date the saved search was modified. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + indices: + description: | + The names of the Elasticsearch indices in which to search. + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + columns: + description: | + The columns to be returned (specifies the order in which they will be presented) for each document type. + + The currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_. + type: object + additionalProperties: + type: array + items: + type: object + properties: + field: + description: | + The name of the field. + type: string + example: email + header: + description: | + The value of the header. + type: string + example: Work Email + required: + - field + example: + identity: + - field: displayName + header: Display Name + - field: e-mail + header: Work Email + query: + description: | + The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL. + type: string + example: '@accounts(disabled:true)' + fields: + description: | + The fields to be searched against in a multi-field query. + type: array + nullable: true + items: + type: string + example: + - disabled + orderBy: + description: | + Sort by index. This takes precedence over the `sort` property. + type: object + additionalProperties: + type: array + items: + type: string + nullable: true + example: + identity: + - lastName + - firstName + role: + - name + sort: + description: | + The fields to be used to sort the search results. + type: array + items: + type: string + example: + - displayName + nullable: true + filters: + nullable: true + allOf: + - type: object + description: The filters to be applied for each filtered field name. + example: + attributes.cloudAuthoritativeSource: + type: EXISTS + exclude: true + accessCount: + type: RANGE + range: + lower: + value: '3' + created: + type: RANGE + range: + lower: + value: '2019-12-01' + inclusive: true + upper: + value: '2020-01-01' + source.name: + type: TERMS + terms: + - HR Employees + - Corporate Active Directory + exclude: true + protected: + type: TERMS + terms: + - 'true' + - type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + required: + - indices + - query + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + security: + - UserContextAuth: + - 'sp:saved-search:read' + tags: + - Saved Search + description: | + Returns a list of saved searches. + summary: A list of Saved Searches + operationId: listSavedSearches + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: filters + in: query + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **owner.id**: *eq* + example: owner.id eq "7a724640-0c17-4ce9-a8c3-4a89738459c8" + responses: + '200': + description: The list of requested saved searches. + content: + application/json: + schema: + type: array + items: + type: object + allOf: + - type: object + properties: + id: + description: | + The saved search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + owner: + description: | + The owner of the saved search. + type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + description: | + The id of the object. + type: string + example: 2c91808568c529c60168cca6f90c1313 + required: + - type + - id + ownerId: + type: string + description: The ID of the identity that owns this saved search. + example: 2c91808568c529c60168cca6f90c1313 + public: + type: boolean + description: Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time. + default: false + example: false + - type: object + properties: + name: + description: | + The name of the saved search. + type: string + example: Disabled accounts + description: + description: | + The description of the saved search. + type: string + nullable: true + example: Disabled accounts + - type: object + properties: + created: + description: | + The date the saved search was initially created. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + description: | + The last date the saved search was modified. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + indices: + description: | + The names of the Elasticsearch indices in which to search. + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + columns: + description: | + The columns to be returned (specifies the order in which they will be presented) for each document type. + + The currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_. + type: object + additionalProperties: + type: array + items: + type: object + properties: + field: + description: | + The name of the field. + type: string + example: email + header: + description: | + The value of the header. + type: string + example: Work Email + required: + - field + example: + identity: + - field: displayName + header: Display Name + - field: e-mail + header: Work Email + query: + description: | + The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL. + type: string + example: '@accounts(disabled:true)' + fields: + description: | + The fields to be searched against in a multi-field query. + type: array + nullable: true + items: + type: string + example: + - disabled + orderBy: + description: | + Sort by index. This takes precedence over the `sort` property. + type: object + additionalProperties: + type: array + items: + type: string + nullable: true + example: + identity: + - lastName + - firstName + role: + - name + sort: + description: | + The fields to be used to sort the search results. + type: array + items: + type: string + example: + - displayName + nullable: true + filters: + nullable: true + allOf: + - type: object + description: The filters to be applied for each filtered field name. + example: + attributes.cloudAuthoritativeSource: + type: EXISTS + exclude: true + accessCount: + type: RANGE + range: + lower: + value: '3' + created: + type: RANGE + range: + lower: + value: '2019-12-01' + inclusive: true + upper: + value: '2020-01-01' + source.name: + type: TERMS + terms: + - HR Employees + - Corporate Active Directory + exclude: true + protected: + type: TERMS + terms: + - 'true' + - type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + required: + - indices + - query + headers: + X-Total-Count: + description: The total result count (returned only if the *count* parameter is specified as *true*). + schema: + type: integer + example: 5 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/saved-searches/{id}': + put: + tags: + - Saved Search + description: | + Updates an existing saved search. + + >**NOTE: You cannot update the `owner` of the saved search.** + summary: | + Updates an existing saved search + operationId: putSavedSearch + parameters: + - in: path + name: id + description: ID of the requested document. + schema: + type: string + required: true + example: 2c91808568c529c60168cca6f90c1313 + requestBody: + description: The saved search to persist. + content: + application/json: + schema: + type: object + allOf: + - type: object + properties: + id: + description: | + The saved search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + owner: + description: | + The owner of the saved search. + type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + description: | + The id of the object. + type: string + example: 2c91808568c529c60168cca6f90c1313 + required: + - type + - id + ownerId: + type: string + description: The ID of the identity that owns this saved search. + example: 2c91808568c529c60168cca6f90c1313 + public: + type: boolean + description: Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time. + default: false + example: false + - type: object + properties: + name: + description: | + The name of the saved search. + type: string + example: Disabled accounts + description: + description: | + The description of the saved search. + type: string + nullable: true + example: Disabled accounts + - type: object + properties: + created: + description: | + The date the saved search was initially created. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + description: | + The last date the saved search was modified. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + indices: + description: | + The names of the Elasticsearch indices in which to search. + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + columns: + description: | + The columns to be returned (specifies the order in which they will be presented) for each document type. + + The currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_. + type: object + additionalProperties: + type: array + items: + type: object + properties: + field: + description: | + The name of the field. + type: string + example: email + header: + description: | + The value of the header. + type: string + example: Work Email + required: + - field + example: + identity: + - field: displayName + header: Display Name + - field: e-mail + header: Work Email + query: + description: | + The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL. + type: string + example: '@accounts(disabled:true)' + fields: + description: | + The fields to be searched against in a multi-field query. + type: array + nullable: true + items: + type: string + example: + - disabled + orderBy: + description: | + Sort by index. This takes precedence over the `sort` property. + type: object + additionalProperties: + type: array + items: + type: string + nullable: true + example: + identity: + - lastName + - firstName + role: + - name + sort: + description: | + The fields to be used to sort the search results. + type: array + items: + type: string + example: + - displayName + nullable: true + filters: + nullable: true + allOf: + - type: object + description: The filters to be applied for each filtered field name. + example: + attributes.cloudAuthoritativeSource: + type: EXISTS + exclude: true + accessCount: + type: RANGE + range: + lower: + value: '3' + created: + type: RANGE + range: + lower: + value: '2019-12-01' + inclusive: true + upper: + value: '2020-01-01' + source.name: + type: TERMS + terms: + - HR Employees + - Corporate Active Directory + exclude: true + protected: + type: TERMS + terms: + - 'true' + - type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + required: + - indices + - query + required: true + responses: + '200': + description: The persisted saved search. + content: + application/json: + schema: + type: object + allOf: + - type: object + properties: + id: + description: | + The saved search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + owner: + description: | + The owner of the saved search. + type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + description: | + The id of the object. + type: string + example: 2c91808568c529c60168cca6f90c1313 + required: + - type + - id + ownerId: + type: string + description: The ID of the identity that owns this saved search. + example: 2c91808568c529c60168cca6f90c1313 + public: + type: boolean + description: Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time. + default: false + example: false + - type: object + properties: + name: + description: | + The name of the saved search. + type: string + example: Disabled accounts + description: + description: | + The description of the saved search. + type: string + nullable: true + example: Disabled accounts + - type: object + properties: + created: + description: | + The date the saved search was initially created. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + description: | + The last date the saved search was modified. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + indices: + description: | + The names of the Elasticsearch indices in which to search. + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + columns: + description: | + The columns to be returned (specifies the order in which they will be presented) for each document type. + + The currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_. + type: object + additionalProperties: + type: array + items: + type: object + properties: + field: + description: | + The name of the field. + type: string + example: email + header: + description: | + The value of the header. + type: string + example: Work Email + required: + - field + example: + identity: + - field: displayName + header: Display Name + - field: e-mail + header: Work Email + query: + description: | + The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL. + type: string + example: '@accounts(disabled:true)' + fields: + description: | + The fields to be searched against in a multi-field query. + type: array + nullable: true + items: + type: string + example: + - disabled + orderBy: + description: | + Sort by index. This takes precedence over the `sort` property. + type: object + additionalProperties: + type: array + items: + type: string + nullable: true + example: + identity: + - lastName + - firstName + role: + - name + sort: + description: | + The fields to be used to sort the search results. + type: array + items: + type: string + example: + - displayName + nullable: true + filters: + nullable: true + allOf: + - type: object + description: The filters to be applied for each filtered field name. + example: + attributes.cloudAuthoritativeSource: + type: EXISTS + exclude: true + accessCount: + type: RANGE + range: + lower: + value: '3' + created: + type: RANGE + range: + lower: + value: '2019-12-01' + inclusive: true + upper: + value: '2020-01-01' + source.name: + type: TERMS + terms: + - HR Employees + - Corporate Active Directory + exclude: true + protected: + type: TERMS + terms: + - 'true' + - type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + required: + - indices + - query + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + tags: + - Saved Search + description: | + Returns the specified saved search. + summary: Return saved search by ID + operationId: getSavedSearch + parameters: + - in: path + name: id + description: ID of the requested document. + schema: + type: string + required: true + example: 2c91808568c529c60168cca6f90c1313 + responses: + '200': + description: The requested saved search. + content: + application/json: + schema: + type: object + allOf: + - type: object + properties: + id: + description: | + The saved search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + owner: + description: | + The owner of the saved search. + type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + description: | + The id of the object. + type: string + example: 2c91808568c529c60168cca6f90c1313 + required: + - type + - id + ownerId: + type: string + description: The ID of the identity that owns this saved search. + example: 2c91808568c529c60168cca6f90c1313 + public: + type: boolean + description: Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time. + default: false + example: false + - type: object + properties: + name: + description: | + The name of the saved search. + type: string + example: Disabled accounts + description: + description: | + The description of the saved search. + type: string + nullable: true + example: Disabled accounts + - type: object + properties: + created: + description: | + The date the saved search was initially created. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + description: | + The last date the saved search was modified. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + indices: + description: | + The names of the Elasticsearch indices in which to search. + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + columns: + description: | + The columns to be returned (specifies the order in which they will be presented) for each document type. + + The currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_. + type: object + additionalProperties: + type: array + items: + type: object + properties: + field: + description: | + The name of the field. + type: string + example: email + header: + description: | + The value of the header. + type: string + example: Work Email + required: + - field + example: + identity: + - field: displayName + header: Display Name + - field: e-mail + header: Work Email + query: + description: | + The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL. + type: string + example: '@accounts(disabled:true)' + fields: + description: | + The fields to be searched against in a multi-field query. + type: array + nullable: true + items: + type: string + example: + - disabled + orderBy: + description: | + Sort by index. This takes precedence over the `sort` property. + type: object + additionalProperties: + type: array + items: + type: string + nullable: true + example: + identity: + - lastName + - firstName + role: + - name + sort: + description: | + The fields to be used to sort the search results. + type: array + items: + type: string + example: + - displayName + nullable: true + filters: + nullable: true + allOf: + - type: object + description: The filters to be applied for each filtered field name. + example: + attributes.cloudAuthoritativeSource: + type: EXISTS + exclude: true + accessCount: + type: RANGE + range: + lower: + value: '3' + created: + type: RANGE + range: + lower: + value: '2019-12-01' + inclusive: true + upper: + value: '2020-01-01' + source.name: + type: TERMS + terms: + - HR Employees + - Corporate Active Directory + exclude: true + protected: + type: TERMS + terms: + - 'true' + - type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + required: + - indices + - query + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + tags: + - Saved Search + description: | + Deletes the specified saved search. + summary: Delete document by ID + operationId: deleteSavedSearch + parameters: + - in: path + name: id + description: ID of the requested document. + schema: + type: string + required: true + example: 2c91808568c529c60168cca6f90c1313 + responses: + '204': + description: No Content - Indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/saved-searches/{id}/execute': + post: + tags: + - Saved Search + description: | + Executes the specified saved search. + summary: Execute a saved search by ID + operationId: executeSavedSearch + parameters: + - in: path + name: id + description: ID of the requested document. + schema: + type: string + required: true + example: 2c91808568c529c60168cca6f90c1313 + requestBody: + description: | + When saved search execution is triggered by a scheduled search, *scheduleId* will specify the ID of the triggering scheduled search. + + If *scheduleId* is not specified (when execution is triggered by a UI test), the *owner* and *recipients* arguments must be provided. + content: + application/json: + schema: + type: object + properties: + scheduleId: + description: | + The ID of the scheduled search that triggered the saved search execution. + type: string + example: 7a724640-0c17-4ce9-a8c3-4a89738459c8 + owner: + description: | + The owner of the scheduled search being tested. + allOf: + - type: object + description: | + A typed reference to the object. + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + description: | + The id of the object. + type: string + example: 2c91808568c529c60168cca6f90c1313 + required: + - type + - id + recipients: + description: | + The email recipients of the scheduled search being tested. + type: array + items: + type: object + description: | + A typed reference to the object. + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + description: | + The id of the object. + type: string + example: 2c91808568c529c60168cca6f90c1313 + required: + - type + - id + examples: + scheduled: + summary: Triggered by Scheduled Search + value: + scheduleId: 7a724640-0c17-4ce9-a8c3-4a89738459c8 + test: + summary: Triggered by UI Test + value: + owner: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + recipients: + - type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + required: true + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /scheduled-searches: + post: + tags: + - Scheduled Search + description: | + Creates a new scheduled search. + summary: Create a new scheduled search + operationId: createScheduledSearch + requestBody: + description: The scheduled search to persist. + content: + application/json: + schema: + allOf: + - type: object + properties: + name: + description: | + The name of the scheduled search. + type: string + example: Daily disabled accounts + nullable: true + description: + description: | + The description of the scheduled search. + type: string + nullable: true + example: Daily disabled accounts + - type: object + properties: + savedSearchId: + description: The ID of the saved search that will be executed. + type: string + example: 554f1511-f0a1-4744-ab14-599514d3e57c + created: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The date the scheduled search was initially created. + readOnly: true + modified: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The last date the scheduled search was modified. + readOnly: true + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + description: A list of identities that should receive the scheduled search report via email. + type: array + items: + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + enabled: + description: | + Indicates if the scheduled search is enabled. + type: boolean + default: false + example: false + emailEmptyResults: + description: | + Indicates if email generation should occur when search returns no results. + type: boolean + default: false + example: false + displayQueryDetails: + description: | + Indicates if the generated email should include the query and search results preview (which could include PII). + type: boolean + default: false + example: false + required: + - savedSearchId + - schedule + - recipients + examples: + Daily Search: + description: A search that executes each day at a 9 AM + value: + savedSearchId: 9c620e13-cd33-4804-a13d-403bd7bcdbad + schedule: + type: DAILY + hours: + type: LIST + values: + - '9' + recipients: + - type: IDENTITY + id: 2c9180867624cbd7017642d8c8c81f67 + Weekly Search: + description: A search that executes each week on select days and times + value: + savedSearchId: 9c620e13-cd33-4804-a13d-403bd7bcdbad + schedule: + type: WEEKLY + days: + type: LIST + values: + - MON + - TUE + - WED + - THU + - FRI + - SAT + - SUN + hours: + type: LIST + values: + - '9' + recipients: + - type: IDENTITY + id: 2c9180867624cbd7017642d8c8c81f67 + Monthly Search: + description: A search that executes each month on select days and times + value: + savedSearchId: 9c620e13-cd33-4804-a13d-403bd7bcdbad + schedule: + type: MONTHLY + days: + type: LIST + values: + - '1' + - '7' + - '14' + - L + hours: + type: LIST + values: + - '9' + recipients: + - type: IDENTITY + id: 2c9180867624cbd7017642d8c8c81f67 + Annual Search: + description: 'A search that executes each year on the defined months, days, and times.' + value: + savedSearchId: 9c620e13-cd33-4804-a13d-403bd7bcdbad + schedule: + type: ANNUALLY + months: + type: LIST + values: + - '1' + interval: 3 + days: + type: LIST + values: + - '1' + - '7' + - '14' + - L + hours: + type: LIST + values: + - '9' + recipients: + - type: IDENTITY + id: 2c9180867624cbd7017642d8c8c81f67 + Calendar Search: + description: A search that executes on specific calendar days + value: + savedSearchId: 9c620e13-cd33-4804-a13d-403bd7bcdbad + schedule: + type: CALENDAR + days: + type: LIST + values: + - '2023-01-22' + - '2023-02-22' + hours: + type: LIST + values: + - '9' + recipients: + - type: IDENTITY + id: 2c9180867624cbd7017642d8c8c81f67 + required: true + responses: + '201': + description: The persisted scheduled search. + content: + application/json: + schema: + type: object + allOf: + - type: object + properties: + id: + description: The scheduled search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + readOnly: true + owner: + description: The owner of the scheduled search + readOnly: true + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + ownerId: + description: | + The ID of the scheduled search owner. + + Please use the `id` in the `owner` object instead. + type: string + example: 2c9180867624cbd7017642d8c8c81f67 + readOnly: true + deprecated: true + - type: object + properties: + name: + description: | + The name of the scheduled search. + type: string + example: Daily disabled accounts + nullable: true + description: + description: | + The description of the scheduled search. + type: string + nullable: true + example: Daily disabled accounts + - type: object + properties: + savedSearchId: + description: The ID of the saved search that will be executed. + type: string + example: 554f1511-f0a1-4744-ab14-599514d3e57c + created: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The date the scheduled search was initially created. + readOnly: true + modified: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The last date the scheduled search was modified. + readOnly: true + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + description: A list of identities that should receive the scheduled search report via email. + type: array + items: + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + enabled: + description: | + Indicates if the scheduled search is enabled. + type: boolean + default: false + example: false + emailEmptyResults: + description: | + Indicates if email generation should occur when search returns no results. + type: boolean + default: false + example: false + displayQueryDetails: + description: | + Indicates if the generated email should include the query and search results preview (which could include PII). + type: boolean + default: false + example: false + required: + - savedSearchId + - schedule + - recipients + required: + - id + - owner + - ownerId + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + tags: + - Scheduled Search + description: | + Returns a list of scheduled searches. + summary: List scheduled searches + operationId: listScheduledSearch + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: filters + in: query + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **owner.id**: *eq* + + **savedSearchId**: *eq* + example: savedSearchId eq "6cc0945d-9eeb-4948-9033-72d066e1153e" + responses: + '200': + description: The list of requested scheduled searches. + content: + application/json: + schema: + type: array + items: + type: object + allOf: + - type: object + properties: + id: + description: The scheduled search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + readOnly: true + owner: + description: The owner of the scheduled search + readOnly: true + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + ownerId: + description: | + The ID of the scheduled search owner. + + Please use the `id` in the `owner` object instead. + type: string + example: 2c9180867624cbd7017642d8c8c81f67 + readOnly: true + deprecated: true + - type: object + properties: + name: + description: | + The name of the scheduled search. + type: string + example: Daily disabled accounts + nullable: true + description: + description: | + The description of the scheduled search. + type: string + nullable: true + example: Daily disabled accounts + - type: object + properties: + savedSearchId: + description: The ID of the saved search that will be executed. + type: string + example: 554f1511-f0a1-4744-ab14-599514d3e57c + created: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The date the scheduled search was initially created. + readOnly: true + modified: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The last date the scheduled search was modified. + readOnly: true + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + description: A list of identities that should receive the scheduled search report via email. + type: array + items: + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + enabled: + description: | + Indicates if the scheduled search is enabled. + type: boolean + default: false + example: false + emailEmptyResults: + description: | + Indicates if email generation should occur when search returns no results. + type: boolean + default: false + example: false + displayQueryDetails: + description: | + Indicates if the generated email should include the query and search results preview (which could include PII). + type: boolean + default: false + example: false + required: + - savedSearchId + - schedule + - recipients + required: + - id + - owner + - ownerId + headers: + X-Total-Count: + description: The total result count (returned only if the *count* parameter is specified as *true*). + schema: + type: integer + example: 5 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/scheduled-searches/{id}': + put: + tags: + - Scheduled Search + description: | + Updates an existing scheduled search. + summary: Update an existing Scheduled Search + operationId: updateScheduledSearch + parameters: + - in: path + name: id + description: ID of the requested document. + schema: + type: string + required: true + example: 2c91808568c529c60168cca6f90c1313 + requestBody: + description: The scheduled search to persist. + content: + application/json: + schema: + type: object + allOf: + - type: object + properties: + id: + description: The scheduled search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + readOnly: true + owner: + description: The owner of the scheduled search + readOnly: true + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + ownerId: + description: | + The ID of the scheduled search owner. + + Please use the `id` in the `owner` object instead. + type: string + example: 2c9180867624cbd7017642d8c8c81f67 + readOnly: true + deprecated: true + - type: object + properties: + name: + description: | + The name of the scheduled search. + type: string + example: Daily disabled accounts + nullable: true + description: + description: | + The description of the scheduled search. + type: string + nullable: true + example: Daily disabled accounts + - type: object + properties: + savedSearchId: + description: The ID of the saved search that will be executed. + type: string + example: 554f1511-f0a1-4744-ab14-599514d3e57c + created: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The date the scheduled search was initially created. + readOnly: true + modified: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The last date the scheduled search was modified. + readOnly: true + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + description: A list of identities that should receive the scheduled search report via email. + type: array + items: + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + enabled: + description: | + Indicates if the scheduled search is enabled. + type: boolean + default: false + example: false + emailEmptyResults: + description: | + Indicates if email generation should occur when search returns no results. + type: boolean + default: false + example: false + displayQueryDetails: + description: | + Indicates if the generated email should include the query and search results preview (which could include PII). + type: boolean + default: false + example: false + required: + - savedSearchId + - schedule + - recipients + required: + - id + - owner + - ownerId + required: true + responses: + '200': + description: The persisted scheduled search. + content: + application/json: + schema: + type: object + allOf: + - type: object + properties: + id: + description: The scheduled search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + readOnly: true + owner: + description: The owner of the scheduled search + readOnly: true + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + ownerId: + description: | + The ID of the scheduled search owner. + + Please use the `id` in the `owner` object instead. + type: string + example: 2c9180867624cbd7017642d8c8c81f67 + readOnly: true + deprecated: true + - type: object + properties: + name: + description: | + The name of the scheduled search. + type: string + example: Daily disabled accounts + nullable: true + description: + description: | + The description of the scheduled search. + type: string + nullable: true + example: Daily disabled accounts + - type: object + properties: + savedSearchId: + description: The ID of the saved search that will be executed. + type: string + example: 554f1511-f0a1-4744-ab14-599514d3e57c + created: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The date the scheduled search was initially created. + readOnly: true + modified: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The last date the scheduled search was modified. + readOnly: true + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + description: A list of identities that should receive the scheduled search report via email. + type: array + items: + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + enabled: + description: | + Indicates if the scheduled search is enabled. + type: boolean + default: false + example: false + emailEmptyResults: + description: | + Indicates if email generation should occur when search returns no results. + type: boolean + default: false + example: false + displayQueryDetails: + description: | + Indicates if the generated email should include the query and search results preview (which could include PII). + type: boolean + default: false + example: false + required: + - savedSearchId + - schedule + - recipients + required: + - id + - owner + - ownerId + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + tags: + - Scheduled Search + description: Returns the specified scheduled search. + summary: Get a Scheduled Search + operationId: getScheduledSearch + parameters: + - in: path + name: id + description: ID of the requested document. + schema: + type: string + required: true + example: 2c91808568c529c60168cca6f90c1313 + responses: + '200': + description: The requested scheduled search. + content: + application/json: + schema: + type: object + allOf: + - type: object + properties: + id: + description: The scheduled search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + readOnly: true + owner: + description: The owner of the scheduled search + readOnly: true + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + ownerId: + description: | + The ID of the scheduled search owner. + + Please use the `id` in the `owner` object instead. + type: string + example: 2c9180867624cbd7017642d8c8c81f67 + readOnly: true + deprecated: true + - type: object + properties: + name: + description: | + The name of the scheduled search. + type: string + example: Daily disabled accounts + nullable: true + description: + description: | + The description of the scheduled search. + type: string + nullable: true + example: Daily disabled accounts + - type: object + properties: + savedSearchId: + description: The ID of the saved search that will be executed. + type: string + example: 554f1511-f0a1-4744-ab14-599514d3e57c + created: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The date the scheduled search was initially created. + readOnly: true + modified: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The last date the scheduled search was modified. + readOnly: true + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + description: A list of identities that should receive the scheduled search report via email. + type: array + items: + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + enabled: + description: | + Indicates if the scheduled search is enabled. + type: boolean + default: false + example: false + emailEmptyResults: + description: | + Indicates if email generation should occur when search returns no results. + type: boolean + default: false + example: false + displayQueryDetails: + description: | + Indicates if the generated email should include the query and search results preview (which could include PII). + type: boolean + default: false + example: false + required: + - savedSearchId + - schedule + - recipients + required: + - id + - owner + - ownerId + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + tags: + - Scheduled Search + description: | + Deletes the specified scheduled search. + operationId: deleteScheduledSearch + summary: Delete a Scheduled Search + parameters: + - in: path + name: id + description: ID of the requested document. + schema: + type: string + required: true + example: 2c91808568c529c60168cca6f90c1313 + responses: + '204': + description: No Content - Indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/scheduled-searches/{id}/unsubscribe': + post: + tags: + - Scheduled Search + description: | + Unsubscribes a recipient from the specified scheduled search. + operationId: unsubscribeScheduledSearch + summary: Unsubscribe a recipient from Scheduled Search + parameters: + - in: path + name: id + description: ID of the requested document. + schema: + type: string + required: true + example: 2c91808568c529c60168cca6f90c1313 + requestBody: + description: | + The recipient to be removed from the scheduled search. + content: + application/json: + schema: + type: object + description: | + A typed reference to the object. + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + description: | + The id of the object. + type: string + example: 2c91808568c529c60168cca6f90c1313 + required: + - type + - id + required: true + responses: + '204': + description: No Content - Indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + /search: + post: + tags: + - Search + description: 'Performs a search with the provided query and returns a matching result collection. By default, you can page a maximum of 10,000 search result records. To page past 10,000 records, you can use searchAfter paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement searchAfter paging. ' + externalDocs: + description: Learn more about search. + url: 'https://documentation.sailpoint.com/saas/help/search/index.html' + operationId: searchPost + security: + - UserContextAuth: + - 'sp:search:read' + summary: Perform Search + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 10000 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 10000 + default: 10000 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + requestBody: + content: + application/json: + schema: + type: object + properties: + indices: + description: 'The names of the Elasticsearch indices in which to search. If none are provided, then all indices will be searched.' + externalDocs: + description: Learn more about search indices here. + url: 'https://documentation.sailpoint.com/saas/help/search/searchable-fields.html' + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + queryType: + description: |- + The type of query to use. By default, the `SAILPOINT` query type is used, which requires the `query` object to be defined in the request body. + To use the `queryDsl` or `typeAheadQuery` objects in the request, you must set the type to `DSL` or `TYPEAHEAD` accordingly. + Additional values may be added in the future without notice. + type: string + enum: + - DSL + - SAILPOINT + - TEXT + - TYPEAHEAD + default: SAILPOINT + example: SAILPOINT + queryVersion: + allOf: + - description: The current Elasticserver version. + type: string + default: '5.2' + example: '5.2' + - type: string + description: |- + The version of the query object. + This version number will map to the version of Elasticsearch for the query strings and objects being used. + query: + type: object + description: Query parameters used to construct an Elasticsearch query object. + properties: + query: + description: 'The query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.' + type: string + example: 'name:a*' + fields: + description: |- + The fields the query will be applied to. Fields provide you with a simple way to add additional fields to search, without making the query too complicated. For example, you can use the fields to specify that you want your query of "a*" to be applied to "name", "firstName", and the "source.name". The response will include all results matching the "a*" query found in those three fields. + A field's availability depends on the indices being searched. For example, if you are searching "identities", you can apply your search to the "firstName" field, but you couldn't use "firstName" with a search on "access profiles". Refer to the response schema for the respective lists of available fields. + type: string + example: + - 'firstName,lastName,email' + timeZone: + description: The time zone to be applied to any range query related to dates. + type: string + example: America/Chicago + innerHit: + description: The innerHit query object returns a flattened list of results for the specified nested type. + type: object + required: + - query + - type + properties: + query: + description: 'The search query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.' + type: string + example: 'source.name:\"Active Directory\"' + type: + description: 'The nested type to use in the inner hits query. The nested type [Nested Type](https://www.elastic.co/guide/en/elasticsearch/reference/current/nested.html) refers to a document "nested" within another document. For example, an identity can have nested documents for access, accounts, and apps.' + type: string + example: access + queryDsl: + description: 'The search query using the Elasticsearch [Query DSL](https://www.elastic.co/guide/en/elasticsearch/reference/7.10/query-dsl.html) syntax.' + type: object + example: + match: + name: john.doe + textQuery: + type: object + description: Query parameters used to construct an Elasticsearch text query object. + required: + - terms + - fields + properties: + terms: + description: Words or characters that specify a particular thing to be searched for. + type: array + items: + type: string + example: + - The quick brown fox + - '3141592' + - '7' + fields: + description: The fields to be searched. + type: array + items: + type: string + example: + - displayName + - employeeNumber + - roleCount + matchAny: + description: 'Indicates that at least one of the terms must be found in the specified fields; otherwise, all terms must be found.' + type: boolean + default: false + example: false + contains: + description: 'Indicates that the terms can be located anywhere in the specified fields; otherwise, the fields must begin with the terms.' + type: boolean + default: false + example: true + typeAheadQuery: + type: object + description: 'Query parameters used to construct an Elasticsearch type ahead query object. The typeAheadQuery performs a search for top values beginning with the typed values. For example, typing "Jo" results in top hits matching "Jo." Typing "Job" results in top hits matching "Job." ' + required: + - query + - field + properties: + query: + description: The type ahead query string used to construct a phrase prefix match query. + type: string + example: Work + field: + description: The field on which to perform the type ahead search. + type: string + example: source.name + nestedType: + description: The nested type. + type: string + example: access + maxExpansions: + description: |- + The number of suffixes the last term will be expanded into. + Influences the performance of the query and the number results returned. + Valid values: 1 to 1000. + type: integer + format: int32 + minimum: 1 + maximum: 1000 + default: 10 + example: 10 + size: + description: The max amount of records the search will return. + type: integer + format: int32 + minimum: 1 + default: 100 + example: 100 + sort: + description: The sort order of the returned records. + type: string + default: desc + example: asc + sortByValue: + description: 'The flag that defines the sort type, by count or value.' + type: boolean + default: false + example: true + includeNested: + description: Indicates whether nested objects from returned search results should be included. + type: boolean + default: true + example: true + queryResultFilter: + type: object + description: Allows the query results to be filtered by specifying a list of fields to include and/or exclude from the result documents. + properties: + includes: + description: The list of field names to include in the result documents. + type: array + items: + type: string + example: + - name + - displayName + excludes: + description: The list of field names to exclude from the result documents. + type: array + items: + type: string + example: + - stacktrace + aggregationType: + description: | + Enum representing the currently available query languages for aggregations, which are used to perform calculations or groupings on search results. + + Additional values may be added in the future without notice. + type: string + enum: + - DSL + - SAILPOINT + default: DSL + example: DSL + aggregationsVersion: + allOf: + - description: The current Elasticserver version. + type: string + default: '5.2' + example: '5.2' + - type: string + description: |- + The version of the language being used for aggregation queries. + This version number will map to the version of Elasticsearch for the aggregation query object. + aggregationsDsl: + description: 'The aggregation search query using Elasticsearch [Aggregations](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/search-aggregations.html) syntax.' + type: object + example: {} + aggregations: + description: | + The aggregation’s specifications, such as the groupings and calculations to be performed. + allOf: + - type: object + properties: + nested: + type: object + description: The nested aggregation object. + required: + - name + - type + properties: + name: + description: The name of the nested aggregate to be included in the result. + type: string + example: id + type: + description: The type of the nested object. + type: string + example: access + metric: + type: object + description: The calculation done on the results of the query + required: + - name + - field + properties: + name: + description: |- + The name of the metric aggregate to be included in the result. + If the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results. + type: string + example: Access Name Count + type: + description: |- + Enum representing the currently supported metric aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - COUNT + - UNIQUE_COUNT + - AVG + - SUM + - MEDIAN + - MIN + - MAX + default: UNIQUE_COUNT + example: COUNT + field: + description: | + The field the calculation is performed on. + + Prefix the field name with '@' to reference a nested object. + type: string + example: '@access.name' + filter: + type: object + description: An additional filter to constrain the results of the search query. + required: + - name + - field + - value + properties: + name: + description: The name of the filter aggregate to be included in the result. + type: string + example: Entitlements + type: + description: |- + Enum representing the currently supported filter aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERM + default: TERM + example: TERM + field: + description: | + The search field to apply the filter to. + + Prefix the field name with '@' to reference a nested object. + type: string + example: access.type + value: + description: The value to filter on. + type: string + example: ENTITLEMENT + bucket: + type: object + description: The bucket to group the results of the aggregation query by. + required: + - name + - field + properties: + name: + description: The name of the bucket aggregate to be included in the result. + type: string + example: Identity Locations + type: + description: |- + Enum representing the currently supported bucket aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERMS + default: TERMS + example: TERMS + field: + description: |- + The field to bucket on. + Prefix the field name with '@' to reference a nested object. + type: string + example: attributes.city + size: + description: Maximum number of buckets to include. + type: integer + format: int32 + example: 100 + minDocCount: + description: Minimum number of documents a bucket should have. + type: integer + format: int32 + example: 2 + - type: object + properties: + subAggregation: + description: Aggregation to be performed on the result of the parent bucket aggregation. + allOf: + - type: object + properties: + nested: + type: object + description: The nested aggregation object. + required: + - name + - type + properties: + name: + description: The name of the nested aggregate to be included in the result. + type: string + example: id + type: + description: The type of the nested object. + type: string + example: access + metric: + type: object + description: The calculation done on the results of the query + required: + - name + - field + properties: + name: + description: |- + The name of the metric aggregate to be included in the result. + If the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results. + type: string + example: Access Name Count + type: + description: |- + Enum representing the currently supported metric aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - COUNT + - UNIQUE_COUNT + - AVG + - SUM + - MEDIAN + - MIN + - MAX + default: UNIQUE_COUNT + example: COUNT + field: + description: | + The field the calculation is performed on. + + Prefix the field name with '@' to reference a nested object. + type: string + example: '@access.name' + filter: + type: object + description: An additional filter to constrain the results of the search query. + required: + - name + - field + - value + properties: + name: + description: The name of the filter aggregate to be included in the result. + type: string + example: Entitlements + type: + description: |- + Enum representing the currently supported filter aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERM + default: TERM + example: TERM + field: + description: | + The search field to apply the filter to. + + Prefix the field name with '@' to reference a nested object. + type: string + example: access.type + value: + description: The value to filter on. + type: string + example: ENTITLEMENT + bucket: + type: object + description: The bucket to group the results of the aggregation query by. + required: + - name + - field + properties: + name: + description: The name of the bucket aggregate to be included in the result. + type: string + example: Identity Locations + type: + description: |- + Enum representing the currently supported bucket aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERMS + default: TERMS + example: TERMS + field: + description: |- + The field to bucket on. + Prefix the field name with '@' to reference a nested object. + type: string + example: attributes.city + size: + description: Maximum number of buckets to include. + type: integer + format: int32 + example: 100 + minDocCount: + description: Minimum number of documents a bucket should have. + type: integer + format: int32 + example: 2 + - type: object + properties: + subAggregation: + description: Aggregation to be performed on the result of the parent bucket aggregation. + type: object + properties: + nested: + type: object + description: The nested aggregation object. + required: + - name + - type + properties: + name: + description: The name of the nested aggregate to be included in the result. + type: string + example: id + type: + description: The type of the nested object. + type: string + example: access + metric: + type: object + description: The calculation done on the results of the query + required: + - name + - field + properties: + name: + description: |- + The name of the metric aggregate to be included in the result. + If the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results. + type: string + example: Access Name Count + type: + description: |- + Enum representing the currently supported metric aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - COUNT + - UNIQUE_COUNT + - AVG + - SUM + - MEDIAN + - MIN + - MAX + default: UNIQUE_COUNT + example: COUNT + field: + description: | + The field the calculation is performed on. + + Prefix the field name with '@' to reference a nested object. + type: string + example: '@access.name' + filter: + type: object + description: An additional filter to constrain the results of the search query. + required: + - name + - field + - value + properties: + name: + description: The name of the filter aggregate to be included in the result. + type: string + example: Entitlements + type: + description: |- + Enum representing the currently supported filter aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERM + default: TERM + example: TERM + field: + description: | + The search field to apply the filter to. + + Prefix the field name with '@' to reference a nested object. + type: string + example: access.type + value: + description: The value to filter on. + type: string + example: ENTITLEMENT + bucket: + type: object + description: The bucket to group the results of the aggregation query by. + required: + - name + - field + properties: + name: + description: The name of the bucket aggregate to be included in the result. + type: string + example: Identity Locations + type: + description: |- + Enum representing the currently supported bucket aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERMS + default: TERMS + example: TERMS + field: + description: |- + The field to bucket on. + Prefix the field name with '@' to reference a nested object. + type: string + example: attributes.city + size: + description: Maximum number of buckets to include. + type: integer + format: int32 + example: 100 + minDocCount: + description: Minimum number of documents a bucket should have. + type: integer + format: int32 + example: 2 + sort: + description: The fields to be used to sort the search results. Use + or - to specify the sort direction. + type: array + items: + type: string + example: + - displayName + - +id + searchAfter: + description: |- + Used to begin the search window at the values specified. + This parameter consists of the last values of the sorted fields in the current record set. + This is used to expand the Elasticsearch limit of 10K records by shifting the 10K window to begin at this value. + It is recommended that you always include the ID of the object in addition to any other fields on this parameter in order to ensure you don't get duplicate results while paging. + For example, when searching for identities, if you are sorting by displayName you will also want to include ID, for example ["displayName", "id"]. + If the last identity ID in the search result is 2c91808375d8e80a0175e1f88a575221 and the last displayName is "John Doe", then using that displayName and ID will start a new search after this identity. + The searchAfter value will look like ["John Doe","2c91808375d8e80a0175e1f88a575221"] + type: array + items: + type: string + example: + - John Doe + - 2c91808375d8e80a0175e1f88a575221 + filters: + description: The filters to be applied for each filtered field name. + type: object + additionalProperties: + type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + example: {} + examples: + query-fields: + summary: Query with Fields + value: + indices: + - identities + query: + query: '"John Doe"' + fields: + - name + query-timeZone: + summary: Query with TimeZone + value: + indices: + - identities + query: + query: 'created: [2022-05-19T19:26:03.351Z TO now]' + timeZone: America/Los_Angeles + query-innerHit: + summary: Query with InnerHit + value: + indices: + - identities + query: + query: '"John Doe"' + innerHit: + type: access + query: 'source.name:\"Active Directory\"' + typeAheadQuery: + summary: TypeAheadQuery + value: + indices: + - identities + queryType: TYPEAHEAD + typeAheadQuery: + field: name + query: Jo + maxExpansions: 50 + size: 100 + sort: desc + sortByValue: false + typeAheadQuery-nestedType: + summary: TypeAheadQuery with NestedType + value: + indices: + - identities + queryType: TYPEAHEAD + typeAheadQuery: + field: source.name + nestedType: access + query: Work + maxExpansions: 50 + size: 100 + sort: desc + sortByValue: false + filter-exists: + summary: Filter with Exists + value: + indices: + - identities + query: + query: 'attributes.city:London' + filters: + attributes.cloudAuthoritativeSource: + type: EXISTS + exclude: true + filter-range: + summary: Filter with Range + value: + indices: + - identities + query: + query: 'attributes.city:London' + timeZone: Europe/London + filters: + accessCount: + type: RANGE + range: + lower: + value: '3' + created: + type: RANGE + range: + lower: + value: '2019-12-01' + inclusive: true + upper: + value: '2020-01-01' + filter-terms: + summary: Filter with Terms + value: + indices: + - identities + query: + query: 'attributes.city:London' + filters: + source.name: + type: TERMS + terms: + - HR Employees + - Corporate Active Directory + exclude: true + protected: + type: TERMS + terms: + - 'true' + required: true + responses: + '200': + description: List of matching documents. + content: + application/json: + schema: + type: array + items: + discriminator: + propertyName: _type + mapping: + accessprofile: ../model/access/profile/AccessProfileDocument.yaml + accountactivity: ../model/account/activity/AccountActivityDocument.yaml + entitlement: ../model/entitlement/EntitlementDocument.yaml + event: ../model/event/EventDocument.yaml + identity: ../model/identity/IdentityDocument.yaml + role: ../model/role/RoleDocument.yaml + oneOf: + - description: 'More complete representation of an access profile. ' + allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + description: Access profile's ID. + example: 2c9180825a6c1adc015a71c9023f0818 + name: + type: string + description: Access profile's name. + example: Cloud Eng + _type: + description: |- + Access profile's document type. + This enum represents the currently supported document types. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: accessprofile + source: + type: object + description: Access profile's source. + properties: + id: + type: string + description: Source's ID. + example: ff8081815757d4fb0157588f3d9d008f + name: + type: string + description: Source's name. + example: Employees + entitlements: + type: array + description: Entitlements the access profile has access to. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: AccountActivity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + action: + type: string + description: Type of action performed in the activity. + externalDocs: + description: Learn more about account activity action types + url: 'https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data' + example: Identity Refresh. + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + stage: + type: string + description: Activity's current stage. + example: Completed + origin: + type: string + description: Activity's origin. + nullable: true + example: null + status: + type: string + description: Activity's current status. + example: Complete + requester: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + recipient: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + trackingNumber: + type: string + description: Account activity's tracking number. + example: 61aad0c9e8134eca89e76a35e0cabe3f + errors: + type: array + description: Errors provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + warnings: + type: array + description: Warnings provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + approvals: + type: array + description: Approvals performed on an item during activity. + items: + type: object + properties: + comments: + type: array + items: + type: object + properties: + comment: + type: string + description: The comment text + example: This request was autoapproved by our automated ETS subscriber. + commenter: + type: string + description: The name of the commenter + example: Automated AR Approval + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + created: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + modified: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: string + description: The result of the approval + example: Finished + type: + type: string + nullable: true + example: null + originalRequests: + type: array + description: Original actions that triggered all individual source actions related to the account action. + items: + type: object + properties: + accountId: + type: string + description: Account ID. + example: 'CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + attributeRequests: + type: array + description: Attribute changes requested for account. + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + description: Operation used. + example: add + source: + description: Account's source. + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + expansionItems: + type: array + description: Controls that translated the attribute requests into actual provisioning actions on the source. + items: + type: object + properties: + accountId: + type: string + description: The ID of the account + example: 2c91808981f58ea601821c3e93482e6f + cause: + type: string + example: Role + name: + type: string + description: The name of the item + example: smartsheet-role + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + accountRequests: + type: array + description: Account data for each individual source action triggered by the original requests. + items: + type: object + properties: + accountId: + type: string + description: Unique ID of the account + example: John.Doe + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + example: Modify + description: The operation that was performed + provisioningTarget: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: object + properties: + errors: + type: array + items: + type: string + example: |- + [ConnectorError] [ + { + "code": "unrecognized_keys", + "keys": [ + "groups" + ], + "path": [], + "message": "Unrecognized key(s) in object: 'groups'" + } + ] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e) + status: + type: string + description: The status of the account request + example: failed + ticketId: + type: string + nullable: true + example: null + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + sources: + type: string + description: Sources involved in the account activity. + example: 'smartsheet-test, airtable-v4, IdentityNow' + - description: Entitlement + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + displayName: + type: string + description: Entitlement's display name. + example: Admin + source: + type: object + description: Entitlement's source. + properties: + id: + type: string + description: ID of entitlement's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of entitlement's source. + example: ODS-HR-Employees + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + requestable: + type: boolean + description: Indicates whether the entitlement is requestable. + default: false + example: false + cloudGoverned: + type: boolean + description: Indicates whether the entitlement is cloud governed. + default: false + example: false + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + identityCount: + type: integer + description: Number of identities who have access to the entitlement. + format: int32 + example: 3 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: Event + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + action: + type: string + description: Name of the event as it's displayed in audit reports. + example: update + type: + type: string + description: 'Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.' + example: SYSTEM_CONFIG + actor: + type: string + description: Name of the actor that generated the event. + example: System + target: + type: string + description: 'Name of the target, or recipient, of the event.' + example: Carol.Adams + stack: + type: string + description: The event's stack. + example: tpe + trackingNumber: + type: string + description: ID of the group of events. + example: 63f891e0735f4cc8bf1968144a1e7440 + ipAddress: + type: string + description: Target system's IP address. + example: 52.52.97.85 + details: + type: string + description: ID of event's details. + example: 73b65dfbed1842548c207432a18c84b0 + attributes: + type: object + description: Attributes involved in the event. + additionalProperties: true + example: + pod: stg03-useast1 + org: acme + sourceName: SailPoint + objects: + type: array + description: Objects the event is happening to. + items: + type: string + example: AUTHENTICATION + operation: + type: string + description: 'Operation, or action, performed during the event.' + example: REQUEST + status: + type: string + description: 'Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.' + example: PASSED + technicalName: + type: string + description: Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'. + example: AUTHENTICATION_REQUEST_PASSED + - description: Identity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + displayName: + type: string + example: Carol.Adams + description: Identity's display name. + firstName: + type: string + description: Identity's first name. + example: Carol + lastName: + type: string + description: Identity's last name. + example: Adams + email: + type: string + description: Identity's primary email address. + example: Carol.Adams@sailpointdemo.com + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + phone: + type: string + description: Identity's phone number. + example: +1 440-527-3672 + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + inactive: + type: boolean + description: Indicates whether the identity is inactive. + default: false + example: false + protected: + type: boolean + description: Indicates whether the identity is protected. + default: false + example: false + status: + type: string + description: Identity's status in SailPoint. + example: UNREGISTERED + employeeNumber: + type: string + description: Identity's employee number. + example: 1a2a3d4e + manager: + type: object + description: Identity's manager. + nullable: true + properties: + id: + type: string + description: ID of identity's manager. + example: 2c9180867dfe694b017e208e27c05799 + name: + type: string + description: Name of identity's manager. + example: Amanda.Ross + displayName: + type: string + description: Display name of identity's manager. + example: Amanda.Ross + isManager: + type: boolean + description: Indicates whether the identity is a manager of other identities. + example: false + identityProfile: + type: object + description: Identity's identity profile. + properties: + id: + type: string + description: Identity profile's ID. + example: 3bc8ad26b8664945866b31339d1ff7d2 + name: + type: string + description: Identity profile's name. + example: HR Employees + source: + type: object + description: Identity's source. + properties: + id: + type: string + description: ID of identity's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of identity's source. + example: ODS-HR-Employees + attributes: + type: object + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + country: US + firstname: Carol + cloudStatus: UNREGISTERED + processingState: + type: string + description: Identity's processing state. + nullable: true + example: null + processingDetails: + description: Identity's processing details. + nullable: true + type: object + properties: + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + stage: + type: string + example: In Process + retryCount: + type: integer + example: 0 + format: int32 + stackTrace: + type: string + example: + message: + type: string + example: + accounts: + type: array + description: List of accounts associated with the identity. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + accountId: + type: string + description: Account ID. + example: John.Doe + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + disabled: + type: boolean + description: Indicates whether the account is disabled. + default: false + example: false + locked: + type: boolean + description: Indicates whether the account is locked. + default: false + example: false + privileged: + type: boolean + description: Indicates whether the account is privileged. + default: false + example: false + manuallyCorrelated: + type: boolean + description: Indicates whether the account has been manually correlated to an identity. + default: false + example: false + passwordLastSet: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + entitlementAttributes: + type: object + nullable: true + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + moderator: true + admin: true + trust_level: '4' + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + accountCount: + type: integer + description: Number of accounts associated with the identity. + format: int32 + example: 3 + apps: + type: array + description: List of applications the identity has access to. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + account: + type: object + properties: + id: + type: string + description: The SailPoint generated unique ID + example: 2c9180837dfe6949017e21f3d8cd6d49 + accountId: + type: string + description: The account ID generated by the source + example: 'CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + appCount: + type: integer + format: int32 + description: Number of applications the identity has access to. + example: 2 + access: + type: array + description: List of access items assigned to the identity. + items: + discriminator: + propertyName: type + mapping: + ACCESS_PROFILE: ../access/AccessProfileSummary.yaml + ENTITLEMENT: ../access/AccessProfileEntitlement.yaml + ROLE: ../access/AccessProfileRole.yaml + oneOf: + - description: This is a summary representation of an access profile. + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + revocable: + type: boolean + example: true + - description: EntitlementReference + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + privileged: + type: boolean + example: false + attribute: + type: string + example: memberOf + value: + type: string + example: 'CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + standalone: + type: boolean + example: false + - description: Role + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + disabled: + type: boolean + revocable: + type: boolean + accessCount: + type: integer + format: int32 + description: Number of access items assigned to the identity. + example: 5 + entitlementCount: + type: integer + format: int32 + description: Number of entitlements assigned to the identity. + example: 10 + roleCount: + type: integer + format: int32 + description: Number of roles assigned to the identity. + example: 1 + accessProfileCount: + type: integer + format: int32 + description: Number of access profiles assigned to the identity. + example: 1 + owns: + type: array + description: Access items the identity owns. + items: + type: object + properties: + sources: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + entitlements: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + roles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + apps: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + governanceGroups: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + fallbackApprover: + type: boolean + example: false + ownsCount: + type: integer + format: int32 + description: Number of access items the identity owns. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: Role + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + properties: + accessProfiles: + type: array + description: Access profiles included with the role. + items: + type: object + properties: + id: + type: string + example: 2c91809c6faade77016fb4f0b63407ae + description: Access profile's unique ID. + name: + type: string + example: Admin Access + description: Access profile's display name. + accessProfileCount: + type: integer + description: Number of access profiles included with the role. + format: int32 + example: 1 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + entitlements: + type: array + description: Entitlements included with the role. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements included with the role. + format: int32 + example: 3 + examples: + accessProfiles: + summary: A collection of AccessProfiles + value: + - id: 2c9180825a6c1adc015a71c9023f0818 + name: Cloud Eng + _type: accessprofile + description: Cloud Eng + created: '2017-02-24T20:21:23.145Z' + modified: '2019-05-24T20:36:04.312Z' + synced: '2020-02-18T05:30:20.414Z' + enabled: true + requestable: true + requestCommentsRequired: false + owner: + id: ff8081815757d36a015757d42e56031e + name: SailPoint Support + type: IDENTITY + email: cloud-support@sailpoint.com + source: + id: ff8081815757d4fb0157588f3d9d008f + name: Employees + entitlements: + - id: 2c918084575812550157589064f33b89 + name: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + description: mull + attribute: memberOf + value: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: 1 + tags: + - TAG_1 + - TAG_2 + entitlements: + summary: A collection of Entitlements + value: + - id: 2c9180946ed0c43d016eec1a80892fbd + name: entitlement.aa415ae7 + _type: entitlement + description: 'null' + attribute: groups + value: entitlement.aa415ae7 + modified: '2019-12-09T19:19:50.154Z' + synced: '2020-02-19T04:30:32.906Z' + displayName: entitlement.aa415ae7 + source: + id: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: ODS-HR-Employees + privileged: false + identityCount: 68 + tags: + - TAG_1 + - TAG_2 + events: + summary: A collection of Events + value: + - id: e092842f-c904-4b59-aac8-2544abeeef4b + name: Update Task Schedule Passed + _type: event + created: '2020-02-17T16:23:18.327Z' + synced: '2020-02-17T16:23:18.388Z' + action: TASK_SCHEDULE_UPDATE_PASSED + type: SYSTEM_CONFIG + actor: + name: MantisTaskScheduler + target: + name: Perform provisioning activity search delete synchronization + stack: tpe + trackingNumber: c6b98bc39ece48b080826d16c76b166c + ipAddress: 207.189.160.158 + details: 'null' + attributes: + sourceName: SailPoint + objects: + - TASK + - SCHEDULE + operation: UPDATE + status: PASSED + technicalName: TASK_SCHEDULE_UPDATE_PASSED + identities: + summary: A collection of Identities + value: + - id: 2c9180865c45e7e3015c46c434a80622 + name: ad.admin + _type: identity + firstName: AD + lastName: Admin + displayName: AD Admin + email: SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM + created: '2018-08-22T19:54:54.302Z' + modified: '2018-08-22T19:54:54.302Z' + synced: '2018-08-22T19:54:54.302Z' + phone: 512-942-7578 + inactive: false + protected: false + status: UNREGISTERED + employeeNumber: O349804 + manager: null + isManager: false + identityProfile: + id: 2c918085605c8d0601606f357cb231e6 + name: E2E AD + source: + id: 2c9180855c45b230015c46c19b9c0202 + name: EndToEnd-ADSource + attributes: + uid: ad.admin + firstname: AD + cloudAuthoritativeSource: 2c9180855c45b230015c46c19b9c0202 + cloudStatus: UNREGISTERED + iplanet-am-user-alias-list: null + displayName: AD Admin + internalCloudStatus: UNREGISTERED + workPhone: 512-942-7578 + email: SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM + lastname: Admin + processingState: null + processingDetails: null + accounts: + - id: 2c9180865c45e7e3015c46c434a80623 + name: ad.admin + accountId: 'CN=AD Admin,OU=slpt-automation,DC=TestAutomationAD,DC=local' + source: + id: 2c9180855c45b230015c46c19b9c0202 + name: EndToEnd-ADSource + type: Active Directory - Direct + disabled: false + locked: false + privileged: false + manuallyCorrelated: false + passwordLastSet: '2018-08-22T19:54:54.302Z' + entitlementAttributes: + memberOf: + - 'CN=Group Policy Creator Owners,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Domain Guests,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Domain Admins,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Enterprise Admins,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Schema Admins,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Guests,CN=Builtin,DC=TestAutomationAD,DC=local' + - 'CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local' + created: '2018-08-22T19:54:54.302Z' + - id: 2c918083606d670c01606f35a30a0349 + name: ad.admin + accountId: ad.admin + source: + id: ff8081815c46b85b015c46b90c7c02a6 + name: IdentityNow + type: IdentityNowConnector + disabled: false + locked: false + privileged: false + manuallyCorrelated: false + passwordLastSet: null + entitlementAttributes: null + created: '2018-08-22T19:54:54.302Z' + accountCount: 2 + apps: + - id: '22751' + name: ADP Workforce Now + source: + id: 2c9180855c45b230015c46e2f6a8026a + name: Corporate Active Directory + account: + id: 2c9180865c45efa4015c470be0de1606 + accountId: 'CN=Bob Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + appCount: 1 + access: + - id: 2c918083634bc6cb01639808d40270ba + name: 'test [AccessProfile-1527264105448]' + displayName: test + type: ACCESS_PROFILE + description: test + source: + id: 2c9180855c45b230015c46c19b9c0202 + name: EndToEnd-ADSource + owner: + id: 2c9180865c45e7e3015c46c434a80622 + name: ad.admin + displayName: AD Admin + - id: 2c9180865c45e7e3015c46c457c50755 + name: Administrators + displayName: Administrators + type: ENTITLEMENT + description: null + source: + id: 2c9180855c45b230015c46c19b9c0202 + name: EndToEnd-ADSource + privileged: false + attribute: memberOf + value: 'CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local' + standalone: false + - id: 2c9180865decdaa5015e06598b293108 + name: 'test [cloudRole-1503345085223]' + displayName: test + type: ROLE + description: test + owner: + id: 2c9180865c45e7e3015c46c5030707a0 + name: will.albin + displayName: Albin Will + disabled: false + accessCount: 3 + accessProfileCount: 1 + entitlementCount: 1 + roleCount: 1 + tags: + - TAG_1 + - TAG_2 + roles: + summary: A collection of Roles + value: + - id: 2c91808c6faadea6016fb4f2bc69077b + name: IT Role + _type: role + description: IT role + created: '2020-01-17T19:20:15.040Z' + modified: null + synced: '2020-02-18T05:30:20.145Z' + enabled: true + requestable: false + requestCommentsRequired: false + owner: + id: 2c9180a46faadee4016fb4e018c20639 + name: Cloud Support + type: IDENTITY + email: thomas.edison@acme-solar.com + accessProfiles: + - id: 2c91809c6faade77016fb4f0b63407ae + name: Admin Access + accessProfileCount: 1 + tags: + - TAG_1 + - TAG_2 + headers: + X-Total-Count: + schema: + type: integer + description: The total result count (returned only if the *count* parameter is specified as *true*). + example: 30 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /search/count: + post: + tags: + - Search + description: Performs a search with a provided query and returns the count of results in the X-Total-Count header. + operationId: searchCount + security: + - UserContextAuth: + - 'sp:search:read' + summary: Count Documents Satisfying a Query + requestBody: + content: + application/json: + schema: + type: object + properties: + indices: + description: 'The names of the Elasticsearch indices in which to search. If none are provided, then all indices will be searched.' + externalDocs: + description: Learn more about search indices here. + url: 'https://documentation.sailpoint.com/saas/help/search/searchable-fields.html' + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + queryType: + description: |- + The type of query to use. By default, the `SAILPOINT` query type is used, which requires the `query` object to be defined in the request body. + To use the `queryDsl` or `typeAheadQuery` objects in the request, you must set the type to `DSL` or `TYPEAHEAD` accordingly. + Additional values may be added in the future without notice. + type: string + enum: + - DSL + - SAILPOINT + - TEXT + - TYPEAHEAD + default: SAILPOINT + example: SAILPOINT + queryVersion: + allOf: + - description: The current Elasticserver version. + type: string + default: '5.2' + example: '5.2' + - type: string + description: |- + The version of the query object. + This version number will map to the version of Elasticsearch for the query strings and objects being used. + query: + type: object + description: Query parameters used to construct an Elasticsearch query object. + properties: + query: + description: 'The query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.' + type: string + example: 'name:a*' + fields: + description: |- + The fields the query will be applied to. Fields provide you with a simple way to add additional fields to search, without making the query too complicated. For example, you can use the fields to specify that you want your query of "a*" to be applied to "name", "firstName", and the "source.name". The response will include all results matching the "a*" query found in those three fields. + A field's availability depends on the indices being searched. For example, if you are searching "identities", you can apply your search to the "firstName" field, but you couldn't use "firstName" with a search on "access profiles". Refer to the response schema for the respective lists of available fields. + type: string + example: + - 'firstName,lastName,email' + timeZone: + description: The time zone to be applied to any range query related to dates. + type: string + example: America/Chicago + innerHit: + description: The innerHit query object returns a flattened list of results for the specified nested type. + type: object + required: + - query + - type + properties: + query: + description: 'The search query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.' + type: string + example: 'source.name:\"Active Directory\"' + type: + description: 'The nested type to use in the inner hits query. The nested type [Nested Type](https://www.elastic.co/guide/en/elasticsearch/reference/current/nested.html) refers to a document "nested" within another document. For example, an identity can have nested documents for access, accounts, and apps.' + type: string + example: access + queryDsl: + description: 'The search query using the Elasticsearch [Query DSL](https://www.elastic.co/guide/en/elasticsearch/reference/7.10/query-dsl.html) syntax.' + type: object + example: + match: + name: john.doe + textQuery: + type: object + description: Query parameters used to construct an Elasticsearch text query object. + required: + - terms + - fields + properties: + terms: + description: Words or characters that specify a particular thing to be searched for. + type: array + items: + type: string + example: + - The quick brown fox + - '3141592' + - '7' + fields: + description: The fields to be searched. + type: array + items: + type: string + example: + - displayName + - employeeNumber + - roleCount + matchAny: + description: 'Indicates that at least one of the terms must be found in the specified fields; otherwise, all terms must be found.' + type: boolean + default: false + example: false + contains: + description: 'Indicates that the terms can be located anywhere in the specified fields; otherwise, the fields must begin with the terms.' + type: boolean + default: false + example: true + typeAheadQuery: + type: object + description: 'Query parameters used to construct an Elasticsearch type ahead query object. The typeAheadQuery performs a search for top values beginning with the typed values. For example, typing "Jo" results in top hits matching "Jo." Typing "Job" results in top hits matching "Job." ' + required: + - query + - field + properties: + query: + description: The type ahead query string used to construct a phrase prefix match query. + type: string + example: Work + field: + description: The field on which to perform the type ahead search. + type: string + example: source.name + nestedType: + description: The nested type. + type: string + example: access + maxExpansions: + description: |- + The number of suffixes the last term will be expanded into. + Influences the performance of the query and the number results returned. + Valid values: 1 to 1000. + type: integer + format: int32 + minimum: 1 + maximum: 1000 + default: 10 + example: 10 + size: + description: The max amount of records the search will return. + type: integer + format: int32 + minimum: 1 + default: 100 + example: 100 + sort: + description: The sort order of the returned records. + type: string + default: desc + example: asc + sortByValue: + description: 'The flag that defines the sort type, by count or value.' + type: boolean + default: false + example: true + includeNested: + description: Indicates whether nested objects from returned search results should be included. + type: boolean + default: true + example: true + queryResultFilter: + type: object + description: Allows the query results to be filtered by specifying a list of fields to include and/or exclude from the result documents. + properties: + includes: + description: The list of field names to include in the result documents. + type: array + items: + type: string + example: + - name + - displayName + excludes: + description: The list of field names to exclude from the result documents. + type: array + items: + type: string + example: + - stacktrace + aggregationType: + description: | + Enum representing the currently available query languages for aggregations, which are used to perform calculations or groupings on search results. + + Additional values may be added in the future without notice. + type: string + enum: + - DSL + - SAILPOINT + default: DSL + example: DSL + aggregationsVersion: + allOf: + - description: The current Elasticserver version. + type: string + default: '5.2' + example: '5.2' + - type: string + description: |- + The version of the language being used for aggregation queries. + This version number will map to the version of Elasticsearch for the aggregation query object. + aggregationsDsl: + description: 'The aggregation search query using Elasticsearch [Aggregations](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/search-aggregations.html) syntax.' + type: object + example: {} + aggregations: + description: | + The aggregation’s specifications, such as the groupings and calculations to be performed. + allOf: + - type: object + properties: + nested: + type: object + description: The nested aggregation object. + required: + - name + - type + properties: + name: + description: The name of the nested aggregate to be included in the result. + type: string + example: id + type: + description: The type of the nested object. + type: string + example: access + metric: + type: object + description: The calculation done on the results of the query + required: + - name + - field + properties: + name: + description: |- + The name of the metric aggregate to be included in the result. + If the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results. + type: string + example: Access Name Count + type: + description: |- + Enum representing the currently supported metric aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - COUNT + - UNIQUE_COUNT + - AVG + - SUM + - MEDIAN + - MIN + - MAX + default: UNIQUE_COUNT + example: COUNT + field: + description: | + The field the calculation is performed on. + + Prefix the field name with '@' to reference a nested object. + type: string + example: '@access.name' + filter: + type: object + description: An additional filter to constrain the results of the search query. + required: + - name + - field + - value + properties: + name: + description: The name of the filter aggregate to be included in the result. + type: string + example: Entitlements + type: + description: |- + Enum representing the currently supported filter aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERM + default: TERM + example: TERM + field: + description: | + The search field to apply the filter to. + + Prefix the field name with '@' to reference a nested object. + type: string + example: access.type + value: + description: The value to filter on. + type: string + example: ENTITLEMENT + bucket: + type: object + description: The bucket to group the results of the aggregation query by. + required: + - name + - field + properties: + name: + description: The name of the bucket aggregate to be included in the result. + type: string + example: Identity Locations + type: + description: |- + Enum representing the currently supported bucket aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERMS + default: TERMS + example: TERMS + field: + description: |- + The field to bucket on. + Prefix the field name with '@' to reference a nested object. + type: string + example: attributes.city + size: + description: Maximum number of buckets to include. + type: integer + format: int32 + example: 100 + minDocCount: + description: Minimum number of documents a bucket should have. + type: integer + format: int32 + example: 2 + - type: object + properties: + subAggregation: + description: Aggregation to be performed on the result of the parent bucket aggregation. + allOf: + - type: object + properties: + nested: + type: object + description: The nested aggregation object. + required: + - name + - type + properties: + name: + description: The name of the nested aggregate to be included in the result. + type: string + example: id + type: + description: The type of the nested object. + type: string + example: access + metric: + type: object + description: The calculation done on the results of the query + required: + - name + - field + properties: + name: + description: |- + The name of the metric aggregate to be included in the result. + If the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results. + type: string + example: Access Name Count + type: + description: |- + Enum representing the currently supported metric aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - COUNT + - UNIQUE_COUNT + - AVG + - SUM + - MEDIAN + - MIN + - MAX + default: UNIQUE_COUNT + example: COUNT + field: + description: | + The field the calculation is performed on. + + Prefix the field name with '@' to reference a nested object. + type: string + example: '@access.name' + filter: + type: object + description: An additional filter to constrain the results of the search query. + required: + - name + - field + - value + properties: + name: + description: The name of the filter aggregate to be included in the result. + type: string + example: Entitlements + type: + description: |- + Enum representing the currently supported filter aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERM + default: TERM + example: TERM + field: + description: | + The search field to apply the filter to. + + Prefix the field name with '@' to reference a nested object. + type: string + example: access.type + value: + description: The value to filter on. + type: string + example: ENTITLEMENT + bucket: + type: object + description: The bucket to group the results of the aggregation query by. + required: + - name + - field + properties: + name: + description: The name of the bucket aggregate to be included in the result. + type: string + example: Identity Locations + type: + description: |- + Enum representing the currently supported bucket aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERMS + default: TERMS + example: TERMS + field: + description: |- + The field to bucket on. + Prefix the field name with '@' to reference a nested object. + type: string + example: attributes.city + size: + description: Maximum number of buckets to include. + type: integer + format: int32 + example: 100 + minDocCount: + description: Minimum number of documents a bucket should have. + type: integer + format: int32 + example: 2 + - type: object + properties: + subAggregation: + description: Aggregation to be performed on the result of the parent bucket aggregation. + type: object + properties: + nested: + type: object + description: The nested aggregation object. + required: + - name + - type + properties: + name: + description: The name of the nested aggregate to be included in the result. + type: string + example: id + type: + description: The type of the nested object. + type: string + example: access + metric: + type: object + description: The calculation done on the results of the query + required: + - name + - field + properties: + name: + description: |- + The name of the metric aggregate to be included in the result. + If the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results. + type: string + example: Access Name Count + type: + description: |- + Enum representing the currently supported metric aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - COUNT + - UNIQUE_COUNT + - AVG + - SUM + - MEDIAN + - MIN + - MAX + default: UNIQUE_COUNT + example: COUNT + field: + description: | + The field the calculation is performed on. + + Prefix the field name with '@' to reference a nested object. + type: string + example: '@access.name' + filter: + type: object + description: An additional filter to constrain the results of the search query. + required: + - name + - field + - value + properties: + name: + description: The name of the filter aggregate to be included in the result. + type: string + example: Entitlements + type: + description: |- + Enum representing the currently supported filter aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERM + default: TERM + example: TERM + field: + description: | + The search field to apply the filter to. + + Prefix the field name with '@' to reference a nested object. + type: string + example: access.type + value: + description: The value to filter on. + type: string + example: ENTITLEMENT + bucket: + type: object + description: The bucket to group the results of the aggregation query by. + required: + - name + - field + properties: + name: + description: The name of the bucket aggregate to be included in the result. + type: string + example: Identity Locations + type: + description: |- + Enum representing the currently supported bucket aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERMS + default: TERMS + example: TERMS + field: + description: |- + The field to bucket on. + Prefix the field name with '@' to reference a nested object. + type: string + example: attributes.city + size: + description: Maximum number of buckets to include. + type: integer + format: int32 + example: 100 + minDocCount: + description: Minimum number of documents a bucket should have. + type: integer + format: int32 + example: 2 + sort: + description: The fields to be used to sort the search results. Use + or - to specify the sort direction. + type: array + items: + type: string + example: + - displayName + - +id + searchAfter: + description: |- + Used to begin the search window at the values specified. + This parameter consists of the last values of the sorted fields in the current record set. + This is used to expand the Elasticsearch limit of 10K records by shifting the 10K window to begin at this value. + It is recommended that you always include the ID of the object in addition to any other fields on this parameter in order to ensure you don't get duplicate results while paging. + For example, when searching for identities, if you are sorting by displayName you will also want to include ID, for example ["displayName", "id"]. + If the last identity ID in the search result is 2c91808375d8e80a0175e1f88a575221 and the last displayName is "John Doe", then using that displayName and ID will start a new search after this identity. + The searchAfter value will look like ["John Doe","2c91808375d8e80a0175e1f88a575221"] + type: array + items: + type: string + example: + - John Doe + - 2c91808375d8e80a0175e1f88a575221 + filters: + description: The filters to be applied for each filtered field name. + type: object + additionalProperties: + type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + example: {} + examples: + query-timeZone: + summary: Query with TimeZone + value: + indices: + - identities + query: + query: 'created: [2022-05-19T19:26:03.351Z TO now]' + timeZone: America/Los_Angeles + required: true + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + headers: + X-Total-Count: + description: The total result count. + schema: + type: integer + example: 5 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /search/aggregate: + post: + tags: + - Search + description: 'Performs a search query aggregation and returns the aggregation result. By default, you can page a maximum of 10,000 search result records. To page past 10,000 records, you can use searchAfter paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement searchAfter paging. ' + operationId: searchAggregate + security: + - UserContextAuth: + - 'sp:search:read' + summary: Perform a Search Query Aggregation + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + requestBody: + content: + application/json: + schema: + type: object + properties: + indices: + description: 'The names of the Elasticsearch indices in which to search. If none are provided, then all indices will be searched.' + externalDocs: + description: Learn more about search indices here. + url: 'https://documentation.sailpoint.com/saas/help/search/searchable-fields.html' + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + queryType: + description: |- + The type of query to use. By default, the `SAILPOINT` query type is used, which requires the `query` object to be defined in the request body. + To use the `queryDsl` or `typeAheadQuery` objects in the request, you must set the type to `DSL` or `TYPEAHEAD` accordingly. + Additional values may be added in the future without notice. + type: string + enum: + - DSL + - SAILPOINT + - TEXT + - TYPEAHEAD + default: SAILPOINT + example: SAILPOINT + queryVersion: + allOf: + - description: The current Elasticserver version. + type: string + default: '5.2' + example: '5.2' + - type: string + description: |- + The version of the query object. + This version number will map to the version of Elasticsearch for the query strings and objects being used. + query: + type: object + description: Query parameters used to construct an Elasticsearch query object. + properties: + query: + description: 'The query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.' + type: string + example: 'name:a*' + fields: + description: |- + The fields the query will be applied to. Fields provide you with a simple way to add additional fields to search, without making the query too complicated. For example, you can use the fields to specify that you want your query of "a*" to be applied to "name", "firstName", and the "source.name". The response will include all results matching the "a*" query found in those three fields. + A field's availability depends on the indices being searched. For example, if you are searching "identities", you can apply your search to the "firstName" field, but you couldn't use "firstName" with a search on "access profiles". Refer to the response schema for the respective lists of available fields. + type: string + example: + - 'firstName,lastName,email' + timeZone: + description: The time zone to be applied to any range query related to dates. + type: string + example: America/Chicago + innerHit: + description: The innerHit query object returns a flattened list of results for the specified nested type. + type: object + required: + - query + - type + properties: + query: + description: 'The search query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.' + type: string + example: 'source.name:\"Active Directory\"' + type: + description: 'The nested type to use in the inner hits query. The nested type [Nested Type](https://www.elastic.co/guide/en/elasticsearch/reference/current/nested.html) refers to a document "nested" within another document. For example, an identity can have nested documents for access, accounts, and apps.' + type: string + example: access + queryDsl: + description: 'The search query using the Elasticsearch [Query DSL](https://www.elastic.co/guide/en/elasticsearch/reference/7.10/query-dsl.html) syntax.' + type: object + example: + match: + name: john.doe + textQuery: + type: object + description: Query parameters used to construct an Elasticsearch text query object. + required: + - terms + - fields + properties: + terms: + description: Words or characters that specify a particular thing to be searched for. + type: array + items: + type: string + example: + - The quick brown fox + - '3141592' + - '7' + fields: + description: The fields to be searched. + type: array + items: + type: string + example: + - displayName + - employeeNumber + - roleCount + matchAny: + description: 'Indicates that at least one of the terms must be found in the specified fields; otherwise, all terms must be found.' + type: boolean + default: false + example: false + contains: + description: 'Indicates that the terms can be located anywhere in the specified fields; otherwise, the fields must begin with the terms.' + type: boolean + default: false + example: true + typeAheadQuery: + type: object + description: 'Query parameters used to construct an Elasticsearch type ahead query object. The typeAheadQuery performs a search for top values beginning with the typed values. For example, typing "Jo" results in top hits matching "Jo." Typing "Job" results in top hits matching "Job." ' + required: + - query + - field + properties: + query: + description: The type ahead query string used to construct a phrase prefix match query. + type: string + example: Work + field: + description: The field on which to perform the type ahead search. + type: string + example: source.name + nestedType: + description: The nested type. + type: string + example: access + maxExpansions: + description: |- + The number of suffixes the last term will be expanded into. + Influences the performance of the query and the number results returned. + Valid values: 1 to 1000. + type: integer + format: int32 + minimum: 1 + maximum: 1000 + default: 10 + example: 10 + size: + description: The max amount of records the search will return. + type: integer + format: int32 + minimum: 1 + default: 100 + example: 100 + sort: + description: The sort order of the returned records. + type: string + default: desc + example: asc + sortByValue: + description: 'The flag that defines the sort type, by count or value.' + type: boolean + default: false + example: true + includeNested: + description: Indicates whether nested objects from returned search results should be included. + type: boolean + default: true + example: true + queryResultFilter: + type: object + description: Allows the query results to be filtered by specifying a list of fields to include and/or exclude from the result documents. + properties: + includes: + description: The list of field names to include in the result documents. + type: array + items: + type: string + example: + - name + - displayName + excludes: + description: The list of field names to exclude from the result documents. + type: array + items: + type: string + example: + - stacktrace + aggregationType: + description: | + Enum representing the currently available query languages for aggregations, which are used to perform calculations or groupings on search results. + + Additional values may be added in the future without notice. + type: string + enum: + - DSL + - SAILPOINT + default: DSL + example: DSL + aggregationsVersion: + allOf: + - description: The current Elasticserver version. + type: string + default: '5.2' + example: '5.2' + - type: string + description: |- + The version of the language being used for aggregation queries. + This version number will map to the version of Elasticsearch for the aggregation query object. + aggregationsDsl: + description: 'The aggregation search query using Elasticsearch [Aggregations](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/search-aggregations.html) syntax.' + type: object + example: {} + aggregations: + description: | + The aggregation’s specifications, such as the groupings and calculations to be performed. + allOf: + - type: object + properties: + nested: + type: object + description: The nested aggregation object. + required: + - name + - type + properties: + name: + description: The name of the nested aggregate to be included in the result. + type: string + example: id + type: + description: The type of the nested object. + type: string + example: access + metric: + type: object + description: The calculation done on the results of the query + required: + - name + - field + properties: + name: + description: |- + The name of the metric aggregate to be included in the result. + If the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results. + type: string + example: Access Name Count + type: + description: |- + Enum representing the currently supported metric aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - COUNT + - UNIQUE_COUNT + - AVG + - SUM + - MEDIAN + - MIN + - MAX + default: UNIQUE_COUNT + example: COUNT + field: + description: | + The field the calculation is performed on. + + Prefix the field name with '@' to reference a nested object. + type: string + example: '@access.name' + filter: + type: object + description: An additional filter to constrain the results of the search query. + required: + - name + - field + - value + properties: + name: + description: The name of the filter aggregate to be included in the result. + type: string + example: Entitlements + type: + description: |- + Enum representing the currently supported filter aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERM + default: TERM + example: TERM + field: + description: | + The search field to apply the filter to. + + Prefix the field name with '@' to reference a nested object. + type: string + example: access.type + value: + description: The value to filter on. + type: string + example: ENTITLEMENT + bucket: + type: object + description: The bucket to group the results of the aggregation query by. + required: + - name + - field + properties: + name: + description: The name of the bucket aggregate to be included in the result. + type: string + example: Identity Locations + type: + description: |- + Enum representing the currently supported bucket aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERMS + default: TERMS + example: TERMS + field: + description: |- + The field to bucket on. + Prefix the field name with '@' to reference a nested object. + type: string + example: attributes.city + size: + description: Maximum number of buckets to include. + type: integer + format: int32 + example: 100 + minDocCount: + description: Minimum number of documents a bucket should have. + type: integer + format: int32 + example: 2 + - type: object + properties: + subAggregation: + description: Aggregation to be performed on the result of the parent bucket aggregation. + allOf: + - type: object + properties: + nested: + type: object + description: The nested aggregation object. + required: + - name + - type + properties: + name: + description: The name of the nested aggregate to be included in the result. + type: string + example: id + type: + description: The type of the nested object. + type: string + example: access + metric: + type: object + description: The calculation done on the results of the query + required: + - name + - field + properties: + name: + description: |- + The name of the metric aggregate to be included in the result. + If the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results. + type: string + example: Access Name Count + type: + description: |- + Enum representing the currently supported metric aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - COUNT + - UNIQUE_COUNT + - AVG + - SUM + - MEDIAN + - MIN + - MAX + default: UNIQUE_COUNT + example: COUNT + field: + description: | + The field the calculation is performed on. + + Prefix the field name with '@' to reference a nested object. + type: string + example: '@access.name' + filter: + type: object + description: An additional filter to constrain the results of the search query. + required: + - name + - field + - value + properties: + name: + description: The name of the filter aggregate to be included in the result. + type: string + example: Entitlements + type: + description: |- + Enum representing the currently supported filter aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERM + default: TERM + example: TERM + field: + description: | + The search field to apply the filter to. + + Prefix the field name with '@' to reference a nested object. + type: string + example: access.type + value: + description: The value to filter on. + type: string + example: ENTITLEMENT + bucket: + type: object + description: The bucket to group the results of the aggregation query by. + required: + - name + - field + properties: + name: + description: The name of the bucket aggregate to be included in the result. + type: string + example: Identity Locations + type: + description: |- + Enum representing the currently supported bucket aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERMS + default: TERMS + example: TERMS + field: + description: |- + The field to bucket on. + Prefix the field name with '@' to reference a nested object. + type: string + example: attributes.city + size: + description: Maximum number of buckets to include. + type: integer + format: int32 + example: 100 + minDocCount: + description: Minimum number of documents a bucket should have. + type: integer + format: int32 + example: 2 + - type: object + properties: + subAggregation: + description: Aggregation to be performed on the result of the parent bucket aggregation. + type: object + properties: + nested: + type: object + description: The nested aggregation object. + required: + - name + - type + properties: + name: + description: The name of the nested aggregate to be included in the result. + type: string + example: id + type: + description: The type of the nested object. + type: string + example: access + metric: + type: object + description: The calculation done on the results of the query + required: + - name + - field + properties: + name: + description: |- + The name of the metric aggregate to be included in the result. + If the metric aggregation is omitted, the resulting aggregation will be a count of the documents in the search results. + type: string + example: Access Name Count + type: + description: |- + Enum representing the currently supported metric aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - COUNT + - UNIQUE_COUNT + - AVG + - SUM + - MEDIAN + - MIN + - MAX + default: UNIQUE_COUNT + example: COUNT + field: + description: | + The field the calculation is performed on. + + Prefix the field name with '@' to reference a nested object. + type: string + example: '@access.name' + filter: + type: object + description: An additional filter to constrain the results of the search query. + required: + - name + - field + - value + properties: + name: + description: The name of the filter aggregate to be included in the result. + type: string + example: Entitlements + type: + description: |- + Enum representing the currently supported filter aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERM + default: TERM + example: TERM + field: + description: | + The search field to apply the filter to. + + Prefix the field name with '@' to reference a nested object. + type: string + example: access.type + value: + description: The value to filter on. + type: string + example: ENTITLEMENT + bucket: + type: object + description: The bucket to group the results of the aggregation query by. + required: + - name + - field + properties: + name: + description: The name of the bucket aggregate to be included in the result. + type: string + example: Identity Locations + type: + description: |- + Enum representing the currently supported bucket aggregation types. + Additional values may be added in the future without notice. + type: string + enum: + - TERMS + default: TERMS + example: TERMS + field: + description: |- + The field to bucket on. + Prefix the field name with '@' to reference a nested object. + type: string + example: attributes.city + size: + description: Maximum number of buckets to include. + type: integer + format: int32 + example: 100 + minDocCount: + description: Minimum number of documents a bucket should have. + type: integer + format: int32 + example: 2 + sort: + description: The fields to be used to sort the search results. Use + or - to specify the sort direction. + type: array + items: + type: string + example: + - displayName + - +id + searchAfter: + description: |- + Used to begin the search window at the values specified. + This parameter consists of the last values of the sorted fields in the current record set. + This is used to expand the Elasticsearch limit of 10K records by shifting the 10K window to begin at this value. + It is recommended that you always include the ID of the object in addition to any other fields on this parameter in order to ensure you don't get duplicate results while paging. + For example, when searching for identities, if you are sorting by displayName you will also want to include ID, for example ["displayName", "id"]. + If the last identity ID in the search result is 2c91808375d8e80a0175e1f88a575221 and the last displayName is "John Doe", then using that displayName and ID will start a new search after this identity. + The searchAfter value will look like ["John Doe","2c91808375d8e80a0175e1f88a575221"] + type: array + items: + type: string + example: + - John Doe + - 2c91808375d8e80a0175e1f88a575221 + filters: + description: The filters to be applied for each filtered field name. + type: object + additionalProperties: + type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + example: {} + examples: + metricAggregation: + summary: MetricAggregation + value: + indices: + - identities + aggregationType: SAILPOINT + aggregations: + metric: + name: How Many Locations + type: UNIQUE_COUNT + field: attributes.city + metricAggregation-dsl: + summary: MetricAggregation using DSL + value: + indices: + - identities + aggregationType: DSL + aggregationsDsl: + How Many Locations: + cardinality: + field: attributes.city.exact + bucketAggregation: + summary: BucketAggregation + value: + indices: + - identities + aggregationType: SAILPOINT + aggregations: + bucket: + name: Identity Locations + type: TERMS + field: attributes.city + bucketAggregation-dsl: + summary: BucketAggregation using DSL + value: + indices: + - identities + aggregationType: DSL + aggregationsDsl: + Identity Locations: + terms: + field: attributes.city.exact + nestedAggregation-bucketAggregation: + summary: NestedAggregation with BucketAggregation + value: + indices: + - identities + aggregationType: SAILPOINT + aggregations: + nested: + name: Access + field: access + type: TERMS + bucket: + name: Access Source Name + type: TERMS + field: access.source.name + nestedAggregation-bucketAggregation-dsl: + summary: NestedAggregation with BucketAggregation using DSL + value: + indices: + - identities + aggregationType: DSL + aggregationsDsl: + access: + nested: + path: access + aggs: + Access Source Name: + terms: + field: access.source.name.exact + nestedAggregation-filterAggregation-bucketAggregation: + summary: NestedAggregation with FilterAggregation and BucketAggregation + value: + indices: + - identities + aggregationType: SAILPOINT + aggregations: + nested: + name: Access + field: access + type: TERMS + filter: + name: Entitlements + field: access.type + value: ENTITLEMENT + bucket: + name: Access Name + type: TERMS + field: access.name + nestedAggregation-filterAggregation-bucketAggregation-dsl: + summary: NestedAggregation with FilterAggregation and BucketAggregation using DSL + value: + indices: + - identities + aggregationType: DSL + aggregationsDsl: + access: + nested: + path: access + aggs: + Entitlements: + filter: + term: + access.type: ENTITLEMENT + aggs: + Access Name: + terms: + field: access.name.exact + bucketAggregation-subAggregation: + summary: BucketAggregation with SubAggregation + value: + indices: + - identities + aggregationType: SAILPOINT + aggregations: + bucket: + name: Identity Department + type: TERMS + field: attributes.department + subAggregation: + bucket: + name: Identity Locations + type: TERMS + field: attributes.city + bucketAggregation-subAggregation-dsl: + summary: BucketAggregation with SubAggregation using DSL + value: + indices: + - identities + aggregationType: DSL + aggregationsDsl: + Identity Department: + terms: + field: attributes.department.exact + aggs: + Identity Locations: + terms: + field: attributes.city.exact + required: true + responses: + '200': + description: Aggregation results. + content: + application/json: + schema: + type: object + properties: + aggregations: + type: object + description: | + The document containing the results of the aggregation. This document is controlled by Elasticsearch and depends on the type of aggregation query that is run. + + See Elasticsearch [Aggregations](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/search-aggregations.html) documentation for information. + example: + Identity Locations: + buckets: + - key: Austin + doc_count: 109 + - key: London + doc_count: 64 + - key: San Jose + doc_count: 27 + - key: Brussels + doc_count: 26 + - key: Sao Paulo + doc_count: 24 + - key: Munich + doc_count: 23 + - key: Singapore + doc_count: 22 + - key: Tokyo + doc_count: 20 + - key: Taipei + doc_count: 16 + hits: + description: | + The results of the aggregation search query. + type: array + items: + discriminator: + propertyName: _type + mapping: + accessprofile: ../model/access/profile/AccessProfileDocument.yaml + accountactivity: ../model/account/activity/AccountActivityDocument.yaml + entitlement: ../model/entitlement/EntitlementDocument.yaml + event: ../model/event/EventDocument.yaml + identity: ../model/identity/IdentityDocument.yaml + role: ../model/role/RoleDocument.yaml + oneOf: + - description: 'More complete representation of an access profile. ' + allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + description: Access profile's ID. + example: 2c9180825a6c1adc015a71c9023f0818 + name: + type: string + description: Access profile's name. + example: Cloud Eng + _type: + description: |- + Access profile's document type. + This enum represents the currently supported document types. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: accessprofile + source: + type: object + description: Access profile's source. + properties: + id: + type: string + description: Source's ID. + example: ff8081815757d4fb0157588f3d9d008f + name: + type: string + description: Source's name. + example: Employees + entitlements: + type: array + description: Entitlements the access profile has access to. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: AccountActivity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + action: + type: string + description: Type of action performed in the activity. + externalDocs: + description: Learn more about account activity action types + url: 'https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data' + example: Identity Refresh. + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + stage: + type: string + description: Activity's current stage. + example: Completed + origin: + type: string + description: Activity's origin. + nullable: true + example: null + status: + type: string + description: Activity's current status. + example: Complete + requester: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + recipient: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + trackingNumber: + type: string + description: Account activity's tracking number. + example: 61aad0c9e8134eca89e76a35e0cabe3f + errors: + type: array + description: Errors provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + warnings: + type: array + description: Warnings provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + approvals: + type: array + description: Approvals performed on an item during activity. + items: + type: object + properties: + comments: + type: array + items: + type: object + properties: + comment: + type: string + description: The comment text + example: This request was autoapproved by our automated ETS subscriber. + commenter: + type: string + description: The name of the commenter + example: Automated AR Approval + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + created: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + modified: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: string + description: The result of the approval + example: Finished + type: + type: string + nullable: true + example: null + originalRequests: + type: array + description: Original actions that triggered all individual source actions related to the account action. + items: + type: object + properties: + accountId: + type: string + description: Account ID. + example: 'CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + attributeRequests: + type: array + description: Attribute changes requested for account. + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + description: Operation used. + example: add + source: + description: Account's source. + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + expansionItems: + type: array + description: Controls that translated the attribute requests into actual provisioning actions on the source. + items: + type: object + properties: + accountId: + type: string + description: The ID of the account + example: 2c91808981f58ea601821c3e93482e6f + cause: + type: string + example: Role + name: + type: string + description: The name of the item + example: smartsheet-role + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + accountRequests: + type: array + description: Account data for each individual source action triggered by the original requests. + items: + type: object + properties: + accountId: + type: string + description: Unique ID of the account + example: John.Doe + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + example: Modify + description: The operation that was performed + provisioningTarget: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: object + properties: + errors: + type: array + items: + type: string + example: |- + [ConnectorError] [ + { + "code": "unrecognized_keys", + "keys": [ + "groups" + ], + "path": [], + "message": "Unrecognized key(s) in object: 'groups'" + } + ] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e) + status: + type: string + description: The status of the account request + example: failed + ticketId: + type: string + nullable: true + example: null + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + sources: + type: string + description: Sources involved in the account activity. + example: 'smartsheet-test, airtable-v4, IdentityNow' + - description: Entitlement + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + displayName: + type: string + description: Entitlement's display name. + example: Admin + source: + type: object + description: Entitlement's source. + properties: + id: + type: string + description: ID of entitlement's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of entitlement's source. + example: ODS-HR-Employees + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + requestable: + type: boolean + description: Indicates whether the entitlement is requestable. + default: false + example: false + cloudGoverned: + type: boolean + description: Indicates whether the entitlement is cloud governed. + default: false + example: false + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + identityCount: + type: integer + description: Number of identities who have access to the entitlement. + format: int32 + example: 3 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: Event + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + action: + type: string + description: Name of the event as it's displayed in audit reports. + example: update + type: + type: string + description: 'Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.' + example: SYSTEM_CONFIG + actor: + type: string + description: Name of the actor that generated the event. + example: System + target: + type: string + description: 'Name of the target, or recipient, of the event.' + example: Carol.Adams + stack: + type: string + description: The event's stack. + example: tpe + trackingNumber: + type: string + description: ID of the group of events. + example: 63f891e0735f4cc8bf1968144a1e7440 + ipAddress: + type: string + description: Target system's IP address. + example: 52.52.97.85 + details: + type: string + description: ID of event's details. + example: 73b65dfbed1842548c207432a18c84b0 + attributes: + type: object + description: Attributes involved in the event. + additionalProperties: true + example: + pod: stg03-useast1 + org: acme + sourceName: SailPoint + objects: + type: array + description: Objects the event is happening to. + items: + type: string + example: AUTHENTICATION + operation: + type: string + description: 'Operation, or action, performed during the event.' + example: REQUEST + status: + type: string + description: 'Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.' + example: PASSED + technicalName: + type: string + description: Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'. + example: AUTHENTICATION_REQUEST_PASSED + - description: Identity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + displayName: + type: string + example: Carol.Adams + description: Identity's display name. + firstName: + type: string + description: Identity's first name. + example: Carol + lastName: + type: string + description: Identity's last name. + example: Adams + email: + type: string + description: Identity's primary email address. + example: Carol.Adams@sailpointdemo.com + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + phone: + type: string + description: Identity's phone number. + example: +1 440-527-3672 + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + inactive: + type: boolean + description: Indicates whether the identity is inactive. + default: false + example: false + protected: + type: boolean + description: Indicates whether the identity is protected. + default: false + example: false + status: + type: string + description: Identity's status in SailPoint. + example: UNREGISTERED + employeeNumber: + type: string + description: Identity's employee number. + example: 1a2a3d4e + manager: + type: object + description: Identity's manager. + nullable: true + properties: + id: + type: string + description: ID of identity's manager. + example: 2c9180867dfe694b017e208e27c05799 + name: + type: string + description: Name of identity's manager. + example: Amanda.Ross + displayName: + type: string + description: Display name of identity's manager. + example: Amanda.Ross + isManager: + type: boolean + description: Indicates whether the identity is a manager of other identities. + example: false + identityProfile: + type: object + description: Identity's identity profile. + properties: + id: + type: string + description: Identity profile's ID. + example: 3bc8ad26b8664945866b31339d1ff7d2 + name: + type: string + description: Identity profile's name. + example: HR Employees + source: + type: object + description: Identity's source. + properties: + id: + type: string + description: ID of identity's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of identity's source. + example: ODS-HR-Employees + attributes: + type: object + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + country: US + firstname: Carol + cloudStatus: UNREGISTERED + processingState: + type: string + description: Identity's processing state. + nullable: true + example: null + processingDetails: + description: Identity's processing details. + nullable: true + type: object + properties: + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + stage: + type: string + example: In Process + retryCount: + type: integer + example: 0 + format: int32 + stackTrace: + type: string + example: + message: + type: string + example: + accounts: + type: array + description: List of accounts associated with the identity. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + accountId: + type: string + description: Account ID. + example: John.Doe + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + disabled: + type: boolean + description: Indicates whether the account is disabled. + default: false + example: false + locked: + type: boolean + description: Indicates whether the account is locked. + default: false + example: false + privileged: + type: boolean + description: Indicates whether the account is privileged. + default: false + example: false + manuallyCorrelated: + type: boolean + description: Indicates whether the account has been manually correlated to an identity. + default: false + example: false + passwordLastSet: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + entitlementAttributes: + type: object + nullable: true + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + moderator: true + admin: true + trust_level: '4' + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + accountCount: + type: integer + description: Number of accounts associated with the identity. + format: int32 + example: 3 + apps: + type: array + description: List of applications the identity has access to. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + account: + type: object + properties: + id: + type: string + description: The SailPoint generated unique ID + example: 2c9180837dfe6949017e21f3d8cd6d49 + accountId: + type: string + description: The account ID generated by the source + example: 'CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + appCount: + type: integer + format: int32 + description: Number of applications the identity has access to. + example: 2 + access: + type: array + description: List of access items assigned to the identity. + items: + discriminator: + propertyName: type + mapping: + ACCESS_PROFILE: ../access/AccessProfileSummary.yaml + ENTITLEMENT: ../access/AccessProfileEntitlement.yaml + ROLE: ../access/AccessProfileRole.yaml + oneOf: + - description: This is a summary representation of an access profile. + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + revocable: + type: boolean + example: true + - description: EntitlementReference + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + privileged: + type: boolean + example: false + attribute: + type: string + example: memberOf + value: + type: string + example: 'CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + standalone: + type: boolean + example: false + - description: Role + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + disabled: + type: boolean + revocable: + type: boolean + accessCount: + type: integer + format: int32 + description: Number of access items assigned to the identity. + example: 5 + entitlementCount: + type: integer + format: int32 + description: Number of entitlements assigned to the identity. + example: 10 + roleCount: + type: integer + format: int32 + description: Number of roles assigned to the identity. + example: 1 + accessProfileCount: + type: integer + format: int32 + description: Number of access profiles assigned to the identity. + example: 1 + owns: + type: array + description: Access items the identity owns. + items: + type: object + properties: + sources: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + entitlements: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + roles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + apps: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + governanceGroups: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + fallbackApprover: + type: boolean + example: false + ownsCount: + type: integer + format: int32 + description: Number of access items the identity owns. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: Role + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + properties: + accessProfiles: + type: array + description: Access profiles included with the role. + items: + type: object + properties: + id: + type: string + example: 2c91809c6faade77016fb4f0b63407ae + description: Access profile's unique ID. + name: + type: string + example: Admin Access + description: Access profile's display name. + accessProfileCount: + type: integer + description: Number of access profiles included with the role. + format: int32 + example: 1 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + entitlements: + type: array + description: Entitlements included with the role. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements included with the role. + format: int32 + example: 3 + text/csv: + schema: + description: | + If the *Accept:text/csv* header is specified and the *aggregationType* parameter in the request body is *SAILPOINT*, + + the aggregation result will be returned as a CSV document. + type: string + example: + - 'Identity Locations,Count' + - 'Munich,23' + - 'Brussels,26' + - 'Singapore,22' + - 'Tokyo,20' + - 'Taipei,16' + - 'London,64' + - 'Austin,109' + - 'Sao Paulo,24' + - 'San Jose,27' + headers: + X-Total-Count: + description: The total result count (returned only if the *count* parameter is specified as *true*). + schema: + type: integer + example: 5 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/search/{index}/{id}': + get: + tags: + - Search + description: 'Fetches a single document from the specified index, using the specified document ID.' + operationId: searchGet + security: + - UserContextAuth: + - 'sp:search:read' + summary: Get a Document by ID + parameters: + - in: path + name: index + description: | + The index from which to fetch the specified document. + + The currently supported index names are: *accessprofiles*, *accountactivities*, *entitlements*, *events*, *identities*, and *roles*. + schema: + type: string + required: true + example: accounts + - in: path + name: id + description: ID of the requested document. + schema: + type: string + required: true + example: 2c91808568c529c60168cca6f90c1313 + responses: + '200': + description: The requested document. + content: + application/json: + schema: + discriminator: + propertyName: _type + mapping: + accessprofile: ../model/access/profile/AccessProfileDocument.yaml + accountactivity: ../model/account/activity/AccountActivityDocument.yaml + entitlement: ../model/entitlement/EntitlementDocument.yaml + event: ../model/event/EventDocument.yaml + identity: ../model/identity/IdentityDocument.yaml + role: ../model/role/RoleDocument.yaml + oneOf: + - description: 'More complete representation of an access profile. ' + allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + description: Access profile's ID. + example: 2c9180825a6c1adc015a71c9023f0818 + name: + type: string + description: Access profile's name. + example: Cloud Eng + _type: + description: |- + Access profile's document type. + This enum represents the currently supported document types. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: accessprofile + source: + type: object + description: Access profile's source. + properties: + id: + type: string + description: Source's ID. + example: ff8081815757d4fb0157588f3d9d008f + name: + type: string + description: Source's name. + example: Employees + entitlements: + type: array + description: Entitlements the access profile has access to. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: AccountActivity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + action: + type: string + description: Type of action performed in the activity. + externalDocs: + description: Learn more about account activity action types + url: 'https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data' + example: Identity Refresh. + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + stage: + type: string + description: Activity's current stage. + example: Completed + origin: + type: string + description: Activity's origin. + nullable: true + example: null + status: + type: string + description: Activity's current status. + example: Complete + requester: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + recipient: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + trackingNumber: + type: string + description: Account activity's tracking number. + example: 61aad0c9e8134eca89e76a35e0cabe3f + errors: + type: array + description: Errors provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + warnings: + type: array + description: Warnings provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + approvals: + type: array + description: Approvals performed on an item during activity. + items: + type: object + properties: + comments: + type: array + items: + type: object + properties: + comment: + type: string + description: The comment text + example: This request was autoapproved by our automated ETS subscriber. + commenter: + type: string + description: The name of the commenter + example: Automated AR Approval + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + created: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + modified: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: string + description: The result of the approval + example: Finished + type: + type: string + nullable: true + example: null + originalRequests: + type: array + description: Original actions that triggered all individual source actions related to the account action. + items: + type: object + properties: + accountId: + type: string + description: Account ID. + example: 'CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + attributeRequests: + type: array + description: Attribute changes requested for account. + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + description: Operation used. + example: add + source: + description: Account's source. + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + expansionItems: + type: array + description: Controls that translated the attribute requests into actual provisioning actions on the source. + items: + type: object + properties: + accountId: + type: string + description: The ID of the account + example: 2c91808981f58ea601821c3e93482e6f + cause: + type: string + example: Role + name: + type: string + description: The name of the item + example: smartsheet-role + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + accountRequests: + type: array + description: Account data for each individual source action triggered by the original requests. + items: + type: object + properties: + accountId: + type: string + description: Unique ID of the account + example: John.Doe + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + example: Modify + description: The operation that was performed + provisioningTarget: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: object + properties: + errors: + type: array + items: + type: string + example: |- + [ConnectorError] [ + { + "code": "unrecognized_keys", + "keys": [ + "groups" + ], + "path": [], + "message": "Unrecognized key(s) in object: 'groups'" + } + ] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e) + status: + type: string + description: The status of the account request + example: failed + ticketId: + type: string + nullable: true + example: null + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + sources: + type: string + description: Sources involved in the account activity. + example: 'smartsheet-test, airtable-v4, IdentityNow' + - description: Entitlement + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + displayName: + type: string + description: Entitlement's display name. + example: Admin + source: + type: object + description: Entitlement's source. + properties: + id: + type: string + description: ID of entitlement's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of entitlement's source. + example: ODS-HR-Employees + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + requestable: + type: boolean + description: Indicates whether the entitlement is requestable. + default: false + example: false + cloudGoverned: + type: boolean + description: Indicates whether the entitlement is cloud governed. + default: false + example: false + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + identityCount: + type: integer + description: Number of identities who have access to the entitlement. + format: int32 + example: 3 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: Event + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + action: + type: string + description: Name of the event as it's displayed in audit reports. + example: update + type: + type: string + description: 'Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.' + example: SYSTEM_CONFIG + actor: + type: string + description: Name of the actor that generated the event. + example: System + target: + type: string + description: 'Name of the target, or recipient, of the event.' + example: Carol.Adams + stack: + type: string + description: The event's stack. + example: tpe + trackingNumber: + type: string + description: ID of the group of events. + example: 63f891e0735f4cc8bf1968144a1e7440 + ipAddress: + type: string + description: Target system's IP address. + example: 52.52.97.85 + details: + type: string + description: ID of event's details. + example: 73b65dfbed1842548c207432a18c84b0 + attributes: + type: object + description: Attributes involved in the event. + additionalProperties: true + example: + pod: stg03-useast1 + org: acme + sourceName: SailPoint + objects: + type: array + description: Objects the event is happening to. + items: + type: string + example: AUTHENTICATION + operation: + type: string + description: 'Operation, or action, performed during the event.' + example: REQUEST + status: + type: string + description: 'Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.' + example: PASSED + technicalName: + type: string + description: Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'. + example: AUTHENTICATION_REQUEST_PASSED + - description: Identity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + displayName: + type: string + example: Carol.Adams + description: Identity's display name. + firstName: + type: string + description: Identity's first name. + example: Carol + lastName: + type: string + description: Identity's last name. + example: Adams + email: + type: string + description: Identity's primary email address. + example: Carol.Adams@sailpointdemo.com + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + phone: + type: string + description: Identity's phone number. + example: +1 440-527-3672 + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + inactive: + type: boolean + description: Indicates whether the identity is inactive. + default: false + example: false + protected: + type: boolean + description: Indicates whether the identity is protected. + default: false + example: false + status: + type: string + description: Identity's status in SailPoint. + example: UNREGISTERED + employeeNumber: + type: string + description: Identity's employee number. + example: 1a2a3d4e + manager: + type: object + description: Identity's manager. + nullable: true + properties: + id: + type: string + description: ID of identity's manager. + example: 2c9180867dfe694b017e208e27c05799 + name: + type: string + description: Name of identity's manager. + example: Amanda.Ross + displayName: + type: string + description: Display name of identity's manager. + example: Amanda.Ross + isManager: + type: boolean + description: Indicates whether the identity is a manager of other identities. + example: false + identityProfile: + type: object + description: Identity's identity profile. + properties: + id: + type: string + description: Identity profile's ID. + example: 3bc8ad26b8664945866b31339d1ff7d2 + name: + type: string + description: Identity profile's name. + example: HR Employees + source: + type: object + description: Identity's source. + properties: + id: + type: string + description: ID of identity's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of identity's source. + example: ODS-HR-Employees + attributes: + type: object + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + country: US + firstname: Carol + cloudStatus: UNREGISTERED + processingState: + type: string + description: Identity's processing state. + nullable: true + example: null + processingDetails: + description: Identity's processing details. + nullable: true + type: object + properties: + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + stage: + type: string + example: In Process + retryCount: + type: integer + example: 0 + format: int32 + stackTrace: + type: string + example: + message: + type: string + example: + accounts: + type: array + description: List of accounts associated with the identity. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + accountId: + type: string + description: Account ID. + example: John.Doe + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + disabled: + type: boolean + description: Indicates whether the account is disabled. + default: false + example: false + locked: + type: boolean + description: Indicates whether the account is locked. + default: false + example: false + privileged: + type: boolean + description: Indicates whether the account is privileged. + default: false + example: false + manuallyCorrelated: + type: boolean + description: Indicates whether the account has been manually correlated to an identity. + default: false + example: false + passwordLastSet: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + entitlementAttributes: + type: object + nullable: true + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + moderator: true + admin: true + trust_level: '4' + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + accountCount: + type: integer + description: Number of accounts associated with the identity. + format: int32 + example: 3 + apps: + type: array + description: List of applications the identity has access to. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + account: + type: object + properties: + id: + type: string + description: The SailPoint generated unique ID + example: 2c9180837dfe6949017e21f3d8cd6d49 + accountId: + type: string + description: The account ID generated by the source + example: 'CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + appCount: + type: integer + format: int32 + description: Number of applications the identity has access to. + example: 2 + access: + type: array + description: List of access items assigned to the identity. + items: + discriminator: + propertyName: type + mapping: + ACCESS_PROFILE: ../access/AccessProfileSummary.yaml + ENTITLEMENT: ../access/AccessProfileEntitlement.yaml + ROLE: ../access/AccessProfileRole.yaml + oneOf: + - description: This is a summary representation of an access profile. + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + revocable: + type: boolean + example: true + - description: EntitlementReference + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + privileged: + type: boolean + example: false + attribute: + type: string + example: memberOf + value: + type: string + example: 'CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + standalone: + type: boolean + example: false + - description: Role + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + disabled: + type: boolean + revocable: + type: boolean + accessCount: + type: integer + format: int32 + description: Number of access items assigned to the identity. + example: 5 + entitlementCount: + type: integer + format: int32 + description: Number of entitlements assigned to the identity. + example: 10 + roleCount: + type: integer + format: int32 + description: Number of roles assigned to the identity. + example: 1 + accessProfileCount: + type: integer + format: int32 + description: Number of access profiles assigned to the identity. + example: 1 + owns: + type: array + description: Access items the identity owns. + items: + type: object + properties: + sources: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + entitlements: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + roles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + apps: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + governanceGroups: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + fallbackApprover: + type: boolean + example: false + ownsCount: + type: integer + format: int32 + description: Number of access items the identity owns. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: Role + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + properties: + accessProfiles: + type: array + description: Access profiles included with the role. + items: + type: object + properties: + id: + type: string + example: 2c91809c6faade77016fb4f0b63407ae + description: Access profile's unique ID. + name: + type: string + example: Admin Access + description: Access profile's display name. + accessProfileCount: + type: integer + description: Number of access profiles included with the role. + format: int32 + example: 1 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + entitlements: + type: array + description: Entitlements included with the role. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements included with the role. + format: int32 + example: 3 + examples: + accessProfile: + summary: AccessProfile + value: + id: 2c9180825a6c1adc015a71c9023f0818 + name: Cloud Eng + description: Cloud Eng + created: '2017-02-24T20:21:23.145Z' + modified: '2019-05-24T20:36:04.312Z' + synced: '2020-02-18T05:30:20.414Z' + enabled: true + requestable: true + requestCommentsRequired: false + owner: + id: ff8081815757d36a015757d42e56031e + name: SailPoint Support + type: IDENTITY + email: cloud-support@sailpoint.com + source: + id: ff8081815757d4fb0157588f3d9d008f + name: Employees + entitlements: + - id: 2c918084575812550157589064f33b89 + name: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + description: mull + attribute: memberOf + value: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: 1 + tags: + - TAG_1 + - TAG_2 + entitlement: + summary: Entitlement + value: + id: 2c9180946ed0c43d016eec1a80892fbd + name: entitlement.aa415ae7 + description: 'null' + attribute: groups + value: entitlement.aa415ae7 + modified: '2019-12-09T19:19:50.154Z' + created: '2018-12-07T01:07:48Z' + synced: '2020-02-19T04:30:32.906Z' + displayName: entitlement.aa415ae7 + source: + id: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: ODS-HR-Employees + owner: + type: IDENTITY + id: 2c9180858315595501831958427e5424 + name: Addie Lee + privileged: false + identityCount: 68 + tags: + - TAG_1 + - TAG_2 + event: + summary: Event + value: + id: e092842f-c904-4b59-aac8-2544abeeef4b + name: Update Task Schedule Passed + created: '2020-02-17T16:23:18.327Z' + synced: '2020-02-17T16:23:18.388Z' + action: TASK_SCHEDULE_UPDATE_PASSED + type: SYSTEM_CONFIG + actor: + name: MantisTaskScheduler + target: + name: Perform provisioning activity search delete synchronization + stack: tpe + trackingNumber: c6b98bc39ece48b080826d16c76b166c + ipAddress: 207.189.160.158 + details: 'null' + attributes: + sourceName: SailPoint + objects: + - TASK + - SCHEDULE + operation: UPDATE + status: PASSED + technicalName: TASK_SCHEDULE_UPDATE_PASSED + identity: + summary: Identity + value: + id: 2c9180865c45e7e3015c46c434a80622 + name: ad.admin + firstName: AD + lastName: Admin + displayName: AD Admin + email: SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM + created: '2018-08-22T19:54:54.302Z' + modified: '2018-08-22T19:54:54.302Z' + synced: '2018-08-22T19:54:54.302Z' + phone: 512-942-7578 + inactive: false + protected: false + status: UNREGISTERED + employeeNumber: O349804 + manager: null + isManager: false + identityProfile: + id: 2c918085605c8d0601606f357cb231e6 + name: E2E AD + source: + id: 2c9180855c45b230015c46c19b9c0202 + name: EndToEnd-ADSource + attributes: + uid: ad.admin + firstname: AD + cloudAuthoritativeSource: 2c9180855c45b230015c46c19b9c0202 + cloudStatus: UNREGISTERED + iplanet-am-user-alias-list: null + displayName: AD Admin + internalCloudStatus: UNREGISTERED + workPhone: 512-942-7578 + email: SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM + lastname: Admin + processingState: null + processingDetails: null + accounts: + - id: 2c9180865c45e7e3015c46c434a80623 + name: ad.admin + accountId: 'CN=AD Admin,OU=slpt-automation,DC=TestAutomationAD,DC=local' + source: + id: 2c9180855c45b230015c46c19b9c0202 + name: EndToEnd-ADSource + type: Active Directory - Direct + disabled: false + locked: false + privileged: false + manuallyCorrelated: false + passwordLastSet: '2018-08-22T19:54:54.302Z' + entitlementAttributes: + memberOf: + - 'CN=Group Policy Creator Owners,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Domain Guests,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Domain Admins,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Enterprise Admins,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Schema Admins,CN=Users,DC=TestAutomationAD,DC=local' + - 'CN=Guests,CN=Builtin,DC=TestAutomationAD,DC=local' + - 'CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local' + created: '2018-08-22T19:54:54.302Z' + - id: 2c918083606d670c01606f35a30a0349 + name: ad.admin + accountId: ad.admin + source: + id: ff8081815c46b85b015c46b90c7c02a6 + name: IdentityNow + type: IdentityNowConnector + disabled: false + locked: false + privileged: false + manuallyCorrelated: false + passwordLastSet: null + entitlementAttributes: null + created: '2018-08-22T19:54:54.302Z' + accountCount: 2 + apps: + - id: '22751' + name: ADP Workforce Now + source: + id: 2c9180855c45b230015c46e2f6a8026a + name: Corporate Active Directory + account: + id: 2c9180865c45efa4015c470be0de1606 + accountId: 'CN=Bob Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + appCount: 1 + access: + - id: 2c918083634bc6cb01639808d40270ba + name: 'test [AccessProfile-1527264105448]' + displayName: test + type: ACCESS_PROFILE + description: test + source: + id: 2c9180855c45b230015c46c19b9c0202 + name: EndToEnd-ADSource + owner: + id: 2c9180865c45e7e3015c46c434a80622 + name: ad.admin + displayName: AD Admin + - id: 2c9180865c45e7e3015c46c457c50755 + name: Administrators + displayName: Administrators + type: ENTITLEMENT + description: null + source: + id: 2c9180855c45b230015c46c19b9c0202 + name: EndToEnd-ADSource + privileged: false + attribute: memberOf + value: 'CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local' + standalone: false + - id: 2c9180865decdaa5015e06598b293108 + name: 'test [cloudRole-1503345085223]' + displayName: test + type: ROLE + description: test + owner: + id: 2c9180865c45e7e3015c46c5030707a0 + name: will.albin + displayName: Albin Will + disabled: false + accessCount: 3 + accessProfileCount: 1 + entitlementCount: 1 + roleCount: 1 + tags: + - TAG_1 + - TAG_2 + role: + summary: Role + value: + id: 2c91808c6faadea6016fb4f2bc69077b + name: IT Role + description: IT role + created: '2020-01-17T19:20:15.040Z' + modified: null + synced: '2020-02-18T05:30:20.145Z' + enabled: true + requestable: false + requestCommentsRequired: false + owner: + id: 2c9180a46faadee4016fb4e018c20639 + name: Cloud Support + type: IDENTITY + email: thomas.edison@acme-solar.com + accessProfiles: + - id: 2c91809c6faade77016fb4f0b63407ae + name: Admin Access + accessProfileCount: 1 + segments: + - id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: segment-xyz + description: This segment represents xyz + segmentCount: 1 + entitlements: + - id: 2c91809c6faade77016fb4f0b63407ae + name: Admin Access + description: Access to everything + privileged: true + hasPermissions: true + entitlementCount: 1 + tags: + - TAG_1 + - TAG_2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /segments: + post: + operationId: createSegment + security: + - UserContextAuth: + - 'idn:segment:manage' + tags: + - Segments + summary: Create Segment + description: |- + This API creates a segment. + >**Note:** Segment definitions may take time to propagate to all identities. + A token with ORG_ADMIN or API authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The segment's ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: The segment's business name. + example: segment-xyz + created: + type: string + format: date-time + description: The time when the segment is created. + example: '2020-01-01T00:00:00.000000Z' + modified: + type: string + format: date-time + description: The time when the segment is modified. + example: '2020-01-01T00:00:00.000000Z' + description: + type: string + description: The segment's optional description. + example: This segment represents xyz + owner: + type: object + nullable: true + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + visibilityCriteria: + allOf: + - type: object + properties: + expression: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: array + nullable: true + description: List of expressions + items: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: string + nullable: true + description: There cannot be anymore nested children. This will always be null. + example: null + example: [] + - nullable: true + active: + type: boolean + description: This boolean indicates whether the segment is currently active. Inactive segments have no effect. + default: false + example: true + responses: + '201': + description: Segment created + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The segment's ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: The segment's business name. + example: segment-xyz + created: + type: string + format: date-time + description: The time when the segment is created. + example: '2020-01-01T00:00:00.000000Z' + modified: + type: string + format: date-time + description: The time when the segment is modified. + example: '2020-01-01T00:00:00.000000Z' + description: + type: string + description: The segment's optional description. + example: This segment represents xyz + owner: + type: object + nullable: true + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + visibilityCriteria: + allOf: + - type: object + properties: + expression: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: array + nullable: true + description: List of expressions + items: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: string + nullable: true + description: There cannot be anymore nested children. This will always be null. + example: null + example: [] + - nullable: true + active: + type: boolean + description: This boolean indicates whether the segment is currently active. Inactive segments have no effect. + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: listSegments + security: + - UserContextAuth: + - 'idn:segment:read' + - 'idn:segment:manage' + tags: + - Segments + summary: List Segments + description: |- + This API returns a list of all segments. + A token with ORG_ADMIN or API authority is required to call this API. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + responses: + '200': + description: List of all segments + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The segment's ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: The segment's business name. + example: segment-xyz + created: + type: string + format: date-time + description: The time when the segment is created. + example: '2020-01-01T00:00:00.000000Z' + modified: + type: string + format: date-time + description: The time when the segment is modified. + example: '2020-01-01T00:00:00.000000Z' + description: + type: string + description: The segment's optional description. + example: This segment represents xyz + owner: + type: object + nullable: true + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + visibilityCriteria: + allOf: + - type: object + properties: + expression: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: array + nullable: true + description: List of expressions + items: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: string + nullable: true + description: There cannot be anymore nested children. This will always be null. + example: null + example: [] + - nullable: true + active: + type: boolean + description: This boolean indicates whether the segment is currently active. Inactive segments have no effect. + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/segments/{id}': + get: + operationId: getSegment + security: + - UserContextAuth: + - 'idn:segment:read' + - 'idn:segment:manage' + tags: + - Segments + summary: Get Segment by ID + description: |- + This API returns the segment specified by the given ID. + A token with ORG_ADMIN or API authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The segment ID to retrieve. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: Segment + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The segment's ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: The segment's business name. + example: segment-xyz + created: + type: string + format: date-time + description: The time when the segment is created. + example: '2020-01-01T00:00:00.000000Z' + modified: + type: string + format: date-time + description: The time when the segment is modified. + example: '2020-01-01T00:00:00.000000Z' + description: + type: string + description: The segment's optional description. + example: This segment represents xyz + owner: + type: object + nullable: true + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + visibilityCriteria: + allOf: + - type: object + properties: + expression: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: array + nullable: true + description: List of expressions + items: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: string + nullable: true + description: There cannot be anymore nested children. This will always be null. + example: null + example: [] + - nullable: true + active: + type: boolean + description: This boolean indicates whether the segment is currently active. Inactive segments have no effect. + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteSegment + security: + - UserContextAuth: + - 'idn:segment:manage' + tags: + - Segments + summary: Delete Segment by ID + description: |- + This API deletes the segment specified by the given ID. + >**Note:** that segment deletion may take some time to become effective. + A token with ORG_ADMIN or API authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The segment ID to delete. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '204': + description: No content. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchSegment + security: + - UserContextAuth: + - 'idn:segment:manage' + tags: + - Segments + summary: Update Segment + description: |- + Use this API to update segment fields by using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + >**Note:** Changes to a segment may take some time to propagate to all identities. + A token with ORG_ADMIN or API authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The segment ID to modify. + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + description: | + A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + The following fields are patchable: + * name + * description + * owner + * visibilityCriteria + * active + content: + application/json-patch+json: + schema: + type: array + items: + type: object + examples: + Set Visibility Criteria: + description: Set the visibility criteria + value: + - op: replace + path: /visibilityCriteria + value: + expression: + operator: AND + children: + - operator: EQUALS + attribute: location + value: + type: STRING + value: Philadelphia + - operator: EQUALS + attribute: department + value: + type: STRING + value: HR + responses: + '200': + description: 'Indicates the PATCH operation succeeded, and returns the segment''s new representation.' + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The segment's ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: The segment's business name. + example: segment-xyz + created: + type: string + format: date-time + description: The time when the segment is created. + example: '2020-01-01T00:00:00.000000Z' + modified: + type: string + format: date-time + description: The time when the segment is modified. + example: '2020-01-01T00:00:00.000000Z' + description: + type: string + description: The segment's optional description. + example: This segment represents xyz + owner: + type: object + nullable: true + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + description: 'Owner type. This field must be either left null or set to ''IDENTITY'' on input, otherwise a 400 Bad Request error will result.' + example: IDENTITY + id: + type: string + description: Identity id + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: 'Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner''s display name, otherwise a 400 Bad Request error will result.' + example: support + visibilityCriteria: + allOf: + - type: object + properties: + expression: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: array + nullable: true + description: List of expressions + items: + type: object + properties: + operator: + type: string + description: Operator for the expression + enum: + - AND + - EQUALS + example: EQUALS + attribute: + type: string + description: Name for the attribute + example: location + nullable: true + value: + type: object + nullable: true + properties: + type: + type: string + description: The type of attribute value + example: STRING + value: + type: string + description: The attribute value + example: Austin + children: + type: string + nullable: true + description: There cannot be anymore nested children. This will always be null. + example: null + example: [] + - nullable: true + active: + type: boolean + description: This boolean indicates whether the segment is currently active. Inactive segments have no effect. + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /service-desk-integrations: + get: + tags: + - Service Desk Integration + summary: List existing Service Desk Integrations + description: Get a list of ServiceDeskIntegrationDto for existing Service Desk Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: getServiceDeskIntegrations + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - name: sorters + in: query + required: false + style: form + explode: true + schema: + type: string + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name** + example: name + - name: filters + in: query + required: false + style: form + explode: true + schema: + type: string + format: comma-separated + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq* + + **type**: *eq, in* + + **cluster**: *eq, in* + example: name eq "John Doe" + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + responses: + '200': + description: List of ServiceDeskIntegrationDto + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + id: + type: string + description: Unique identifier for the Service Desk integration + example: 62945a496ef440189b1f03e3623411c8 + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + created: + type: string + format: date-time + description: The date and time the Service Desk integration was created + example: '2024-01-17T18:45:25.994Z' + modified: + type: string + format: date-time + description: The date and time the Service Desk integration was last modified + example: '2024-02-18T18:45:25.994Z' + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + nullable: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:read' + - 'idn:service-desk-integration:read' + post: + tags: + - Service Desk Integration + summary: Create new Service Desk integration + description: Create a new Service Desk Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: createServiceDeskIntegration + requestBody: + description: The specifics of a new integration to create + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + id: + type: string + description: Unique identifier for the Service Desk integration + example: 62945a496ef440189b1f03e3623411c8 + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + created: + type: string + format: date-time + description: The date and time the Service Desk integration was created + example: '2024-01-17T18:45:25.994Z' + modified: + type: string + format: date-time + description: The date and time the Service Desk integration was last modified + example: '2024-02-18T18:45:25.994Z' + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + nullable: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + required: true + responses: + '200': + description: details of the created integration + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + id: + type: string + description: Unique identifier for the Service Desk integration + example: 62945a496ef440189b1f03e3623411c8 + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + created: + type: string + format: date-time + description: The date and time the Service Desk integration was created + example: '2024-01-17T18:45:25.994Z' + modified: + type: string + format: date-time + description: The date and time the Service Desk integration was last modified + example: '2024-02-18T18:45:25.994Z' + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + nullable: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:manage' + - 'idn:service-desk-integration:manage' + '/service-desk-integrations/{id}': + get: + tags: + - Service Desk Integration + summary: Get a Service Desk integration + description: Get an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: getServiceDeskIntegration + parameters: + - name: id + in: path + description: ID of the Service Desk integration to get + required: true + style: simple + explode: false + schema: + type: string + example: anId + responses: + '200': + description: ServiceDeskIntegrationDto with the given ID + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + id: + type: string + description: Unique identifier for the Service Desk integration + example: 62945a496ef440189b1f03e3623411c8 + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + created: + type: string + format: date-time + description: The date and time the Service Desk integration was created + example: '2024-01-17T18:45:25.994Z' + modified: + type: string + format: date-time + description: The date and time the Service Desk integration was last modified + example: '2024-02-18T18:45:25.994Z' + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + nullable: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:read' + - 'idn:service-desk-integration:read' + put: + tags: + - Service Desk Integration + summary: Update a Service Desk integration + description: Update an existing Service Desk integration by ID with updated value in JSON form as the request body. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: putServiceDeskIntegration + parameters: + - name: id + in: path + description: ID of the Service Desk integration to update + required: true + style: simple + explode: false + schema: + type: string + example: anId + requestBody: + description: The specifics of the integration to update + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + id: + type: string + description: Unique identifier for the Service Desk integration + example: 62945a496ef440189b1f03e3623411c8 + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + created: + type: string + format: date-time + description: The date and time the Service Desk integration was created + example: '2024-01-17T18:45:25.994Z' + modified: + type: string + format: date-time + description: The date and time the Service Desk integration was last modified + example: '2024-02-18T18:45:25.994Z' + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + nullable: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + required: true + responses: + '200': + description: ServiceDeskIntegrationDto as updated + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + id: + type: string + description: Unique identifier for the Service Desk integration + example: 62945a496ef440189b1f03e3623411c8 + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + created: + type: string + format: date-time + description: The date and time the Service Desk integration was created + example: '2024-01-17T18:45:25.994Z' + modified: + type: string + format: date-time + description: The date and time the Service Desk integration was last modified + example: '2024-02-18T18:45:25.994Z' + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + nullable: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:manage' + - 'idn:service-desk-integration:manage' + delete: + tags: + - Service Desk Integration + summary: Delete a Service Desk integration + description: Delete an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: deleteServiceDeskIntegration + parameters: + - name: id + in: path + description: ID of Service Desk integration to delete + required: true + style: simple + explode: false + schema: + type: string + example: anId + responses: + '204': + description: Service Desk integration with the given ID successfully deleted + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:manage' + - 'idn:service-desk-integration:manage' + patch: + operationId: patchServiceDeskIntegration + tags: + - Service Desk Integration + summary: Service Desk Integration Update PATCH + description: Update an existing ServiceDeskIntegration by ID with a PATCH request. + parameters: + - name: id + in: path + description: ID of the Service Desk integration to update + required: true + style: simple + explode: false + schema: + type: string + example: anId + requestBody: + required: true + description: | + A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + Only `replace` operations are accepted by this endpoint. + + A 403 Forbidden Error indicates that you attempted to PATCH a operation that is not allowed. + content: + application/json-patch+json: + schema: + type: object + description: 'A JSONPatch document as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902). Only `replace` operations are accepted by this endpoint.' + properties: + operations: + description: Operations to be applied + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: |- + [ + { + "op": "replace", + "path": "/ownerRef", + "value": { + "id": "2c9180867d05b227017d09921a205b4d", + "type": "IDENTITY", + "name": "Angelo2 tester" + } + } + ] + responses: + '200': + description: ServiceDeskIntegrationDto as updated + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + id: + type: string + description: Unique identifier for the Service Desk integration + example: 62945a496ef440189b1f03e3623411c8 + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + created: + type: string + format: date-time + description: The date and time the Service Desk integration was created + example: '2024-01-17T18:45:25.994Z' + modified: + type: string + format: date-time + description: The date and time the Service Desk integration was last modified + example: '2024-02-18T18:45:25.994Z' + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + nullable: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:manage' + - 'idn:service-desk-integration:manage' + /service-desk-integrations/types: + get: + tags: + - Service Desk Integration + summary: Service Desk Integration Types List. + description: This API endpoint returns the current list of supported Service Desk integration types. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: getServiceDeskIntegrationTypes + responses: + '200': + description: Responds with an array of the currently supported Service Desk integration types. + content: + application/json: + schema: + type: array + items: + description: This represents a Service Desk Integration template type. + required: + - type + - scriptName + type: object + properties: + name: + description: This is the name of the type. + example: aName + type: string + type: + description: This is the type value for the type. + example: aType + type: string + scriptName: + description: This is the scriptName attribute value for the type. + example: aScriptName + type: string + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:read' + - 'idn:service-desk-integration:read' + '/service-desk-integrations/templates/{scriptName}': + get: + tags: + - Service Desk Integration + summary: Service Desk integration template by scriptName. + description: This API endpoint returns an existing Service Desk integration template by scriptName. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: getServiceDeskIntegrationTemplate + parameters: + - name: scriptName + in: path + description: The scriptName value of the Service Desk integration template to get + required: true + style: simple + explode: false + schema: + type: string + example: aScriptName + responses: + '200': + description: Responds with the ServiceDeskIntegrationTemplateDto with the specified scriptName. + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + description: 'This is the model for a Service Desk integration template, used to create and edit Service Desk Integrations.' + required: + - type + - attributes + - provisioningConfig + properties: + type: + description: The 'type' property specifies the type of the Service Desk integration template. + type: string + example: Web Service SDIM + default: Web Service SDIM + attributes: + description: The 'attributes' property value is a map of attributes available for integrations using this Service Desk integration template. + type: object + additionalProperties: true + example: + property: value + key: value + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations using the template. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:read' + - 'idn:service-desk-integration:read' + /service-desk-integrations/status-check-configuration: + get: + tags: + - Service Desk Integration + summary: Get the time check configuration + description: Get the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: getStatusCheckDetails + responses: + '200': + description: QueuedCheckConfigDetails containing the configured values + content: + application/json: + schema: + description: Configuration of maximum number days and interval for checking Service Desk integration queue status + required: + - provisioningStatusCheckIntervalMinutes + - provisioningMaxStatusCheckDays + type: object + properties: + provisioningStatusCheckIntervalMinutes: + description: interval in minutes between status checks + type: string + example: '30' + provisioningMaxStatusCheckDays: + description: maximum number of days to check + type: string + example: '2' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:read' + - 'idn:service-desk-integration:read' + put: + tags: + - Service Desk Integration + summary: Update the time check configuration + description: Update the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: updateStatusCheckDetails + requestBody: + description: the modified time check configuration + content: + application/json: + schema: + description: Configuration of maximum number days and interval for checking Service Desk integration queue status + required: + - provisioningStatusCheckIntervalMinutes + - provisioningMaxStatusCheckDays + type: object + properties: + provisioningStatusCheckIntervalMinutes: + description: interval in minutes between status checks + type: string + example: '30' + provisioningMaxStatusCheckDays: + description: maximum number of days to check + type: string + example: '2' + required: true + responses: + '200': + description: QueuedCheckConfigDetails as updated + content: + application/json: + schema: + description: Configuration of maximum number days and interval for checking Service Desk integration queue status + required: + - provisioningStatusCheckIntervalMinutes + - provisioningMaxStatusCheckDays + type: object + properties: + provisioningStatusCheckIntervalMinutes: + description: interval in minutes between status checks + type: string + example: '30' + provisioningMaxStatusCheckDays: + description: maximum number of days to check + type: string + example: '2' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:manage' + - 'idn:service-desk-integration:manage' + /query-password-info: + post: + operationId: queryPasswordInfo + tags: + - Password Management + summary: Query Password Info + description: | + This API is used to query password related information. + + A token with [API authority](https://developer.sailpoint.com/idn/api/authentication#client-credentials-grant-flow) + is required to call this API. "API authority" refers to a token that only has the "client_credentials" + grant type, and therefore no user context. A [personal access token](https://developer.sailpoint.com/idn/api/authentication#personal-access-tokens) + or a token generated with the [authorization_code](https://developer.sailpoint.com/idn/api/authentication#authorization-code-grant-flow) + grant type will **NOT** work on this endpoint, and a `403 Forbidden` response + will be returned. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + userName: + type: string + description: The login name of the user + example: Abby.Smith + sourceName: + type: string + description: The display name of the source + example: My-AD + responses: + '200': + description: Reference to the password info. + content: + application/json: + schema: + type: object + properties: + identityId: + type: string + description: Identity ID + example: 2c918085744fec4301746f9a5bce4605 + sourceId: + type: string + description: source ID + example: 2c918083746f642c01746f990884012a + publicKeyId: + type: string + description: public key ID + example: N2M1OTJiMGEtMDJlZS00ZWU3LTkyYTEtNjA5YmI5NWE3ZWVh + publicKey: + type: string + description: User's public key with Base64 encoding + example: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGFkWi2J75TztpbaPKd36bJnIB3J8gZ6UcoS9oSDYsqBzPpTsfZXYaEf4Y4BKGgJIXmE/lwhwuj7mU1itdZ2qTSNFtnXA8Fn75c3UUkk+h+wdZbkuSmqlsJo3R1OnJkwkJggcAy9Jvk9jlcrNLWorpQ1w9raUvxtvfgkSdq153KxotenQ1HciSyZ0nA/Kw0UaucLnho8xdRowZs11afXGXA9IT9H6D8T6zUdtSxm0nAyH+mluma5LdTfaM50W3l/L8q56Vrqmx2pZIiwdx/0+g3Y++jV70zom0ZBkC1MmSoLMrQYG5OICNjr72f78B2PaGXfarQHqARLjKpMVt9YIQIDAQAB + accounts: + type: array + description: Account info related to queried identity and source + items: + type: object + properties: + accountId: + type: string + description: 'Account ID of the account. This is specified per account schema in the source configuration. It is used to distinguish accounts. More info can be found here https://community.sailpoint.com/t5/IdentityNow-Connectors/How-do-I-designate-an-account-attribute-as-the-Account-ID-for-a/ta-p/80350' + example: 'CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + accountName: + type: string + description: 'Display name of the account. This is specified per account schema in the source configuration. It is used to display name of the account. More info can be found here https://community.sailpoint.com/t5/IdentityNow-Connectors/How-do-I-designate-an-account-attribute-as-the-Account-Name-for/ta-p/74008' + example: Abby.Smith + policies: + type: array + description: Password constraints + items: + type: string + example: + - passwordRepeatedChar is 3 + - passwordMinAlpha is 1 + - passwordMinLength is 5 + - passwordMinNumeric is 1 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /set-password: + post: + operationId: setPassword + tags: + - Password Management + summary: Set Identity's Password + description: | + This API is used to set a password for an identity. + + An identity can change their own password (as well as any of their accounts' passwords) if they use a token generated by their ISC user, such as a [personal access token](https://developer.sailpoint.com/idn/api/authentication#personal-access-tokens) or ["authorization_code" derived OAuth token](https://developer.sailpoint.com/idn/api/authentication#authorization-code-grant-flow). + + A token with [API authority](https://developer.sailpoint.com/idn/api/authentication#client-credentials-grant-flow) can be used to change **any** identity's password or the password of any of the identity's accounts. + "API authority" refers to a token that only has the "client_credentials" grant type. + + >**Note: If you want to set an identity's source account password, you must enable `PASSWORD` as one of the source's features. You can use the [PATCH Source endpoint](https://developer.sailpoint.com/docs/api/v3/update-source) to add the `PASSWORD` feature.** + + You can use this endpoint to generate an `encryptedPassword` (RSA encrypted using publicKey). + To do so, follow these steps: + + 1. Use [Query Password Info](https://developer.sailpoint.com/idn/api/v3/query-password-info) to get the following information: `identityId`, `sourceId`, `publicKeyId`, `publicKey`, `accounts`, and `policies`. + + 2. Choose an account from the previous response that you will provide as an `accountId` in your request to set an encrypted password. + + 3. Use [Set Identity's Password](https://developer.sailpoint.com/idn/api/v3/set-password) and provide the information you got from your earlier query. Then add this code to your request to get the encrypted password: + + ```java + import javax.crypto.Cipher; + import java.security.KeyFactory; + import java.security.PublicKey; + import java.security.spec.X509EncodedKeySpec; + import java util.Base64; + + String encrypt(String publicKey, String toEncrypt) throws Exception { + byte[] publicKeyBytes = Base64.getDecoder().decode(publicKey); + byte[] encryptedBytes = encryptRsa(publicKeyBytes, toEncrypt.getBytes("UTF-8")); + return Base64.getEncoder().encodeToString(encryptedBytes); + } + + private byte[] encryptRsa(byte[] publicKeyBytes, byte[] toEncryptBytes) throws Exception { + PublicKey key = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(publicKeyBytes)); + String transformation = "RSA/ECB/PKCS1Padding"; + Cipher cipher = Cipher.getInstance(transformation); + cipher.init(1, key); + return cipher.doFinal(toEncryptBytes); + } + ``` + + In this example, `toEncrypt` refers to the plain text password you are setting and then encrypting, and the `publicKey` refers to the publicKey you got from the first request you sent. + + You can then use [Get Password Change Request Status](https://developer.sailpoint.com/idn/api/v3/get-password-change-status) to check the password change request status. To do so, you must provide the `requestId` from your earlier request to set the password. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + identityId: + type: string + description: The identity ID that requested the password change + example: 8a807d4c73c545510173c545f0a002ff + encryptedPassword: + type: string + description: The RSA encrypted password + example: XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A== + publicKeyId: + type: string + description: The encryption key ID + example: YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2 + accountId: + type: string + description: 'Account ID of the account This is specified per account schema in the source configuration. It is used to distinguish accounts. More info can be found here https://community.sailpoint.com/t5/IdentityNow-Connectors/How-do-I-designate-an-account-attribute-as-the-Account-ID-for-a/ta-p/80350' + example: 'CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + sourceId: + type: string + description: The ID of the source for which identity is requesting the password change + example: 8a807d4c73c545510173c545d4b60246 + responses: + '202': + description: Reference to the password change. + content: + application/json: + schema: + type: object + properties: + requestId: + type: string + nullable: true + description: The password change request ID + example: 089899f13a8f4da7824996191587bab9 + state: + type: string + enum: + - IN_PROGRESS + - FINISHED + - FAILED + description: Password change state + example: IN_PROGRESS + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/password-change-status/{id}': + get: + operationId: getPasswordChangeStatus + tags: + - Password Management + summary: Get Password Change Request Status + description: This API returns the status of a password change request. A token with identity owner or trusted API client application authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + example: 089899f13a8f4da7824996191587bab9 + description: Password change request ID + responses: + '200': + description: Status of the password change request + content: + application/json: + schema: + type: object + properties: + requestId: + type: string + nullable: true + description: The password change request ID + example: 089899f13a8f4da7824996191587bab9 + state: + type: string + enum: + - IN_PROGRESS + - FINISHED + - FAILED + description: Password change state + example: IN_PROGRESS + errors: + type: array + items: + type: string + description: The errors during the password change request + example: + - The password change payload is invalid + sourceIds: + type: array + items: + type: string + description: List of source IDs in the password change request + example: + - 2c918083746f642c01746f990884012a + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /password-dictionary: + get: + operationId: getPasswordDictionary + tags: + - Password Dictionary + summary: Get Password Dictionary + description: |- + This gets password dictionary for the organization. + A token with ORG_ADMIN authority is required to call this API. + The password dictionary file can contain lines that are: + 1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing + 2. empty lines + 3. locale line - the first line that starts with "locale=" is considered to be locale line, the rest are treated as normal content lines + 4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed; + maximum length of the line is 128 Unicode codepoints + + + Password dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line). + Password dict file must contain UTF-8 characters only. + + # Sample password text file + + ``` + + # Password dictionary small test file + + locale=en_US + + # Password dictionary prohibited words + + qwerty + abcd + aaaaa + password + qazxsws + + ``` + security: + - UserContextAuth: + - 'idn:password-dictionary-management:read' + responses: + '200': + description: A password dictionary response + content: + text/plain: + schema: + type: string + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putPasswordDictionary + tags: + - Password Dictionary + summary: Update Password Dictionary + description: |- + This updates password dictionary for the organization. + A token with ORG_ADMIN authority is required to call this API. + The password dictionary file can contain lines that are: + 1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing + 2. empty lines + 3. locale line - the first line that starts with "locale=" is considered to be locale line, the rest are treated as normal content lines + 4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed; + maximum length of the line is 128 Unicode codepoints + + + Password dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line). + Password dict file must contain UTF-8 characters only. + + # Sample password text file + + ``` + + # Password dictionary small test file + + locale=en_US + + # Password dictionary prohibited words + + qwerty + abcd + aaaaa + password + qazxsws + + ``` + security: + - UserContextAuth: + - 'idn:password-dictionary:manage' + requestBody: + required: true + description: The password dictionary file to be uploaded. + content: + multipart/form-data: + schema: + type: object + properties: + file: + type: string + format: binary + responses: + '200': + description: Successfully updated. + '201': + description: Created. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /password-org-config: + get: + operationId: getPasswordOrgConfig + tags: + - Password Configuration + summary: Get Password Org Config + description: 'This API returns the password org config . Requires ORG_ADMIN, API role or authorization scope of ''idn:password-org-config:read''' + security: + - UserContextAuth: + - 'idn:password-org-config:read' + responses: + '200': + description: Reference to the password org config. + content: + application/json: + schema: + type: object + properties: + customInstructionsEnabled: + type: boolean + description: Indicator whether custom password instructions feature is enabled. The default value is false. + default: false + example: true + digitTokenEnabled: + type: boolean + description: Indicator whether "digit token" feature is enabled. The default value is false. + default: false + example: true + digitTokenDurationMinutes: + type: integer + format: int32 + description: The duration of "digit token" in minutes. The default value is 5. + minimum: 1 + maximum: 60 + default: 5 + example: 10 + digitTokenLength: + type: integer + format: int32 + description: The length of "digit token". The default value is 6. + minimum: 6 + maximum: 18 + default: 6 + example: 9 + example: + customInstructionsEnabled: true + digitTokenDurationMinutes: 9 + digitTokenEnabled: false + digitTokenLength: 6 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putPasswordOrgConfig + tags: + - Password Configuration + summary: Update Password Org Config + description: |- + This API updates the password org config for specified fields. Other fields will keep original value. + You must set the `customInstructionsEnabled` field to "true" to be able to use custom password instructions. + Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write' + security: + - UserContextAuth: + - 'idn:password-org-config:write' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + customInstructionsEnabled: + type: boolean + description: Indicator whether custom password instructions feature is enabled. The default value is false. + default: false + example: true + digitTokenEnabled: + type: boolean + description: Indicator whether "digit token" feature is enabled. The default value is false. + default: false + example: true + digitTokenDurationMinutes: + type: integer + format: int32 + description: The duration of "digit token" in minutes. The default value is 5. + minimum: 1 + maximum: 60 + default: 5 + example: 10 + digitTokenLength: + type: integer + format: int32 + description: The length of "digit token". The default value is 6. + minimum: 6 + maximum: 18 + default: 6 + example: 9 + example: + digitTokenEnabled: true + digitTokenDurationMinutes: 12 + responses: + '200': + description: Reference to the password org config. + content: + application/json: + schema: + type: object + properties: + customInstructionsEnabled: + type: boolean + description: Indicator whether custom password instructions feature is enabled. The default value is false. + default: false + example: true + digitTokenEnabled: + type: boolean + description: Indicator whether "digit token" feature is enabled. The default value is false. + default: false + example: true + digitTokenDurationMinutes: + type: integer + format: int32 + description: The duration of "digit token" in minutes. The default value is 5. + minimum: 1 + maximum: 60 + default: 5 + example: 10 + digitTokenLength: + type: integer + format: int32 + description: The length of "digit token". The default value is 6. + minimum: 6 + maximum: 18 + default: 6 + example: 9 + example: + customInstructionsEnabled: true + digitTokenDurationMinutes: 12 + digitTokenEnabled: true + digitTokenLength: 6 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createPasswordOrgConfig + tags: + - Password Configuration + summary: Create Password Org Config + description: |- + This API creates the password org config. Unspecified fields will use default value. + To be able to use the custom password instructions, you must set the `customInstructionsEnabled` field to "true". + Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write' + security: + - UserContextAuth: + - 'idn:password-org-config:write' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + customInstructionsEnabled: + type: boolean + description: Indicator whether custom password instructions feature is enabled. The default value is false. + default: false + example: true + digitTokenEnabled: + type: boolean + description: Indicator whether "digit token" feature is enabled. The default value is false. + default: false + example: true + digitTokenDurationMinutes: + type: integer + format: int32 + description: The duration of "digit token" in minutes. The default value is 5. + minimum: 1 + maximum: 60 + default: 5 + example: 10 + digitTokenLength: + type: integer + format: int32 + description: The length of "digit token". The default value is 6. + minimum: 6 + maximum: 18 + default: 6 + example: 9 + example: + customInstructionsEnabled: true + digitTokenEnabled: true + digitTokenDurationMinutes: 12 + digitTokenLength: 9 + responses: + '200': + description: Reference to the password org config. + content: + application/json: + schema: + type: object + properties: + customInstructionsEnabled: + type: boolean + description: Indicator whether custom password instructions feature is enabled. The default value is false. + default: false + example: true + digitTokenEnabled: + type: boolean + description: Indicator whether "digit token" feature is enabled. The default value is false. + default: false + example: true + digitTokenDurationMinutes: + type: integer + format: int32 + description: The duration of "digit token" in minutes. The default value is 5. + minimum: 1 + maximum: 60 + default: 5 + example: 10 + digitTokenLength: + type: integer + format: int32 + description: The length of "digit token". The default value is 6. + minimum: 6 + maximum: 18 + default: 6 + example: 9 + example: + customInstructionsEnabled: true + digitTokenDurationMinutes: 9 + digitTokenEnabled: true + digitTokenLength: 12 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/reports/{taskResultId}/result': + get: + tags: + - Reports Data Extraction + description: Get the report results for a report that was run or is running. Returns empty report result in case there are no active task definitions with used in payload task definition name. + operationId: getReportResult + summary: Get Report Result + security: + - UserContextAuth: + - 'sp:report-result:read' + parameters: + - in: path + name: taskResultId + schema: + type: string + required: true + description: Unique identifier of the task result which handled report + example: ef38f94347e94562b5bb8424a56397d8 + - in: query + name: completed + schema: + type: boolean + default: false + required: false + description: state of task result to apply ordering when results are fetching from the DB + example: true + responses: + '200': + description: Details about report that was run or is running. + content: + application/json: + schema: + type: object + description: Details about report result or current state. + properties: + reportType: + type: string + enum: + - ACCOUNTS + - IDENTITIES_DETAILS + - IDENTITIES + - IDENTITY_PROFILE_IDENTITY_ERROR + - ORPHAN_IDENTITIES + - SEARCH_EXPORT + - UNCORRELATED_ACCOUNTS + description: Use this property to define what report should be processed in the RDE service. + example: IDENTITIES_DETAILS + taskDefName: + type: string + description: Name of the task definition which is started to process requesting report. Usually the same as report name + example: Identities Details Report + id: + type: string + description: Unique task definition identifier. + example: a248c16fe22222b2bd49615481311111 + created: + type: string + description: Report processing start date + format: date-time + example: '2020-09-07T42:14:00.364Z' + status: + type: string + enum: + - SUCCESS + - FAILURE + - WARNING + - TERMINATED + description: Report current state or result status. + example: SUCCESS + duration: + type: integer + format: int64 + description: Report processing time in ms. + example: 342 + rows: + type: integer + format: int64 + description: Report size in rows. + example: 37 + availableFormats: + type: array + items: + type: string + enum: + - CSV + - PDF + description: 'Output report file formats. This are formats for calling get endpoint as a query parameter ''fileFormat''. In case report won''t have this argument there will be [''CSV'', ''PDF''] as default.' + example: + - CSV + examples: + identityDetailsReport: + summary: Identities Details Report result. + value: + reportType: IDENTITIES_DETAILS + taskDefName: Identities Details Report + id: 1e01d272b8084c4fa12fcf8fa898102d + created: '2023-09-07T42:14:05.122Z' + status: SUCCESS + duration: 3681 + rows: 193 + availableFormats: + - CSV + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /reports/run: + post: + tags: + - Reports Data Extraction + description: 'Runs a report according to input report details. If non-concurrent task is already running then it returns, otherwise new task creates and returns.' + operationId: startReport + summary: Run Report + security: + - UserContextAuth: + - 'sp:report:create' + requestBody: + content: + application/json: + schema: + type: object + description: Details about report to be processed. + properties: + reportType: + type: string + enum: + - ACCOUNTS + - IDENTITIES_DETAILS + - IDENTITIES + - IDENTITY_PROFILE_IDENTITY_ERROR + - ORPHAN_IDENTITIES + - SEARCH_EXPORT + - UNCORRELATED_ACCOUNTS + description: Use this property to define what report should be processed in the RDE service. + example: IDENTITIES_DETAILS + arguments: + oneOf: + - title: ACCOUNTS + type: object + description: Arguments for Account Export (ACCOUNTS) + required: + - application + - sourceName + properties: + application: + type: string + description: Id of the authoritative source to export related accounts e.g. identities + example: 2c9180897eSourceIde781782f705b9 + sourceName: + type: string + description: Name of the authoritative source for accounts export + example: DataScienceSourceName + - title: IDENTITIES_DETAILS + type: object + description: Arguments for Identities details report (IDENTITIES_DETAILS) + required: + - correlatedOnly + properties: + correlatedOnly: + type: boolean + description: Boolean FLAG to specify if only correlated identities should be used in report processing + default: false + example: true + - title: IDENTITIES + type: object + description: Arguments for Identities report (IDENTITIES) + properties: + correlatedOnly: + type: boolean + description: Boolean FLAG to specify if only correlated identities should be used in report processing + default: false + example: true + - title: IDENTITY_PROFILE_IDENTITY_ERROR + type: object + description: Arguments for Identity Profile Identity Error report (IDENTITY_PROFILE_IDENTITY_ERROR) + required: + - authoritativeSource + properties: + authoritativeSource: + type: string + description: Source Id to be checked on errors of identity profiles aggregation + example: 1234sourceId5678902 + - title: ORPHAN_IDENTITIES & UNCORRELATED_ACCOUNTS + type: object + description: Arguments for Orphan Identities report (ORPHAN_IDENTITIES) and Uncorrelated Accounts report (UNCORRELATED_ACCOUNTS) + properties: + selectedFormats: + type: array + items: + type: string + enum: + - CSV + - PDF + description: 'Output report file formats. This are formats for calling get endpoint as a query parameter ''fileFormat''. In case report won''t have this argument there will be [''CSV'', ''PDF''] as default.' + example: + - CSV + - title: SEARCH_EXPORT + type: object + description: Arguments for Search Export report (SEARCH_EXPORT) + required: + - query + properties: + indices: + description: 'The names of the Elasticsearch indices in which to search. If none are provided, then all indices will be searched.' + externalDocs: + description: Learn more about search indices here. + url: 'https://documentation.sailpoint.com/saas/help/search/searchable-fields.html' + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - entitlements + filters: + description: The filters to be applied for each filtered field name. + type: object + additionalProperties: + type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + example: + source.id: + type: TERMS + terms: + - 2c9180897termsId780bd2920576 + source.name.exact: + type: TERMS + terms: + - IdentityNow + exclude: true + query: + type: object + description: Query parameters used to construct an Elasticsearch query object. + properties: + query: + description: 'The query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.' + type: string + example: 'name:a*' + fields: + description: |- + The fields the query will be applied to. Fields provide you with a simple way to add additional fields to search, without making the query too complicated. For example, you can use the fields to specify that you want your query of "a*" to be applied to "name", "firstName", and the "source.name". The response will include all results matching the "a*" query found in those three fields. + A field's availability depends on the indices being searched. For example, if you are searching "identities", you can apply your search to the "firstName" field, but you couldn't use "firstName" with a search on "access profiles". Refer to the response schema for the respective lists of available fields. + type: string + example: + - 'firstName,lastName,email' + timeZone: + description: The time zone to be applied to any range query related to dates. + type: string + example: America/Chicago + innerHit: + description: The innerHit query object returns a flattened list of results for the specified nested type. + type: object + required: + - query + - type + properties: + query: + description: 'The search query using the Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL extended by SailPoint to support Nested queries.' + type: string + example: 'source.name:\"Active Directory\"' + type: + description: 'The nested type to use in the inner hits query. The nested type [Nested Type](https://www.elastic.co/guide/en/elasticsearch/reference/current/nested.html) refers to a document "nested" within another document. For example, an identity can have nested documents for access, accounts, and apps.' + type: string + example: access + includeNested: + description: Indicates whether nested objects from returned search results should be included. + type: boolean + default: true + example: true + sort: + description: The fields to be used to sort the search results. Use + or - to specify the sort direction. + type: array + items: + type: string + example: + - displayName + - +id + example: + application: 2c9180897e7742b2017e781782f705b9 + sourceName: DataScienceWorkday + description: The string-object map(dictionary) with the arguments needed for report processing. + examples: + Identities Details Report: + summary: Identities Details report + value: + reportType: IDENTITIES_DETAILS + arguments: + correlatedOnly: true + required: true + responses: + '200': + description: Details about running report task. + content: + application/json: + schema: + type: object + description: 'Details about job or task type, state and lifecycle.' + properties: + type: + type: string + enum: + - QUARTZ + - QPOC + - MENTOS + - QUEUED_TASK + description: 'Type of the job or task underlying in the report processing. It could be a quartz task, QPOC or MENTOS jobs or a refresh/sync task.' + example: MENTOS + id: + type: string + description: Unique task definition identifier. + example: a248c16fe22222b2bd49615481311111 + reportType: + enum: + - ACCOUNTS + - IDENTITIES_DETAILS + - IDENTITIES + - IDENTITY_PROFILE_IDENTITY_ERROR + - ORPHAN_IDENTITIES + - SEARCH_EXPORT + - UNCORRELATED_ACCOUNTS + description: Use this property to define what report should be processed in the RDE service. + example: IDENTITIES_DETAILS + description: + type: string + description: Description of the report purpose and/or contents. + example: A detailed view of the identities in the system. + parentName: + type: string + nullable: true + description: Name of the parent task/report if exists. + example: Audit Report + launcher: + type: string + description: Name of the report processing initiator. + example: cloudadmin + created: + type: string + description: Report creation date + format: date-time + example: '2020-09-07T42:14:00.364Z' + launched: + type: string + nullable: true + format: date-time + description: Report start date + example: '2020-09-07T42:14:00.521Z' + completed: + type: string + nullable: true + format: date-time + description: Report completion date + example: '2020-09-07T42:14:01.137Z' + completionStatus: + type: string + nullable: true + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + description: Report completion status. + example: Success + messages: + type: array + description: List of the messages dedicated to the report. From task definition perspective here usually should be warnings or errors. + example: [] + items: + type: object + properties: + type: + type: string + description: Type of the message. + enum: + - INFO + - WARN + - ERROR + example: WARN + error: + type: boolean + default: false + description: Flag whether message is an error. + example: false + warning: + type: boolean + default: false + description: Flag whether message is a warning. + example: true + key: + type: string + description: Message string identifier. + example: 'The following account(s) failed to correlate: A,B,C' + localizedText: + type: string + description: Message context with the locale based language. + example: 'The following account(s) failed to correlate: A,B,C' + returns: + type: array + description: 'Task definition results, if necessary.' + example: [] + items: + type: object + properties: + displayLabel: + type: string + description: Attribute description. + example: ' ' + attributeName: + type: string + description: System or database attribute name. + example: ' ' + attributes: + type: object + description: Extra attributes map(dictionary) needed for the report. + additionalProperties: + type: object + example: + org: an-org + progress: + type: string + nullable: true + description: Current report state. + example: Initializing... + examples: + identityDetailsReport: + summary: Identities Details Report task result. + value: + reportType: IDENTITIES_DETAILS + taskDefName: Identities Details Report + type: QUARTZ + id: a248c16fe22222b2bd49615481311111 + created: '2023-09-07T42:14:00.364Z' + description: A detailed view of the identities in the system. + parentName: Audit Report + launcher: '9832285' + launched: '2023-09-07T42:14:00.521Z' + completed: '2023-09-07T42:14:01.137Z' + messages: [] + returns: [] + attributes: + org: an-org + progress: Initializing... + searchExportReport: + summary: Identities Details Report task result. + value: + reportType: SEARCH_EXPORT + taskDefName: Search Export + type: QUARTZ + id: a248c16fe22222b2bd49615481311111 + created: '2023-09-07T42:14:11.137Z' + description: Extract query data from ElasticSearch to CSV + parentName: null + launcher: T05293 + launched: '2020-09-07T42:14:11.137Z' + completed: '2020-09-07T42:14:13.451Z' + messages: [] + returns: [] + attributes: + queryHash: 5e12cf79c67d92e23d4d8cb3e974f87d164e86d4a48d32ecf89645cacfd3f2 + org: an-org + queryParams: + columns: 'displayName,firstName,lastName,email,created,attributes.cloudLifecycleState,tags,access.spread,apps.pread,accounts.spread' + indices: identities + ownerId: 95ecba5c5444439c999aec638ce2a777 + query: 700007 + sort: displayName + progress: Initializing... + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/reports/{id}/cancel': + post: + tags: + - Reports Data Extraction + description: Cancels a running report. + operationId: cancelReport + summary: Cancel Report + security: + - UserContextAuth: + - 'sp:report:delete' + parameters: + - name: id + in: path + description: ID of the running Report to cancel + required: true + style: simple + explode: false + schema: + type: string + example: a1ed223247144cc29d23c632624b4767 + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/reports/{taskResultId}': + get: + tags: + - Reports Data Extraction + description: Gets a report in file format. + operationId: getReport + summary: Get Report File + security: + - UserContextAuth: + - 'sp:report:read' + parameters: + - in: path + name: taskResultId + schema: + type: string + required: true + description: Unique identifier of the task result which handled report + example: ef38f94347e94562b5bb8424a56397d8 + - in: query + name: fileFormat + schema: + type: string + enum: + - csv + - pdf + required: true + description: Output format of the requested report file + example: csv + - in: query + name: name + required: false + schema: + type: string + example: Identities Details Report + description: 'preferred Report file name, by default will be used report name from task result.' + - in: query + name: auditable + required: false + schema: + type: boolean + default: false + example: true + description: Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId. + responses: + '200': + description: Report file in selected format. CSV by default. + content: + application/csv: + schema: + type: string + format: binary + application/pdf: + schema: + type: string + format: binary + headers: + Content-disposition: + description: The requested report's filename + schema: + type: string + example: attachment;filename=\"fileName" + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text:

File Not Found - 404 Error

The requested file was not found. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /sod-policies: + post: + security: + - UserContextAuth: + - 'idn:sod-policy:write' + operationId: createSodPolicy + tags: + - SOD Policies + summary: Create SOD policy + description: |- + This creates both General and Conflicting Access Based policy, with a limit of 50 entitlements for each (left & right) criteria for Conflicting Access Based SOD policy. + Requires role of ORG_ADMIN. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Policy id + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + name: + type: string + description: Policy Business Name + example: policy-xyz + created: + type: string + format: date-time + description: The time when this SOD policy is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: Optional description of the SOD policy + example: This policy ensures compliance of xyz + nullable: true + ownerRef: + type: object + description: The owner of the SOD policy. + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + externalPolicyReference: + type: string + description: Optional External Policy Reference + example: XYZ policy + nullable: true + policyQuery: + type: string + description: Search query of the SOD policy + example: '@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)' + compensatingControls: + type: string + description: Optional compensating controls(Mitigating Controls) + example: Have a manager review the transaction decisions for their "out of compliance" employee + nullable: true + correctionAdvice: + type: string + description: Optional correction advice + example: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + nullable: true + state: + type: string + description: whether the policy is enforced or not + enum: + - ENFORCED + - NOT_ENFORCED + example: ENFORCED + tags: + type: array + description: tags for this policy object + example: + - TAG1 + - TAG2 + items: + type: string + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + nullable: true + readOnly: true + violationOwnerAssignmentConfig: + nullable: true + type: object + properties: + assignmentRule: + type: string + enum: + - MANAGER + - STATIC + - null + description: |- + Details about the violations owner. + MANAGER - identity's manager + STATIC - Governance Group or Identity + example: MANAGER + nullable: true + ownerRef: + type: object + description: The owner of the violation assignment config. + nullable: true + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + - MANAGER + - null + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + scheduled: + type: boolean + description: defines whether a policy has been scheduled or not + example: true + default: false + type: + type: string + description: whether a policy is query based or conflicting access based + default: GENERAL + enum: + - GENERAL + - CONFLICTING_ACCESS_BASED + example: GENERAL + conflictingAccessCriteria: + allOf: + - type: object + properties: + leftCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + rightCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + - nullable: true + examples: + Conflicting Access Based Policy: + value: + name: Conflicting-Policy-Name + description: This policy ensures compliance of xyz + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Owner Name + externalPolicyReference: XYZ policy + compensatingControls: Have a manager review the transaction decisions for their "out of compliance" employee + correctionAdvice: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + state: ENFORCED + tags: + - string + creatorId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + modifierId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + violationOwnerAssignmentConfig: + assignmentRule: MANAGER + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Violation Owner Name + scheduled: true + type: CONFLICTING_ACCESS_BASED + conflictingAccessCriteria: + leftCriteria: + name: money-in + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + rightCriteria: + name: money-out + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a68 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a69 + General Policy: + value: + description: Description + ownerRef: + type: IDENTITY + id: 2c918087682f9a86016839c05e8f1aff + name: Owner Name + externalPolicyReference: New policy + policyQuery: policy query implementation + compensatingControls: Compensating controls + correctionAdvice: Correction advice + tags: [] + state: ENFORCED + scheduled: false + creatorId: 2c918087682f9a86016839c05e8f1aff + modifierId: null + violationOwnerAssignmentConfig: null + name: General-Policy-Name + responses: + '201': + description: SOD policy created + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Policy id + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + name: + type: string + description: Policy Business Name + example: policy-xyz + created: + type: string + format: date-time + description: The time when this SOD policy is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: Optional description of the SOD policy + example: This policy ensures compliance of xyz + nullable: true + ownerRef: + type: object + description: The owner of the SOD policy. + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + externalPolicyReference: + type: string + description: Optional External Policy Reference + example: XYZ policy + nullable: true + policyQuery: + type: string + description: Search query of the SOD policy + example: '@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)' + compensatingControls: + type: string + description: Optional compensating controls(Mitigating Controls) + example: Have a manager review the transaction decisions for their "out of compliance" employee + nullable: true + correctionAdvice: + type: string + description: Optional correction advice + example: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + nullable: true + state: + type: string + description: whether the policy is enforced or not + enum: + - ENFORCED + - NOT_ENFORCED + example: ENFORCED + tags: + type: array + description: tags for this policy object + example: + - TAG1 + - TAG2 + items: + type: string + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + nullable: true + readOnly: true + violationOwnerAssignmentConfig: + nullable: true + type: object + properties: + assignmentRule: + type: string + enum: + - MANAGER + - STATIC + - null + description: |- + Details about the violations owner. + MANAGER - identity's manager + STATIC - Governance Group or Identity + example: MANAGER + nullable: true + ownerRef: + type: object + description: The owner of the violation assignment config. + nullable: true + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + - MANAGER + - null + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + scheduled: + type: boolean + description: defines whether a policy has been scheduled or not + example: true + default: false + type: + type: string + description: whether a policy is query based or conflicting access based + default: GENERAL + enum: + - GENERAL + - CONFLICTING_ACCESS_BASED + example: GENERAL + conflictingAccessCriteria: + allOf: + - type: object + properties: + leftCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + rightCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + - nullable: true + examples: + Conflicting Access Based Policy: + value: + id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: Conflicting-Policy-Name + created: '2020-01-01T00:00:00.000000Z' + modified: '2020-01-01T00:00:00.000000Z' + description: This policy ensures compliance of xyz + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Owner Name + externalPolicyReference: XYZ policy + policyQuery: '@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)' + compensatingControls: Have a manager review the transaction decisions for their "out of compliance" employee + correctionAdvice: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + state: ENFORCED + tags: + - string + creatorId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + modifierId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + violationOwnerAssignmentConfig: + assignmentRule: MANAGER + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Violation Owner Name + scheduled: true + type: CONFLICTING_ACCESS_BASED + conflictingAccessCriteria: + leftCriteria: + name: money-in + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + rightCriteria: + name: money-out + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a68 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a69 + General Policy: + value: + description: Description + ownerRef: + type: IDENTITY + id: 2c918087682f9a86016839c05e8f1aff + name: Owner Name + externalPolicyReference: New policy + policyQuery: policy query implementation + compensatingControls: Compensating controls + correctionAdvice: Correction advice + tags: [] + state: ENFORCED + scheduled: false + creatorId: 2c918087682f9a86016839c05e8f1aff + modifierId: null + violationOwnerAssignmentConfig: null + type: GENERAL + conflictingAccessCriteria: null + id: 52c11db4-733e-4c31-949a-766c95ec95f1 + name: General-Policy-Name + created: '2020-05-12T19:47:38Z' + modified: '2020-05-12T19:47:38Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + security: + - UserContextAuth: + - 'idn:sod-policy:read' + operationId: listSodPolicies + tags: + - SOD Policies + summary: List SOD policies + description: |- + This gets list of all SOD policies. + Requires role of ORG_ADMIN + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, in* + + **state**: *eq, in* + example: id eq "bc693f07e7b645539626c25954c58554" + required: false + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: 'id,name' + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, name, created, modified, description** + responses: + '200': + description: List of all SOD policies. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Policy id + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + name: + type: string + description: Policy Business Name + example: policy-xyz + created: + type: string + format: date-time + description: The time when this SOD policy is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: Optional description of the SOD policy + example: This policy ensures compliance of xyz + nullable: true + ownerRef: + type: object + description: The owner of the SOD policy. + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + externalPolicyReference: + type: string + description: Optional External Policy Reference + example: XYZ policy + nullable: true + policyQuery: + type: string + description: Search query of the SOD policy + example: '@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)' + compensatingControls: + type: string + description: Optional compensating controls(Mitigating Controls) + example: Have a manager review the transaction decisions for their "out of compliance" employee + nullable: true + correctionAdvice: + type: string + description: Optional correction advice + example: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + nullable: true + state: + type: string + description: whether the policy is enforced or not + enum: + - ENFORCED + - NOT_ENFORCED + example: ENFORCED + tags: + type: array + description: tags for this policy object + example: + - TAG1 + - TAG2 + items: + type: string + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + nullable: true + readOnly: true + violationOwnerAssignmentConfig: + nullable: true + type: object + properties: + assignmentRule: + type: string + enum: + - MANAGER + - STATIC + - null + description: |- + Details about the violations owner. + MANAGER - identity's manager + STATIC - Governance Group or Identity + example: MANAGER + nullable: true + ownerRef: + type: object + description: The owner of the violation assignment config. + nullable: true + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + - MANAGER + - null + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + scheduled: + type: boolean + description: defines whether a policy has been scheduled or not + example: true + default: false + type: + type: string + description: whether a policy is query based or conflicting access based + default: GENERAL + enum: + - GENERAL + - CONFLICTING_ACCESS_BASED + example: GENERAL + conflictingAccessCriteria: + allOf: + - type: object + properties: + leftCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + rightCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + - nullable: true + example: + - id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: Conflicting-Policy-Name + created: '2020-01-01T00:00:00.000000Z' + modified: '2020-01-01T00:00:00.000000Z' + description: This policy ensures compliance of xyz + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Owner Name + externalPolicyReference: XYZ policy + policyQuery: '@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)' + compensatingControls: Have a manager review the transaction decisions for their "out of compliance" employee + correctionAdvice: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + state: ENFORCED + tags: + - string + creatorId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + modifierId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + violationOwnerAssignmentConfig: + assignmentRule: MANAGER + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Violation Owner Name + scheduled: true + type: CONFLICTING_ACCESS_BASED + conflictingAccessCriteria: + leftCriteria: + name: money-in + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + rightCriteria: + name: money-out + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a68 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a69 + - description: Description + ownerRef: + type: IDENTITY + id: 2c918087682f9a86016839c05e8f1aff + name: Owner Name + externalPolicyReference: New policy + policyQuery: policy query implementation + compensatingControls: Compensating controls + correctionAdvice: Correction advice + tags: [] + state: ENFORCED + scheduled: false + creatorId: 2c918087682f9a86016839c05e8f1aff + modifierId: null + violationOwnerAssignmentConfig: null + type: GENERAL + conflictingAccessCriteria: null + id: 52c11db4-733e-4c31-949a-766c95ec95f1 + name: General-Policy-Name + created: '2020-05-12T19:47:38Z' + modified: '2020-05-12T19:47:38Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sod-policies/{id}': + get: + security: + - UserContextAuth: + - 'idn:sod-policy:read' + operationId: getSodPolicy + tags: + - SOD Policies + summary: Get SOD policy by ID + description: |- + This gets specified SOD policy. + Requires role of ORG_ADMIN. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the SOD Policy to retrieve. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + responses: + '200': + description: SOD policy ID. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Policy id + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + name: + type: string + description: Policy Business Name + example: policy-xyz + created: + type: string + format: date-time + description: The time when this SOD policy is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: Optional description of the SOD policy + example: This policy ensures compliance of xyz + nullable: true + ownerRef: + type: object + description: The owner of the SOD policy. + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + externalPolicyReference: + type: string + description: Optional External Policy Reference + example: XYZ policy + nullable: true + policyQuery: + type: string + description: Search query of the SOD policy + example: '@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)' + compensatingControls: + type: string + description: Optional compensating controls(Mitigating Controls) + example: Have a manager review the transaction decisions for their "out of compliance" employee + nullable: true + correctionAdvice: + type: string + description: Optional correction advice + example: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + nullable: true + state: + type: string + description: whether the policy is enforced or not + enum: + - ENFORCED + - NOT_ENFORCED + example: ENFORCED + tags: + type: array + description: tags for this policy object + example: + - TAG1 + - TAG2 + items: + type: string + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + nullable: true + readOnly: true + violationOwnerAssignmentConfig: + nullable: true + type: object + properties: + assignmentRule: + type: string + enum: + - MANAGER + - STATIC + - null + description: |- + Details about the violations owner. + MANAGER - identity's manager + STATIC - Governance Group or Identity + example: MANAGER + nullable: true + ownerRef: + type: object + description: The owner of the violation assignment config. + nullable: true + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + - MANAGER + - null + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + scheduled: + type: boolean + description: defines whether a policy has been scheduled or not + example: true + default: false + type: + type: string + description: whether a policy is query based or conflicting access based + default: GENERAL + enum: + - GENERAL + - CONFLICTING_ACCESS_BASED + example: GENERAL + conflictingAccessCriteria: + allOf: + - type: object + properties: + leftCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + rightCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + - nullable: true + examples: + Conflicting Access Based Policy: + value: + id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: Conflicting-Policy-Name + created: '2020-01-01T00:00:00.000000Z' + modified: '2020-01-01T00:00:00.000000Z' + description: This policy ensures compliance of xyz + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Owner Name + externalPolicyReference: XYZ policy + policyQuery: '@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)' + compensatingControls: Have a manager review the transaction decisions for their "out of compliance" employee + correctionAdvice: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + state: ENFORCED + tags: + - string + creatorId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + modifierId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + violationOwnerAssignmentConfig: + assignmentRule: MANAGER + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Violation Owner Name + scheduled: true + type: CONFLICTING_ACCESS_BASED + conflictingAccessCriteria: + leftCriteria: + name: money-in + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + rightCriteria: + name: money-out + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a68 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a69 + General Policy: + value: + description: Description + ownerRef: + type: IDENTITY + id: 2c918087682f9a86016839c05e8f1aff + name: Owner Name + externalPolicyReference: New policy + policyQuery: policy query implementation + compensatingControls: Compensating controls + correctionAdvice: Correction advice + tags: [] + state: ENFORCED + scheduled: false + creatorId: 2c918087682f9a86016839c05e8f1aff + modifierId: null + violationOwnerAssignmentConfig: null + type: GENERAL + conflictingAccessCriteria: null + id: 52c11db4-733e-4c31-949a-766c95ec95f1 + name: General-Policy-Name + created: '2020-05-12T19:47:38Z' + modified: '2020-05-12T19:47:38Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + security: + - UserContextAuth: + - 'idn:sod-policy:write' + operationId: putSodPolicy + tags: + - SOD Policies + summary: Update SOD policy by ID + description: |- + This updates a specified SOD policy. + Requires role of ORG_ADMIN. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the SOD policy to update. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Policy id + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + name: + type: string + description: Policy Business Name + example: policy-xyz + created: + type: string + format: date-time + description: The time when this SOD policy is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: Optional description of the SOD policy + example: This policy ensures compliance of xyz + nullable: true + ownerRef: + type: object + description: The owner of the SOD policy. + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + externalPolicyReference: + type: string + description: Optional External Policy Reference + example: XYZ policy + nullable: true + policyQuery: + type: string + description: Search query of the SOD policy + example: '@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)' + compensatingControls: + type: string + description: Optional compensating controls(Mitigating Controls) + example: Have a manager review the transaction decisions for their "out of compliance" employee + nullable: true + correctionAdvice: + type: string + description: Optional correction advice + example: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + nullable: true + state: + type: string + description: whether the policy is enforced or not + enum: + - ENFORCED + - NOT_ENFORCED + example: ENFORCED + tags: + type: array + description: tags for this policy object + example: + - TAG1 + - TAG2 + items: + type: string + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + nullable: true + readOnly: true + violationOwnerAssignmentConfig: + nullable: true + type: object + properties: + assignmentRule: + type: string + enum: + - MANAGER + - STATIC + - null + description: |- + Details about the violations owner. + MANAGER - identity's manager + STATIC - Governance Group or Identity + example: MANAGER + nullable: true + ownerRef: + type: object + description: The owner of the violation assignment config. + nullable: true + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + - MANAGER + - null + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + scheduled: + type: boolean + description: defines whether a policy has been scheduled or not + example: true + default: false + type: + type: string + description: whether a policy is query based or conflicting access based + default: GENERAL + enum: + - GENERAL + - CONFLICTING_ACCESS_BASED + example: GENERAL + conflictingAccessCriteria: + allOf: + - type: object + properties: + leftCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + rightCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + - nullable: true + examples: + Conflicting Access Based Policy: + value: + name: Conflicting-Policy-Name + description: Modified Description + externalPolicyReference: XYZ policy + compensatingControls: Have a manager review the transaction decisions for their "out of compliance" employee + correctionAdvice: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + state: ENFORCED + tags: + - string + violationOwnerAssignmentConfig: + assignmentRule: MANAGER + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Violation Owner Name + scheduled: true + type: CONFLICTING_ACCESS_BASED + conflictingAccessCriteria: + leftCriteria: + name: money-in + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + rightCriteria: + name: money-out + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a68 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a69 + General Policy: + value: + description: Modified Description + ownerRef: + type: IDENTITY + id: 2c918087682f9a86016839c05e8f1aff + name: Owner Name + externalPolicyReference: New policy + policyQuery: policy query implementation + compensatingControls: Compensating controls + correctionAdvice: Correction advice + tags: [] + state: ENFORCED + scheduled: false + creatorId: 2c918087682f9a86016839c05e8f1aff + modifierId: null + violationOwnerAssignmentConfig: null + type: GENERAL + conflictingAccessCriteria: null + id: 52c11db4-733e-4c31-949a-766c95ec95f1 + name: General-Policy-Name + created: '2020-05-12T19:47:38Z' + modified: '2020-05-12T19:47:38Z' + responses: + '200': + description: SOD Policy by ID + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Policy id + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + name: + type: string + description: Policy Business Name + example: policy-xyz + created: + type: string + format: date-time + description: The time when this SOD policy is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: Optional description of the SOD policy + example: This policy ensures compliance of xyz + nullable: true + ownerRef: + type: object + description: The owner of the SOD policy. + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + externalPolicyReference: + type: string + description: Optional External Policy Reference + example: XYZ policy + nullable: true + policyQuery: + type: string + description: Search query of the SOD policy + example: '@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)' + compensatingControls: + type: string + description: Optional compensating controls(Mitigating Controls) + example: Have a manager review the transaction decisions for their "out of compliance" employee + nullable: true + correctionAdvice: + type: string + description: Optional correction advice + example: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + nullable: true + state: + type: string + description: whether the policy is enforced or not + enum: + - ENFORCED + - NOT_ENFORCED + example: ENFORCED + tags: + type: array + description: tags for this policy object + example: + - TAG1 + - TAG2 + items: + type: string + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + nullable: true + readOnly: true + violationOwnerAssignmentConfig: + nullable: true + type: object + properties: + assignmentRule: + type: string + enum: + - MANAGER + - STATIC + - null + description: |- + Details about the violations owner. + MANAGER - identity's manager + STATIC - Governance Group or Identity + example: MANAGER + nullable: true + ownerRef: + type: object + description: The owner of the violation assignment config. + nullable: true + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + - MANAGER + - null + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + scheduled: + type: boolean + description: defines whether a policy has been scheduled or not + example: true + default: false + type: + type: string + description: whether a policy is query based or conflicting access based + default: GENERAL + enum: + - GENERAL + - CONFLICTING_ACCESS_BASED + example: GENERAL + conflictingAccessCriteria: + allOf: + - type: object + properties: + leftCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + rightCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + - nullable: true + examples: + Conflicting Access Based Policy: + value: + id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: Conflicting-Policy-Name + created: '2020-01-01T00:00:00.000000Z' + modified: '2020-01-01T00:00:00.000000Z' + description: Modified description + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Owner Name + externalPolicyReference: XYZ policy + policyQuery: '@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)' + compensatingControls: Have a manager review the transaction decisions for their "out of compliance" employee + correctionAdvice: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + state: ENFORCED + tags: + - string + creatorId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + modifierId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + violationOwnerAssignmentConfig: + assignmentRule: MANAGER + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Violation Owner Name + scheduled: true + type: CONFLICTING_ACCESS_BASED + conflictingAccessCriteria: + leftCriteria: + name: money-in + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + rightCriteria: + name: money-out + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a68 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a69 + General Policy: + value: + description: Modified Description + ownerRef: + type: IDENTITY + id: 2c918087682f9a86016839c05e8f1aff + name: Owner Name + externalPolicyReference: New policy + policyQuery: policy query implementation + compensatingControls: Compensating controls + correctionAdvice: Correction advice + tags: [] + state: ENFORCED + scheduled: false + creatorId: 2c918087682f9a86016839c05e8f1aff + modifierId: null + violationOwnerAssignmentConfig: null + type: GENERAL + conflictingAccessCriteria: null + id: 52c11db4-733e-4c31-949a-766c95ec95f1 + name: General-Policy-Name + created: '2020-05-12T19:47:38Z' + modified: '2020-05-12T19:47:38Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + security: + - UserContextAuth: + - 'idn:sod-policy:write' + operationId: deleteSodPolicy + tags: + - SOD Policies + summary: Delete SOD policy by ID + description: |- + This deletes a specified SOD policy. + Requires role of ORG_ADMIN. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the SOD Policy to delete. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + - in: query + name: logical + schema: + type: boolean + default: true + description: Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call. + example: true + required: false + responses: + '204': + description: No content. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + security: + - UserContextAuth: + - 'idn:sod-policy:write' + operationId: patchSodPolicy + tags: + - SOD Policies + summary: Patch SOD policy by ID + description: |- + Allows updating SOD Policy fields other than ["id","created","creatorId","policyQuery","type"] using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + Requires role of ORG_ADMIN. + This endpoint can only patch CONFLICTING_ACCESS_BASED type policies. Do not use this endpoint to patch general policies - doing so will build an API exception. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the SOD policy being modified. + example: 2c918083-5d19-1a86-015d-28455b4a2329 + requestBody: + required: true + description: | + A list of SOD Policy update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + The following fields are patchable: + * name + * description + * ownerRef + * externalPolicyReference + * compensatingControls + * correctionAdvice + * state + * tags + * violationOwnerAssignmentConfig + * scheduled + * conflictingAccessCriteria + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + examples: + Conflicting Access Based Policy: + value: + - op: replace + path: /description + value: Modified description + - op: replace + path: /conflictingAccessCriteria/leftCriteria/name + value: money-in-modified + - op: replace + path: /conflictingAccessCriteria/rightCriteria + value: + name: money-out-modified + criteriaList: + - type: ENTITLEMENT + id: 2c918087682f9a86016839c0509c1ab2 + General Policy: + value: + - op: replace + path: /description + value: Modified description + responses: + '200': + description: 'Indicates the PATCH operation succeeded, and returns the SOD policy''s new representation.' + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Policy id + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + name: + type: string + description: Policy Business Name + example: policy-xyz + created: + type: string + format: date-time + description: The time when this SOD policy is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: Optional description of the SOD policy + example: This policy ensures compliance of xyz + nullable: true + ownerRef: + type: object + description: The owner of the SOD policy. + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + externalPolicyReference: + type: string + description: Optional External Policy Reference + example: XYZ policy + nullable: true + policyQuery: + type: string + description: Search query of the SOD policy + example: '@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)' + compensatingControls: + type: string + description: Optional compensating controls(Mitigating Controls) + example: Have a manager review the transaction decisions for their "out of compliance" employee + nullable: true + correctionAdvice: + type: string + description: Optional correction advice + example: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + nullable: true + state: + type: string + description: whether the policy is enforced or not + enum: + - ENFORCED + - NOT_ENFORCED + example: ENFORCED + tags: + type: array + description: tags for this policy object + example: + - TAG1 + - TAG2 + items: + type: string + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + nullable: true + readOnly: true + violationOwnerAssignmentConfig: + nullable: true + type: object + properties: + assignmentRule: + type: string + enum: + - MANAGER + - STATIC + - null + description: |- + Details about the violations owner. + MANAGER - identity's manager + STATIC - Governance Group or Identity + example: MANAGER + nullable: true + ownerRef: + type: object + description: The owner of the violation assignment config. + nullable: true + properties: + type: + type: string + description: Owner type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + - MANAGER + - null + example: IDENTITY + id: + type: string + description: Owner's ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + scheduled: + type: boolean + description: defines whether a policy has been scheduled or not + example: true + default: false + type: + type: string + description: whether a policy is query based or conflicting access based + default: GENERAL + enum: + - GENERAL + - CONFLICTING_ACCESS_BASED + example: GENERAL + conflictingAccessCriteria: + allOf: + - type: object + properties: + leftCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + rightCriteria: + type: object + properties: + name: + type: string + description: Business name for the access construct list + example: money-in + criteriaList: + type: array + description: List of criteria. There is a min of 1 and max of 50 items in the list. + minItems: 1 + maxItems: 50 + items: + type: object + properties: + type: + type: string + enum: + - ENTITLEMENT + description: Type of the propery to which this reference applies to + example: ENTITLEMENT + id: + type: string + description: ID of the object to which this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies to + example: Administrator + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + name: Administrator + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + name: Administrator + - nullable: true + examples: + Conflicting Access Based Policy: + value: + id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: Conflicting-Policy-Name + created: '2020-01-01T00:00:00.000000Z' + modified: '2020-01-01T00:00:00.000000Z' + description: Modified description + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Owner Name + externalPolicyReference: XYZ policy + policyQuery: '@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c918087682f9a86016839c0509c1ab2)' + compensatingControls: Have a manager review the transaction decisions for their "out of compliance" employee + correctionAdvice: 'Based on the role of the employee, managers should remove access that is not required for their job function.' + state: ENFORCED + tags: + - string + creatorId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + modifierId: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + violationOwnerAssignmentConfig: + assignmentRule: MANAGER + ownerRef: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: Violation Owner Name + scheduled: true + type: CONFLICTING_ACCESS_BASED + conflictingAccessCriteria: + leftCriteria: + name: money-in-modified + criteriaList: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + rightCriteria: + name: money-out-modified + criteriaList: + - type: ENTITLEMENT + id: 2c918087682f9a86016839c0509c1ab2 + General Policy: + value: + description: Modified description + ownerRef: + type: IDENTITY + id: 2c918087682f9a86016839c05e8f1aff + name: Owner Name + externalPolicyReference: New policy + policyQuery: policy query implementation + compensatingControls: Compensating controls + correctionAdvice: Correction advice + tags: [] + state: ENFORCED + scheduled: false + creatorId: 2c918087682f9a86016839c05e8f1aff + modifierId: null + violationOwnerAssignmentConfig: null + type: GENERAL + conflictingAccessCriteria: null + id: 52c11db4-733e-4c31-949a-766c95ec95f1 + name: General-Policy-Name + created: '2020-05-12T19:47:38Z' + modified: '2020-05-12T19:47:38Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sod-policies/{id}/evaluate': + post: + security: + - UserContextAuth: + - 'idn:sod-violation:write' + operationId: startEvaluateSodPolicy + tags: + - SOD Policies + summary: Evaluate one policy by ID + description: Runs the scheduled report for the policy retrieved by passed policy ID. The report schedule is fetched from the policy retrieved by ID. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The SOD policy ID to run. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + responses: + '200': + description: Reference to the violation report run task. + content: + application/json: + schema: + allOf: + - type: object + description: SOD policy violation report result. + properties: + type: + type: string + description: SOD policy violation report result DTO type. + enum: + - REPORT_RESULT + example: REPORT_RESULT + id: + type: string + description: SOD policy violation report result ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of the SOD policy violation report result. + example: SOD Policy 1 Violation + - type: object + properties: + status: + type: string + description: Status of a SOD policy violation report. + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + - PENDING + example: PENDING + example: + status: PENDING + type: REPORT_RESULT + id: 37b3b32a-f394-46f8-acad-b5223969fa68 + name: Multi Query Report + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sod-policies/{id}/schedule': + get: + security: + - UserContextAuth: + - 'idn:sod-policy:read' + operationId: getSodPolicySchedule + tags: + - SOD Policies + summary: Get SOD policy schedule + description: This endpoint gets a specified SOD policy's schedule. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the SOD policy schedule to retrieve. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + responses: + '200': + description: SOD policy schedule. + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: SOD Policy schedule name + example: SCH-1584312283015 + created: + type: string + format: date-time + description: The time when this SOD policy schedule is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy schedule is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: SOD Policy schedule description + example: Schedule for policy xyz + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + type: array + items: + type: object + description: SOD policy recipient. + properties: + type: + type: string + description: SOD policy recipient DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: SOD policy recipient's identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: SOD policy recipient's display name. + example: Michael Michaels + emailEmptyResults: + type: boolean + description: Indicates if empty results need to be emailed + example: false + default: false + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a47c944bf3a2bd742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a47c944bf3a2bd742580fe3bde + readOnly: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + security: + - UserContextAuth: + - 'idn:sod-policy:write' + operationId: putPolicySchedule + tags: + - SOD Policies + summary: Update SOD Policy schedule + description: This updates schedule for a specified SOD policy. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the SOD policy to update its schedule. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: SOD Policy schedule name + example: SCH-1584312283015 + created: + type: string + format: date-time + description: The time when this SOD policy schedule is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy schedule is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: SOD Policy schedule description + example: Schedule for policy xyz + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + type: array + items: + type: object + description: SOD policy recipient. + properties: + type: + type: string + description: SOD policy recipient DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: SOD policy recipient's identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: SOD policy recipient's display name. + example: Michael Michaels + emailEmptyResults: + type: boolean + description: Indicates if empty results need to be emailed + example: false + default: false + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a47c944bf3a2bd742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a47c944bf3a2bd742580fe3bde + readOnly: true + responses: + '200': + description: Created or updated SOD policy schedule. + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: SOD Policy schedule name + example: SCH-1584312283015 + created: + type: string + format: date-time + description: The time when this SOD policy schedule is created. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + modified: + type: string + format: date-time + description: The time when this SOD policy schedule is modified. + example: '2020-01-01T00:00:00.000000Z' + readOnly: true + description: + type: string + description: SOD Policy schedule description + example: Schedule for policy xyz + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + type: array + items: + type: object + description: SOD policy recipient. + properties: + type: + type: string + description: SOD policy recipient DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: SOD policy recipient's identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: SOD policy recipient's display name. + example: Michael Michaels + emailEmptyResults: + type: boolean + description: Indicates if empty results need to be emailed + example: false + default: false + creatorId: + type: string + description: Policy's creator ID + example: 0f11f2a47c944bf3a2bd742580fe3bde + readOnly: true + modifierId: + type: string + description: Policy's modifier ID + example: 0f11f2a47c944bf3a2bd742580fe3bde + readOnly: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + security: + - UserContextAuth: + - 'idn:sod-policy:write' + operationId: deleteSodPolicySchedule + tags: + - SOD Policies + summary: Delete SOD policy schedule + description: This deletes schedule for a specified SOD policy by ID. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the SOD policy the schedule must be deleted for. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + responses: + '204': + description: No content response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sod-policies/{id}/violation-report/run': + post: + security: + - UserContextAuth: + - 'idn:sod-violation:write' + operationId: startSodPolicy + tags: + - SOD Policies + summary: Runs SOD policy violation report + description: 'This invokes processing of violation report for given SOD policy. If the policy reports more than 5000 violations, the report returns with violation limit exceeded message.' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The SOD policy ID to run. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + responses: + '200': + description: Reference to the violation report run task. + content: + application/json: + schema: + allOf: + - type: object + description: SOD policy violation report result. + properties: + type: + type: string + description: SOD policy violation report result DTO type. + enum: + - REPORT_RESULT + example: REPORT_RESULT + id: + type: string + description: SOD policy violation report result ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of the SOD policy violation report result. + example: SOD Policy 1 Violation + - type: object + properties: + status: + type: string + description: Status of a SOD policy violation report. + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + - PENDING + example: PENDING + example: + status: PENDING + type: REPORT_RESULT + id: 2e8d8180-24bc-4d21-91c6-7affdb473b0d + name: policy-xyz + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sod-policies/{id}/violation-report': + get: + security: + - UserContextAuth: + - 'idn:sod-violation:read' + operationId: getSodViolationReportStatus + tags: + - SOD Policies + summary: Get SOD violation report status + description: This gets the status for a violation report run task that has already been invoked. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the violation report to retrieve status for. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + responses: + '200': + description: Status of the violation report run task. + content: + application/json: + schema: + allOf: + - type: object + description: SOD policy violation report result. + properties: + type: + type: string + description: SOD policy violation report result DTO type. + enum: + - REPORT_RESULT + example: REPORT_RESULT + id: + type: string + description: SOD policy violation report result ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of the SOD policy violation report result. + example: SOD Policy 1 Violation + - type: object + properties: + status: + type: string + description: Status of a SOD policy violation report. + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + - PENDING + example: PENDING + example: + status: SUCCESS + type: REPORT_RESULT + id: 2e8d8180-24bc-4d21-91c6-7affdb473b0d + name: policy-xyz + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sod-policies/sod-violation-report-status/{reportResultId}': + get: + security: + - UserContextAuth: + - 'idn:sod-violation:read' + operationId: getSodViolationReportRunStatus + tags: + - SOD Policies + summary: Get violation report run status + description: This gets the status for a violation report run task that has already been invoked. + parameters: + - in: path + name: reportResultId + schema: + type: string + required: true + description: The ID of the report reference to retrieve. + example: 2e8d8180-24bc-4d21-91c6-7affdb473b0d + responses: + '200': + description: Status of the violation report run task. + content: + application/json: + schema: + allOf: + - type: object + description: SOD policy violation report result. + properties: + type: + type: string + description: SOD policy violation report result DTO type. + enum: + - REPORT_RESULT + example: REPORT_RESULT + id: + type: string + description: SOD policy violation report result ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of the SOD policy violation report result. + example: SOD Policy 1 Violation + - type: object + properties: + status: + type: string + description: Status of a SOD policy violation report. + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + - PENDING + example: PENDING + example: + status: SUCCESS + type: REPORT_RESULT + id: 2e8d8180-24bc-4d21-91c6-7affdb473b0d + name: policy-xyz + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /sod-violations/predict: + post: + security: + - UserContextAuth: + - 'idn:sod-violation:read' + operationId: startPredictSodViolations + tags: + - SOD Violations + summary: Predict SOD violations for identity. + description: |- + This API is used to check if granting some additional accesses would cause the subject to be in violation of any SOD policies. Returns the violations that would be caused. + + A token with ORG_ADMIN or API authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + description: An identity with a set of access to be added + required: + - identityId + - accessRefs + type: object + properties: + identityId: + description: Identity id to be checked. + type: string + example: 2c91808568c529c60168cca6f90c1313 + accessRefs: + description: The list of entitlements to consider for possible violations in a preventive check. + type: array + items: + type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + example: + - type: ENTITLEMENT + id: 2c918087682f9a86016839c050861ab1 + name: 'CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local' + - type: ENTITLEMENT + id: 2c918087682f9a86016839c0509c1ab2 + name: 'CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local' + example: + identityId: 2c91808568c529c60168cca6f90c1313 + accessRefs: + - type: ENTITLEMENT + id: 2c918087682f9a86016839c050861ab1 + name: 'CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local' + - type: ENTITLEMENT + id: 2c918087682f9a86016839c0509c1ab2 + name: 'CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local' + responses: + '200': + description: Violation Contexts + content: + application/json: + schema: + description: An object containing a listing of the SOD violation reasons detected by this check. + required: + - requestId + type: object + properties: + violationContexts: + type: array + description: List of Violation Contexts + items: + type: object + properties: + policy: + allOf: + - type: object + description: SOD policy. + properties: + type: + type: string + description: SOD policy DTO type. + enum: + - SOD_POLICY + example: SOD_POLICY + id: + type: string + description: SOD policy ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: SOD policy display name. + example: Business SOD Policy + - type: object + properties: + type: + type: string + example: SOD_POLICY + name: + type: string + example: A very cool policy name + description: The types of objects supported for SOD violations + properties: + type: + enum: + - ENTITLEMENT + example: ENTITLEMENT + description: The type of object that is referenced + conflictingAccessCriteria: + nullable: false + description: The object which contains the left and right hand side of the entitlements that got violated according to the policy. + type: object + properties: + leftCriteria: + type: object + properties: + criteriaList: + type: array + description: List of exception criteria. There is a min of 1 and max of 50 items in the list. + items: + allOf: + - type: object + properties: + type: + description: DTO type + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: 'CN=HelpDesk,OU=test,OU=test-service,DC=TestAD,DC=local' + existing: + type: boolean + description: Whether the subject identity already had that access or not + default: false + example: true + description: Access reference with addition of boolean existing flag to indicate whether the access was extant + description: The types of objects supported for SOD violations + properties: + type: + enum: + - ENTITLEMENT + example: ENTITLEMENT + description: The type of object that is referenced + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + existing: true + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + existing: false + rightCriteria: + type: object + properties: + criteriaList: + type: array + description: List of exception criteria. There is a min of 1 and max of 50 items in the list. + items: + allOf: + - type: object + properties: + type: + description: DTO type + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: 'CN=HelpDesk,OU=test,OU=test-service,DC=TestAD,DC=local' + existing: + type: boolean + description: Whether the subject identity already had that access or not + default: false + example: true + description: Access reference with addition of boolean existing flag to indicate whether the access was extant + description: The types of objects supported for SOD violations + properties: + type: + enum: + - ENTITLEMENT + example: ENTITLEMENT + description: The type of object that is referenced + example: + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a66 + existing: true + - type: ENTITLEMENT + id: 2c9180866166b5b0016167c32ef31a67 + existing: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /sod-violations/check: + post: + security: + - UserContextAuth: + - 'idn:sod-violation:read' + operationId: startViolationCheck + tags: + - SOD Violations + summary: Check SOD violations + description: |- + This API initiates a SOD policy verification asynchronously. + + A token with ORG_ADMIN authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + description: An identity with a set of access to be added + required: + - identityId + - accessRefs + type: object + properties: + identityId: + description: Set of identity IDs to be checked. + type: string + example: 2c91809050db617d0150e0bf3215385e + accessRefs: + description: The bundle of access profiles to be added to the identities specified. All references must be ENTITLEMENT type. + type: array + items: + allOf: + - type: object + description: Entitlement including a specific set of access. + properties: + type: + type: string + description: Entitlement's DTO type. + enum: + - ENTITLEMENT + example: ENTITLEMENT + id: + type: string + description: Entitlement's ID. + example: 2c91809773dee32014e13e122092014e + name: + type: string + description: Entitlement's display name. + example: 'CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local' + clientMetadata: + type: object + additionalProperties: + type: string + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check. + example: + clientName: client1 + clientId: 2c91808f7892918f0178b78da4a305a1 + example: + identityId: 2c91808568c529c60168cca6f90c1313 + accessRefs: + - type: ENTITLEMENT + id: 2c918087682f9a86016839c050861ab1 + name: 'CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local' + - type: ENTITLEMENT + id: 2c918087682f9a86016839c0509c1ab2 + name: 'CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local' + clientMetadata: + additionalProp1: string + additionalProp2: string + additionalProp3: string + responses: + '202': + description: Request ID with a timestamp. + content: + application/json: + schema: + description: An object referencing an SOD violation check + required: + - requestId + type: object + properties: + requestId: + description: The id of the original request + example: 089899f13a8f4da7824996191587bab9 + type: string + created: + type: string + format: date-time + readOnly: true + description: The date-time when this request was created. + example: '2020-01-01T00:00:00.000000Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /sod-violation-report/run: + post: + security: + - UserContextAuth: + - 'idn:sod-violation:write' + operationId: startSodAllPoliciesForOrg + tags: + - SOD Policies + summary: Runs all policies for org + description: 'Runs multi-policy report for the org. If a policy reports more than 5000 violations, the report mentions that the violation limit was exceeded for that policy. If the request is empty, the report runs for all policies. Otherwise, the report runs for only the filtered policy list provided.' + requestBody: + required: false + content: + application/json: + schema: + type: object + properties: + filteredPolicyList: + type: array + description: Multi-policy report will be run for this list of ids + items: + type: string + example: + - b868cd40-ffa4-4337-9c07-1a51846cfa94 + - 63a07a7b-39a4-48aa-956d-50c827deba2a + example: + filteredPolicyList: + - b868cd40-ffa4-4337-9c07-1a51846cfa94 + - 63a07a7b-39a4-48aa-956d-50c827deba2a + responses: + '200': + description: Reference to the violation report run task. + content: + application/json: + schema: + allOf: + - type: object + description: SOD policy violation report result. + properties: + type: + type: string + description: SOD policy violation report result DTO type. + enum: + - REPORT_RESULT + example: REPORT_RESULT + id: + type: string + description: SOD policy violation report result ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of the SOD policy violation report result. + example: SOD Policy 1 Violation + - type: object + properties: + status: + type: string + description: Status of a SOD policy violation report. + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + - PENDING + example: PENDING + example: + status: PENDING + type: REPORT_RESULT + id: 37b3b32a-f394-46f8-acad-b5223969fa68 + name: Multi Query Report + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /sod-violation-report: + get: + security: + - UserContextAuth: + - 'idn:sod-violation:read' + operationId: getSodAllReportRunStatus + tags: + - SOD Policies + summary: Get multi-report run task status + description: This endpoint gets the status for a violation report for all policy run. + responses: + '200': + description: Status of the violation report run task for all policy run. + content: + application/json: + schema: + allOf: + - type: object + description: SOD policy violation report result. + properties: + type: + type: string + description: SOD policy violation report result DTO type. + enum: + - REPORT_RESULT + example: REPORT_RESULT + id: + type: string + description: SOD policy violation report result ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of the SOD policy violation report result. + example: SOD Policy 1 Violation + - type: object + properties: + status: + type: string + description: Status of a SOD policy violation report. + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + - PENDING + example: PENDING + example: + status: SUCCESS + type: REPORT_RESULT + id: 37b3b32a-f394-46f8-acad-b5223969fa68 + name: Multi Query Report + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sod-violation-report/{reportResultId}/download': + get: + security: + - UserContextAuth: + - 'idn:sod-violation:read' + operationId: getDefaultViolationReport + tags: + - SOD Policies + summary: Download violation report + description: This allows to download a violation report for a given report reference. + parameters: + - in: path + name: reportResultId + schema: + type: string + required: true + description: The ID of the report reference to download. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: Returns the PolicyReport.zip that contains the violation report file. + content: + application/zip: + schema: + type: string + format: binary + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sod-violation-report/{reportResultId}/download/{fileName}': + get: + security: + - UserContextAuth: + - 'idn:sod-violation:read' + operationId: getCustomViolationReport + tags: + - SOD Policies + summary: Download custom violation report + description: This allows to download a specified named violation report for a given report reference. + parameters: + - in: path + name: reportResultId + schema: + type: string + required: true + description: The ID of the report reference to download. + example: ef38f94347e94562b5bb8424a56397d8 + - in: path + name: fileName + schema: + type: string + required: true + description: Custom Name for the file. + example: custom-name + responses: + '200': + description: Returns the zip file with given custom name that contains the violation report file. + content: + application/zip: + schema: + type: string + format: binary + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /sources: + get: + operationId: listSources + security: + - UserContextAuth: + - 'idn:sources:read' + tags: + - Sources + summary: Lists all sources in IdentityNow. + description: |- + This end-point lists all the sources in IdentityNow. + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or ROLE_SUBADMIN authority is required to call this API. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + example: name eq "Employees" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* + + **name**: *co, eq, in, sw, ge, gt, ne, isnull* + + **type**: *eq, in, ge, gt, ne, isnull, sw* + + **owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* + + **features**: *ca, co* + + **created**: *eq, ge, gt, in, le, lt, ne, isnull, sw* + + **modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw* + + **managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw* + + **description**: *eq, sw* + + **authoritative**: *eq, ne, isnull* + + **healthy**: *isnull* + + **status**: *eq, in, ge, gt, le, lt, ne, isnull, sw* + + **connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw* + + **connectorName**: *eq, ge, gt, in, ne, isnull, sw* + + **category**: *co, eq, ge, gt, in, le, lt, ne, sw* + - in: query + name: sorters + schema: + type: string + format: comma-separated + example: name + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType** + - in: query + name: for-subadmin + schema: + type: string + example: name + description: |- + Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user. + Subadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned. + responses: + '200': + description: List of Source objects + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + readOnly: true + description: Source ID. + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Source's human-readable name. + example: My Source + description: + type: string + description: Source's human-readable description. + example: This is the corporate directory. + owner: + description: Reference to identity object who owns the source. + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner identity's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Owner identity's human-readable display name. + example: MyName + cluster: + description: Reference to the source's associated cluster. + type: object + nullable: true + required: + - name + - id + - type + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Cluster ID. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Cluster's human-readable display name. + example: Corporate Cluster + accountCorrelationConfig: + description: Reference to account correlation config object. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + example: ACCOUNT_CORRELATION_CONFIG + id: + type: string + description: Account correlation config ID. + example: 2c9180855d191c59015d28583727245a + name: + type: string + description: Account correlation config's human-readable display name. + example: 'Directory [source-62867] Account Correlation' + accountCorrelationRule: + description: Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + managerCorrelationMapping: + allOf: + - type: object + properties: + accountAttributeName: + type: string + description: Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity. + example: manager + identityAttributeName: + type: string + description: Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute. + example: manager + - nullable: true + description: | + Filter object used during manager correlation to match incoming manager values to an existing manager's + account/identity. + managerCorrelationRule: + description: Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + beforeProvisioningRule: + description: 'Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ' + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + schemas: + type: array + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: Schema ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Schema's human-readable display name. + example: MySchema + description: List of references to schema objects. + example: + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232a + name: account + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232b + name: group + passwordPolicies: + type: array + nullable: true + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - PASSWORD_POLICY + example: PASSWORD_POLICY + id: + type: string + description: Policy ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Policy's human-readable display name. + example: My Password Policy + description: List of references to the associated PasswordPolicy objects. + example: + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb053980 + name: Corporate Password Policy + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb057777 + name: Vendor Password Policy + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + connector: + type: string + description: Connector script name. + example: active-directory + connectorClass: + type: string + description: Fully qualified name of the Java class that implements the connector interface. + example: sailpoint.connector.LDAPConnector + connectorAttributes: + type: object + description: Connector specific configuration. This configuration will differ from type to type. + example: + healthCheckTimeout: 30 + authSearchAttributes: + - cn + - uid + - mail + deleteThreshold: + type: integer + format: int32 + description: Number from 0 to 100 that specifies when to skip the delete phase. + example: 10 + authoritative: + type: boolean + description: 'When this is true, it indicates that the source is referenced by an identity profile.' + default: false + example: false + managementWorkgroup: + description: Reference to management workgroup for the source. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: Management workgroup ID. + example: 2c91808568c529c60168cca6f90c2222 + name: + type: string + description: Management workgroup's human-readable display name. + example: My Management Workgroup + healthy: + type: boolean + description: 'When this is true, it indicates that the source is healthy.' + default: false + example: true + status: + type: string + enum: + - SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: 'Status identifier that gives specific information about why a source is or isn''t healthy. ' + example: SOURCE_STATE_HEALTHY + since: + type: string + description: Timestamp that shows when a source health check was last performed. + example: 2021-09-28T15:48:29.380Z + connectorId: + type: string + description: Connector ID + example: active-directory + connectorName: + type: string + description: Name of the connector that was chosen during source creation. + example: Active Directory + connectionType: + type: string + description: Type of connection (direct or file). + example: file + connectorImplementationId: + type: string + description: Connector implementation ID. + example: delimited-file + created: + type: string + description: Date-time when the source was created + format: date-time + example: 2022-02-08T14:50:03.827Z + modified: + type: string + description: Date-time when the source was last modified. + format: date-time + example: 2024-01-23T18:08:50.897Z + credentialProviderEnabled: + type: boolean + description: 'If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.' + default: false + example: false + category: + type: string + nullable: true + default: null + description: 'Source category (e.g. null, CredentialProvider).' + example: CredentialProvider + required: + - name + - owner + - connector + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createSource + security: + - UserContextAuth: + - 'idn:sources:manage' + tags: + - Sources + summary: Creates a source in IdentityNow. + description: |- + This creates a specific source with a full source JSON representation. Any passwords are submitted as plain-text and encrypted upon receipt in IdentityNow. + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + parameters: + - in: query + name: provisionAsCsv + description: 'If this parameter is `true`, it configures the source as a Delimited File (CSV) source. Setting this to `true` will automatically set the `type` of the source to `DelimitedFile`. You must use this query parameter to create a Delimited File source as you would in the UI. If you don''t set this query parameter and you attempt to set the `type` attribute directly, the request won''t correctly generate the source. ' + schema: + type: boolean + required: false + example: false + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + readOnly: true + description: Source ID. + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Source's human-readable name. + example: My Source + description: + type: string + description: Source's human-readable description. + example: This is the corporate directory. + owner: + description: Reference to identity object who owns the source. + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner identity's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Owner identity's human-readable display name. + example: MyName + cluster: + description: Reference to the source's associated cluster. + type: object + nullable: true + required: + - name + - id + - type + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Cluster ID. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Cluster's human-readable display name. + example: Corporate Cluster + accountCorrelationConfig: + description: Reference to account correlation config object. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + example: ACCOUNT_CORRELATION_CONFIG + id: + type: string + description: Account correlation config ID. + example: 2c9180855d191c59015d28583727245a + name: + type: string + description: Account correlation config's human-readable display name. + example: 'Directory [source-62867] Account Correlation' + accountCorrelationRule: + description: Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + managerCorrelationMapping: + allOf: + - type: object + properties: + accountAttributeName: + type: string + description: Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity. + example: manager + identityAttributeName: + type: string + description: Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute. + example: manager + - nullable: true + description: | + Filter object used during manager correlation to match incoming manager values to an existing manager's + account/identity. + managerCorrelationRule: + description: Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + beforeProvisioningRule: + description: 'Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ' + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + schemas: + type: array + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: Schema ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Schema's human-readable display name. + example: MySchema + description: List of references to schema objects. + example: + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232a + name: account + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232b + name: group + passwordPolicies: + type: array + nullable: true + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - PASSWORD_POLICY + example: PASSWORD_POLICY + id: + type: string + description: Policy ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Policy's human-readable display name. + example: My Password Policy + description: List of references to the associated PasswordPolicy objects. + example: + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb053980 + name: Corporate Password Policy + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb057777 + name: Vendor Password Policy + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + connector: + type: string + description: Connector script name. + example: active-directory + connectorClass: + type: string + description: Fully qualified name of the Java class that implements the connector interface. + example: sailpoint.connector.LDAPConnector + connectorAttributes: + type: object + description: Connector specific configuration. This configuration will differ from type to type. + example: + healthCheckTimeout: 30 + authSearchAttributes: + - cn + - uid + - mail + deleteThreshold: + type: integer + format: int32 + description: Number from 0 to 100 that specifies when to skip the delete phase. + example: 10 + authoritative: + type: boolean + description: 'When this is true, it indicates that the source is referenced by an identity profile.' + default: false + example: false + managementWorkgroup: + description: Reference to management workgroup for the source. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: Management workgroup ID. + example: 2c91808568c529c60168cca6f90c2222 + name: + type: string + description: Management workgroup's human-readable display name. + example: My Management Workgroup + healthy: + type: boolean + description: 'When this is true, it indicates that the source is healthy.' + default: false + example: true + status: + type: string + enum: + - SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: 'Status identifier that gives specific information about why a source is or isn''t healthy. ' + example: SOURCE_STATE_HEALTHY + since: + type: string + description: Timestamp that shows when a source health check was last performed. + example: 2021-09-28T15:48:29.380Z + connectorId: + type: string + description: Connector ID + example: active-directory + connectorName: + type: string + description: Name of the connector that was chosen during source creation. + example: Active Directory + connectionType: + type: string + description: Type of connection (direct or file). + example: file + connectorImplementationId: + type: string + description: Connector implementation ID. + example: delimited-file + created: + type: string + description: Date-time when the source was created + format: date-time + example: 2022-02-08T14:50:03.827Z + modified: + type: string + description: Date-time when the source was last modified. + format: date-time + example: 2024-01-23T18:08:50.897Z + credentialProviderEnabled: + type: boolean + description: 'If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.' + default: false + example: false + category: + type: string + nullable: true + default: null + description: 'Source category (e.g. null, CredentialProvider).' + example: CredentialProvider + required: + - name + - owner + - connector + responses: + '201': + description: 'Created Source object. Any passwords will only show the the encrypted cipher-text, as they are not decrypt-able in IdentityNow cloud-based services, per IdentityNow security design.' + content: + application/json: + schema: + type: object + properties: + id: + type: string + readOnly: true + description: Source ID. + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Source's human-readable name. + example: My Source + description: + type: string + description: Source's human-readable description. + example: This is the corporate directory. + owner: + description: Reference to identity object who owns the source. + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner identity's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Owner identity's human-readable display name. + example: MyName + cluster: + description: Reference to the source's associated cluster. + type: object + nullable: true + required: + - name + - id + - type + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Cluster ID. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Cluster's human-readable display name. + example: Corporate Cluster + accountCorrelationConfig: + description: Reference to account correlation config object. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + example: ACCOUNT_CORRELATION_CONFIG + id: + type: string + description: Account correlation config ID. + example: 2c9180855d191c59015d28583727245a + name: + type: string + description: Account correlation config's human-readable display name. + example: 'Directory [source-62867] Account Correlation' + accountCorrelationRule: + description: Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + managerCorrelationMapping: + allOf: + - type: object + properties: + accountAttributeName: + type: string + description: Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity. + example: manager + identityAttributeName: + type: string + description: Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute. + example: manager + - nullable: true + description: | + Filter object used during manager correlation to match incoming manager values to an existing manager's + account/identity. + managerCorrelationRule: + description: Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + beforeProvisioningRule: + description: 'Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ' + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + schemas: + type: array + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: Schema ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Schema's human-readable display name. + example: MySchema + description: List of references to schema objects. + example: + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232a + name: account + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232b + name: group + passwordPolicies: + type: array + nullable: true + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - PASSWORD_POLICY + example: PASSWORD_POLICY + id: + type: string + description: Policy ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Policy's human-readable display name. + example: My Password Policy + description: List of references to the associated PasswordPolicy objects. + example: + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb053980 + name: Corporate Password Policy + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb057777 + name: Vendor Password Policy + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + connector: + type: string + description: Connector script name. + example: active-directory + connectorClass: + type: string + description: Fully qualified name of the Java class that implements the connector interface. + example: sailpoint.connector.LDAPConnector + connectorAttributes: + type: object + description: Connector specific configuration. This configuration will differ from type to type. + example: + healthCheckTimeout: 30 + authSearchAttributes: + - cn + - uid + - mail + deleteThreshold: + type: integer + format: int32 + description: Number from 0 to 100 that specifies when to skip the delete phase. + example: 10 + authoritative: + type: boolean + description: 'When this is true, it indicates that the source is referenced by an identity profile.' + default: false + example: false + managementWorkgroup: + description: Reference to management workgroup for the source. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: Management workgroup ID. + example: 2c91808568c529c60168cca6f90c2222 + name: + type: string + description: Management workgroup's human-readable display name. + example: My Management Workgroup + healthy: + type: boolean + description: 'When this is true, it indicates that the source is healthy.' + default: false + example: true + status: + type: string + enum: + - SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: 'Status identifier that gives specific information about why a source is or isn''t healthy. ' + example: SOURCE_STATE_HEALTHY + since: + type: string + description: Timestamp that shows when a source health check was last performed. + example: 2021-09-28T15:48:29.380Z + connectorId: + type: string + description: Connector ID + example: active-directory + connectorName: + type: string + description: Name of the connector that was chosen during source creation. + example: Active Directory + connectionType: + type: string + description: Type of connection (direct or file). + example: file + connectorImplementationId: + type: string + description: Connector implementation ID. + example: delimited-file + created: + type: string + description: Date-time when the source was created + format: date-time + example: 2022-02-08T14:50:03.827Z + modified: + type: string + description: Date-time when the source was last modified. + format: date-time + example: 2024-01-23T18:08:50.897Z + credentialProviderEnabled: + type: boolean + description: 'If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.' + default: false + example: false + category: + type: string + nullable: true + default: null + description: 'Source category (e.g. null, CredentialProvider).' + example: CredentialProvider + required: + - name + - owner + - connector + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{id}': + get: + operationId: getSource + security: + - UserContextAuth: + - 'idn:sources:read' + tags: + - Sources + summary: Get Source by ID + description: |- + Use this API to get a source by a specified ID in Identity Security Cloud (ISC). + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Source ID. + example: 2c9180835d191a86015d28455b4a2329 + responses: + '200': + description: Source object. + content: + application/json: + schema: + type: object + properties: + id: + type: string + readOnly: true + description: Source ID. + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Source's human-readable name. + example: My Source + description: + type: string + description: Source's human-readable description. + example: This is the corporate directory. + owner: + description: Reference to identity object who owns the source. + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner identity's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Owner identity's human-readable display name. + example: MyName + cluster: + description: Reference to the source's associated cluster. + type: object + nullable: true + required: + - name + - id + - type + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Cluster ID. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Cluster's human-readable display name. + example: Corporate Cluster + accountCorrelationConfig: + description: Reference to account correlation config object. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + example: ACCOUNT_CORRELATION_CONFIG + id: + type: string + description: Account correlation config ID. + example: 2c9180855d191c59015d28583727245a + name: + type: string + description: Account correlation config's human-readable display name. + example: 'Directory [source-62867] Account Correlation' + accountCorrelationRule: + description: Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + managerCorrelationMapping: + allOf: + - type: object + properties: + accountAttributeName: + type: string + description: Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity. + example: manager + identityAttributeName: + type: string + description: Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute. + example: manager + - nullable: true + description: | + Filter object used during manager correlation to match incoming manager values to an existing manager's + account/identity. + managerCorrelationRule: + description: Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + beforeProvisioningRule: + description: 'Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ' + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + schemas: + type: array + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: Schema ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Schema's human-readable display name. + example: MySchema + description: List of references to schema objects. + example: + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232a + name: account + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232b + name: group + passwordPolicies: + type: array + nullable: true + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - PASSWORD_POLICY + example: PASSWORD_POLICY + id: + type: string + description: Policy ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Policy's human-readable display name. + example: My Password Policy + description: List of references to the associated PasswordPolicy objects. + example: + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb053980 + name: Corporate Password Policy + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb057777 + name: Vendor Password Policy + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + connector: + type: string + description: Connector script name. + example: active-directory + connectorClass: + type: string + description: Fully qualified name of the Java class that implements the connector interface. + example: sailpoint.connector.LDAPConnector + connectorAttributes: + type: object + description: Connector specific configuration. This configuration will differ from type to type. + example: + healthCheckTimeout: 30 + authSearchAttributes: + - cn + - uid + - mail + deleteThreshold: + type: integer + format: int32 + description: Number from 0 to 100 that specifies when to skip the delete phase. + example: 10 + authoritative: + type: boolean + description: 'When this is true, it indicates that the source is referenced by an identity profile.' + default: false + example: false + managementWorkgroup: + description: Reference to management workgroup for the source. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: Management workgroup ID. + example: 2c91808568c529c60168cca6f90c2222 + name: + type: string + description: Management workgroup's human-readable display name. + example: My Management Workgroup + healthy: + type: boolean + description: 'When this is true, it indicates that the source is healthy.' + default: false + example: true + status: + type: string + enum: + - SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: 'Status identifier that gives specific information about why a source is or isn''t healthy. ' + example: SOURCE_STATE_HEALTHY + since: + type: string + description: Timestamp that shows when a source health check was last performed. + example: 2021-09-28T15:48:29.380Z + connectorId: + type: string + description: Connector ID + example: active-directory + connectorName: + type: string + description: Name of the connector that was chosen during source creation. + example: Active Directory + connectionType: + type: string + description: Type of connection (direct or file). + example: file + connectorImplementationId: + type: string + description: Connector implementation ID. + example: delimited-file + created: + type: string + description: Date-time when the source was created + format: date-time + example: 2022-02-08T14:50:03.827Z + modified: + type: string + description: Date-time when the source was last modified. + format: date-time + example: 2024-01-23T18:08:50.897Z + credentialProviderEnabled: + type: boolean + description: 'If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.' + default: false + example: false + category: + type: string + nullable: true + default: null + description: 'Source category (e.g. null, CredentialProvider).' + example: CredentialProvider + required: + - name + - owner + - connector + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putSource + security: + - UserContextAuth: + - 'idn:sources:manage' + tags: + - Sources + summary: Update Source (Full) + description: | + Use this API to update a source in Identity Security Cloud (ISC), using a full object representation. This means that when you use this API, it completely replaces the existing source configuration. + + These fields are immutable, so they cannot be changed: + + * id + * type + * authoritative + * connector + * connectorClass + * passwordPolicies + + Attempts to modify these fields will result in a 400 error. + + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Source ID. + example: 2c9180835d191a86015d28455b4a2329 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + readOnly: true + description: Source ID. + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Source's human-readable name. + example: My Source + description: + type: string + description: Source's human-readable description. + example: This is the corporate directory. + owner: + description: Reference to identity object who owns the source. + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner identity's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Owner identity's human-readable display name. + example: MyName + cluster: + description: Reference to the source's associated cluster. + type: object + nullable: true + required: + - name + - id + - type + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Cluster ID. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Cluster's human-readable display name. + example: Corporate Cluster + accountCorrelationConfig: + description: Reference to account correlation config object. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + example: ACCOUNT_CORRELATION_CONFIG + id: + type: string + description: Account correlation config ID. + example: 2c9180855d191c59015d28583727245a + name: + type: string + description: Account correlation config's human-readable display name. + example: 'Directory [source-62867] Account Correlation' + accountCorrelationRule: + description: Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + managerCorrelationMapping: + allOf: + - type: object + properties: + accountAttributeName: + type: string + description: Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity. + example: manager + identityAttributeName: + type: string + description: Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute. + example: manager + - nullable: true + description: | + Filter object used during manager correlation to match incoming manager values to an existing manager's + account/identity. + managerCorrelationRule: + description: Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + beforeProvisioningRule: + description: 'Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ' + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + schemas: + type: array + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: Schema ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Schema's human-readable display name. + example: MySchema + description: List of references to schema objects. + example: + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232a + name: account + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232b + name: group + passwordPolicies: + type: array + nullable: true + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - PASSWORD_POLICY + example: PASSWORD_POLICY + id: + type: string + description: Policy ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Policy's human-readable display name. + example: My Password Policy + description: List of references to the associated PasswordPolicy objects. + example: + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb053980 + name: Corporate Password Policy + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb057777 + name: Vendor Password Policy + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + connector: + type: string + description: Connector script name. + example: active-directory + connectorClass: + type: string + description: Fully qualified name of the Java class that implements the connector interface. + example: sailpoint.connector.LDAPConnector + connectorAttributes: + type: object + description: Connector specific configuration. This configuration will differ from type to type. + example: + healthCheckTimeout: 30 + authSearchAttributes: + - cn + - uid + - mail + deleteThreshold: + type: integer + format: int32 + description: Number from 0 to 100 that specifies when to skip the delete phase. + example: 10 + authoritative: + type: boolean + description: 'When this is true, it indicates that the source is referenced by an identity profile.' + default: false + example: false + managementWorkgroup: + description: Reference to management workgroup for the source. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: Management workgroup ID. + example: 2c91808568c529c60168cca6f90c2222 + name: + type: string + description: Management workgroup's human-readable display name. + example: My Management Workgroup + healthy: + type: boolean + description: 'When this is true, it indicates that the source is healthy.' + default: false + example: true + status: + type: string + enum: + - SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: 'Status identifier that gives specific information about why a source is or isn''t healthy. ' + example: SOURCE_STATE_HEALTHY + since: + type: string + description: Timestamp that shows when a source health check was last performed. + example: 2021-09-28T15:48:29.380Z + connectorId: + type: string + description: Connector ID + example: active-directory + connectorName: + type: string + description: Name of the connector that was chosen during source creation. + example: Active Directory + connectionType: + type: string + description: Type of connection (direct or file). + example: file + connectorImplementationId: + type: string + description: Connector implementation ID. + example: delimited-file + created: + type: string + description: Date-time when the source was created + format: date-time + example: 2022-02-08T14:50:03.827Z + modified: + type: string + description: Date-time when the source was last modified. + format: date-time + example: 2024-01-23T18:08:50.897Z + credentialProviderEnabled: + type: boolean + description: 'If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.' + default: false + example: false + category: + type: string + nullable: true + default: null + description: 'Source category (e.g. null, CredentialProvider).' + example: CredentialProvider + required: + - name + - owner + - connector + responses: + '200': + description: 'Updated Source object. Any passwords will only show the the encrypted cipher-text so that they aren''t decryptable in Identity Security Cloud (ISC) cloud-based services, per ISC security design.' + content: + application/json: + schema: + type: object + properties: + id: + type: string + readOnly: true + description: Source ID. + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Source's human-readable name. + example: My Source + description: + type: string + description: Source's human-readable description. + example: This is the corporate directory. + owner: + description: Reference to identity object who owns the source. + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner identity's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Owner identity's human-readable display name. + example: MyName + cluster: + description: Reference to the source's associated cluster. + type: object + nullable: true + required: + - name + - id + - type + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Cluster ID. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Cluster's human-readable display name. + example: Corporate Cluster + accountCorrelationConfig: + description: Reference to account correlation config object. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + example: ACCOUNT_CORRELATION_CONFIG + id: + type: string + description: Account correlation config ID. + example: 2c9180855d191c59015d28583727245a + name: + type: string + description: Account correlation config's human-readable display name. + example: 'Directory [source-62867] Account Correlation' + accountCorrelationRule: + description: Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + managerCorrelationMapping: + allOf: + - type: object + properties: + accountAttributeName: + type: string + description: Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity. + example: manager + identityAttributeName: + type: string + description: Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute. + example: manager + - nullable: true + description: | + Filter object used during manager correlation to match incoming manager values to an existing manager's + account/identity. + managerCorrelationRule: + description: Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + beforeProvisioningRule: + description: 'Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ' + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + schemas: + type: array + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: Schema ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Schema's human-readable display name. + example: MySchema + description: List of references to schema objects. + example: + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232a + name: account + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232b + name: group + passwordPolicies: + type: array + nullable: true + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - PASSWORD_POLICY + example: PASSWORD_POLICY + id: + type: string + description: Policy ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Policy's human-readable display name. + example: My Password Policy + description: List of references to the associated PasswordPolicy objects. + example: + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb053980 + name: Corporate Password Policy + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb057777 + name: Vendor Password Policy + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + connector: + type: string + description: Connector script name. + example: active-directory + connectorClass: + type: string + description: Fully qualified name of the Java class that implements the connector interface. + example: sailpoint.connector.LDAPConnector + connectorAttributes: + type: object + description: Connector specific configuration. This configuration will differ from type to type. + example: + healthCheckTimeout: 30 + authSearchAttributes: + - cn + - uid + - mail + deleteThreshold: + type: integer + format: int32 + description: Number from 0 to 100 that specifies when to skip the delete phase. + example: 10 + authoritative: + type: boolean + description: 'When this is true, it indicates that the source is referenced by an identity profile.' + default: false + example: false + managementWorkgroup: + description: Reference to management workgroup for the source. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: Management workgroup ID. + example: 2c91808568c529c60168cca6f90c2222 + name: + type: string + description: Management workgroup's human-readable display name. + example: My Management Workgroup + healthy: + type: boolean + description: 'When this is true, it indicates that the source is healthy.' + default: false + example: true + status: + type: string + enum: + - SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: 'Status identifier that gives specific information about why a source is or isn''t healthy. ' + example: SOURCE_STATE_HEALTHY + since: + type: string + description: Timestamp that shows when a source health check was last performed. + example: 2021-09-28T15:48:29.380Z + connectorId: + type: string + description: Connector ID + example: active-directory + connectorName: + type: string + description: Name of the connector that was chosen during source creation. + example: Active Directory + connectionType: + type: string + description: Type of connection (direct or file). + example: file + connectorImplementationId: + type: string + description: Connector implementation ID. + example: delimited-file + created: + type: string + description: Date-time when the source was created + format: date-time + example: 2022-02-08T14:50:03.827Z + modified: + type: string + description: Date-time when the source was last modified. + format: date-time + example: 2024-01-23T18:08:50.897Z + credentialProviderEnabled: + type: boolean + description: 'If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.' + default: false + example: false + category: + type: string + nullable: true + default: null + description: 'Source category (e.g. null, CredentialProvider).' + example: CredentialProvider + required: + - name + - owner + - connector + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: updateSource + security: + - UserContextAuth: + - 'idn:sources:manage' + tags: + - Sources + summary: Update Source (Partial) + description: | + Use this API to partially update a source in Identity Security Cloud (ISC), using a list of patch operations according to the + [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. + + These fields are immutable, so they cannot be changed: + + * id + * type + * authoritative + * created + * modified + * connector + * connectorClass + * passwordPolicies + + Attempts to modify these fields will result in a 400 error. + + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or API authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Source ID. + example: 2c9180835d191a86015d28455b4a2329 + requestBody: + required: true + description: 'A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Any password changes are submitted as plain-text and encrypted upon receipt in Identity Security Cloud (ISC).' + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + examples: + Edit the source description: + description: This example shows how to edit a source description. + value: + - op: replace + path: /description + value: new description + Edit the source cluster: + description: This example shows how to edit a source cluster by ID. + value: + - op: replace + path: /cluster/id + value: 2c918087813a902001813f3f85736b45 + Edit source features: + description: This example illustrates how you can update source supported features. + value: + - op: replace + path: /features + value: + - PASSWORD + - PROVISIONING + - ENABLE + - AUTHENTICATE + Change a source description and cluster in one call: + description: This example shows how multiple fields may be updated with a single PATCH call. + value: + - op: replace + path: /description + value: new description + - op: replace + path: /cluster/id + value: 2c918087813a902001813f3f85736b45 + Add a filter string to the connector: + description: 'This example shows how you can add a filter to incoming accounts during the account aggregation process. In the example, any account that does not have an "m" or "d" in the ID will be aggregated.' + value: + - op: add + path: /connectorAttributes/filterString + value: '!( id.contains( "m" ) ) || !( id.contains( "d" ) )' + Update connector attribute for specific operation type: + description: This example shows how you can update the 3rd object in the connection parameter's `operationType`. This changes it from a standard group aggregation to a group aggregation on the "test" entitlement type. + value: + - op: replace + path: /connectorAttributes/connectionParameters/2/operationType + value: Group Aggregation-test + Enable notifications for new account provisioning on a source: + description: This example shows how you can configure and enable email notifications that will send when new accounts are provisioned on a source. + value: + - op: replace + path: /connectorAttributes/accountCreateNotification + value: + notifyList: + - Distribution.list@demo.com + notifyAccountOwner: true + enabled: true + notifyAccountOwnerAltEmail: false + responses: + '200': + description: 'Updated Source object. Any passwords will only show the the encrypted cipher-text so that they aren''t decryptable in Identity Security Cloud (ISC) cloud-based services, per ISC security design.' + content: + application/json: + schema: + type: object + properties: + id: + type: string + readOnly: true + description: Source ID. + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Source's human-readable name. + example: My Source + description: + type: string + description: Source's human-readable description. + example: This is the corporate directory. + owner: + description: Reference to identity object who owns the source. + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner identity's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Owner identity's human-readable display name. + example: MyName + cluster: + description: Reference to the source's associated cluster. + type: object + nullable: true + required: + - name + - id + - type + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Cluster ID. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Cluster's human-readable display name. + example: Corporate Cluster + accountCorrelationConfig: + description: Reference to account correlation config object. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + example: ACCOUNT_CORRELATION_CONFIG + id: + type: string + description: Account correlation config ID. + example: 2c9180855d191c59015d28583727245a + name: + type: string + description: Account correlation config's human-readable display name. + example: 'Directory [source-62867] Account Correlation' + accountCorrelationRule: + description: Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + managerCorrelationMapping: + allOf: + - type: object + properties: + accountAttributeName: + type: string + description: Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity. + example: manager + identityAttributeName: + type: string + description: Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute. + example: manager + - nullable: true + description: | + Filter object used during manager correlation to match incoming manager values to an existing manager's + account/identity. + managerCorrelationRule: + description: Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + beforeProvisioningRule: + description: 'Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ' + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + schemas: + type: array + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: Schema ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Schema's human-readable display name. + example: MySchema + description: List of references to schema objects. + example: + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232a + name: account + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232b + name: group + passwordPolicies: + type: array + nullable: true + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - PASSWORD_POLICY + example: PASSWORD_POLICY + id: + type: string + description: Policy ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Policy's human-readable display name. + example: My Password Policy + description: List of references to the associated PasswordPolicy objects. + example: + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb053980 + name: Corporate Password Policy + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb057777 + name: Vendor Password Policy + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + connector: + type: string + description: Connector script name. + example: active-directory + connectorClass: + type: string + description: Fully qualified name of the Java class that implements the connector interface. + example: sailpoint.connector.LDAPConnector + connectorAttributes: + type: object + description: Connector specific configuration. This configuration will differ from type to type. + example: + healthCheckTimeout: 30 + authSearchAttributes: + - cn + - uid + - mail + deleteThreshold: + type: integer + format: int32 + description: Number from 0 to 100 that specifies when to skip the delete phase. + example: 10 + authoritative: + type: boolean + description: 'When this is true, it indicates that the source is referenced by an identity profile.' + default: false + example: false + managementWorkgroup: + description: Reference to management workgroup for the source. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: Management workgroup ID. + example: 2c91808568c529c60168cca6f90c2222 + name: + type: string + description: Management workgroup's human-readable display name. + example: My Management Workgroup + healthy: + type: boolean + description: 'When this is true, it indicates that the source is healthy.' + default: false + example: true + status: + type: string + enum: + - SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: 'Status identifier that gives specific information about why a source is or isn''t healthy. ' + example: SOURCE_STATE_HEALTHY + since: + type: string + description: Timestamp that shows when a source health check was last performed. + example: 2021-09-28T15:48:29.380Z + connectorId: + type: string + description: Connector ID + example: active-directory + connectorName: + type: string + description: Name of the connector that was chosen during source creation. + example: Active Directory + connectionType: + type: string + description: Type of connection (direct or file). + example: file + connectorImplementationId: + type: string + description: Connector implementation ID. + example: delimited-file + created: + type: string + description: Date-time when the source was created + format: date-time + example: 2022-02-08T14:50:03.827Z + modified: + type: string + description: Date-time when the source was last modified. + format: date-time + example: 2024-01-23T18:08:50.897Z + credentialProviderEnabled: + type: boolean + description: 'If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.' + default: false + example: false + category: + type: string + nullable: true + default: null + description: 'Source category (e.g. null, CredentialProvider).' + example: CredentialProvider + required: + - name + - owner + - connector + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteSource + security: + - UserContextAuth: + - 'idn:sources:manage' + tags: + - Sources + summary: Delete Source by ID + description: |- + Use this API to delete a specific source in Identity Security Cloud (ISC). + The API removes all the accounts on the source first, and then it deletes the source. You can retrieve the actual task execution status with this method: GET `/task-status/{id}` + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Source ID. + example: 2c9180835d191a86015d28455b4a2329 + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - TASK_RESULT + example: TASK_RESULT + id: + type: string + description: Task result ID. + example: 2c91808779ecf55b0179f720942f181a + name: + type: string + description: Task result's human-readable display name (this should be null/empty). + example: null + examples: + deleteSource: + summary: Response returned when a source is being deleted. + value: + type: TASK_RESULT + id: 2c91808779ecf55b0179f720942f181a + name: null + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/provisioning-policies': + get: + operationId: listProvisioningPolicies + tags: + - Sources + summary: Lists ProvisioningPolicies + description: |- + This end-point lists all the ProvisioningPolicies in IdentityNow. + A token with API, or ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:provisioning-policy:read' + - 'idn:provisioning-policy:manage' + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id + example: 2c9180835d191a86015d28455b4a2329 + responses: + '200': + description: List of ProvisioningPolicyDto objects + content: + application/json: + schema: + type: array + items: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createProvisioningPolicy + tags: + - Sources + summary: Create Provisioning Policy + description: |- + This API generates a create policy/template based on field value transforms. This API is intended for use when setting up JDBC Provisioning type sources, but it will also work on other source types. + Transforms can be used in the provisioning policy to create a new attribute that you only need during provisioning. + Refer to [Transforms in Provisioning Policies](https://developer.sailpoint.com/idn/docs/transforms/guides/transforms-in-provisioning-policies) for more information. + A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:provisioning-policy:manage' + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id + example: 2c9180835d191a86015d28455b4a2329 + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + examples: + Create Account Provisioning Policy: + value: + name: Account + description: Account Provisioning Policy + usageType: CREATE + fields: + - name: displayName + transform: + type: identityAttribute + attributes: + name: displayName + attributes: {} + isRequired: false + type: string + isMultiValued: false + - name: distinguishedName + transform: + type: usernameGenerator + attributes: + sourceCheck: true + patterns: + - 'CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + - 'CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + - 'CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + - 'CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + fn: + type: identityAttribute + attributes: + name: firstname + ln: + type: identityAttribute + attributes: + name: lastname + fi: + type: substring + attributes: + input: + type: identityAttribute + attributes: + name: firstname + begin: 0 + end: 1 + fti: + type: substring + attributes: + input: + type: identityAttribute + attributes: + name: firstname + begin: 0 + end: 2 + attributes: + cloudMaxUniqueChecks: '5' + cloudMaxSize: '100' + cloudRequired: 'true' + isRequired: false + type: '' + isMultiValued: false + - name: description + transform: + type: static + attributes: + value: '' + attributes: {} + isRequired: false + type: string + isMultiValued: false + responses: + '201': + description: Created ProvisioningPolicyDto object + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/provisioning-policies/{usageType}': + get: + operationId: getProvisioningPolicy + tags: + - Sources + summary: Get Provisioning Policy by UsageType + description: |- + This end-point retrieves the ProvisioningPolicy with the specified usage on the specified Source in IdentityNow. + A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:provisioning-policy:read' + - 'idn:provisioning-policy-source:read' + - 'idn:provisioning-policy:manage' + - 'idn:provisioning-policy-source-admin-operations:manage' + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source ID. + example: 2c9180835d191a86015d28455b4a2329 + - in: path + name: usageType + required: true + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + example: CREATE + schema: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + responses: + '200': + description: The requested ProvisioningPolicyDto was successfully retrieved. + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putProvisioningPolicy + tags: + - Sources + summary: Update Provisioning Policy by UsageType + description: |- + This end-point updates the provisioning policy with the specified usage on the specified source in IdentityNow. + Transforms can be used in the provisioning policy to create a new attribute that you only need during provisioning. + Refer to [Transforms in Provisioning Policies](https://developer.sailpoint.com/idn/docs/transforms/guides/transforms-in-provisioning-policies) for more information. + A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:provisioning-policy:manage' + - 'idn:provisioning-policy-source-admin-operations:manage' + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source ID. + example: 2c9180835d191a86015d28455b4a2329 + - in: path + name: usageType + required: true + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + example: CREATE + schema: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + responses: + '200': + description: The ProvisioningPolicyDto was successfully replaced. + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: updateProvisioningPolicy + tags: + - Sources + summary: Partial update of Provisioning Policy + description: |- + This API selectively updates an existing Provisioning Policy using a JSONPatch payload. + Transforms can be used in the provisioning policy to create a new attribute that you only need during provisioning. + Refer to [Transforms in Provisioning Policies](https://developer.sailpoint.com/idn/docs/transforms/guides/transforms-in-provisioning-policies) for more information. + A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:provisioning-policy:update' + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id. + example: 2c9180835d191a86015d28455b4a2329 + - in: path + name: usageType + required: true + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + example: CREATE + schema: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + requestBody: + required: true + description: The JSONPatch payload used to update the schema. + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + examples: + add-field: + summary: Add a field to the beginning of the list + value: + - op: add + path: /fields/0 + value: + name: email + transform: + type: identityAttribute + attributes: + name: email + attributes: {} + isRequired: false + type: string + isMultiValued: false + responses: + '200': + description: The ProvisioningPolicyDto was successfully updated. + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteProvisioningPolicy + tags: + - Sources + summary: Delete Provisioning Policy by UsageType + description: |- + Deletes the provisioning policy with the specified usage on an application. + A token with API, or ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:provisioning-policy:manage' + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source ID. + example: 2c9180835d191a86015d28455b4a2329 + - in: path + name: usageType + required: true + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + example: CREATE + schema: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + responses: + '204': + description: The ProvisioningPolicyDto was successfully deleted. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/provisioning-policies/bulk-update': + post: + operationId: updateProvisioningPoliciesInBulk + tags: + - Sources + summary: Bulk Update Provisioning Policies + description: |- + This end-point updates a list of provisioning policies on the specified source in IdentityNow. + A token with API, or ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:provisioning-policy:manage' + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id. + example: 2c9180835d191a86015d28455b4a2329 + requestBody: + required: true + content: + application/json: + schema: + type: array + items: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + responses: + '200': + description: A list of the ProvisioningPolicyDto was successfully replaced. + content: + application/json: + schema: + type: array + items: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/schemas': + get: + operationId: getSourceSchemas + tags: + - Sources + summary: List Schemas on Source + description: | + Use this API to list the schemas that exist on the specified source in Identity Security Cloud (ISC). + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: Source ID. + example: 2c9180835d191a86015d28455b4a2329 + - in: query + name: include-types + required: false + schema: + type: string + enum: + - group + - user + description: 'If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ' + example: group + responses: + '200': + description: The schemas were successfully retrieved. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The id of the Schema. + example: 2c9180835d191a86015d28455b4a2329 + name: + type: string + description: The name of the Schema. + example: account + nativeObjectType: + type: string + description: The name of the object type on the native system that the schema represents. + example: User + identityAttribute: + type: string + description: The name of the attribute used to calculate the unique identifier for an object in the schema. + example: sAMAccountName + displayAttribute: + type: string + description: The name of the attribute used to calculate the display value for an object in the schema. + example: distinguishedName + hierarchyAttribute: + type: string + description: The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. + example: memberOf + includePermissions: + type: boolean + description: Flag indicating whether or not the include permissions with the object data when aggregating the schema. + example: false + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + configuration: + type: object + description: Holds any extra configuration data that the schema may require. + example: + groupMemberAttribute: member + attributes: + type: array + description: The attribute definitions which form the schema. + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: sAMAccountName + type: + description: The type of the attribute. + example: STRING + type: string + enum: + - STRING + - LONG + - INT + - BOOLEAN + schema: + description: A reference to the schema on the source to the attribute values map to. + type: object + properties: + type: + description: The type of object being referenced + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: The object ID this reference applies to. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The human-readable display name of the object. + example: group + description: + type: string + description: A human-readable description of the attribute. + example: SAM Account Name + isMulti: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + example: false + default: false + isEntitlement: + type: boolean + description: Flag indicating whether or not the attribute is an entitlement. + example: false + default: false + isGroup: + type: boolean + description: | + Flag indicating whether or not the attribute represents a group. + This can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute.. + example: false + default: false + example: + - name: sAMAccountName + type: STRING + isMultiValued: false + isEntitlement: false + isGroup: false + - name: memberOf + type: STRING + schema: + type: CONNECTOR_SCHEMA + id: 2c9180887671ff8c01767b4671fc7d60 + name: group + description: Group membership + isMultiValued: true + isEntitlement: true + isGroup: true + created: + type: string + description: The date the Schema was created. + format: date-time + example: '2019-12-24T22:32:58.104Z' + modified: + type: string + description: The date the Schema was last modified. + format: date-time + example: '2019-12-31T20:22:28.104Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createSourceSchema + tags: + - Sources + summary: Create Schema on Source + description: | + Use this API to create a new schema on the specified source in Identity Security Cloud (ISC). + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: Source ID. + example: 2c9180835d191a86015d28455b4a2329 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The id of the Schema. + example: 2c9180835d191a86015d28455b4a2329 + name: + type: string + description: The name of the Schema. + example: account + nativeObjectType: + type: string + description: The name of the object type on the native system that the schema represents. + example: User + identityAttribute: + type: string + description: The name of the attribute used to calculate the unique identifier for an object in the schema. + example: sAMAccountName + displayAttribute: + type: string + description: The name of the attribute used to calculate the display value for an object in the schema. + example: distinguishedName + hierarchyAttribute: + type: string + description: The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. + example: memberOf + includePermissions: + type: boolean + description: Flag indicating whether or not the include permissions with the object data when aggregating the schema. + example: false + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + configuration: + type: object + description: Holds any extra configuration data that the schema may require. + example: + groupMemberAttribute: member + attributes: + type: array + description: The attribute definitions which form the schema. + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: sAMAccountName + type: + description: The type of the attribute. + example: STRING + type: string + enum: + - STRING + - LONG + - INT + - BOOLEAN + schema: + description: A reference to the schema on the source to the attribute values map to. + type: object + properties: + type: + description: The type of object being referenced + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: The object ID this reference applies to. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The human-readable display name of the object. + example: group + description: + type: string + description: A human-readable description of the attribute. + example: SAM Account Name + isMulti: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + example: false + default: false + isEntitlement: + type: boolean + description: Flag indicating whether or not the attribute is an entitlement. + example: false + default: false + isGroup: + type: boolean + description: | + Flag indicating whether or not the attribute represents a group. + This can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute.. + example: false + default: false + example: + - name: sAMAccountName + type: STRING + isMultiValued: false + isEntitlement: false + isGroup: false + - name: memberOf + type: STRING + schema: + type: CONNECTOR_SCHEMA + id: 2c9180887671ff8c01767b4671fc7d60 + name: group + description: Group membership + isMultiValued: true + isEntitlement: true + isGroup: true + created: + type: string + description: The date the Schema was created. + format: date-time + example: '2019-12-24T22:32:58.104Z' + modified: + type: string + description: The date the Schema was last modified. + format: date-time + example: '2019-12-31T20:22:28.104Z' + responses: + '201': + description: The schema was successfully created on the specified source. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The id of the Schema. + example: 2c9180835d191a86015d28455b4a2329 + name: + type: string + description: The name of the Schema. + example: account + nativeObjectType: + type: string + description: The name of the object type on the native system that the schema represents. + example: User + identityAttribute: + type: string + description: The name of the attribute used to calculate the unique identifier for an object in the schema. + example: sAMAccountName + displayAttribute: + type: string + description: The name of the attribute used to calculate the display value for an object in the schema. + example: distinguishedName + hierarchyAttribute: + type: string + description: The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. + example: memberOf + includePermissions: + type: boolean + description: Flag indicating whether or not the include permissions with the object data when aggregating the schema. + example: false + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + configuration: + type: object + description: Holds any extra configuration data that the schema may require. + example: + groupMemberAttribute: member + attributes: + type: array + description: The attribute definitions which form the schema. + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: sAMAccountName + type: + description: The type of the attribute. + example: STRING + type: string + enum: + - STRING + - LONG + - INT + - BOOLEAN + schema: + description: A reference to the schema on the source to the attribute values map to. + type: object + properties: + type: + description: The type of object being referenced + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: The object ID this reference applies to. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The human-readable display name of the object. + example: group + description: + type: string + description: A human-readable description of the attribute. + example: SAM Account Name + isMulti: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + example: false + default: false + isEntitlement: + type: boolean + description: Flag indicating whether or not the attribute is an entitlement. + example: false + default: false + isGroup: + type: boolean + description: | + Flag indicating whether or not the attribute represents a group. + This can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute.. + example: false + default: false + example: + - name: sAMAccountName + type: STRING + isMultiValued: false + isEntitlement: false + isGroup: false + - name: memberOf + type: STRING + schema: + type: CONNECTOR_SCHEMA + id: 2c9180887671ff8c01767b4671fc7d60 + name: group + description: Group membership + isMultiValued: true + isEntitlement: true + isGroup: true + created: + type: string + description: The date the Schema was created. + format: date-time + example: '2019-12-24T22:32:58.104Z' + modified: + type: string + description: The date the Schema was last modified. + format: date-time + example: '2019-12-31T20:22:28.104Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/schemas/{schemaId}': + get: + operationId: getSourceSchema + tags: + - Sources + summary: Get Source Schema by ID + description: | + Get the Source Schema by ID in IdentityNow. + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id. + example: 2c9180835d191a86015d28455b4a2329 + - in: path + name: schemaId + schema: + type: string + required: true + description: The Schema id. + example: 2c9180835d191a86015d28455b4a2329 + responses: + '200': + description: The requested Schema was successfully retrieved. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The id of the Schema. + example: 2c9180835d191a86015d28455b4a2329 + name: + type: string + description: The name of the Schema. + example: account + nativeObjectType: + type: string + description: The name of the object type on the native system that the schema represents. + example: User + identityAttribute: + type: string + description: The name of the attribute used to calculate the unique identifier for an object in the schema. + example: sAMAccountName + displayAttribute: + type: string + description: The name of the attribute used to calculate the display value for an object in the schema. + example: distinguishedName + hierarchyAttribute: + type: string + description: The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. + example: memberOf + includePermissions: + type: boolean + description: Flag indicating whether or not the include permissions with the object data when aggregating the schema. + example: false + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + configuration: + type: object + description: Holds any extra configuration data that the schema may require. + example: + groupMemberAttribute: member + attributes: + type: array + description: The attribute definitions which form the schema. + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: sAMAccountName + type: + description: The type of the attribute. + example: STRING + type: string + enum: + - STRING + - LONG + - INT + - BOOLEAN + schema: + description: A reference to the schema on the source to the attribute values map to. + type: object + properties: + type: + description: The type of object being referenced + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: The object ID this reference applies to. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The human-readable display name of the object. + example: group + description: + type: string + description: A human-readable description of the attribute. + example: SAM Account Name + isMulti: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + example: false + default: false + isEntitlement: + type: boolean + description: Flag indicating whether or not the attribute is an entitlement. + example: false + default: false + isGroup: + type: boolean + description: | + Flag indicating whether or not the attribute represents a group. + This can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute.. + example: false + default: false + example: + - name: sAMAccountName + type: STRING + isMultiValued: false + isEntitlement: false + isGroup: false + - name: memberOf + type: STRING + schema: + type: CONNECTOR_SCHEMA + id: 2c9180887671ff8c01767b4671fc7d60 + name: group + description: Group membership + isMultiValued: true + isEntitlement: true + isGroup: true + created: + type: string + description: The date the Schema was created. + format: date-time + example: '2019-12-24T22:32:58.104Z' + modified: + type: string + description: The date the Schema was last modified. + format: date-time + example: '2019-12-31T20:22:28.104Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putSourceSchema + tags: + - Sources + summary: Update Source Schema (Full) + description: | + This API will completely replace an existing Schema with the submitted payload. Some fields of the Schema cannot be updated. These fields are listed below. + + * id + * name + * created + * modified + + Any attempt to modify these fields will result in an error response with a status code of 400. + + > `id` must remain in the request body, but it cannot be changed. If `id` is omitted from the request body, the result will be a 400 error. + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id. + example: 2c9180835d191a86015d28455b4a2329 + - in: path + name: schemaId + schema: + type: string + required: true + description: The Schema id. + example: 2c9180835d191a86015d28455b4a2329 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The id of the Schema. + example: 2c9180835d191a86015d28455b4a2329 + name: + type: string + description: The name of the Schema. + example: account + nativeObjectType: + type: string + description: The name of the object type on the native system that the schema represents. + example: User + identityAttribute: + type: string + description: The name of the attribute used to calculate the unique identifier for an object in the schema. + example: sAMAccountName + displayAttribute: + type: string + description: The name of the attribute used to calculate the display value for an object in the schema. + example: distinguishedName + hierarchyAttribute: + type: string + description: The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. + example: memberOf + includePermissions: + type: boolean + description: Flag indicating whether or not the include permissions with the object data when aggregating the schema. + example: false + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + configuration: + type: object + description: Holds any extra configuration data that the schema may require. + example: + groupMemberAttribute: member + attributes: + type: array + description: The attribute definitions which form the schema. + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: sAMAccountName + type: + description: The type of the attribute. + example: STRING + type: string + enum: + - STRING + - LONG + - INT + - BOOLEAN + schema: + description: A reference to the schema on the source to the attribute values map to. + type: object + properties: + type: + description: The type of object being referenced + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: The object ID this reference applies to. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The human-readable display name of the object. + example: group + description: + type: string + description: A human-readable description of the attribute. + example: SAM Account Name + isMulti: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + example: false + default: false + isEntitlement: + type: boolean + description: Flag indicating whether or not the attribute is an entitlement. + example: false + default: false + isGroup: + type: boolean + description: | + Flag indicating whether or not the attribute represents a group. + This can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute.. + example: false + default: false + example: + - name: sAMAccountName + type: STRING + isMultiValued: false + isEntitlement: false + isGroup: false + - name: memberOf + type: STRING + schema: + type: CONNECTOR_SCHEMA + id: 2c9180887671ff8c01767b4671fc7d60 + name: group + description: Group membership + isMultiValued: true + isEntitlement: true + isGroup: true + created: + type: string + description: The date the Schema was created. + format: date-time + example: '2019-12-24T22:32:58.104Z' + modified: + type: string + description: The date the Schema was last modified. + format: date-time + example: '2019-12-31T20:22:28.104Z' + responses: + '200': + description: The Schema was successfully replaced. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The id of the Schema. + example: 2c9180835d191a86015d28455b4a2329 + name: + type: string + description: The name of the Schema. + example: account + nativeObjectType: + type: string + description: The name of the object type on the native system that the schema represents. + example: User + identityAttribute: + type: string + description: The name of the attribute used to calculate the unique identifier for an object in the schema. + example: sAMAccountName + displayAttribute: + type: string + description: The name of the attribute used to calculate the display value for an object in the schema. + example: distinguishedName + hierarchyAttribute: + type: string + description: The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. + example: memberOf + includePermissions: + type: boolean + description: Flag indicating whether or not the include permissions with the object data when aggregating the schema. + example: false + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + configuration: + type: object + description: Holds any extra configuration data that the schema may require. + example: + groupMemberAttribute: member + attributes: + type: array + description: The attribute definitions which form the schema. + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: sAMAccountName + type: + description: The type of the attribute. + example: STRING + type: string + enum: + - STRING + - LONG + - INT + - BOOLEAN + schema: + description: A reference to the schema on the source to the attribute values map to. + type: object + properties: + type: + description: The type of object being referenced + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: The object ID this reference applies to. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The human-readable display name of the object. + example: group + description: + type: string + description: A human-readable description of the attribute. + example: SAM Account Name + isMulti: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + example: false + default: false + isEntitlement: + type: boolean + description: Flag indicating whether or not the attribute is an entitlement. + example: false + default: false + isGroup: + type: boolean + description: | + Flag indicating whether or not the attribute represents a group. + This can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute.. + example: false + default: false + example: + - name: sAMAccountName + type: STRING + isMultiValued: false + isEntitlement: false + isGroup: false + - name: memberOf + type: STRING + schema: + type: CONNECTOR_SCHEMA + id: 2c9180887671ff8c01767b4671fc7d60 + name: group + description: Group membership + isMultiValued: true + isEntitlement: true + isGroup: true + created: + type: string + description: The date the Schema was created. + format: date-time + example: '2019-12-24T22:32:58.104Z' + modified: + type: string + description: The date the Schema was last modified. + format: date-time + example: '2019-12-31T20:22:28.104Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: updateSourceSchema + tags: + - Sources + summary: Update Source Schema (Partial) + description: | + Use this API to selectively update an existing Schema using a JSONPatch payload. + + The following schema fields are immutable and cannot be updated: + + - id + - name + - created + - modified + + + To switch an account attribute to a group entitlement, you need to have the following in place: + + - `isEntitlement: true` + - Must define a schema for the group and [add it to the source](https://developer.sailpoint.com/idn/api/v3/create-source-schema) before updating the `isGroup` flag. For example, here is the `group` account attribute referencing a schema that defines the group: + ```json + { + "name": "groups", + "type": "STRING", + "schema": { + "type": "CONNECTOR_SCHEMA", + "id": "2c9180887671ff8c01767b4671fc7d60", + "name": "group" + }, + "description": "The groups, roles etc. that reference account group objects", + "isMulti": true, + "isEntitlement": true, + "isGroup": true + } + ``` + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id. + example: 2c9180835d191a86015d28455b4a2329 + - in: path + name: schemaId + schema: + type: string + required: true + description: The Schema id. + example: 2c9180835d191a86015d28455b4a2329 + requestBody: + required: true + description: The JSONPatch payload used to update the schema. + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + examples: + add-attribute: + summary: Add an attribute to the end of the list + value: + - op: add + path: /attributes/- + value: + name: location + type: STRING + schema: null + description: Employee location + isMulti: false + isEntitlement: false + isGroup: false + responses: + '200': + description: The Schema was successfully updated. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The id of the Schema. + example: 2c9180835d191a86015d28455b4a2329 + name: + type: string + description: The name of the Schema. + example: account + nativeObjectType: + type: string + description: The name of the object type on the native system that the schema represents. + example: User + identityAttribute: + type: string + description: The name of the attribute used to calculate the unique identifier for an object in the schema. + example: sAMAccountName + displayAttribute: + type: string + description: The name of the attribute used to calculate the display value for an object in the schema. + example: distinguishedName + hierarchyAttribute: + type: string + description: The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. + example: memberOf + includePermissions: + type: boolean + description: Flag indicating whether or not the include permissions with the object data when aggregating the schema. + example: false + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + configuration: + type: object + description: Holds any extra configuration data that the schema may require. + example: + groupMemberAttribute: member + attributes: + type: array + description: The attribute definitions which form the schema. + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: sAMAccountName + type: + description: The type of the attribute. + example: STRING + type: string + enum: + - STRING + - LONG + - INT + - BOOLEAN + schema: + description: A reference to the schema on the source to the attribute values map to. + type: object + properties: + type: + description: The type of object being referenced + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: The object ID this reference applies to. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The human-readable display name of the object. + example: group + description: + type: string + description: A human-readable description of the attribute. + example: SAM Account Name + isMulti: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + example: false + default: false + isEntitlement: + type: boolean + description: Flag indicating whether or not the attribute is an entitlement. + example: false + default: false + isGroup: + type: boolean + description: | + Flag indicating whether or not the attribute represents a group. + This can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute.. + example: false + default: false + example: + - name: sAMAccountName + type: STRING + isMultiValued: false + isEntitlement: false + isGroup: false + - name: memberOf + type: STRING + schema: + type: CONNECTOR_SCHEMA + id: 2c9180887671ff8c01767b4671fc7d60 + name: group + description: Group membership + isMultiValued: true + isEntitlement: true + isGroup: true + created: + type: string + description: The date the Schema was created. + format: date-time + example: '2019-12-24T22:32:58.104Z' + modified: + type: string + description: The date the Schema was last modified. + format: date-time + example: '2019-12-31T20:22:28.104Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteSourceSchema + tags: + - Sources + summary: Delete Source Schema by ID + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id. + example: 2c9180835d191a86015d28455b4a2329 + - in: path + name: schemaId + schema: + type: string + required: true + description: The Schema id. + example: 2c9180835d191a86015d28455b4a2329 + responses: + '204': + description: The Schema was successfully deleted. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/source-health': + get: + operationId: getSourceHealth + security: + - UserContextAuth: + - 'idn:sources:read' + tags: + - Sources + summary: Fetches source health by id + description: This endpoint fetches source health by source's id + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id. + example: 2c9180835d191a86015d28455b4a2329 + responses: + '200': + description: Fetched source health successfully + content: + application/json: + schema: + type: object + description: Dto for source health data + properties: + id: + type: string + readOnly: true + description: the id of the Source + example: 2c91808568c529c60168cca6f90c1324 + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a Delimited File source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + name: + type: string + description: the name of the source + example: Source1234 + org: + type: string + description: source's org + example: denali-cjh + isAuthoritative: + type: boolean + example: false + description: Is the source authoritative + isCluster: + type: boolean + example: false + description: Is the source in a cluster + hostname: + type: string + example: megapod-useast1-secret-hostname.sailpoint.com + description: source's hostname + pod: + type: string + description: source's pod + example: megapod-useast1 + iqServiceVersion: + type: string + description: The version of the iqService + example: iqVersion123 + status: + type: string + enum: + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: connection test result + example: SOURCE_STATE_UNCHECKED_SOURCE + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{id}/schemas/accounts': + get: + tags: + - Sources + summary: Downloads source accounts schema template + description: |- + This API downloads the CSV schema that defines the account attributes on a source. + >**NOTE: This API is designated only for Delimited File sources.** + operationId: getAccountsSchema + parameters: + - in: path + name: id + required: true + schema: + type: string + description: The Source id + example: 8c190e6787aa4ed9a90bd9d5344523fb + responses: + '200': + description: Successfully downloaded the file + content: + text/csv: + example: 'id,name,givenName,familyName,e-mail,location,manager,groups,startDate,endDate' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:source-schema:read' + post: + tags: + - Sources + summary: Uploads source accounts schema template + description: |- + This API uploads a source schema template file to configure a source's account attributes. + + To retrieve the file to modify and upload, log into Identity Now. + + Click **Admin** -> **Connections** -> **Sources** -> **`{SourceName}`** -> **Import Data** -> **Account Schema** -> **Options** -> **Download Schema** + + >**NOTE: This API is designated only for Delimited File sources.** + operationId: importAccountsSchema + parameters: + - in: path + name: id + required: true + schema: + type: string + description: The Source id + example: 8c190e6787aa4ed9a90bd9d5344523fb + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + properties: + file: + type: string + format: binary + responses: + '200': + description: Successfully uploaded the file + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The id of the Schema. + example: 2c9180835d191a86015d28455b4a2329 + name: + type: string + description: The name of the Schema. + example: account + nativeObjectType: + type: string + description: The name of the object type on the native system that the schema represents. + example: User + identityAttribute: + type: string + description: The name of the attribute used to calculate the unique identifier for an object in the schema. + example: sAMAccountName + displayAttribute: + type: string + description: The name of the attribute used to calculate the display value for an object in the schema. + example: distinguishedName + hierarchyAttribute: + type: string + description: The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. + example: memberOf + includePermissions: + type: boolean + description: Flag indicating whether or not the include permissions with the object data when aggregating the schema. + example: false + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + configuration: + type: object + description: Holds any extra configuration data that the schema may require. + example: + groupMemberAttribute: member + attributes: + type: array + description: The attribute definitions which form the schema. + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: sAMAccountName + type: + description: The type of the attribute. + example: STRING + type: string + enum: + - STRING + - LONG + - INT + - BOOLEAN + schema: + description: A reference to the schema on the source to the attribute values map to. + type: object + properties: + type: + description: The type of object being referenced + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: The object ID this reference applies to. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The human-readable display name of the object. + example: group + description: + type: string + description: A human-readable description of the attribute. + example: SAM Account Name + isMulti: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + example: false + default: false + isEntitlement: + type: boolean + description: Flag indicating whether or not the attribute is an entitlement. + example: false + default: false + isGroup: + type: boolean + description: | + Flag indicating whether or not the attribute represents a group. + This can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute.. + example: false + default: false + example: + - name: sAMAccountName + type: STRING + isMultiValued: false + isEntitlement: false + isGroup: false + - name: memberOf + type: STRING + schema: + type: CONNECTOR_SCHEMA + id: 2c9180887671ff8c01767b4671fc7d60 + name: group + description: Group membership + isMultiValued: true + isEntitlement: true + isGroup: true + created: + type: string + description: The date the Schema was created. + format: date-time + example: '2019-12-24T22:32:58.104Z' + modified: + type: string + description: The date the Schema was last modified. + format: date-time + example: '2019-12-31T20:22:28.104Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:source-schema:manage' + '/sources/{id}/schemas/entitlements': + get: + tags: + - Sources + summary: Downloads source entitlements schema template + description: |- + This API downloads the CSV schema that defines the entitlement attributes on a source. + + >**NOTE: This API is designated only for Delimited File sources.** + operationId: getEntitlementsSchema + parameters: + - in: path + name: id + required: true + schema: + type: string + description: The Source id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: query + name: schemaName + schema: + type: string + description: Name of entitlement schema + example: '?schemaName=group' + responses: + '200': + description: Successfully downloaded the file + content: + text/csv: + example: 'id,name,displayName,created,description,modified,entitlements,groups,permissions' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:source-schema:read' + post: + tags: + - Sources + summary: Uploads source entitlements schema template + description: |- + This API uploads a source schema template file to configure a source's entitlement attributes. + + To retrieve the file to modify and upload, log into Identity Now. + + Click **Admin** -> **Connections** -> **Sources** -> **`{SourceName}`** -> **Import Data** -> **Import Entitlements** -> **Download** + + >**NOTE: This API is designated only for Delimited File sources.** + operationId: importEntitlementsSchema + parameters: + - in: path + name: id + required: true + schema: + type: string + description: The Source id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: query + name: schemaName + schema: + type: string + description: Name of entitlement schema + example: '?schemaName=group' + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + properties: + file: + type: string + format: binary + responses: + '200': + description: Successfully uploaded the file + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The id of the Schema. + example: 2c9180835d191a86015d28455b4a2329 + name: + type: string + description: The name of the Schema. + example: account + nativeObjectType: + type: string + description: The name of the object type on the native system that the schema represents. + example: User + identityAttribute: + type: string + description: The name of the attribute used to calculate the unique identifier for an object in the schema. + example: sAMAccountName + displayAttribute: + type: string + description: The name of the attribute used to calculate the display value for an object in the schema. + example: distinguishedName + hierarchyAttribute: + type: string + description: The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. + example: memberOf + includePermissions: + type: boolean + description: Flag indicating whether or not the include permissions with the object data when aggregating the schema. + example: false + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + configuration: + type: object + description: Holds any extra configuration data that the schema may require. + example: + groupMemberAttribute: member + attributes: + type: array + description: The attribute definitions which form the schema. + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: sAMAccountName + type: + description: The type of the attribute. + example: STRING + type: string + enum: + - STRING + - LONG + - INT + - BOOLEAN + schema: + description: A reference to the schema on the source to the attribute values map to. + type: object + properties: + type: + description: The type of object being referenced + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: The object ID this reference applies to. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The human-readable display name of the object. + example: group + description: + type: string + description: A human-readable description of the attribute. + example: SAM Account Name + isMulti: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + example: false + default: false + isEntitlement: + type: boolean + description: Flag indicating whether or not the attribute is an entitlement. + example: false + default: false + isGroup: + type: boolean + description: | + Flag indicating whether or not the attribute represents a group. + This can only be `true` if `isEntitlement` is also `true` **and** there is a schema defined for the attribute.. + example: false + default: false + example: + - name: sAMAccountName + type: STRING + isMultiValued: false + isEntitlement: false + isGroup: false + - name: memberOf + type: STRING + schema: + type: CONNECTOR_SCHEMA + id: 2c9180887671ff8c01767b4671fc7d60 + name: group + description: Group membership + isMultiValued: true + isEntitlement: true + isGroup: true + created: + type: string + description: The date the Schema was created. + format: date-time + example: '2019-12-24T22:32:58.104Z' + modified: + type: string + description: The date the Schema was last modified. + format: date-time + example: '2019-12-31T20:22:28.104Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:source-schema:manage' + '/sources/{sourceId}/upload-connector-file': + post: + operationId: importConnectorFile + security: + - UserContextAuth: + - 'idn:sources-admin:manage' + tags: + - Sources + summary: Upload connector file to source + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + description: The Source id. + example: 2c9180835d191a86015d28455b4a2329 + description: |- + This uploads a supplemental source connector file (like jdbc driver jars) to a source's S3 bucket. This also sends ETS and Audit events. + A token with ORG_ADMIN authority is required to call this API. + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + properties: + file: + type: string + format: binary + responses: + '200': + description: Uploaded the file successfully and sent all post-upload events + content: + application/json: + schema: + type: object + properties: + id: + type: string + readOnly: true + description: Source ID. + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Source's human-readable name. + example: My Source + description: + type: string + description: Source's human-readable description. + example: This is the corporate directory. + owner: + description: Reference to identity object who owns the source. + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner identity's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Owner identity's human-readable display name. + example: MyName + cluster: + description: Reference to the source's associated cluster. + type: object + nullable: true + required: + - name + - id + - type + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Cluster ID. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Cluster's human-readable display name. + example: Corporate Cluster + accountCorrelationConfig: + description: Reference to account correlation config object. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + example: ACCOUNT_CORRELATION_CONFIG + id: + type: string + description: Account correlation config ID. + example: 2c9180855d191c59015d28583727245a + name: + type: string + description: Account correlation config's human-readable display name. + example: 'Directory [source-62867] Account Correlation' + accountCorrelationRule: + description: Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + managerCorrelationMapping: + allOf: + - type: object + properties: + accountAttributeName: + type: string + description: Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity. + example: manager + identityAttributeName: + type: string + description: Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute. + example: manager + - nullable: true + description: | + Filter object used during manager correlation to match incoming manager values to an existing manager's + account/identity. + managerCorrelationRule: + description: Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + beforeProvisioningRule: + description: 'Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ' + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + schemas: + type: array + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: Schema ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Schema's human-readable display name. + example: MySchema + description: List of references to schema objects. + example: + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232a + name: account + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232b + name: group + passwordPolicies: + type: array + nullable: true + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - PASSWORD_POLICY + example: PASSWORD_POLICY + id: + type: string + description: Policy ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Policy's human-readable display name. + example: My Password Policy + description: List of references to the associated PasswordPolicy objects. + example: + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb053980 + name: Corporate Password Policy + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb057777 + name: Vendor Password Policy + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + connector: + type: string + description: Connector script name. + example: active-directory + connectorClass: + type: string + description: Fully qualified name of the Java class that implements the connector interface. + example: sailpoint.connector.LDAPConnector + connectorAttributes: + type: object + description: Connector specific configuration. This configuration will differ from type to type. + example: + healthCheckTimeout: 30 + authSearchAttributes: + - cn + - uid + - mail + deleteThreshold: + type: integer + format: int32 + description: Number from 0 to 100 that specifies when to skip the delete phase. + example: 10 + authoritative: + type: boolean + description: 'When this is true, it indicates that the source is referenced by an identity profile.' + default: false + example: false + managementWorkgroup: + description: Reference to management workgroup for the source. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: Management workgroup ID. + example: 2c91808568c529c60168cca6f90c2222 + name: + type: string + description: Management workgroup's human-readable display name. + example: My Management Workgroup + healthy: + type: boolean + description: 'When this is true, it indicates that the source is healthy.' + default: false + example: true + status: + type: string + enum: + - SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: 'Status identifier that gives specific information about why a source is or isn''t healthy. ' + example: SOURCE_STATE_HEALTHY + since: + type: string + description: Timestamp that shows when a source health check was last performed. + example: 2021-09-28T15:48:29.380Z + connectorId: + type: string + description: Connector ID + example: active-directory + connectorName: + type: string + description: Name of the connector that was chosen during source creation. + example: Active Directory + connectionType: + type: string + description: Type of connection (direct or file). + example: file + connectorImplementationId: + type: string + description: Connector implementation ID. + example: delimited-file + created: + type: string + description: Date-time when the source was created + format: date-time + example: 2022-02-08T14:50:03.827Z + modified: + type: string + description: Date-time when the source was last modified. + format: date-time + example: 2024-01-23T18:08:50.897Z + credentialProviderEnabled: + type: boolean + description: 'If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.' + default: false + example: false + category: + type: string + nullable: true + default: null + description: 'Source category (e.g. null, CredentialProvider).' + example: CredentialProvider + required: + - name + - owner + - connector + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /tagged-objects: + get: + operationId: listTaggedObjects + security: + - UserContextAuth: + - 'idn:tag:read' + - 'idn:tag:manage' + tags: + - Tagged Objects + summary: List Tagged Objects + description: |- + This API returns a list of all tagged objects. + + Any authenticated token may be used to call this API. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **objectRef.id**: *eq, in* + + **objectRef.type**: *eq, in* + + **tagName**: *eq, in* + example: tagName eq "BU_FINANCE" + required: false + responses: + '200': + description: List of all tagged objects. + content: + application/json: + schema: + type: array + items: + type: object + description: Tagged object. + properties: + objectRef: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + example: IDENTITY + description: DTO type + id: + type: string + description: ID of the object this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + nullable: true + description: Human-readable display name of the object this reference applies to + example: William Wilson + tags: + type: array + items: + type: string + description: Labels to be applied to an Object + example: + - BU_FINANCE + - PCI + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: setTagToObject + security: + - UserContextAuth: + - 'idn:tag:manage' + tags: + - Tagged Objects + summary: Add Tag to Object + description: |- + This adds a tag to an object. + + Any authenticated token may be used to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Tagged object. + properties: + objectRef: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + example: IDENTITY + description: DTO type + id: + type: string + description: ID of the object this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + nullable: true + description: Human-readable display name of the object this reference applies to + example: William Wilson + tags: + type: array + items: + type: string + description: Labels to be applied to an Object + example: + - BU_FINANCE + - PCI + responses: + '201': + description: Created. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/tagged-objects/{type}': + get: + operationId: listTaggedObjectsByType + security: + - UserContextAuth: + - 'idn:tag:read' + - 'idn:tag:manage' + tags: + - Tagged Objects + summary: List Tagged Objects by Type + description: |- + This API returns a list of all tagged objects by type. + + Any authenticated token may be used to call this API. + parameters: + - in: path + name: type + schema: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + required: true + description: The type of tagged object to retrieve. + example: ROLE + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **objectRef.id**: *eq* + + **objectRef.type**: *eq* + example: objectRef.id eq "2c91808568c529c60168cca6f90c1313" + required: false + responses: + '200': + description: List of all tagged objects for specified type. + content: + application/json: + schema: + type: array + items: + type: object + description: Tagged object. + properties: + objectRef: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + example: IDENTITY + description: DTO type + id: + type: string + description: ID of the object this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + nullable: true + description: Human-readable display name of the object this reference applies to + example: William Wilson + tags: + type: array + items: + type: string + description: Labels to be applied to an Object + example: + - BU_FINANCE + - PCI + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/tagged-objects/{type}/{id}': + get: + operationId: getTaggedObject + security: + - UserContextAuth: + - 'idn:tag:read' + - 'idn:tag:manage' + tags: + - Tagged Objects + summary: Get Tagged Object + description: This gets a tagged object for the specified type. + parameters: + - in: path + name: type + schema: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + required: true + description: The type of tagged object to retrieve. + example: ROLE + - in: path + name: id + schema: + type: string + required: true + description: The ID of the object reference to retrieve. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: Tagged object by type and ID. + content: + application/json: + schema: + type: object + description: Tagged object. + properties: + objectRef: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + example: IDENTITY + description: DTO type + id: + type: string + description: ID of the object this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + nullable: true + description: Human-readable display name of the object this reference applies to + example: William Wilson + tags: + type: array + items: + type: string + description: Labels to be applied to an Object + example: + - BU_FINANCE + - PCI + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putTaggedObject + security: + - UserContextAuth: + - 'idn:tag:manage' + tags: + - Tagged Objects + summary: Update Tagged Object + description: This updates a tagged object for the specified type. + parameters: + - in: path + name: type + schema: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + required: true + description: The type of tagged object to update. + example: ROLE + - in: path + name: id + schema: + type: string + required: true + description: The ID of the object reference to update. + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Tagged object. + properties: + objectRef: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + example: IDENTITY + description: DTO type + id: + type: string + description: ID of the object this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + nullable: true + description: Human-readable display name of the object this reference applies to + example: William Wilson + tags: + type: array + items: + type: string + description: Labels to be applied to an Object + example: + - BU_FINANCE + - PCI + responses: + '200': + description: Tagged object by type and ID. + content: + application/json: + schema: + type: object + description: Tagged object. + properties: + objectRef: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + example: IDENTITY + description: DTO type + id: + type: string + description: ID of the object this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + nullable: true + description: Human-readable display name of the object this reference applies to + example: William Wilson + tags: + type: array + items: + type: string + description: Labels to be applied to an Object + example: + - BU_FINANCE + - PCI + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteTaggedObject + security: + - UserContextAuth: + - 'idn:tag:manage' + tags: + - Tagged Objects + summary: Delete Tagged Object + description: This deletes a tagged object for the specified type. + parameters: + - in: path + name: type + schema: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + required: true + description: The type of tagged object to delete. + example: ROLE + - in: path + name: id + schema: + type: string + required: true + description: The ID of the object reference to delete. + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '204': + description: No content. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /tagged-objects/bulk-add: + post: + operationId: setTagsToManyObjects + security: + - UserContextAuth: + - 'idn:tag:manage' + tags: + - Tagged Objects + summary: Tag Multiple Objects + description: |- + This API adds tags to multiple objects. + + A token with API, CERT_ADMIN, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + requestBody: + required: true + description: 'Supported object types are ACCESS_PROFILE, APPLICATION, CAMPAIGN, ENTITLEMENT, IDENTITY, ROLE, SOD_POLICY, SOURCE.' + content: + application/json: + schema: + type: object + properties: + objectRefs: + type: array + items: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + example: IDENTITY + description: DTO type + id: + type: string + description: ID of the object this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + nullable: true + description: Human-readable display name of the object this reference applies to + example: William Wilson + tags: + type: array + items: + type: string + description: Label to be applied to an Object + example: + - BU_FINANCE + - PCI + operation: + type: string + enum: + - APPEND + - MERGE + default: APPEND + description: |- + If APPEND, tags are appended to the list of tags for the object. A 400 error is returned if this would add duplicate tags to the object. + + If MERGE, tags are merged with the existing tags. Duplicate tags are silently ignored. + example: MERGE + responses: + '200': + description: Request succeeded. + content: + application/json: + schema: + type: array + items: + type: object + properties: + objectRefs: + type: array + items: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + example: IDENTITY + description: DTO type + id: + type: string + description: ID of the object this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + nullable: true + description: Human-readable display name of the object this reference applies to + example: William Wilson + tags: + type: array + items: + type: string + description: Label to be applied to an Object + example: + - BU_FINANCE + - PCI + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /tagged-objects/bulk-remove: + post: + operationId: deleteTagsToManyObject + security: + - UserContextAuth: + - 'idn:tag:manage' + tags: + - Tagged Objects + summary: Remove Tags from Multiple Objects + description: |- + This API removes tags from multiple objects. + + A token with API, CERT_ADMIN, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + requestBody: + description: 'Supported object types are ACCESS_PROFILE, APPLICATION, CAMPAIGN, ENTITLEMENT, IDENTITY, ROLE, SOD_POLICY, SOURCE.' + required: true + content: + application/json: + schema: + type: object + properties: + objectRefs: + type: array + items: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - APPLICATION + - CAMPAIGN + - ENTITLEMENT + - IDENTITY + - ROLE + - SOD_POLICY + - SOURCE + example: IDENTITY + description: DTO type + id: + type: string + description: ID of the object this reference applies to + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + nullable: true + description: Human-readable display name of the object this reference applies to + example: William Wilson + tags: + type: array + items: + type: string + description: Label to be applied to an Object + example: + - BU_FINANCE + - PCI + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /transforms: + get: + tags: + - Transforms + summary: List transforms + description: |- + Gets a list of all saved transform objects. + A token with transforms-list read authority is required to call this API. + operationId: listTransforms + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: name + in: query + description: Name of the transform to retrieve from the list. + required: false + style: form + schema: + type: string + example: ExampleTransformName123 + - name: filters + in: query + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **internal**: *eq* + + **name**: *eq, sw* + required: false + style: form + explode: true + example: name eq "Uppercase" + schema: + type: string + responses: + '200': + description: A list of transforms matching the given criteria. + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + description: The representation of an internally- or customer-defined transform. + required: + - name + - type + - attributes + properties: + name: + type: string + description: Unique name of this transform + example: Timestamp To Date + minLength: 1 + maxLength: 50 + type: + type: string + description: The type of transform operation + enum: + - accountAttribute + - base64Decode + - base64Encode + - concat + - conditional + - dateCompare + - dateFormat + - dateMath + - decomposeDiacriticalMarks + - e164phone + - firstValid + - rule + - identityAttribute + - indexOf + - iso3166 + - lastIndexOf + - leftPad + - lookup + - lower + - normalizeNames + - randomAlphaNumeric + - randomNumeric + - reference + - replaceAll + - replace + - rightPad + - split + - static + - substring + - trim + - upper + - usernameGenerator + - uuid + - displayName + - rfc5646 + example: dateFormat + externalDocs: + description: Transform Operations + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations' + attributes: + nullable: true + description: Meta-data about the transform. Values in this list are specific to the type of transform to be executed. + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Decode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Encode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: concat + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of items to join together + example: + - John + - ' ' + - Smith + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: conditional + type: object + required: + - expression + - positiveCondition + - negativeCondition + properties: + expression: + type: string + description: |- + A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. + + The `eq` operator is the only valid comparison + example: ValueA eq ValueB + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: 'false' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateCompare + type: object + required: + - firstDate + - secondDate + - operator + - positiveCondition + - negativeCondition + properties: + firstDate: + description: This is the first date to consider (The date that would be on the left hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + secondDate: + description: This is the second date to consider (The date that would be on the right hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + operator: + type: string + description: | + This is the comparison to perform. + | Operation | Description | + | --------- | ------- | + | LT | Strictly less than: firstDate < secondDate | + | LTE | Less than or equal to: firstDate <= secondDate | + | GT | Strictly greater than: firstDate > secondDate | + | GTE | Greater than or equal to: firstDate >= secondDate | + enum: + - LT + - LTE + - GT + - GTE + example: LT + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateMath + type: object + required: + - expression + properties: + expression: + type: string + description: | + A string value of the date and time components to operation on, along with the math operations to execute. + externalDocs: + description: Date Math Expressions + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure' + example: now+1w + roundUp: + type: boolean + description: | + A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. + + + If not provided, the transform will default to `false` + + + `true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component) + + + `false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated) + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: decomposeDiacriticalMarks + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: e164phone + type: object + properties: + defaultRegion: + type: string + description: | + This is an optional attribute that can be used to define the region of the phone number to format into. + + + If defaultRegion is not provided, it will take US as the default country. + + + The format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) + example: US + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: firstValid + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of attributes to evaluate for existence. + example: + - attributes: + sourceName: Active Directory + attributeName: sAMAccountName + type: accountAttribute + - attributes: + sourceName: Okta + attributeName: login + type: accountAttribute + - attributes: + sourceName: HR Source + attributeName: employeeID + type: accountAttribute + ignoreErrors: + type: boolean + description: a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur. + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: rule + oneOf: + - type: object + required: + - name + properties: + name: + type: string + description: This is the name of the Transform rule that needs to be invoked by the transform + example: Transform Calculation Rule + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - name + - operation + - includeNumbers + - includeSpecialChars + - length + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `generateRandomString` + example: generateRandomString + includeNumbers: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include numbers + example: true + includeSpecialChars: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include special characters + example: true + length: + type: string + description: | + This specifies how long the randomly generated string needs to be + + + >NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - type: object + required: + - name + - operation + - uid + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `getReferenceIdentityAttribute` + example: getReferenceIdentityAttribute + uid: + type: string + description: | + This is the SailPoint User Name (uid) value of the identity whose attribute is desired + + As a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute. + example: 2c91808570313110017040b06f344ec9 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - title: identityAttribute + type: object + required: + - name + properties: + name: + type: string + description: The system (camel-cased) name of the identity attribute to bring in + example: email + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: indexOf + type: object + required: + - substring + properties: + substring: + type: string + description: 'A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.' + example: admin_ + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: iso3166 + type: object + properties: + format: + type: string + description: | + An optional value to denote which ISO 3166 format to return. Valid values are: + + + `alpha2` - Two-character country code (e.g., "US"); this is the default value if no format is supplied + + + `alpha3` - Three-character country code (e.g., "USA") + + + `numeric` - The numeric country code (e.g., "840") + example: alpha2 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: leftPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lookup + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: | + This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched + + + >**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return "Unknown Region" for the attribute that is mapped to this transform. + example: + USA: Americas + FRA: EMEA + AUS: APAC + default: Unknown Region + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lower + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: nameNormalizer + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomAlphaNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: reference + type: object + required: + - id + properties: + id: + type: string + description: This ID specifies the name of the pre-existing transform which you want to use within your current transform + example: Existing Transform + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replaceAll + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: 'An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.' + example: + '-': ' ' + '"': '''' + ñ: 'n' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replace + type: object + required: + - regex + - replacement + properties: + regex: + type: string + description: This can be a string or a regex pattern in which you want to replace. + example: '[^a-zA-Z]' + externalDocs: + description: Regex Builder + url: 'https://regex101.com/' + replacement: + type: string + description: This is the replacement string that should be substituded wherever the string or pattern is found. + example: ' ' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: rightPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: split + type: object + required: + - delimiter + - index + properties: + delimiter: + type: string + description: 'This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data' + example: ',' + index: + type: string + description: 'An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.' + example: '5' + throws: + type: boolean + description: | + A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array) + + + `true` - The transform should return "IndexOutOfBoundsException" + + + `false` - The transform should return null + + + If not provided, the transform will default to false and return a null + example: true + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: static + type: object + required: + - values + properties: + values: + type: string + description: 'This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.' + example: string$variable + externalDocs: + description: Static Transform Documentation + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/static' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: substring + type: object + required: + - begin + properties: + begin: + type: integer + description: | + The index of the first character to include in the returned substring. + + + If `begin` is set to -1, the transform will begin at character 0 of the input data + example: 1 + format: int32 + beginOffset: + type: integer + description: | + This integer value is the number of characters to add to the begin attribute when returning a substring. + + This attribute is only used if begin is not -1. + example: 3 + format: int32 + end: + type: integer + description: | + The index of the first character to exclude from the returned substring. + + If end is -1 or not provided at all, the substring transform will return everything up to the end of the input string. + example: 6 + format: int32 + endOffset: + type: integer + description: | + This integer value is the number of characters to add to the end attribute when returning a substring. + + This attribute is only used if end is provided and is not -1. + example: 1 + format: int32 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: trim + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: upper + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: uuid + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - id + - internal + properties: + id: + type: string + description: Unique ID of this transform + example: 2cd78adghjkja34jh2b1hkjhasuecd + internal: + type: boolean + description: Indicates whether this is an internal SailPoint-created transform or a customer-created transform + example: false + default: false + example: + - id: 2cd78adghjkja34jh2b1hkjhasuecd + name: Timestamp To Date + type: dateFormat + attributes: + inputFormat: 'MMM-dd-yyyy, HH:mm:ss.SSS' + outputFormat: yyyy/dd/MM + internal: false + - id: 2lkas8dhj4bkuakja77giih7l4ashh + name: PrefixSubstring + type: substring + attributes: + begin: 0 + end: 3 + internal: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:transform:read' + - 'idn:transform:manage' + post: + tags: + - Transforms + summary: Create transform + description: 'Creates a new transform object immediately. By default, the internal flag is set to false to indicate that this is a custom transform. Only SailPoint employees have the ability to create a transform with internal set to true. Newly created Transforms can be used in the Identity Profile mappings within the UI. A token with transform write authority is required to call this API.' + operationId: createTransform + requestBody: + required: true + description: The transform to be created. + content: + application/json: + schema: + type: object + description: The representation of an internally- or customer-defined transform. + required: + - name + - type + - attributes + properties: + name: + type: string + description: Unique name of this transform + example: Timestamp To Date + minLength: 1 + maxLength: 50 + type: + type: string + description: The type of transform operation + enum: + - accountAttribute + - base64Decode + - base64Encode + - concat + - conditional + - dateCompare + - dateFormat + - dateMath + - decomposeDiacriticalMarks + - e164phone + - firstValid + - rule + - identityAttribute + - indexOf + - iso3166 + - lastIndexOf + - leftPad + - lookup + - lower + - normalizeNames + - randomAlphaNumeric + - randomNumeric + - reference + - replaceAll + - replace + - rightPad + - split + - static + - substring + - trim + - upper + - usernameGenerator + - uuid + - displayName + - rfc5646 + example: dateFormat + externalDocs: + description: Transform Operations + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations' + attributes: + nullable: true + description: Meta-data about the transform. Values in this list are specific to the type of transform to be executed. + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Decode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Encode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: concat + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of items to join together + example: + - John + - ' ' + - Smith + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: conditional + type: object + required: + - expression + - positiveCondition + - negativeCondition + properties: + expression: + type: string + description: |- + A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. + + The `eq` operator is the only valid comparison + example: ValueA eq ValueB + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: 'false' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateCompare + type: object + required: + - firstDate + - secondDate + - operator + - positiveCondition + - negativeCondition + properties: + firstDate: + description: This is the first date to consider (The date that would be on the left hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + secondDate: + description: This is the second date to consider (The date that would be on the right hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + operator: + type: string + description: | + This is the comparison to perform. + | Operation | Description | + | --------- | ------- | + | LT | Strictly less than: firstDate < secondDate | + | LTE | Less than or equal to: firstDate <= secondDate | + | GT | Strictly greater than: firstDate > secondDate | + | GTE | Greater than or equal to: firstDate >= secondDate | + enum: + - LT + - LTE + - GT + - GTE + example: LT + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateMath + type: object + required: + - expression + properties: + expression: + type: string + description: | + A string value of the date and time components to operation on, along with the math operations to execute. + externalDocs: + description: Date Math Expressions + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure' + example: now+1w + roundUp: + type: boolean + description: | + A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. + + + If not provided, the transform will default to `false` + + + `true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component) + + + `false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated) + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: decomposeDiacriticalMarks + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: e164phone + type: object + properties: + defaultRegion: + type: string + description: | + This is an optional attribute that can be used to define the region of the phone number to format into. + + + If defaultRegion is not provided, it will take US as the default country. + + + The format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) + example: US + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: firstValid + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of attributes to evaluate for existence. + example: + - attributes: + sourceName: Active Directory + attributeName: sAMAccountName + type: accountAttribute + - attributes: + sourceName: Okta + attributeName: login + type: accountAttribute + - attributes: + sourceName: HR Source + attributeName: employeeID + type: accountAttribute + ignoreErrors: + type: boolean + description: a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur. + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: rule + oneOf: + - type: object + required: + - name + properties: + name: + type: string + description: This is the name of the Transform rule that needs to be invoked by the transform + example: Transform Calculation Rule + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - name + - operation + - includeNumbers + - includeSpecialChars + - length + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `generateRandomString` + example: generateRandomString + includeNumbers: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include numbers + example: true + includeSpecialChars: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include special characters + example: true + length: + type: string + description: | + This specifies how long the randomly generated string needs to be + + + >NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - type: object + required: + - name + - operation + - uid + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `getReferenceIdentityAttribute` + example: getReferenceIdentityAttribute + uid: + type: string + description: | + This is the SailPoint User Name (uid) value of the identity whose attribute is desired + + As a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute. + example: 2c91808570313110017040b06f344ec9 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - title: identityAttribute + type: object + required: + - name + properties: + name: + type: string + description: The system (camel-cased) name of the identity attribute to bring in + example: email + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: indexOf + type: object + required: + - substring + properties: + substring: + type: string + description: 'A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.' + example: admin_ + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: iso3166 + type: object + properties: + format: + type: string + description: | + An optional value to denote which ISO 3166 format to return. Valid values are: + + + `alpha2` - Two-character country code (e.g., "US"); this is the default value if no format is supplied + + + `alpha3` - Three-character country code (e.g., "USA") + + + `numeric` - The numeric country code (e.g., "840") + example: alpha2 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: leftPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lookup + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: | + This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched + + + >**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return "Unknown Region" for the attribute that is mapped to this transform. + example: + USA: Americas + FRA: EMEA + AUS: APAC + default: Unknown Region + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lower + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: nameNormalizer + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomAlphaNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: reference + type: object + required: + - id + properties: + id: + type: string + description: This ID specifies the name of the pre-existing transform which you want to use within your current transform + example: Existing Transform + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replaceAll + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: 'An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.' + example: + '-': ' ' + '"': '''' + ñ: 'n' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replace + type: object + required: + - regex + - replacement + properties: + regex: + type: string + description: This can be a string or a regex pattern in which you want to replace. + example: '[^a-zA-Z]' + externalDocs: + description: Regex Builder + url: 'https://regex101.com/' + replacement: + type: string + description: This is the replacement string that should be substituded wherever the string or pattern is found. + example: ' ' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: rightPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: split + type: object + required: + - delimiter + - index + properties: + delimiter: + type: string + description: 'This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data' + example: ',' + index: + type: string + description: 'An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.' + example: '5' + throws: + type: boolean + description: | + A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array) + + + `true` - The transform should return "IndexOutOfBoundsException" + + + `false` - The transform should return null + + + If not provided, the transform will default to false and return a null + example: true + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: static + type: object + required: + - values + properties: + values: + type: string + description: 'This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.' + example: string$variable + externalDocs: + description: Static Transform Documentation + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/static' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: substring + type: object + required: + - begin + properties: + begin: + type: integer + description: | + The index of the first character to include in the returned substring. + + + If `begin` is set to -1, the transform will begin at character 0 of the input data + example: 1 + format: int32 + beginOffset: + type: integer + description: | + This integer value is the number of characters to add to the begin attribute when returning a substring. + + This attribute is only used if begin is not -1. + example: 3 + format: int32 + end: + type: integer + description: | + The index of the first character to exclude from the returned substring. + + If end is -1 or not provided at all, the substring transform will return everything up to the end of the input string. + example: 6 + format: int32 + endOffset: + type: integer + description: | + This integer value is the number of characters to add to the end attribute when returning a substring. + + This attribute is only used if end is provided and is not -1. + example: 1 + format: int32 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: trim + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: upper + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: uuid + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + example: + name: Timestamp To Date + type: dateFormat + attributes: + inputFormat: 'MMM dd yyyy, HH:mm:ss.SSS' + outputFormat: yyyy/dd/MM + responses: + '201': + description: Indicates the transform was successfully created and returns its representation. + content: + application/json: + schema: + allOf: + - type: object + description: The representation of an internally- or customer-defined transform. + required: + - name + - type + - attributes + properties: + name: + type: string + description: Unique name of this transform + example: Timestamp To Date + minLength: 1 + maxLength: 50 + type: + type: string + description: The type of transform operation + enum: + - accountAttribute + - base64Decode + - base64Encode + - concat + - conditional + - dateCompare + - dateFormat + - dateMath + - decomposeDiacriticalMarks + - e164phone + - firstValid + - rule + - identityAttribute + - indexOf + - iso3166 + - lastIndexOf + - leftPad + - lookup + - lower + - normalizeNames + - randomAlphaNumeric + - randomNumeric + - reference + - replaceAll + - replace + - rightPad + - split + - static + - substring + - trim + - upper + - usernameGenerator + - uuid + - displayName + - rfc5646 + example: dateFormat + externalDocs: + description: Transform Operations + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations' + attributes: + nullable: true + description: Meta-data about the transform. Values in this list are specific to the type of transform to be executed. + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Decode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Encode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: concat + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of items to join together + example: + - John + - ' ' + - Smith + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: conditional + type: object + required: + - expression + - positiveCondition + - negativeCondition + properties: + expression: + type: string + description: |- + A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. + + The `eq` operator is the only valid comparison + example: ValueA eq ValueB + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: 'false' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateCompare + type: object + required: + - firstDate + - secondDate + - operator + - positiveCondition + - negativeCondition + properties: + firstDate: + description: This is the first date to consider (The date that would be on the left hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + secondDate: + description: This is the second date to consider (The date that would be on the right hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + operator: + type: string + description: | + This is the comparison to perform. + | Operation | Description | + | --------- | ------- | + | LT | Strictly less than: firstDate < secondDate | + | LTE | Less than or equal to: firstDate <= secondDate | + | GT | Strictly greater than: firstDate > secondDate | + | GTE | Greater than or equal to: firstDate >= secondDate | + enum: + - LT + - LTE + - GT + - GTE + example: LT + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateMath + type: object + required: + - expression + properties: + expression: + type: string + description: | + A string value of the date and time components to operation on, along with the math operations to execute. + externalDocs: + description: Date Math Expressions + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure' + example: now+1w + roundUp: + type: boolean + description: | + A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. + + + If not provided, the transform will default to `false` + + + `true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component) + + + `false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated) + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: decomposeDiacriticalMarks + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: e164phone + type: object + properties: + defaultRegion: + type: string + description: | + This is an optional attribute that can be used to define the region of the phone number to format into. + + + If defaultRegion is not provided, it will take US as the default country. + + + The format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) + example: US + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: firstValid + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of attributes to evaluate for existence. + example: + - attributes: + sourceName: Active Directory + attributeName: sAMAccountName + type: accountAttribute + - attributes: + sourceName: Okta + attributeName: login + type: accountAttribute + - attributes: + sourceName: HR Source + attributeName: employeeID + type: accountAttribute + ignoreErrors: + type: boolean + description: a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur. + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: rule + oneOf: + - type: object + required: + - name + properties: + name: + type: string + description: This is the name of the Transform rule that needs to be invoked by the transform + example: Transform Calculation Rule + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - name + - operation + - includeNumbers + - includeSpecialChars + - length + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `generateRandomString` + example: generateRandomString + includeNumbers: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include numbers + example: true + includeSpecialChars: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include special characters + example: true + length: + type: string + description: | + This specifies how long the randomly generated string needs to be + + + >NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - type: object + required: + - name + - operation + - uid + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `getReferenceIdentityAttribute` + example: getReferenceIdentityAttribute + uid: + type: string + description: | + This is the SailPoint User Name (uid) value of the identity whose attribute is desired + + As a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute. + example: 2c91808570313110017040b06f344ec9 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - title: identityAttribute + type: object + required: + - name + properties: + name: + type: string + description: The system (camel-cased) name of the identity attribute to bring in + example: email + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: indexOf + type: object + required: + - substring + properties: + substring: + type: string + description: 'A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.' + example: admin_ + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: iso3166 + type: object + properties: + format: + type: string + description: | + An optional value to denote which ISO 3166 format to return. Valid values are: + + + `alpha2` - Two-character country code (e.g., "US"); this is the default value if no format is supplied + + + `alpha3` - Three-character country code (e.g., "USA") + + + `numeric` - The numeric country code (e.g., "840") + example: alpha2 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: leftPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lookup + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: | + This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched + + + >**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return "Unknown Region" for the attribute that is mapped to this transform. + example: + USA: Americas + FRA: EMEA + AUS: APAC + default: Unknown Region + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lower + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: nameNormalizer + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomAlphaNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: reference + type: object + required: + - id + properties: + id: + type: string + description: This ID specifies the name of the pre-existing transform which you want to use within your current transform + example: Existing Transform + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replaceAll + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: 'An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.' + example: + '-': ' ' + '"': '''' + ñ: 'n' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replace + type: object + required: + - regex + - replacement + properties: + regex: + type: string + description: This can be a string or a regex pattern in which you want to replace. + example: '[^a-zA-Z]' + externalDocs: + description: Regex Builder + url: 'https://regex101.com/' + replacement: + type: string + description: This is the replacement string that should be substituded wherever the string or pattern is found. + example: ' ' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: rightPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: split + type: object + required: + - delimiter + - index + properties: + delimiter: + type: string + description: 'This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data' + example: ',' + index: + type: string + description: 'An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.' + example: '5' + throws: + type: boolean + description: | + A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array) + + + `true` - The transform should return "IndexOutOfBoundsException" + + + `false` - The transform should return null + + + If not provided, the transform will default to false and return a null + example: true + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: static + type: object + required: + - values + properties: + values: + type: string + description: 'This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.' + example: string$variable + externalDocs: + description: Static Transform Documentation + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/static' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: substring + type: object + required: + - begin + properties: + begin: + type: integer + description: | + The index of the first character to include in the returned substring. + + + If `begin` is set to -1, the transform will begin at character 0 of the input data + example: 1 + format: int32 + beginOffset: + type: integer + description: | + This integer value is the number of characters to add to the begin attribute when returning a substring. + + This attribute is only used if begin is not -1. + example: 3 + format: int32 + end: + type: integer + description: | + The index of the first character to exclude from the returned substring. + + If end is -1 or not provided at all, the substring transform will return everything up to the end of the input string. + example: 6 + format: int32 + endOffset: + type: integer + description: | + This integer value is the number of characters to add to the end attribute when returning a substring. + + This attribute is only used if end is provided and is not -1. + example: 1 + format: int32 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: trim + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: upper + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: uuid + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - id + - internal + properties: + id: + type: string + description: Unique ID of this transform + example: 2cd78adghjkja34jh2b1hkjhasuecd + internal: + type: boolean + description: Indicates whether this is an internal SailPoint-created transform or a customer-created transform + example: false + default: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:transform:manage' + '/transforms/{id}': + get: + tags: + - Transforms + summary: Transform by ID + description: |- + This API returns the transform specified by the given ID. + A token with transform read authority is required to call this API. + operationId: getTransform + parameters: + - name: id + in: path + description: ID of the transform to retrieve + required: true + style: simple + explode: false + example: 2cd78adghjkja34jh2b1hkjhasuecd + schema: + type: string + responses: + '200': + description: Transform with the given ID + content: + application/json: + schema: + allOf: + - type: object + description: The representation of an internally- or customer-defined transform. + required: + - name + - type + - attributes + properties: + name: + type: string + description: Unique name of this transform + example: Timestamp To Date + minLength: 1 + maxLength: 50 + type: + type: string + description: The type of transform operation + enum: + - accountAttribute + - base64Decode + - base64Encode + - concat + - conditional + - dateCompare + - dateFormat + - dateMath + - decomposeDiacriticalMarks + - e164phone + - firstValid + - rule + - identityAttribute + - indexOf + - iso3166 + - lastIndexOf + - leftPad + - lookup + - lower + - normalizeNames + - randomAlphaNumeric + - randomNumeric + - reference + - replaceAll + - replace + - rightPad + - split + - static + - substring + - trim + - upper + - usernameGenerator + - uuid + - displayName + - rfc5646 + example: dateFormat + externalDocs: + description: Transform Operations + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations' + attributes: + nullable: true + description: Meta-data about the transform. Values in this list are specific to the type of transform to be executed. + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Decode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Encode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: concat + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of items to join together + example: + - John + - ' ' + - Smith + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: conditional + type: object + required: + - expression + - positiveCondition + - negativeCondition + properties: + expression: + type: string + description: |- + A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. + + The `eq` operator is the only valid comparison + example: ValueA eq ValueB + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: 'false' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateCompare + type: object + required: + - firstDate + - secondDate + - operator + - positiveCondition + - negativeCondition + properties: + firstDate: + description: This is the first date to consider (The date that would be on the left hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + secondDate: + description: This is the second date to consider (The date that would be on the right hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + operator: + type: string + description: | + This is the comparison to perform. + | Operation | Description | + | --------- | ------- | + | LT | Strictly less than: firstDate < secondDate | + | LTE | Less than or equal to: firstDate <= secondDate | + | GT | Strictly greater than: firstDate > secondDate | + | GTE | Greater than or equal to: firstDate >= secondDate | + enum: + - LT + - LTE + - GT + - GTE + example: LT + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateMath + type: object + required: + - expression + properties: + expression: + type: string + description: | + A string value of the date and time components to operation on, along with the math operations to execute. + externalDocs: + description: Date Math Expressions + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure' + example: now+1w + roundUp: + type: boolean + description: | + A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. + + + If not provided, the transform will default to `false` + + + `true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component) + + + `false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated) + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: decomposeDiacriticalMarks + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: e164phone + type: object + properties: + defaultRegion: + type: string + description: | + This is an optional attribute that can be used to define the region of the phone number to format into. + + + If defaultRegion is not provided, it will take US as the default country. + + + The format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) + example: US + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: firstValid + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of attributes to evaluate for existence. + example: + - attributes: + sourceName: Active Directory + attributeName: sAMAccountName + type: accountAttribute + - attributes: + sourceName: Okta + attributeName: login + type: accountAttribute + - attributes: + sourceName: HR Source + attributeName: employeeID + type: accountAttribute + ignoreErrors: + type: boolean + description: a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur. + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: rule + oneOf: + - type: object + required: + - name + properties: + name: + type: string + description: This is the name of the Transform rule that needs to be invoked by the transform + example: Transform Calculation Rule + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - name + - operation + - includeNumbers + - includeSpecialChars + - length + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `generateRandomString` + example: generateRandomString + includeNumbers: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include numbers + example: true + includeSpecialChars: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include special characters + example: true + length: + type: string + description: | + This specifies how long the randomly generated string needs to be + + + >NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - type: object + required: + - name + - operation + - uid + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `getReferenceIdentityAttribute` + example: getReferenceIdentityAttribute + uid: + type: string + description: | + This is the SailPoint User Name (uid) value of the identity whose attribute is desired + + As a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute. + example: 2c91808570313110017040b06f344ec9 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - title: identityAttribute + type: object + required: + - name + properties: + name: + type: string + description: The system (camel-cased) name of the identity attribute to bring in + example: email + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: indexOf + type: object + required: + - substring + properties: + substring: + type: string + description: 'A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.' + example: admin_ + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: iso3166 + type: object + properties: + format: + type: string + description: | + An optional value to denote which ISO 3166 format to return. Valid values are: + + + `alpha2` - Two-character country code (e.g., "US"); this is the default value if no format is supplied + + + `alpha3` - Three-character country code (e.g., "USA") + + + `numeric` - The numeric country code (e.g., "840") + example: alpha2 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: leftPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lookup + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: | + This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched + + + >**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return "Unknown Region" for the attribute that is mapped to this transform. + example: + USA: Americas + FRA: EMEA + AUS: APAC + default: Unknown Region + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lower + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: nameNormalizer + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomAlphaNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: reference + type: object + required: + - id + properties: + id: + type: string + description: This ID specifies the name of the pre-existing transform which you want to use within your current transform + example: Existing Transform + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replaceAll + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: 'An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.' + example: + '-': ' ' + '"': '''' + ñ: 'n' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replace + type: object + required: + - regex + - replacement + properties: + regex: + type: string + description: This can be a string or a regex pattern in which you want to replace. + example: '[^a-zA-Z]' + externalDocs: + description: Regex Builder + url: 'https://regex101.com/' + replacement: + type: string + description: This is the replacement string that should be substituded wherever the string or pattern is found. + example: ' ' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: rightPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: split + type: object + required: + - delimiter + - index + properties: + delimiter: + type: string + description: 'This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data' + example: ',' + index: + type: string + description: 'An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.' + example: '5' + throws: + type: boolean + description: | + A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array) + + + `true` - The transform should return "IndexOutOfBoundsException" + + + `false` - The transform should return null + + + If not provided, the transform will default to false and return a null + example: true + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: static + type: object + required: + - values + properties: + values: + type: string + description: 'This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.' + example: string$variable + externalDocs: + description: Static Transform Documentation + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/static' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: substring + type: object + required: + - begin + properties: + begin: + type: integer + description: | + The index of the first character to include in the returned substring. + + + If `begin` is set to -1, the transform will begin at character 0 of the input data + example: 1 + format: int32 + beginOffset: + type: integer + description: | + This integer value is the number of characters to add to the begin attribute when returning a substring. + + This attribute is only used if begin is not -1. + example: 3 + format: int32 + end: + type: integer + description: | + The index of the first character to exclude from the returned substring. + + If end is -1 or not provided at all, the substring transform will return everything up to the end of the input string. + example: 6 + format: int32 + endOffset: + type: integer + description: | + This integer value is the number of characters to add to the end attribute when returning a substring. + + This attribute is only used if end is provided and is not -1. + example: 1 + format: int32 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: trim + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: upper + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: uuid + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - id + - internal + properties: + id: + type: string + description: Unique ID of this transform + example: 2cd78adghjkja34jh2b1hkjhasuecd + internal: + type: boolean + description: Indicates whether this is an internal SailPoint-created transform or a customer-created transform + example: false + default: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:transform:read' + - 'idn:transform:manage' + put: + tags: + - Transforms + summary: Update a transform + description: |- + Replaces the transform specified by the given ID with the transform provided in the request body. Only the "attributes" field is mutable. Attempting to change other properties (ex. "name" and "type") will result in an error. + A token with transform write authority is required to call this API. + operationId: updateTransform + parameters: + - name: id + in: path + description: ID of the transform to update + required: true + style: simple + explode: false + schema: + type: string + example: 2cd78adghjkja34jh2b1hkjhasuecd + requestBody: + description: 'The updated transform object. Must include "name", "type", and "attributes" fields, but "name" and "type" must not be modified.' + content: + application/json: + schema: + type: object + description: The representation of an internally- or customer-defined transform. + required: + - name + - type + - attributes + properties: + name: + type: string + description: Unique name of this transform + example: Timestamp To Date + minLength: 1 + maxLength: 50 + type: + type: string + description: The type of transform operation + enum: + - accountAttribute + - base64Decode + - base64Encode + - concat + - conditional + - dateCompare + - dateFormat + - dateMath + - decomposeDiacriticalMarks + - e164phone + - firstValid + - rule + - identityAttribute + - indexOf + - iso3166 + - lastIndexOf + - leftPad + - lookup + - lower + - normalizeNames + - randomAlphaNumeric + - randomNumeric + - reference + - replaceAll + - replace + - rightPad + - split + - static + - substring + - trim + - upper + - usernameGenerator + - uuid + - displayName + - rfc5646 + example: dateFormat + externalDocs: + description: Transform Operations + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations' + attributes: + nullable: true + description: Meta-data about the transform. Values in this list are specific to the type of transform to be executed. + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Decode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Encode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: concat + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of items to join together + example: + - John + - ' ' + - Smith + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: conditional + type: object + required: + - expression + - positiveCondition + - negativeCondition + properties: + expression: + type: string + description: |- + A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. + + The `eq` operator is the only valid comparison + example: ValueA eq ValueB + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: 'false' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateCompare + type: object + required: + - firstDate + - secondDate + - operator + - positiveCondition + - negativeCondition + properties: + firstDate: + description: This is the first date to consider (The date that would be on the left hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + secondDate: + description: This is the second date to consider (The date that would be on the right hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + operator: + type: string + description: | + This is the comparison to perform. + | Operation | Description | + | --------- | ------- | + | LT | Strictly less than: firstDate < secondDate | + | LTE | Less than or equal to: firstDate <= secondDate | + | GT | Strictly greater than: firstDate > secondDate | + | GTE | Greater than or equal to: firstDate >= secondDate | + enum: + - LT + - LTE + - GT + - GTE + example: LT + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateMath + type: object + required: + - expression + properties: + expression: + type: string + description: | + A string value of the date and time components to operation on, along with the math operations to execute. + externalDocs: + description: Date Math Expressions + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure' + example: now+1w + roundUp: + type: boolean + description: | + A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. + + + If not provided, the transform will default to `false` + + + `true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component) + + + `false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated) + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: decomposeDiacriticalMarks + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: e164phone + type: object + properties: + defaultRegion: + type: string + description: | + This is an optional attribute that can be used to define the region of the phone number to format into. + + + If defaultRegion is not provided, it will take US as the default country. + + + The format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) + example: US + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: firstValid + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of attributes to evaluate for existence. + example: + - attributes: + sourceName: Active Directory + attributeName: sAMAccountName + type: accountAttribute + - attributes: + sourceName: Okta + attributeName: login + type: accountAttribute + - attributes: + sourceName: HR Source + attributeName: employeeID + type: accountAttribute + ignoreErrors: + type: boolean + description: a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur. + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: rule + oneOf: + - type: object + required: + - name + properties: + name: + type: string + description: This is the name of the Transform rule that needs to be invoked by the transform + example: Transform Calculation Rule + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - name + - operation + - includeNumbers + - includeSpecialChars + - length + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `generateRandomString` + example: generateRandomString + includeNumbers: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include numbers + example: true + includeSpecialChars: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include special characters + example: true + length: + type: string + description: | + This specifies how long the randomly generated string needs to be + + + >NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - type: object + required: + - name + - operation + - uid + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `getReferenceIdentityAttribute` + example: getReferenceIdentityAttribute + uid: + type: string + description: | + This is the SailPoint User Name (uid) value of the identity whose attribute is desired + + As a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute. + example: 2c91808570313110017040b06f344ec9 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - title: identityAttribute + type: object + required: + - name + properties: + name: + type: string + description: The system (camel-cased) name of the identity attribute to bring in + example: email + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: indexOf + type: object + required: + - substring + properties: + substring: + type: string + description: 'A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.' + example: admin_ + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: iso3166 + type: object + properties: + format: + type: string + description: | + An optional value to denote which ISO 3166 format to return. Valid values are: + + + `alpha2` - Two-character country code (e.g., "US"); this is the default value if no format is supplied + + + `alpha3` - Three-character country code (e.g., "USA") + + + `numeric` - The numeric country code (e.g., "840") + example: alpha2 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: leftPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lookup + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: | + This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched + + + >**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return "Unknown Region" for the attribute that is mapped to this transform. + example: + USA: Americas + FRA: EMEA + AUS: APAC + default: Unknown Region + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lower + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: nameNormalizer + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomAlphaNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: reference + type: object + required: + - id + properties: + id: + type: string + description: This ID specifies the name of the pre-existing transform which you want to use within your current transform + example: Existing Transform + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replaceAll + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: 'An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.' + example: + '-': ' ' + '"': '''' + ñ: 'n' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replace + type: object + required: + - regex + - replacement + properties: + regex: + type: string + description: This can be a string or a regex pattern in which you want to replace. + example: '[^a-zA-Z]' + externalDocs: + description: Regex Builder + url: 'https://regex101.com/' + replacement: + type: string + description: This is the replacement string that should be substituded wherever the string or pattern is found. + example: ' ' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: rightPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: split + type: object + required: + - delimiter + - index + properties: + delimiter: + type: string + description: 'This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data' + example: ',' + index: + type: string + description: 'An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.' + example: '5' + throws: + type: boolean + description: | + A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array) + + + `true` - The transform should return "IndexOutOfBoundsException" + + + `false` - The transform should return null + + + If not provided, the transform will default to false and return a null + example: true + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: static + type: object + required: + - values + properties: + values: + type: string + description: 'This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.' + example: string$variable + externalDocs: + description: Static Transform Documentation + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/static' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: substring + type: object + required: + - begin + properties: + begin: + type: integer + description: | + The index of the first character to include in the returned substring. + + + If `begin` is set to -1, the transform will begin at character 0 of the input data + example: 1 + format: int32 + beginOffset: + type: integer + description: | + This integer value is the number of characters to add to the begin attribute when returning a substring. + + This attribute is only used if begin is not -1. + example: 3 + format: int32 + end: + type: integer + description: | + The index of the first character to exclude from the returned substring. + + If end is -1 or not provided at all, the substring transform will return everything up to the end of the input string. + example: 6 + format: int32 + endOffset: + type: integer + description: | + This integer value is the number of characters to add to the end attribute when returning a substring. + + This attribute is only used if end is provided and is not -1. + example: 1 + format: int32 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: trim + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: upper + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: uuid + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + example: + name: Timestamp To Date + type: dateFormat + attributes: + inputFormat: 'MMM-dd-yyyy, HH:mm:ss.SSS' + outputFormat: yyyy/dd/MM + responses: + '200': + description: Indicates the transform was successfully updated and returns its new representation. + content: + application/json: + schema: + allOf: + - type: object + description: The representation of an internally- or customer-defined transform. + required: + - name + - type + - attributes + properties: + name: + type: string + description: Unique name of this transform + example: Timestamp To Date + minLength: 1 + maxLength: 50 + type: + type: string + description: The type of transform operation + enum: + - accountAttribute + - base64Decode + - base64Encode + - concat + - conditional + - dateCompare + - dateFormat + - dateMath + - decomposeDiacriticalMarks + - e164phone + - firstValid + - rule + - identityAttribute + - indexOf + - iso3166 + - lastIndexOf + - leftPad + - lookup + - lower + - normalizeNames + - randomAlphaNumeric + - randomNumeric + - reference + - replaceAll + - replace + - rightPad + - split + - static + - substring + - trim + - upper + - usernameGenerator + - uuid + - displayName + - rfc5646 + example: dateFormat + externalDocs: + description: Transform Operations + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations' + attributes: + nullable: true + description: Meta-data about the transform. Values in this list are specific to the type of transform to be executed. + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Decode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Encode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: concat + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of items to join together + example: + - John + - ' ' + - Smith + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: conditional + type: object + required: + - expression + - positiveCondition + - negativeCondition + properties: + expression: + type: string + description: |- + A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. + + The `eq` operator is the only valid comparison + example: ValueA eq ValueB + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: 'false' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateCompare + type: object + required: + - firstDate + - secondDate + - operator + - positiveCondition + - negativeCondition + properties: + firstDate: + description: This is the first date to consider (The date that would be on the left hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + secondDate: + description: This is the second date to consider (The date that would be on the right hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + operator: + type: string + description: | + This is the comparison to perform. + | Operation | Description | + | --------- | ------- | + | LT | Strictly less than: firstDate < secondDate | + | LTE | Less than or equal to: firstDate <= secondDate | + | GT | Strictly greater than: firstDate > secondDate | + | GTE | Greater than or equal to: firstDate >= secondDate | + enum: + - LT + - LTE + - GT + - GTE + example: LT + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateMath + type: object + required: + - expression + properties: + expression: + type: string + description: | + A string value of the date and time components to operation on, along with the math operations to execute. + externalDocs: + description: Date Math Expressions + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure' + example: now+1w + roundUp: + type: boolean + description: | + A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. + + + If not provided, the transform will default to `false` + + + `true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component) + + + `false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated) + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: decomposeDiacriticalMarks + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: e164phone + type: object + properties: + defaultRegion: + type: string + description: | + This is an optional attribute that can be used to define the region of the phone number to format into. + + + If defaultRegion is not provided, it will take US as the default country. + + + The format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) + example: US + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: firstValid + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of attributes to evaluate for existence. + example: + - attributes: + sourceName: Active Directory + attributeName: sAMAccountName + type: accountAttribute + - attributes: + sourceName: Okta + attributeName: login + type: accountAttribute + - attributes: + sourceName: HR Source + attributeName: employeeID + type: accountAttribute + ignoreErrors: + type: boolean + description: a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur. + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: rule + oneOf: + - type: object + required: + - name + properties: + name: + type: string + description: This is the name of the Transform rule that needs to be invoked by the transform + example: Transform Calculation Rule + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - name + - operation + - includeNumbers + - includeSpecialChars + - length + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `generateRandomString` + example: generateRandomString + includeNumbers: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include numbers + example: true + includeSpecialChars: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include special characters + example: true + length: + type: string + description: | + This specifies how long the randomly generated string needs to be + + + >NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - type: object + required: + - name + - operation + - uid + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `getReferenceIdentityAttribute` + example: getReferenceIdentityAttribute + uid: + type: string + description: | + This is the SailPoint User Name (uid) value of the identity whose attribute is desired + + As a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute. + example: 2c91808570313110017040b06f344ec9 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - title: identityAttribute + type: object + required: + - name + properties: + name: + type: string + description: The system (camel-cased) name of the identity attribute to bring in + example: email + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: indexOf + type: object + required: + - substring + properties: + substring: + type: string + description: 'A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.' + example: admin_ + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: iso3166 + type: object + properties: + format: + type: string + description: | + An optional value to denote which ISO 3166 format to return. Valid values are: + + + `alpha2` - Two-character country code (e.g., "US"); this is the default value if no format is supplied + + + `alpha3` - Three-character country code (e.g., "USA") + + + `numeric` - The numeric country code (e.g., "840") + example: alpha2 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: leftPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lookup + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: | + This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched + + + >**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return "Unknown Region" for the attribute that is mapped to this transform. + example: + USA: Americas + FRA: EMEA + AUS: APAC + default: Unknown Region + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lower + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: nameNormalizer + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomAlphaNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: reference + type: object + required: + - id + properties: + id: + type: string + description: This ID specifies the name of the pre-existing transform which you want to use within your current transform + example: Existing Transform + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replaceAll + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: 'An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.' + example: + '-': ' ' + '"': '''' + ñ: 'n' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replace + type: object + required: + - regex + - replacement + properties: + regex: + type: string + description: This can be a string or a regex pattern in which you want to replace. + example: '[^a-zA-Z]' + externalDocs: + description: Regex Builder + url: 'https://regex101.com/' + replacement: + type: string + description: This is the replacement string that should be substituded wherever the string or pattern is found. + example: ' ' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: rightPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: split + type: object + required: + - delimiter + - index + properties: + delimiter: + type: string + description: 'This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data' + example: ',' + index: + type: string + description: 'An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.' + example: '5' + throws: + type: boolean + description: | + A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array) + + + `true` - The transform should return "IndexOutOfBoundsException" + + + `false` - The transform should return null + + + If not provided, the transform will default to false and return a null + example: true + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: static + type: object + required: + - values + properties: + values: + type: string + description: 'This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.' + example: string$variable + externalDocs: + description: Static Transform Documentation + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/static' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: substring + type: object + required: + - begin + properties: + begin: + type: integer + description: | + The index of the first character to include in the returned substring. + + + If `begin` is set to -1, the transform will begin at character 0 of the input data + example: 1 + format: int32 + beginOffset: + type: integer + description: | + This integer value is the number of characters to add to the begin attribute when returning a substring. + + This attribute is only used if begin is not -1. + example: 3 + format: int32 + end: + type: integer + description: | + The index of the first character to exclude from the returned substring. + + If end is -1 or not provided at all, the substring transform will return everything up to the end of the input string. + example: 6 + format: int32 + endOffset: + type: integer + description: | + This integer value is the number of characters to add to the end attribute when returning a substring. + + This attribute is only used if end is provided and is not -1. + example: 1 + format: int32 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: trim + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: upper + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: uuid + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - id + - internal + properties: + id: + type: string + description: Unique ID of this transform + example: 2cd78adghjkja34jh2b1hkjhasuecd + internal: + type: boolean + description: Indicates whether this is an internal SailPoint-created transform or a customer-created transform + example: false + default: false + example: + id: 2cd78adghjkja34jh2b1hkjhasuecd + name: Timestamp To Date + type: dateFormat + attributes: + inputFormat: 'MMM-dd-yyyy, HH:mm:ss.SSS' + outputFormat: yyyy/dd/MM + internal: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:transform:manage' + delete: + tags: + - Transforms + summary: Delete a transform + description: |- + Deletes the transform specified by the given ID. Attempting to delete a transform that is used in one or more Identity Profile mappings will result in an error. If this occurs, you must first remove the transform from all mappings before deleting the transform. + A token with transform delete authority is required to call this API. + operationId: deleteTransform + parameters: + - name: id + in: path + description: ID of the transform to delete + required: true + style: simple + explode: false + schema: + type: string + example: 2cd78adghjkja34jh2b1hkjhasuecd + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:transform:manage' + /work-items: + get: + operationId: listWorkItems + tags: + - Work Items + summary: List Work Items + description: 'This gets a collection of work items belonging to either the specified user(admin required), or the current user.' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: ownerId + schema: + type: string + description: ID of the work item owner. + required: false + example: 1211bcaa32112bcef6122adb21cef1ac + responses: + '200': + description: List of work items + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /work-items/completed: + get: + operationId: getCompletedWorkItems + tags: + - Work Items + summary: Completed Work Items + description: 'This gets a collection of completed work items belonging to either the specified user(admin required), or the current user.' + parameters: + - in: query + name: ownerId + schema: + type: string + description: 'The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.' + required: false + example: 1211bcaa32112bcef6122adb21cef1ac + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + responses: + '200': + description: List of completed work items. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /work-items/count: + get: + operationId: getCountWorkItems + tags: + - Work Items + summary: Count Work Items + description: 'This gets a count of work items belonging to either the specified user(admin required), or the current user.' + parameters: + - in: query + name: ownerId + schema: + type: string + description: ID of the work item owner. + required: false + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: List of work items + content: + application/json: + schema: + type: object + properties: + count: + type: integer + description: The count of work items + example: 29 + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /work-items/completed/count: + get: + operationId: getCountCompletedWorkItems + tags: + - Work Items + summary: Count Completed Work Items + description: 'This gets a count of completed work items belonging to either the specified user(admin required), or the current user.' + parameters: + - in: query + name: ownerId + schema: + type: string + description: ID of the work item owner. + required: false + example: 1211bcaa32112bcef6122adb21cef1ac + responses: + '200': + description: List of work items + content: + application/json: + schema: + type: object + properties: + count: + type: integer + description: The count of work items + example: 29 + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /work-items/summary: + get: + operationId: getWorkItemsSummary + tags: + - Work Items + summary: Work Items Summary + description: 'This gets a summary of work items belonging to either the specified user(admin required), or the current user.' + parameters: + - in: query + name: ownerId + schema: + type: string + description: ID of the work item owner. + required: false + example: 1211bcaa32112bcef6122adb21cef1ac + responses: + '200': + description: List of work items + content: + application/json: + schema: + type: object + properties: + open: + type: integer + description: The count of open work items + example: 29 + completed: + type: integer + description: The count of completed work items + example: 1 + total: + type: integer + description: The count of total work items + example: 30 + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/work-items/{id}': + get: + operationId: getWorkItem + tags: + - Work Items + summary: Get a Work Item + description: 'This gets the details of a Work Item belonging to either the specified user(admin required), or the current user.' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the work item. + example: 2c9180835d191a86015d28455b4a2329 + responses: + '200': + description: The work item with the given ID. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: completeWorkItem + tags: + - Work Items + summary: Complete a Work Item + description: 'This API completes a work item. Either an admin, or the owning/current user must make this request.' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the work item + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: A WorkItems object + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/work-items/{id}/approve/{approvalItemId}': + post: + operationId: approveApprovalItem + tags: + - Work Items + summary: Approve an Approval Item + description: 'This API approves an Approval Item. Either an admin, or the owning/current user must make this request.' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the work item + example: ef38f94347e94562b5bb8424a56397d8 + - in: path + name: approvalItemId + schema: + type: string + required: true + description: The ID of the approval item. + example: 1211bcaa32112bcef6122adb21cef1ac + responses: + '200': + description: A work items details object. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/work-items/{id}/reject/{approvalItemId}': + post: + operationId: rejectApprovalItem + tags: + - Work Items + summary: Reject an Approval Item + description: 'This API rejects an Approval Item. Either an admin, or the owning/current user must make this request.' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the work item + example: ef38f94347e94562b5bb8424a56397d8 + - in: path + name: approvalItemId + schema: + type: string + required: true + description: The ID of the approval item. + example: 1211bcaa32112bcef6122adb21cef1ac + responses: + '200': + description: A work items details object. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/work-items/bulk-approve/{id}': + post: + operationId: approveApprovalItemsInBulk + tags: + - Work Items + summary: Bulk approve Approval Items + description: 'This API bulk approves Approval Items. Either an admin, or the owning/current user must make this request.' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the work item + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: A work items details object. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/work-items/bulk-reject/{id}': + post: + operationId: rejectApprovalItemsInBulk + tags: + - Work Items + summary: Bulk reject Approval Items + description: 'This API bulk rejects Approval Items. Either an admin, or the owning/current user must make this request.' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the work item + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '200': + description: A work items details object. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/work-items/{id}/submit-account-selection': + post: + operationId: submitAccountSelection + tags: + - Work Items + summary: Submit Account Selections + description: 'This API submits account selections. Either an admin, or the owning/current user must make this request.' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the work item + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + additionalProperties: true + example: + fieldName: fieldValue + description: 'Account Selection Data map, keyed on fieldName' + responses: + '200': + description: A work items details object. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /workflows: + get: + operationId: listWorkflows + tags: + - Workflows + summary: List Workflows + description: List all workflows in the tenant. + security: + - UserContextAuth: + - 'sp:workflow:read' + responses: + '200': + description: List of workflows + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + properties: + id: + type: string + description: Workflow ID. This is a UUID generated upon creation. + example: d201c5e9-d37b-4aff-af14-66414f39d569 + executionCount: + type: integer + format: int32 + description: The number of times this workflow has been executed. + example: 2 + failureCount: + type: integer + format: int32 + description: The number of times this workflow has failed during execution. + example: 0 + created: + type: string + format: date-time + description: The date and time the workflow was created. + example: '2022-01-10T16:06:16.636381447Z' + modified: + type: string + format: date-time + description: The date and time the workflow was modified. + example: 2023-12-05T15:18:27.699Z + modifiedBy: + type: object + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Identity ID + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Human-readable display name of identity. + example: Thomas Edison + creator: + type: object + description: Workflow creator's identity. + properties: + type: + type: string + description: Workflow creator's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Workflow creator's identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Workflow creator's display name. + example: Michael Michaels + - type: object + properties: + name: + type: string + description: The name of the workflow + example: Send Email + owner: + type: object + description: The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object that is referenced + id: + type: string + description: The unique ID of the object + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The name of the object + example: William Wilson + description: + type: string + description: Description of what the workflow accomplishes + example: Send an email to the identity who's attributes changed. + definition: + type: object + description: The map of steps that the workflow will execute. + properties: + start: + type: string + description: The name of the starting step. + example: Send Email Test + steps: + type: object + description: One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type. + additionalProperties: true + example: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: ACTION + success: + type: success + enabled: + type: boolean + description: Enable or disable the workflow. Workflows cannot be created in an enabled state. + default: false + example: false + trigger: + type: object + description: The trigger that starts the workflow + required: + - type + - attributes + properties: + type: + type: string + enum: + - EVENT + - EXTERNAL + - SCHEDULED + example: EVENT + description: The trigger type + displayName: + type: string + nullable: true + attributes: + oneOf: + - title: Event Trigger Attributes + type: object + description: Attributes related to an IdentityNow ETS event + additionalProperties: false + required: + - id + properties: + id: + type: string + description: The unique ID of the trigger + example: 'idn:identity-attributes-changed' + filter.$: + type: string + description: JSON path expression that will limit which events the trigger will fire on + example: '$.changes[?(@.attribute == ''manager'')]' + description: + type: string + description: Description of the event trigger + - title: External Trigger Attributes + type: object + description: Attributes related to an external trigger + additionalProperties: false + properties: + name: + type: string + description: A unique name for the external trigger + example: search-and-notify + description: + type: string + description: Additonal context about the external trigger + example: Run a search and notify the results + clientId: + type: string + description: OAuth Client ID to authenticate with this trigger + example: 87e239b2-b85b-4bde-b9a7-55bf304ddcdc + url: + type: string + description: URL to invoke this workflow + example: 'https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d' + - title: Scheduled Trigger Attributes + type: object + description: Attributes related to a scheduled trigger + additionalProperties: false + required: + - frequency + properties: + cronString: + type: string + description: A valid CRON expression + externalDocs: + description: CRON expression editor + url: 'https://crontab.guru/' + example: 0 9 * * 1 + frequency: + type: string + description: Frequency of execution + enum: + - daily + - weekly + - monthly + - yearly + - cronSchedule + timeZone: + type: string + description: Time zone identifier + example: America/Chicago + weeklyDays: + type: array + items: + type: string + example: Monday + description: Scheduled days of the week for execution + weeklyTimes: + type: array + items: + type: string + example: Monday + description: Scheduled execution times + description: Workflow Trigger Attributes. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workflows/{id}': + get: + operationId: getWorkflow + tags: + - Workflows + summary: Get Workflow By Id + description: Get a single workflow by id. + security: + - UserContextAuth: + - 'sp:workflow:read' + parameters: + - name: id + in: path + description: Id of the workflow + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + responses: + '200': + description: The workflow object + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + description: Workflow ID. This is a UUID generated upon creation. + example: d201c5e9-d37b-4aff-af14-66414f39d569 + executionCount: + type: integer + format: int32 + description: The number of times this workflow has been executed. + example: 2 + failureCount: + type: integer + format: int32 + description: The number of times this workflow has failed during execution. + example: 0 + created: + type: string + format: date-time + description: The date and time the workflow was created. + example: '2022-01-10T16:06:16.636381447Z' + modified: + type: string + format: date-time + description: The date and time the workflow was modified. + example: 2023-12-05T15:18:27.699Z + modifiedBy: + type: object + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Identity ID + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Human-readable display name of identity. + example: Thomas Edison + creator: + type: object + description: Workflow creator's identity. + properties: + type: + type: string + description: Workflow creator's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Workflow creator's identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Workflow creator's display name. + example: Michael Michaels + - type: object + properties: + name: + type: string + description: The name of the workflow + example: Send Email + owner: + type: object + description: The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object that is referenced + id: + type: string + description: The unique ID of the object + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The name of the object + example: William Wilson + description: + type: string + description: Description of what the workflow accomplishes + example: Send an email to the identity who's attributes changed. + definition: + type: object + description: The map of steps that the workflow will execute. + properties: + start: + type: string + description: The name of the starting step. + example: Send Email Test + steps: + type: object + description: One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type. + additionalProperties: true + example: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: ACTION + success: + type: success + enabled: + type: boolean + description: Enable or disable the workflow. Workflows cannot be created in an enabled state. + default: false + example: false + trigger: + type: object + description: The trigger that starts the workflow + required: + - type + - attributes + properties: + type: + type: string + enum: + - EVENT + - EXTERNAL + - SCHEDULED + example: EVENT + description: The trigger type + displayName: + type: string + nullable: true + attributes: + oneOf: + - title: Event Trigger Attributes + type: object + description: Attributes related to an IdentityNow ETS event + additionalProperties: false + required: + - id + properties: + id: + type: string + description: The unique ID of the trigger + example: 'idn:identity-attributes-changed' + filter.$: + type: string + description: JSON path expression that will limit which events the trigger will fire on + example: '$.changes[?(@.attribute == ''manager'')]' + description: + type: string + description: Description of the event trigger + - title: External Trigger Attributes + type: object + description: Attributes related to an external trigger + additionalProperties: false + properties: + name: + type: string + description: A unique name for the external trigger + example: search-and-notify + description: + type: string + description: Additonal context about the external trigger + example: Run a search and notify the results + clientId: + type: string + description: OAuth Client ID to authenticate with this trigger + example: 87e239b2-b85b-4bde-b9a7-55bf304ddcdc + url: + type: string + description: URL to invoke this workflow + example: 'https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d' + - title: Scheduled Trigger Attributes + type: object + description: Attributes related to a scheduled trigger + additionalProperties: false + required: + - frequency + properties: + cronString: + type: string + description: A valid CRON expression + externalDocs: + description: CRON expression editor + url: 'https://crontab.guru/' + example: 0 9 * * 1 + frequency: + type: string + description: Frequency of execution + enum: + - daily + - weekly + - monthly + - yearly + - cronSchedule + timeZone: + type: string + description: Time zone identifier + example: America/Chicago + weeklyDays: + type: array + items: + type: string + example: Monday + description: Scheduled days of the week for execution + weeklyTimes: + type: array + items: + type: string + example: Monday + description: Scheduled execution times + description: Workflow Trigger Attributes. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putWorkflow + tags: + - Workflows + summary: Update Workflow + description: Perform a full update of a workflow. The updated workflow object is returned in the response. + security: + - UserContextAuth: + - 'sp:workflow:manage' + parameters: + - name: id + in: path + description: Id of the Workflow + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: The name of the workflow + example: Send Email + owner: + type: object + description: The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object that is referenced + id: + type: string + description: The unique ID of the object + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The name of the object + example: William Wilson + description: + type: string + description: Description of what the workflow accomplishes + example: Send an email to the identity who's attributes changed. + definition: + type: object + description: The map of steps that the workflow will execute. + properties: + start: + type: string + description: The name of the starting step. + example: Send Email Test + steps: + type: object + description: One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type. + additionalProperties: true + example: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: ACTION + success: + type: success + enabled: + type: boolean + description: Enable or disable the workflow. Workflows cannot be created in an enabled state. + default: false + example: false + trigger: + type: object + description: The trigger that starts the workflow + required: + - type + - attributes + properties: + type: + type: string + enum: + - EVENT + - EXTERNAL + - SCHEDULED + example: EVENT + description: The trigger type + displayName: + type: string + nullable: true + attributes: + oneOf: + - title: Event Trigger Attributes + type: object + description: Attributes related to an IdentityNow ETS event + additionalProperties: false + required: + - id + properties: + id: + type: string + description: The unique ID of the trigger + example: 'idn:identity-attributes-changed' + filter.$: + type: string + description: JSON path expression that will limit which events the trigger will fire on + example: '$.changes[?(@.attribute == ''manager'')]' + description: + type: string + description: Description of the event trigger + - title: External Trigger Attributes + type: object + description: Attributes related to an external trigger + additionalProperties: false + properties: + name: + type: string + description: A unique name for the external trigger + example: search-and-notify + description: + type: string + description: Additonal context about the external trigger + example: Run a search and notify the results + clientId: + type: string + description: OAuth Client ID to authenticate with this trigger + example: 87e239b2-b85b-4bde-b9a7-55bf304ddcdc + url: + type: string + description: URL to invoke this workflow + example: 'https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d' + - title: Scheduled Trigger Attributes + type: object + description: Attributes related to a scheduled trigger + additionalProperties: false + required: + - frequency + properties: + cronString: + type: string + description: A valid CRON expression + externalDocs: + description: CRON expression editor + url: 'https://crontab.guru/' + example: 0 9 * * 1 + frequency: + type: string + description: Frequency of execution + enum: + - daily + - weekly + - monthly + - yearly + - cronSchedule + timeZone: + type: string + description: Time zone identifier + example: America/Chicago + weeklyDays: + type: array + items: + type: string + example: Monday + description: Scheduled days of the week for execution + weeklyTimes: + type: array + items: + type: string + example: Monday + description: Scheduled execution times + description: Workflow Trigger Attributes. + responses: + '200': + description: The Workflow object + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + description: Workflow ID. This is a UUID generated upon creation. + example: d201c5e9-d37b-4aff-af14-66414f39d569 + executionCount: + type: integer + format: int32 + description: The number of times this workflow has been executed. + example: 2 + failureCount: + type: integer + format: int32 + description: The number of times this workflow has failed during execution. + example: 0 + created: + type: string + format: date-time + description: The date and time the workflow was created. + example: '2022-01-10T16:06:16.636381447Z' + modified: + type: string + format: date-time + description: The date and time the workflow was modified. + example: 2023-12-05T15:18:27.699Z + modifiedBy: + type: object + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Identity ID + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Human-readable display name of identity. + example: Thomas Edison + creator: + type: object + description: Workflow creator's identity. + properties: + type: + type: string + description: Workflow creator's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Workflow creator's identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Workflow creator's display name. + example: Michael Michaels + - type: object + properties: + name: + type: string + description: The name of the workflow + example: Send Email + owner: + type: object + description: The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object that is referenced + id: + type: string + description: The unique ID of the object + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The name of the object + example: William Wilson + description: + type: string + description: Description of what the workflow accomplishes + example: Send an email to the identity who's attributes changed. + definition: + type: object + description: The map of steps that the workflow will execute. + properties: + start: + type: string + description: The name of the starting step. + example: Send Email Test + steps: + type: object + description: One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type. + additionalProperties: true + example: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: ACTION + success: + type: success + enabled: + type: boolean + description: Enable or disable the workflow. Workflows cannot be created in an enabled state. + default: false + example: false + trigger: + type: object + description: The trigger that starts the workflow + required: + - type + - attributes + properties: + type: + type: string + enum: + - EVENT + - EXTERNAL + - SCHEDULED + example: EVENT + description: The trigger type + displayName: + type: string + nullable: true + attributes: + oneOf: + - title: Event Trigger Attributes + type: object + description: Attributes related to an IdentityNow ETS event + additionalProperties: false + required: + - id + properties: + id: + type: string + description: The unique ID of the trigger + example: 'idn:identity-attributes-changed' + filter.$: + type: string + description: JSON path expression that will limit which events the trigger will fire on + example: '$.changes[?(@.attribute == ''manager'')]' + description: + type: string + description: Description of the event trigger + - title: External Trigger Attributes + type: object + description: Attributes related to an external trigger + additionalProperties: false + properties: + name: + type: string + description: A unique name for the external trigger + example: search-and-notify + description: + type: string + description: Additonal context about the external trigger + example: Run a search and notify the results + clientId: + type: string + description: OAuth Client ID to authenticate with this trigger + example: 87e239b2-b85b-4bde-b9a7-55bf304ddcdc + url: + type: string + description: URL to invoke this workflow + example: 'https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d' + - title: Scheduled Trigger Attributes + type: object + description: Attributes related to a scheduled trigger + additionalProperties: false + required: + - frequency + properties: + cronString: + type: string + description: A valid CRON expression + externalDocs: + description: CRON expression editor + url: 'https://crontab.guru/' + example: 0 9 * * 1 + frequency: + type: string + description: Frequency of execution + enum: + - daily + - weekly + - monthly + - yearly + - cronSchedule + timeZone: + type: string + description: Time zone identifier + example: America/Chicago + weeklyDays: + type: array + items: + type: string + example: Monday + description: Scheduled days of the week for execution + weeklyTimes: + type: array + items: + type: string + example: Monday + description: Scheduled execution times + description: Workflow Trigger Attributes. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchWorkflow + tags: + - Workflows + summary: Patch Workflow + description: 'Partially update an existing Workflow using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.' + security: + - UserContextAuth: + - 'sp:workflow:manage' + parameters: + - name: id + in: path + description: Id of the Workflow + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + requestBody: + required: true + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + examples: + Update all patchable fields: + description: Demonstrate how to update each patchable field in one PATCH request. + value: + - op: replace + path: /name + value: Send Email + - op: replace + path: /owner + value: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: William Wilson + - op: replace + path: /description + value: Send an email to the identity who's attributes changed. + - op: replace + path: /enabled + value: false + - op: replace + path: /definition + value: + start: Send Email Test + steps: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: action + success: + type: success + - op: replace + path: /trigger + value: + type: EVENT + attributes: + id: 'idn:identity-attributes-changed' + responses: + '200': + description: The Workflow object + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + description: Workflow ID. This is a UUID generated upon creation. + example: d201c5e9-d37b-4aff-af14-66414f39d569 + executionCount: + type: integer + format: int32 + description: The number of times this workflow has been executed. + example: 2 + failureCount: + type: integer + format: int32 + description: The number of times this workflow has failed during execution. + example: 0 + created: + type: string + format: date-time + description: The date and time the workflow was created. + example: '2022-01-10T16:06:16.636381447Z' + modified: + type: string + format: date-time + description: The date and time the workflow was modified. + example: 2023-12-05T15:18:27.699Z + modifiedBy: + type: object + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Identity ID + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Human-readable display name of identity. + example: Thomas Edison + creator: + type: object + description: Workflow creator's identity. + properties: + type: + type: string + description: Workflow creator's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Workflow creator's identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Workflow creator's display name. + example: Michael Michaels + - type: object + properties: + name: + type: string + description: The name of the workflow + example: Send Email + owner: + type: object + description: The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object that is referenced + id: + type: string + description: The unique ID of the object + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The name of the object + example: William Wilson + description: + type: string + description: Description of what the workflow accomplishes + example: Send an email to the identity who's attributes changed. + definition: + type: object + description: The map of steps that the workflow will execute. + properties: + start: + type: string + description: The name of the starting step. + example: Send Email Test + steps: + type: object + description: One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type. + additionalProperties: true + example: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: ACTION + success: + type: success + enabled: + type: boolean + description: Enable or disable the workflow. Workflows cannot be created in an enabled state. + default: false + example: false + trigger: + type: object + description: The trigger that starts the workflow + required: + - type + - attributes + properties: + type: + type: string + enum: + - EVENT + - EXTERNAL + - SCHEDULED + example: EVENT + description: The trigger type + displayName: + type: string + nullable: true + attributes: + oneOf: + - title: Event Trigger Attributes + type: object + description: Attributes related to an IdentityNow ETS event + additionalProperties: false + required: + - id + properties: + id: + type: string + description: The unique ID of the trigger + example: 'idn:identity-attributes-changed' + filter.$: + type: string + description: JSON path expression that will limit which events the trigger will fire on + example: '$.changes[?(@.attribute == ''manager'')]' + description: + type: string + description: Description of the event trigger + - title: External Trigger Attributes + type: object + description: Attributes related to an external trigger + additionalProperties: false + properties: + name: + type: string + description: A unique name for the external trigger + example: search-and-notify + description: + type: string + description: Additonal context about the external trigger + example: Run a search and notify the results + clientId: + type: string + description: OAuth Client ID to authenticate with this trigger + example: 87e239b2-b85b-4bde-b9a7-55bf304ddcdc + url: + type: string + description: URL to invoke this workflow + example: 'https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d' + - title: Scheduled Trigger Attributes + type: object + description: Attributes related to a scheduled trigger + additionalProperties: false + required: + - frequency + properties: + cronString: + type: string + description: A valid CRON expression + externalDocs: + description: CRON expression editor + url: 'https://crontab.guru/' + example: 0 9 * * 1 + frequency: + type: string + description: Frequency of execution + enum: + - daily + - weekly + - monthly + - yearly + - cronSchedule + timeZone: + type: string + description: Time zone identifier + example: America/Chicago + weeklyDays: + type: array + items: + type: string + example: Monday + description: Scheduled days of the week for execution + weeklyTimes: + type: array + items: + type: string + example: Monday + description: Scheduled execution times + description: Workflow Trigger Attributes. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteWorkflow + tags: + - Workflows + summary: Delete Workflow By Id + description: Delete a workflow. **Enabled workflows cannot be deleted**. They must first be disabled. + security: + - UserContextAuth: + - 'sp:workflow:manage' + parameters: + - name: id + in: path + description: Id of the Workflow + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createWorkflow + tags: + - Workflows + summary: Create Workflow + description: Create a new workflow with the desired trigger and steps specified in the request body. + security: + - UserContextAuth: + - 'sp:workflow:manage' + requestBody: + required: true + content: + application/json: + schema: + allOf: + - required: + - name + - owner + - type: object + properties: + name: + type: string + description: The name of the workflow + example: Send Email + owner: + type: object + description: The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object that is referenced + id: + type: string + description: The unique ID of the object + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The name of the object + example: William Wilson + description: + type: string + description: Description of what the workflow accomplishes + example: Send an email to the identity who's attributes changed. + definition: + type: object + description: The map of steps that the workflow will execute. + properties: + start: + type: string + description: The name of the starting step. + example: Send Email Test + steps: + type: object + description: One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type. + additionalProperties: true + example: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: ACTION + success: + type: success + enabled: + type: boolean + description: Enable or disable the workflow. Workflows cannot be created in an enabled state. + default: false + example: false + trigger: + type: object + description: The trigger that starts the workflow + required: + - type + - attributes + properties: + type: + type: string + enum: + - EVENT + - EXTERNAL + - SCHEDULED + example: EVENT + description: The trigger type + displayName: + type: string + nullable: true + attributes: + oneOf: + - title: Event Trigger Attributes + type: object + description: Attributes related to an IdentityNow ETS event + additionalProperties: false + required: + - id + properties: + id: + type: string + description: The unique ID of the trigger + example: 'idn:identity-attributes-changed' + filter.$: + type: string + description: JSON path expression that will limit which events the trigger will fire on + example: '$.changes[?(@.attribute == ''manager'')]' + description: + type: string + description: Description of the event trigger + - title: External Trigger Attributes + type: object + description: Attributes related to an external trigger + additionalProperties: false + properties: + name: + type: string + description: A unique name for the external trigger + example: search-and-notify + description: + type: string + description: Additonal context about the external trigger + example: Run a search and notify the results + clientId: + type: string + description: OAuth Client ID to authenticate with this trigger + example: 87e239b2-b85b-4bde-b9a7-55bf304ddcdc + url: + type: string + description: URL to invoke this workflow + example: 'https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d' + - title: Scheduled Trigger Attributes + type: object + description: Attributes related to a scheduled trigger + additionalProperties: false + required: + - frequency + properties: + cronString: + type: string + description: A valid CRON expression + externalDocs: + description: CRON expression editor + url: 'https://crontab.guru/' + example: 0 9 * * 1 + frequency: + type: string + description: Frequency of execution + enum: + - daily + - weekly + - monthly + - yearly + - cronSchedule + timeZone: + type: string + description: Time zone identifier + example: America/Chicago + weeklyDays: + type: array + items: + type: string + example: Monday + description: Scheduled days of the week for execution + weeklyTimes: + type: array + items: + type: string + example: Monday + description: Scheduled execution times + description: Workflow Trigger Attributes. + examples: + Event Trigger: + description: Workflow initiated by an event trigger + value: + name: Send Email + owner: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: William Wilson + description: Send an email to the identity who's attributes changed. + definition: + start: Send Email Test + steps: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: action + success: + type: success + enabled: false + trigger: + type: EVENT + attributes: + id: 'idn:identity-attributes-changed' + filter: '$.changes[?(@.attribute == ''manager'')]' + Scheduled Trigger: + description: Workflow initiated by a scheduled trigger + value: + name: Send Email + owner: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: William Wilson + description: Send an email to the identity who's attributes changed. + definition: + start: Send Email Test + steps: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: action + success: + type: success + enabled: false + trigger: + type: SCHEDULED + attributes: + cronString: 0 * */3 */5 * + External Trigger: + description: Workflow initiated by an external trigger + value: + name: Send Email + owner: + type: IDENTITY + id: 2c91808568c529c60168cca6f90c1313 + name: William Wilson + description: Send an email to the identity whose attributes changed. + definition: + start: Send Email Test + steps: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: action + success: + type: success + enabled: false + trigger: + type: EXTERNAL + attributes: + name: search-and-notify + description: Run a search and notify the results + responses: + '200': + description: The Workflow object + content: + application/json: + schema: + allOf: + - type: object + properties: + id: + type: string + description: Workflow ID. This is a UUID generated upon creation. + example: d201c5e9-d37b-4aff-af14-66414f39d569 + executionCount: + type: integer + format: int32 + description: The number of times this workflow has been executed. + example: 2 + failureCount: + type: integer + format: int32 + description: The number of times this workflow has failed during execution. + example: 0 + created: + type: string + format: date-time + description: The date and time the workflow was created. + example: '2022-01-10T16:06:16.636381447Z' + modified: + type: string + format: date-time + description: The date and time the workflow was modified. + example: 2023-12-05T15:18:27.699Z + modifiedBy: + type: object + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Identity ID + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Human-readable display name of identity. + example: Thomas Edison + creator: + type: object + description: Workflow creator's identity. + properties: + type: + type: string + description: Workflow creator's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Workflow creator's identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Workflow creator's display name. + example: Michael Michaels + - type: object + properties: + name: + type: string + description: The name of the workflow + example: Send Email + owner: + type: object + description: The identity that owns the workflow. The owner's permissions in IDN will determine what actions the workflow is allowed to perform. Ownership can be changed by updating the owner in a PUT or PATCH request. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: The type of object that is referenced + id: + type: string + description: The unique ID of the object + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: The name of the object + example: William Wilson + description: + type: string + description: Description of what the workflow accomplishes + example: Send an email to the identity who's attributes changed. + definition: + type: object + description: The map of steps that the workflow will execute. + properties: + start: + type: string + description: The name of the starting step. + example: Send Email Test + steps: + type: object + description: One or more step objects that comprise this workflow. Please see the Workflow documentation to see the JSON schema for each step type. + additionalProperties: true + example: + Send Email: + actionId: 'sp:send-email' + attributes: + body: This is a test + from: sailpoint@sailpoint.com + recipientId.$: $.identity.id + subject: test + nextStep: success + selectResult: null + type: ACTION + success: + type: success + enabled: + type: boolean + description: Enable or disable the workflow. Workflows cannot be created in an enabled state. + default: false + example: false + trigger: + type: object + description: The trigger that starts the workflow + required: + - type + - attributes + properties: + type: + type: string + enum: + - EVENT + - EXTERNAL + - SCHEDULED + example: EVENT + description: The trigger type + displayName: + type: string + nullable: true + attributes: + oneOf: + - title: Event Trigger Attributes + type: object + description: Attributes related to an IdentityNow ETS event + additionalProperties: false + required: + - id + properties: + id: + type: string + description: The unique ID of the trigger + example: 'idn:identity-attributes-changed' + filter.$: + type: string + description: JSON path expression that will limit which events the trigger will fire on + example: '$.changes[?(@.attribute == ''manager'')]' + description: + type: string + description: Description of the event trigger + - title: External Trigger Attributes + type: object + description: Attributes related to an external trigger + additionalProperties: false + properties: + name: + type: string + description: A unique name for the external trigger + example: search-and-notify + description: + type: string + description: Additonal context about the external trigger + example: Run a search and notify the results + clientId: + type: string + description: OAuth Client ID to authenticate with this trigger + example: 87e239b2-b85b-4bde-b9a7-55bf304ddcdc + url: + type: string + description: URL to invoke this workflow + example: 'https://tenant.api.identitynow.com/beta/workflows/execute/external/c79e0079-562c-4df5-aa73-60a9e25c916d' + - title: Scheduled Trigger Attributes + type: object + description: Attributes related to a scheduled trigger + additionalProperties: false + required: + - frequency + properties: + cronString: + type: string + description: A valid CRON expression + externalDocs: + description: CRON expression editor + url: 'https://crontab.guru/' + example: 0 9 * * 1 + frequency: + type: string + description: Frequency of execution + enum: + - daily + - weekly + - monthly + - yearly + - cronSchedule + timeZone: + type: string + description: Time zone identifier + example: America/Chicago + weeklyDays: + type: array + items: + type: string + example: Monday + description: Scheduled days of the week for execution + weeklyTimes: + type: array + items: + type: string + example: Monday + description: Scheduled execution times + description: Workflow Trigger Attributes. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workflows/{id}/test': + post: + operationId: testWorkflow + tags: + - Workflows + summary: Test Workflow By Id + description: |- + Test a workflow with the provided input data. The input data should resemble the input that the trigger will send the workflow. See the [event trigger documentation](https://developer.sailpoint.com/idn/docs/event-triggers/available) for an example input for the trigger that initiates this workflow. + This endpoint will return an execution ID, which can be used to lookup more information about the execution using the `Get a Workflow Execution` endpoint. + **This will cause a live run of the workflow, which could result in unintended modifications to your IDN tenant.** + security: + - UserContextAuth: + - 'sp:workflow-execute:external' + parameters: + - name: id + in: path + description: Id of the workflow + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - input + properties: + input: + type: object + description: The test input for the workflow. + examples: + Identity Attributes Changed: + description: Identity Attributes Changed Trigger Input + value: + input: + identity: + id: ee769173319b41d19ccec6cea52f237b + name: john.doe + type: IDENTITY + changes: + - attribute: department + oldValue: sales + newValue: marketing + - attribute: manager + oldValue: + id: ee769173319b41d19ccec6c235423237b + name: nice.guy + type: IDENTITY + newValue: + id: ee769173319b41d19ccec6c235423236c + name: mean.guy + type: IDENTITY + - attribute: email + oldValue: john.doe@hotmail.com + newValue: john.doe@gmail.com + responses: + '200': + description: The Workflow object + content: + application/json: + schema: + type: object + properties: + workflowExecutionId: + type: string + description: The workflow execution id + example: 0e11cefa-96e7-4b67-90d0-065bc1da5753 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workflows/{id}/executions': + get: + operationId: getWorkflowExecutions + tags: + - Workflows + summary: List Workflow Executions + description: |- + Use this API to list a specified workflow's executions. Workflow executions are available for up to 90 days before being archived. By default, you can get a maximum of 250 executions. To get executions past the first 250 records, you can do the following: + 1. Use the [Get Workflows](https://developer.sailpoint.com/idn/api/beta/list-workflows) endpoint to get your workflows. + 2. Get your workflow ID from the response. + 3. You can then do either of the following: + + - Filter to find relevant workflow executions. + For example, you can filter for failed workflow executions: `GET /workflows/:workflowID/executions?filters=status eq "Failed"` + + - Paginate through results with the `offset` parameter. + For example, you can page through 50 executions per page and use that as a way to get to the records past the first 250. + Refer to [Paginating Results](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results) for more information about the query parameters you can use to achieve pagination. + security: + - UserContextAuth: + - 'sp:workflow:read' + parameters: + - name: id + in: path + description: Workflow ID. + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + example: status eq "Failed" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **startTime**: *eq, lt, le, gt, ge* + + **status**: *eq* + required: false + responses: + '200': + description: List of workflow executions for the specified workflow. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Workflow execution ID. + example: b393f4e2-4785-4d7f-ab27-3a6b8ded4c81 + workflowId: + type: string + description: Workflow ID. + example: d201c5d9-d37b-4a2f-af14-66414f39d568 + requestId: + type: string + description: Backend ID that tracks a workflow request in the system. Provide this ID in a customer support ticket for debugging purposes. + example: 41e12a74fa7b4a6a98ae47887b64acdb + startTime: + type: string + format: date-time + description: Date/time when the workflow started. + example: '2022-02-07T20:13:29.356648026Z' + closeTime: + type: string + format: date-time + description: Date/time when the workflow ended. + example: '2022-02-07T20:13:31.682410165Z' + status: + description: Workflow execution status. + type: string + enum: + - Completed + - Failed + - Canceled + - Executing + example: Completed + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workflow-executions/{id}': + get: + operationId: getWorkflowExecution + tags: + - Workflows + summary: Get Workflow Execution + description: 'Use this API to get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a "404 Not Found" response.' + security: + - UserContextAuth: + - 'sp:workflow:read' + parameters: + - name: id + in: path + description: Workflow execution ID. + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + responses: + '200': + description: Workflow execution. + content: + application/json: + schema: + items: + type: object + properties: + id: + type: string + description: Workflow execution ID. + example: b393f4e2-4785-4d7f-ab27-3a6b8ded4c81 + workflowId: + type: string + description: Workflow ID. + example: d201c5d9-d37b-4a2f-af14-66414f39d568 + requestId: + type: string + description: Backend ID that tracks a workflow request in the system. Provide this ID in a customer support ticket for debugging purposes. + example: 41e12a74fa7b4a6a98ae47887b64acdb + startTime: + type: string + format: date-time + description: Date/time when the workflow started. + example: '2022-02-07T20:13:29.356648026Z' + closeTime: + type: string + format: date-time + description: Date/time when the workflow ended. + example: '2022-02-07T20:13:31.682410165Z' + status: + description: Workflow execution status. + type: string + enum: + - Completed + - Failed + - Canceled + - Executing + example: Completed + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workflow-executions/{id}/history': + get: + operationId: getWorkflowExecutionHistory + tags: + - Workflows + summary: Get Workflow Execution History + description: 'Get a detailed history of a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a 404 Not Found.' + security: + - UserContextAuth: + - 'sp:workflow:read' + parameters: + - name: id + in: path + description: Id of the workflow execution + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + responses: + '200': + description: List of workflow execution events for the given workflow execution + content: + application/json: + schema: + type: array + items: + type: object + properties: + type: + description: The type of event + enum: + - WorkflowExecutionScheduled + - WorkflowExecutionStarted + - WorkflowExecutionCompleted + - WorkflowExecutionFailed + - WorkflowTaskScheduled + - WorkflowTaskStarted + - WorkflowTaskCompleted + - WorkflowTaskFailed + - ActivityTaskScheduled + - ActivityTaskStarted + - ActivityTaskCompleted + - ActivityTaskFailed + example: WorkflowTaskScheduled + timestamp: + type: string + format: date-time + description: The date-time when the event occurred + example: '2022-02-07T20:13:31.640618296Z' + attributes: + type: object + description: Additional attributes associated with the event + example: {} + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workflow-executions/{id}/cancel': + post: + operationId: cancelWorkflowExecution + tags: + - Workflows + summary: Cancel Workflow Execution by ID + description: Use this API to cancel a running workflow execution. + security: + - UserContextAuth: + - 'sp:workflow-execute:external' + parameters: + - name: id + in: path + description: The workflow execution ID + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /workflow-library: + get: + operationId: listCompleteWorkflowLibrary + tags: + - Workflows + summary: List Complete Workflow Library + description: 'This lists all triggers, actions, and operators in the library' + externalDocs: + description: Additional documentation for workflows + url: 'https://documentation.sailpoint.com/saas/help/workflows/workflow-steps.html' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + security: + - UserContextAuth: + - 'sp:workflow:read' + responses: + '200': + description: List of workflow steps + content: + application/json: + schema: + type: array + items: + anyOf: + - title: Workflow Action + type: object + properties: + id: + type: string + description: Action ID. This is a static namespaced ID for the action + example: 'sp:create-campaign' + name: + type: string + description: Action Name + example: Create Certification Campaign + type: + type: string + description: Action type + example: ACTION + description: + type: string + description: Action Description + example: Generates a certification campaign. + formFields: + nullable: true + type: array + description: One or more inputs that the action accepts + items: + type: object + properties: + description: + type: string + description: Description of the form field + example: First value to compare + helpText: + type: string + description: Describes the form field in the UI + example: The name to give to this certification campaign. + label: + type: string + description: A human readable name for this form field in the UI + example: Campaign Name + name: + type: string + description: The name of the input attribute + example: name + required: + type: boolean + description: Denotes if this field is a required attribute + example: false + default: false + type: + description: The type of the form field + type: string + nullable: true + enum: + - text + - textarea + - boolean + - email + - url + - number + - json + - checkbox + - jsonpath + - select + - multiType + - duration + - toggle + - formPicker + - identityPicker + - governanceGroupPicker + - string + - object + - array + - secret + - keyValuePairs + - emailPicker + - advancedToggle + - variableCreator + - htmlEditor + example: text + exampleOutput: + oneOf: + - type: object + description: Example output + - type: array + items: + type: object + deprecated: + type: boolean + deprecatedBy: + type: string + format: date-time + versionNumber: + type: integer + description: Version number + isSimulationEnabled: + type: boolean + isDynamicSchema: + type: boolean + description: 'Determines whether the dynamic output schema is returned in place of the action''s output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.' + example: false + default: false + outputSchema: + type: object + description: 'Defines the output schema, if any, that this action produces.' + example: + definitions: {} + properties: + autoRevokeAllowed: + $id: '#sp:create-campaign/autoRevokeAllowed' + default: true + examples: + - false + title: autoRevokeAllowed + type: boolean + deadline: + $id: '#sp:create-campaign/deadline' + default: '' + examples: + - '2020-12-25T06:00:00.468Z' + format: date-time + pattern: ^.*$ + title: deadline + type: string + description: + $id: '#sp:create-campaign/description' + default: '' + examples: + - A review of everyone's access by their manager. + pattern: ^.*$ + title: description + type: string + emailNotificationEnabled: + $id: '#sp:create-campaign/emailNotificationEnabled' + default: true + examples: + - false + title: emailNotificationEnabled + type: boolean + filter: + $id: '#sp:create-campaign/filter' + properties: + id: + $id: '#sp:create-campaign/filter/id' + default: '' + examples: + - e0adaae69852e8fe8b8a3d48e5ce757c + pattern: ^.*$ + title: id + type: string + type: + $id: '#sp:create-campaign/filter/type' + default: '' + examples: + - CAMPAIGN_FILTER + pattern: ^.*$ + title: type + type: string + title: filter + type: object + id: + $id: '#sp:create-campaign/id' + default: '' + examples: + - 2c918086719eec070171a7e3355a360a + pattern: ^.*$ + title: id + type: string + name: + $id: '#sp:create-campaign/name' + default: '' + examples: + - Manager Review + pattern: ^.*$ + title: name + type: string + recommendationsEnabled: + $id: '#sp:create-campaign/recommendationsEnabled' + default: true + examples: + - false + title: recommendationEnabled + type: boolean + type: + $id: '#sp:create-campaign/type' + default: '' + examples: + - MANAGER + pattern: ^.*$ + title: type + type: string + title: 'sp:create-campaign' + type: object + - title: Workflow Trigger + type: object + properties: + id: + type: string + description: Trigger ID. This is a static namespaced ID for the trigger. + example: 'idn:identity-attributes-changed' + type: + description: Trigger type + type: string + enum: + - EVENT + - SCHEDULED + - EXTERNAL + example: EVENT + deprecated: + type: boolean + deprecatedBy: + type: string + format: date-time + isSimulationEnabled: + type: boolean + outputSchema: + type: object + description: Example output schema + name: + type: string + description: Trigger Name + example: Identity Attributes Changed + description: + type: string + description: Trigger Description + example: One or more identity attributes changed. + isDynamicSchema: + type: boolean + description: 'Determines whether the dynamic output schema is returned in place of the action''s output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.' + example: false + default: false + inputExample: + type: object + description: Example trigger payload if applicable + nullable: true + externalDocs: + description: List of triggers and their input schemas + url: 'https://developer.sailpoint.com/idn/docs/event-triggers/available' + example: + changes: + - attribute: department + newValue: marketing + oldValue: sales + - attribute: manager + newValue: + id: ee769173319b41d19ccec6c235423236c + name: mean.guy + type: IDENTITY + oldValue: + id: ee769173319b41d19ccec6c235423237b + name: nice.guy + type: IDENTITY + - attribute: email + newValue: john.doe@gmail.com + oldValue: john.doe@hotmail.com + identity: + id: ee769173319b41d19ccec6cea52f237b + name: john.doe + type: IDENTITY + formFields: + type: array + nullable: true + description: One or more inputs that the trigger accepts + example: [] + items: + type: object + properties: + description: + type: string + description: Description of the form field + example: First value to compare + helpText: + type: string + description: Describes the form field in the UI + example: The name to give to this certification campaign. + label: + type: string + description: A human readable name for this form field in the UI + example: Campaign Name + name: + type: string + description: The name of the input attribute + example: name + required: + type: boolean + description: Denotes if this field is a required attribute + example: false + default: false + type: + description: The type of the form field + type: string + nullable: true + enum: + - text + - textarea + - boolean + - email + - url + - number + - json + - checkbox + - jsonpath + - select + - multiType + - duration + - toggle + - formPicker + - identityPicker + - governanceGroupPicker + - string + - object + - array + - secret + - keyValuePairs + - emailPicker + - advancedToggle + - variableCreator + - htmlEditor + example: text + - title: Workflow Operator + type: object + properties: + id: + type: string + description: Operator ID. + example: 'sp:compare-boolean' + name: + type: string + description: Operator friendly name + example: Compare Boolean Values + type: + description: Operator type + type: string + example: OPERATOR + description: + type: string + description: Description of the operator + example: Compare two boolean values and decide what happens based on the result. + isDynamicSchema: + type: boolean + description: 'Determines whether the dynamic output schema is returned in place of the action''s output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.' + example: false + deprecated: + type: boolean + deprecatedBy: + type: string + format: date-time + isSimulationEnabled: + type: boolean + formFields: + type: array + nullable: true + description: One or more inputs that the operator accepts + items: + type: object + properties: + description: + type: string + description: Description of the form field + example: First value to compare + helpText: + type: string + description: Describes the form field in the UI + example: The name to give to this certification campaign. + label: + type: string + description: A human readable name for this form field in the UI + example: Campaign Name + name: + type: string + description: The name of the input attribute + example: name + required: + type: boolean + description: Denotes if this field is a required attribute + example: false + default: false + type: + description: The type of the form field + type: string + nullable: true + enum: + - text + - textarea + - boolean + - email + - url + - number + - json + - checkbox + - jsonpath + - select + - multiType + - duration + - toggle + - formPicker + - identityPicker + - governanceGroupPicker + - string + - object + - array + - secret + - keyValuePairs + - emailPicker + - advancedToggle + - variableCreator + - htmlEditor + example: text + example: + - description: Enter the JSONPath to a value from the input to compare to Variable B. + helpText: '' + label: Variable A + name: variableA.$ + required: true + type: text + - helpText: Select an operation. + label: Operation + name: operator + options: + - label: Equals + value: BooleanEquals + required: true + type: select + - description: Enter the JSONPath to a value from the input to compare to Variable A. + helpText: '' + label: Variable B + name: variableB.$ + required: false + type: text + - description: Enter True or False. + helpText: '' + label: Variable B + name: variableB + required: false + type: text + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /workflow-library/actions: + get: + operationId: listWorkflowLibraryActions + tags: + - Workflows + summary: List Workflow Library Actions + description: This lists the workflow actions available to you. + externalDocs: + description: Additional documentation for each action + url: 'https://documentation.sailpoint.com/saas/help/workflows/workflow-steps.html#actions' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: filters + required: false + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq* + example: 'id eq "sp:create-campaign"' + security: + - UserContextAuth: + - 'sp:workflow:read' + responses: + '200': + description: List of workflow actions + content: + application/json: + schema: + type: array + items: + title: Workflow Action + type: object + properties: + id: + type: string + description: Action ID. This is a static namespaced ID for the action + example: 'sp:create-campaign' + name: + type: string + description: Action Name + example: Create Certification Campaign + type: + type: string + description: Action type + example: ACTION + description: + type: string + description: Action Description + example: Generates a certification campaign. + formFields: + nullable: true + type: array + description: One or more inputs that the action accepts + items: + type: object + properties: + description: + type: string + description: Description of the form field + example: First value to compare + helpText: + type: string + description: Describes the form field in the UI + example: The name to give to this certification campaign. + label: + type: string + description: A human readable name for this form field in the UI + example: Campaign Name + name: + type: string + description: The name of the input attribute + example: name + required: + type: boolean + description: Denotes if this field is a required attribute + example: false + default: false + type: + description: The type of the form field + type: string + nullable: true + enum: + - text + - textarea + - boolean + - email + - url + - number + - json + - checkbox + - jsonpath + - select + - multiType + - duration + - toggle + - formPicker + - identityPicker + - governanceGroupPicker + - string + - object + - array + - secret + - keyValuePairs + - emailPicker + - advancedToggle + - variableCreator + - htmlEditor + example: text + exampleOutput: + oneOf: + - type: object + description: Example output + - type: array + items: + type: object + deprecated: + type: boolean + deprecatedBy: + type: string + format: date-time + versionNumber: + type: integer + description: Version number + isSimulationEnabled: + type: boolean + isDynamicSchema: + type: boolean + description: 'Determines whether the dynamic output schema is returned in place of the action''s output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.' + example: false + default: false + outputSchema: + type: object + description: 'Defines the output schema, if any, that this action produces.' + example: + definitions: {} + properties: + autoRevokeAllowed: + $id: '#sp:create-campaign/autoRevokeAllowed' + default: true + examples: + - false + title: autoRevokeAllowed + type: boolean + deadline: + $id: '#sp:create-campaign/deadline' + default: '' + examples: + - '2020-12-25T06:00:00.468Z' + format: date-time + pattern: ^.*$ + title: deadline + type: string + description: + $id: '#sp:create-campaign/description' + default: '' + examples: + - A review of everyone's access by their manager. + pattern: ^.*$ + title: description + type: string + emailNotificationEnabled: + $id: '#sp:create-campaign/emailNotificationEnabled' + default: true + examples: + - false + title: emailNotificationEnabled + type: boolean + filter: + $id: '#sp:create-campaign/filter' + properties: + id: + $id: '#sp:create-campaign/filter/id' + default: '' + examples: + - e0adaae69852e8fe8b8a3d48e5ce757c + pattern: ^.*$ + title: id + type: string + type: + $id: '#sp:create-campaign/filter/type' + default: '' + examples: + - CAMPAIGN_FILTER + pattern: ^.*$ + title: type + type: string + title: filter + type: object + id: + $id: '#sp:create-campaign/id' + default: '' + examples: + - 2c918086719eec070171a7e3355a360a + pattern: ^.*$ + title: id + type: string + name: + $id: '#sp:create-campaign/name' + default: '' + examples: + - Manager Review + pattern: ^.*$ + title: name + type: string + recommendationsEnabled: + $id: '#sp:create-campaign/recommendationsEnabled' + default: true + examples: + - false + title: recommendationEnabled + type: boolean + type: + $id: '#sp:create-campaign/type' + default: '' + examples: + - MANAGER + pattern: ^.*$ + title: type + type: string + title: 'sp:create-campaign' + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /workflow-library/triggers: + get: + operationId: listWorkflowLibraryTriggers + tags: + - Workflows + summary: List Workflow Library Triggers + description: This lists the workflow triggers available to you + externalDocs: + description: Additional documentation for each trigger + url: 'https://documentation.sailpoint.com/saas/help/workflows/workflow-steps.html#triggers' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: filters + required: false + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq* + example: 'id eq "idn:identity-attributes-changed"' + security: + - UserContextAuth: + - 'sp:workflow:read' + responses: + '200': + description: List of workflow triggers + content: + application/json: + schema: + type: array + items: + title: Workflow Trigger + type: object + properties: + id: + type: string + description: Trigger ID. This is a static namespaced ID for the trigger. + example: 'idn:identity-attributes-changed' + type: + description: Trigger type + type: string + enum: + - EVENT + - SCHEDULED + - EXTERNAL + example: EVENT + deprecated: + type: boolean + deprecatedBy: + type: string + format: date-time + isSimulationEnabled: + type: boolean + outputSchema: + type: object + description: Example output schema + name: + type: string + description: Trigger Name + example: Identity Attributes Changed + description: + type: string + description: Trigger Description + example: One or more identity attributes changed. + isDynamicSchema: + type: boolean + description: 'Determines whether the dynamic output schema is returned in place of the action''s output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.' + example: false + default: false + inputExample: + type: object + description: Example trigger payload if applicable + nullable: true + externalDocs: + description: List of triggers and their input schemas + url: 'https://developer.sailpoint.com/idn/docs/event-triggers/available' + example: + changes: + - attribute: department + newValue: marketing + oldValue: sales + - attribute: manager + newValue: + id: ee769173319b41d19ccec6c235423236c + name: mean.guy + type: IDENTITY + oldValue: + id: ee769173319b41d19ccec6c235423237b + name: nice.guy + type: IDENTITY + - attribute: email + newValue: john.doe@gmail.com + oldValue: john.doe@hotmail.com + identity: + id: ee769173319b41d19ccec6cea52f237b + name: john.doe + type: IDENTITY + formFields: + type: array + nullable: true + description: One or more inputs that the trigger accepts + example: [] + items: + type: object + properties: + description: + type: string + description: Description of the form field + example: First value to compare + helpText: + type: string + description: Describes the form field in the UI + example: The name to give to this certification campaign. + label: + type: string + description: A human readable name for this form field in the UI + example: Campaign Name + name: + type: string + description: The name of the input attribute + example: name + required: + type: boolean + description: Denotes if this field is a required attribute + example: false + default: false + type: + description: The type of the form field + type: string + nullable: true + enum: + - text + - textarea + - boolean + - email + - url + - number + - json + - checkbox + - jsonpath + - select + - multiType + - duration + - toggle + - formPicker + - identityPicker + - governanceGroupPicker + - string + - object + - array + - secret + - keyValuePairs + - emailPicker + - advancedToggle + - variableCreator + - htmlEditor + example: text + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /workflow-library/operators: + get: + operationId: listWorkflowLibraryOperators + tags: + - Workflows + summary: List Workflow Library Operators + description: This lists the workflow operators available to you + security: + - UserContextAuth: + - 'sp:workflow:read' + responses: + '200': + description: List of workflow operators + content: + application/json: + schema: + type: array + items: + title: Workflow Operator + type: object + properties: + id: + type: string + description: Operator ID. + example: 'sp:compare-boolean' + name: + type: string + description: Operator friendly name + example: Compare Boolean Values + type: + description: Operator type + type: string + example: OPERATOR + description: + type: string + description: Description of the operator + example: Compare two boolean values and decide what happens based on the result. + isDynamicSchema: + type: boolean + description: 'Determines whether the dynamic output schema is returned in place of the action''s output schema. The dynamic schema lists non-static properties, like properties of a workflow form where each form has different fields. These will be provided dynamically based on available form fields.' + example: false + deprecated: + type: boolean + deprecatedBy: + type: string + format: date-time + isSimulationEnabled: + type: boolean + formFields: + type: array + nullable: true + description: One or more inputs that the operator accepts + items: + type: object + properties: + description: + type: string + description: Description of the form field + example: First value to compare + helpText: + type: string + description: Describes the form field in the UI + example: The name to give to this certification campaign. + label: + type: string + description: A human readable name for this form field in the UI + example: Campaign Name + name: + type: string + description: The name of the input attribute + example: name + required: + type: boolean + description: Denotes if this field is a required attribute + example: false + default: false + type: + description: The type of the form field + type: string + nullable: true + enum: + - text + - textarea + - boolean + - email + - url + - number + - json + - checkbox + - jsonpath + - select + - multiType + - duration + - toggle + - formPicker + - identityPicker + - governanceGroupPicker + - string + - object + - array + - secret + - keyValuePairs + - emailPicker + - advancedToggle + - variableCreator + - htmlEditor + example: text + example: + - description: Enter the JSONPath to a value from the input to compare to Variable B. + helpText: '' + label: Variable A + name: variableA.$ + required: true + type: text + - helpText: Select an operation. + label: Operation + name: operator + options: + - label: Equals + value: BooleanEquals + required: true + type: select + - description: Enter the JSONPath to a value from the input to compare to Variable A. + helpText: '' + label: Variable B + name: variableB.$ + required: false + type: text + - description: Enter True or False. + helpText: '' + label: Variable B + name: variableB + required: false + type: text + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workflows/{id}/external/oauth-clients': + post: + operationId: createWorkflowExternalTrigger + tags: + - Workflows + summary: Generate External Trigger OAuth Client + description: 'Create OAuth client ID, client secret, and callback URL for use in an external trigger. External triggers will need this information to generate an access token to authenticate to the callback URL and submit a trigger payload that will initiate the workflow.' + security: + - UserContextAuth: + - 'sp:workflow:manage' + parameters: + - name: id + in: path + description: Id of the workflow + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + responses: + '200': + description: The OAuth Client object + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: OAuth client ID for the trigger. This is a UUID generated upon creation. + example: 1a58c03a6bf64dc2876f6988c6e2c7b7 + secret: + type: string + description: OAuthClient secret. + example: 00cc24a7fe810fe06a7cb38bc168ae104d703c7abb296f9944dc68e69ddb578b + url: + type: string + description: URL for the external trigger to invoke + example: 'https://tenant.api.identitynow.com/beta/workflows/execute/external/c17bea3a-574d-453c-9e04-4365fbf5af0b' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workflows/execute/external/{id}': + post: + operationId: createExternalExecuteWorkflow + tags: + - Workflows + summary: Execute Workflow via External Trigger + description: This endpoint allows a service outside of IdentityNow to initiate a workflow that uses the "External Trigger" step. The external service will invoke this endpoint with the input data it wants to send to the workflow in the body. + security: + - UserContextAuth: + - 'sp:workflow-execute:external' + parameters: + - name: id + in: path + description: Id of the workflow + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + requestBody: + required: false + content: + application/json: + schema: + type: object + properties: + input: + type: object + description: The input for the workflow + example: + customAttribute1: value1 + customAttribute2: value2 + responses: + '200': + description: The Workflow object + content: + application/json: + schema: + type: object + properties: + workflowExecutionId: + type: string + description: The workflow execution id + example: 0e11cefa-96e7-4b67-90d0-065bc1da5753 + message: + type: string + description: An error message if any errors occurred + example: Workflow was not executed externally. Check enabled flag on workflow definition + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workflows/execute/external/{id}/test': + post: + operationId: testExternalExecuteWorkflow + tags: + - Workflows + summary: Test Workflow via External Trigger + description: 'Validate a workflow with an "External Trigger" can receive input. The response includes the input that the workflow received, which can be used to validate that the input is intact when it reaches the workflow.' + security: + - UserContextAuth: + - 'sp:workflow-execute:external' + parameters: + - name: id + in: path + description: Id of the workflow + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + requestBody: + required: false + content: + application/json: + schema: + type: object + properties: + input: + type: object + description: The test input for the workflow + example: + test: hello world + responses: + '200': + description: Responds with the test input + content: + application/json: + schema: + type: object + properties: + payload: + type: object + description: The input that was received + example: + test: hello world + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/source-usages/{sourceId}/status': + get: + tags: + - Source Usages + summary: Finds status of source usage + description: This API returns the status of the source usage insights setup by IDN source ID. + operationId: getStatusBySourceId + parameters: + - name: sourceId + in: path + description: ID of IDN source + required: true + schema: + type: string + example: 2c9180835d191a86015d28455b4a2329 + security: + - UserContextAuth: + - 'idn:accounts:read' + responses: + '200': + description: Status of the source usage insights setup by IDN source ID. + content: + application/json: + schema: + type: object + properties: + status: + type: string + description: |- + Source Usage Status. Acceptable values are: + - COMPLETE + - This status means that an activity data source has been setup and usage insights are available for the source. + - INCOMPLETE + - This status means that an activity data source has not been setup and usage insights are not available for the source. + example: COMPLETE + enum: + - COMPLETE + - INCOMPLETE + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/source-usages/{sourceId}/summaries': + get: + tags: + - Source Usages + summary: Returns source usage insights + description: This API returns a summary of source usage insights for past 12 months. + operationId: getUsagesBySourceId + parameters: + - name: sourceId + in: path + description: ID of IDN source + required: true + schema: + type: string + example: 2c9180835d191a86015d28455b4a2329 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **date** + example: '-date' + security: + - UserContextAuth: + - 'idn:accounts:read' + responses: + '200': + description: Summary of source usage insights for past 12 months. + content: + application/json: + schema: + type: array + items: + type: object + properties: + date: + type: string + format: date + description: The first day of the month for which activity is aggregated. + example: '2023-04-21' + count: + type: number + format: float + description: 'The average number of days that accounts were active within this source, for the month.' + example: 10.45 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/account-usages/{accountId}/summaries': + get: + tags: + - Account Usages + summary: Returns account usage insights + description: This API returns a summary of account usage insights for past 12 months. + operationId: getUsagesByAccountId + parameters: + - name: accountId + in: path + description: ID of IDN account + required: true + schema: + type: string + example: ef38f94347e94562b5bb8424a56397d8 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **date** + example: '-date' + security: + - UserContextAuth: + - 'idn:accounts:read' + responses: + '200': + description: Summary of account usage insights for past 12 months. + content: + application/json: + schema: + type: array + items: + type: object + properties: + date: + type: string + format: date + description: The first day of the month for which activity is aggregated. + example: '2023-04-21' + count: + type: integer + format: int64 + description: The number of days within the month that the account was active in a source. + example: 10 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /identity-profiles/identity-preview: + post: + operationId: showIdentityPreview + tags: + - Identity Profiles + summary: Generate Identity Profile Preview + description: |- + Use this API to generate a non-persisted preview of the identity object after applying `IdentityAttributeConfig` sent in request body. + This API only allows `accountAttribute`, `reference` and `rule` transform types in the `IdentityAttributeConfig` sent in the request body. + A token with ORG_ADMIN authority is required to call this API to generate an identity preview. + requestBody: + description: Identity Preview request body. + required: true + content: + application/json: + schema: + type: object + properties: + identityId: + type: string + format: uuid + example: 2c9180857893f12901789445619b0366 + description: The Identity id + identityAttributeConfig: + type: array + items: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + responses: + '200': + description: A preview of the identity attributes after applying identity attributes config sent in request body. + content: + application/json: + schema: + type: object + properties: + identity: + type: object + description: Identity's basic details. + properties: + type: + type: string + description: Identity's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Identity's display name. + example: Michael Michaels + previewAttributes: + type: array + items: + type: object + properties: + name: + type: string + description: Name of the attribute that is being previewed. + example: email + value: + type: object + description: Value that was derived during the preview. + example: email@mail.com + previousValue: + type: object + description: The value of the attribute before the preview. + example: oldEmail@mail.com + errorMessages: + description: A list of errors that may have been encountered. + type: array + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:identity-profile:manage' + '/work-items/{id}/forward': + post: + operationId: sendWorkItemForward + security: + - UserContextAuth: + - 'idn:work-item:update' + tags: + - Work Items + summary: Forward a Work Item + description: 'This API forwards a work item to a new owner. Either an admin, or the owning/current user must make this request. Accessible to work-item Owner, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN.' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the work item + example: ef38f94347e94562b5bb8424a56397d8 + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - targetOwnerId + - comment + properties: + targetOwnerId: + type: string + description: The ID of the identity to forward this work item to. + example: 2c9180835d2e5168015d32f890ca1581 + comment: + type: string + description: Comments to send to the target owner + example: I'm going on vacation. + sendNotifications: + type: boolean + description: 'If true, send a notification to the target owner.' + default: true + example: true + responses: + '200': + description: 'Success, but no data is returned.' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /accounts/search-attribute-config: + post: + operationId: createSearchAttributeConfig + security: + - UserContextAuth: + - 'idn:account-config:create' + tags: + - Search Attribute Configuration + summary: Configure/create search attributes in IdentityNow. + description: |- + This API accepts an attribute name, an attribute display name and a list of name/value pair associates of application IDs to attribute names. It will then validate the inputs and configure/create and attribute promotion configuration in the Link ObjectConfig. + A token with ORG_ADMIN authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: Name of the new attribute + example: newMailAttribute + displayName: + type: string + description: The display name of the new attribute + example: New Mail Attribute + applicationAttributes: + type: object + description: Map of application id and their associated attribute. + example: + 2c91808b79fd2422017a0b35d30f3968: employeeNumber + 2c91808b79fd2422017a0b36008f396b: employeeNumber + example: + name: newMailAttribute + displayName: New Mail Attribute + applicationAttributes: + 2c9180866166b5b0016167c32ef31a66: mail + 2c9180866166b5b0016167c32ef31a67: mail + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: getSearchAttributeConfig + security: + - UserContextAuth: + - 'idn:account-config:read' + tags: + - Search Attribute Configuration + summary: Retrieve attribute list in IdentityNow. + description: |- + This API retrieves a list of extended search attribute/application associates currently configured in IdentityNow. + A token with ORG_ADMIN authority is required to call this API. + responses: + '200': + description: List of attribute configurations in IdentityNow. + content: + application/json: + schema: + type: array + items: + type: object + properties: + name: + type: string + description: Name of the new attribute + example: newMailAttribute + displayName: + type: string + description: The display name of the new attribute + example: New Mail Attribute + applicationAttributes: + type: object + description: Map of application id and their associated attribute. + example: + 2c91808b79fd2422017a0b35d30f3968: employeeNumber + 2c91808b79fd2422017a0b36008f396b: employeeNumber + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/accounts/search-attribute-config/{name}': + get: + operationId: getSingleSearchAttributeConfig + security: + - UserContextAuth: + - 'idn:account-config:read' + tags: + - Search Attribute Configuration + summary: Get specific attribute in IdentityNow. + description: |- + This API accepts an extended search attribute name and retrieves the corresponding extended attribute configuration. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: name + in: path + description: Name of the extended search attribute configuration to retrieve. + required: true + schema: + type: string + example: newMailAttribute + responses: + '200': + description: Specific attribute configuration in IdentityNow. + content: + application/json: + schema: + type: array + items: + type: object + properties: + name: + type: string + description: Name of the new attribute + example: newMailAttribute + displayName: + type: string + description: The display name of the new attribute + example: New Mail Attribute + applicationAttributes: + type: object + description: Map of application id and their associated attribute. + example: + 2c91808b79fd2422017a0b35d30f3968: employeeNumber + 2c91808b79fd2422017a0b36008f396b: employeeNumber + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteSearchAttributeConfig + security: + - UserContextAuth: + - 'idn:account-config:delete' + tags: + - Search Attribute Configuration + summary: Delete search attribute in IdentityNow. + description: |- + This API accepts an extended search attribute name and deletes the corresponding extended attribute configuration. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: name + in: path + description: Name of the extended search attribute configuration to delete. + required: true + schema: + type: string + example: newMailAttribute + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchSearchAttributeConfig + security: + - UserContextAuth: + - 'idn:account-config:create' + tags: + - Search Attribute Configuration + summary: Update search attribute in IdentityNow. + description: |- + This API updates an existing Search Attribute Configuration. The following fields are patchable: + **name**, **displayName**, **applicationAttributes** + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: name + in: path + description: Name of the Search Attribute Configuration to patch. + required: true + schema: + type: string + example: promotedMailAttribute + requestBody: + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /name + value: newAttributeName + - op: replace + path: /displayName + value: new attribute display name + - op: add + path: /applicationAttributes + value: + 2c91808b79fd2422017a0b35d30f3968: employeeNumber + required: true + responses: + '200': + description: Responds with the Search Attribute Configuration as updated. + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: Name of the new attribute + example: newMailAttribute + displayName: + type: string + description: The display name of the new attribute + example: New Mail Attribute + applicationAttributes: + type: object + description: Map of application id and their associated attribute. + example: + 2c91808b79fd2422017a0b35d30f3968: employeeNumber + 2c91808b79fd2422017a0b36008f396b: employeeNumber + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /access-model-metadata/attributes: + get: + summary: List Access Model Metadata Attributes + description: Get a list of Access Model Metadata Attributes + tags: + - Access Model Metadata + operationId: listAccessModelMetadataAttribute + security: + - UserContextAuth: + - 'idn:access-model-metadata:read' + parameters: + - in: query + name: filters + schema: + type: string + example: name eq "Privacy" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *eq* + + **type**: *eq* + + **status**: *eq* + + **objectTypes**: *eq* + + Supported composite operators: *and* + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: OK + content: + application/json: + schema: + type: array + items: + type: object + properties: + key: + type: string + description: Technical name of the Attribute. This is unique and cannot be changed after creation. + example: iscPrivacy + name: + type: string + description: The display name of the key. + example: Privacy + multiselect: + type: boolean + default: false + description: Indicates whether the attribute can have multiple values. + example: false + status: + type: string + description: The status of the Attribute. + example: active + type: + type: string + description: The type of the Attribute. This can be either "custom" or "governance". + example: governance + objectTypes: + type: array + items: + type: string + nullable: true + description: An array of object types this attributes values can be applied to. Possible values are "all" or "entitlement". Value "all" means this attribute can be used with all object types that are supported. + example: + - entitlement + description: + type: string + description: The description of the Attribute. + example: Specifies the level of privacy associated with an access item. + values: + type: array + nullable: true + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/access-model-metadata/attributes/{key}': + get: + summary: Get Access Model Metadata Attribute + description: Get single Access Model Metadata Attribute + tags: + - Access Model Metadata + operationId: getAccessModelMetadataAttribute + security: + - UserContextAuth: + - 'idn:access-model-metadata:read' + parameters: + - name: key + in: path + required: true + schema: + type: string + description: Technical name of the Attribute. + example: iscPrivacy + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + properties: + key: + type: string + description: Technical name of the Attribute. This is unique and cannot be changed after creation. + example: iscPrivacy + name: + type: string + description: The display name of the key. + example: Privacy + multiselect: + type: boolean + default: false + description: Indicates whether the attribute can have multiple values. + example: false + status: + type: string + description: The status of the Attribute. + example: active + type: + type: string + description: The type of the Attribute. This can be either "custom" or "governance". + example: governance + objectTypes: + type: array + items: + type: string + nullable: true + description: An array of object types this attributes values can be applied to. Possible values are "all" or "entitlement". Value "all" means this attribute can be used with all object types that are supported. + example: + - entitlement + description: + type: string + description: The description of the Attribute. + example: Specifies the level of privacy associated with an access item. + values: + type: array + nullable: true + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/access-model-metadata/attributes/{key}/values': + get: + summary: List Access Model Metadata Values + description: Get a list of Access Model Metadata Attribute Values + tags: + - Access Model Metadata + operationId: listAccessModelMetadataAttributeValue + security: + - UserContextAuth: + - 'idn:access-model-metadata:read' + parameters: + - name: key + in: path + required: true + schema: + type: string + description: Technical name of the Attribute. + example: iscPrivacy + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: OK + content: + application/json: + schema: + type: array + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/access-model-metadata/attributes/{key}/values/{value}': + get: + summary: Get Access Model Metadata Value + description: Get single Access Model Metadata Attribute Value + tags: + - Access Model Metadata + operationId: getAccessModelMetadataAttributeValue + security: + - UserContextAuth: + - 'idn:access-model-metadata:read' + parameters: + - name: key + in: path + required: true + schema: + type: string + description: Technical name of the Attribute. + example: iscPrivacy + - name: value + in: path + required: true + schema: + type: string + description: Technical name of the Attribute value. + example: public + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /access-profiles/bulk-update-requestable: + post: + operationId: updateAccessProfilesInBulk + summary: Update Access Profile(s) requestable field. + tags: + - Access Profiles + description: |- + This API initiates a bulk update of field requestable for one or more Access Profiles. + + > If any of the indicated Access Profiles is exists in Organization,then those Access Profiles will be added in **updated** + list of the response.Requestable field of these Access Profiles marked as **true** or **false**. + + > If any of the indicated Access Profiles is not does not exists in Organization,then those Access Profiles will be added in **notFound** list of the response. Access Profiles marked as **notFound** will not be updated. + > A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a SOURCE_SUBADMIN may only use this API to update Access Profiles which are associated with Sources they are able to administer. + requestBody: + required: true + content: + application/json: + schema: + description: List of Access profiles to be updated. + type: array + items: + type: object + description: Access Profile's basic details. + properties: + id: + type: string + description: Access Profile ID. + example: 464ae7bf-791e-49fd-b746-06a2e4a8 + requestable: + type: boolean + description: Access Profile is requestable or not. + example: false + example: + - id: 464ae7bf-791e-49fd-b746-06a2e4a8 + requestable: false + required: + - id + - requestable + example: + - id: 464ae7bf-791e-49fd-b746-06a2e4a89635 + requestable: false + responses: + '207': + description: List of updated and not updated Access Profiles. + content: + application/json: + schema: + description: Access Profile Bulk update response. + type: array + items: + type: object + properties: + id: + description: Identifier of Access Profile in bulk update request. + type: string + example: 2c7180a46faadee4016fb4e018c20642 + requestable: + description: Access Profile requestable or not. + type: boolean + example: false + status: + description: | + + The HTTP response status code returned for an individual Access Profile that is requested for update during a bulk update operation. + + > 201 - Access profile is updated successfully. + + > 404 - Access profile not found. + type: string + example: '201' + description: + description: | + Human readable status description and containing additional context information about success or failures etc. + type: string + example: | + + > Access profile is updated successfully. + + > Referenced Access profile with Id "2c7180a46faadee4016fb4e018c20642" was not found. + required: + - id + - requestable + - status + example: + - id: 464ae7bf-791e-49fd-b746-06a2e4a8 + status: '201' + requestable: false + description: Access Profile updated successfully. + example: + - id: 464ae7bf-791e-49fd-b746-06a2e4a89635 + status: '201' + requestable: false + description: Access Profile updated successfully. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '412': + description: Precondition Failed - Returned in response if API/Feature not enabled for an organization. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' API/Feature not enabled for your organization.' + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:access-profile:manage' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /access-requests/close: + post: + operationId: closeAccessRequest + tags: + - Access Requests + summary: Close Access Request + description: | + This endpoint closes access requests that are stuck in a pending state. It can be used throughout a request's lifecycle even after the approval state, unlike the [Cancel Access Request endpoint](https://developer.sailpoint.com/idn/api/v3/cancel-access-request/). A token with ORG_ADMIN authority is required. + + To find pending access requests with the UI, navigate to Search and use this query: status: Pending AND "Access Request". Use the Column Chooser to select 'Tracking Number', and use the 'Download' button to export a CSV containing the tracking numbers. + + To find pending access requests with the API, use the [List Account Activities endpoint](https://developer.sailpoint.com/idn/api/v3/list-account-activities/). + + Input the IDs from either source. + + To track the status of endpoint requests, navigate to Search and use this query: name:"Close Identity Requests". Search will include "Close Identity Requests Started" audits when requests are initiated and "Close Identity Requests Completed" audits when requests are completed. The completion audit will list the identity request IDs that finished in error. + + This API triggers the [Provisioning Completed event trigger](https://developer.sailpoint.com/idn/docs/event-triggers/triggers/provisioning-completed/) for each access request that is closed. + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Request body payload for close access requests endpoint. + required: + - accessRequestIds + properties: + accessRequestIds: + type: array + description: Access Request IDs for the requests to be closed. Accepts 1-500 Identity Request IDs per request. + items: + type: string + example: + - 2c90ad2a70ace7d50170acf22ca90010 + message: + type: string + description: Reason for closing the access request. Displayed under Warnings in IdentityNow. + default: The IdentityNow Administrator manually closed this request. + example: The IdentityNow Administrator manually closed this request. + executionStatus: + type: string + enum: + - Terminated + - Completed + description: The request's provisioning status. Displayed as Stage in IdentityNow. + default: Terminated + example: Terminated + completionStatus: + type: string + enum: + - Success + - Incomplete + - Failure + description: The request's overall status. Displayed as Status in IdentityNow. + default: Failure + example: Failure + example: + accessRequestIds: + - 2c90ad2a70ace7d50170acf22ca90010 + executionStatus: Terminated + completionStatus: Failure + message: The IdentityNow Administrator manually closed this request. + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /ai-access-request-recommendations: + get: + operationId: getAccessRequestRecommendations + tags: + - IAI Access Request Recommendations + summary: Identity Access Request Recommendations + description: This API returns the access request recommendations for the specified identity. The default identity is *me* which indicates the current user. + parameters: + - in: query + name: identity-id + description: Get access request recommendations for an identityId. *me* indicates the current user. + schema: + type: string + default: me + required: false + example: 2c91808570313110017040b06f344ec9 + - in: query + name: limit + description: Max number of results to return. + required: false + schema: + type: integer + minimum: 0 + maximum: 15 + default: 15 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: include-translation-messages + description: If *true* it will populate a list of translation messages in the response. + schema: + type: boolean + default: false + required: false + example: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **access.name**: *co* + + **access.type**: *eq, in* + + **access.description**: *co, eq, in* + example: access.name co "admin" + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **access.name, access.type** + + By default the recommendations are sorted by highest confidence first. + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of access request recommendations for the identityId + content: + application/json: + schema: + type: array + items: + type: object + properties: + identityId: + type: string + format: UUID + description: Identity ID for the recommendation + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + name: + type: string + description: Name of the access item + example: Employee-database-read-write + description: + type: string + description: Description of the access item + example: This item grants an employee read and write access to the database + ignored: + type: boolean + example: true + description: Whether or not the identity has already chosen to ignore this recommendation. + requested: + type: boolean + example: true + description: Whether or not the identity has already chosen to request this recommendation. + viewed: + type: boolean + example: true + description: Whether or not the identity reportedly viewed this recommendation. + messages: + type: array + items: + type: object + properties: + interpretation: + type: string + description: Information about why the access item was recommended. + example: 95% of your peers have this access. + translationMessages: + description: The list of translation messages + type: array + example: + - key: recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH + values: + - '75' + - department + items: + type: object + properties: + key: + type: string + description: The key of the translation message + example: recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH + values: + type: array + description: The values corresponding to the translation messages + items: + type: string + example: + - '75' + - department + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /ai-access-request-recommendations/ignored-items: + post: + operationId: addAccessRequestRecommendationsIgnoredItem + tags: + - IAI Access Request Recommendations + summary: Notification of Ignored Access Request Recommendations + description: 'This API ignores a recommended access request item. Once an item is ignored, it will be marked as ignored=true if it is still a recommended item. The consumer can decide to hide ignored recommendations.' + requestBody: + description: The recommended access item to ignore for an identity. + required: true + content: + application/json: + schema: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + required: + - identityId + - access + responses: + '201': + description: Recommendation successfully stored as ignored. + content: + application/json: + schema: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + timestamp: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + get: + operationId: getAccessRequestRecommendationsIgnoredItems + tags: + - IAI Access Request Recommendations + summary: List of Ignored Access Request Recommendations + description: This API returns the list of ignored access request recommendations. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **access.id**: *eq, in* + + **access.type**: *eq, in* + + **identityId**: *eq, in* + example: identityId eq "2c9180846b0a0583016b299f210c1314" + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **access.id, access.type, identityId, timestamp** + example: access.id + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns list of ignored access request recommendations. + content: + application/json: + schema: + type: array + items: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + timestamp: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /ai-access-request-recommendations/requested-items: + post: + operationId: addAccessRequestRecommendationsRequestedItem + tags: + - IAI Access Request Recommendations + summary: Notification of Requested Access Request Recommendations + description: 'This API consumes a notification that a recommended access request item was requested. This API does not actually make the request, it is just a notification. This will help provide feedback in order to improve our recommendations.' + requestBody: + description: The recommended access item that was requested for an identity. + required: true + content: + application/json: + schema: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + required: + - identityId + - access + responses: + '201': + description: Notification successfully acknowledged. + content: + application/json: + schema: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + timestamp: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + get: + operationId: getAccessRequestRecommendationsRequestedItems + tags: + - IAI Access Request Recommendations + summary: List of Requested Access Request Recommendations + description: This API returns a list of requested access request recommendations. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **access.id**: *eq, in* + + **access.type**: *eq, in* + + **identityId**: *eq, in* + example: access.id eq "2c9180846b0a0583016b299f210c1314" + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **access.id, access.type, identityId, timestamp** + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns the list of requested access request recommendations. + content: + application/json: + schema: + type: array + items: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + timestamp: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /ai-access-request-recommendations/viewed-items: + post: + operationId: addAccessRequestRecommendationsViewedItem + tags: + - IAI Access Request Recommendations + summary: Notification of Viewed Access Request Recommendations + description: This API consumes a notification that a recommended access request item was viewed. Future recommendations with this item will be marked with viewed=true. This can be useful for the consumer to determine if there are any new/unviewed recommendations. + requestBody: + description: The recommended access that was viewed for an identity. + required: true + content: + application/json: + schema: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + required: + - identityId + - access + responses: + '201': + description: Recommendation successfully stored as viewed. + content: + application/json: + schema: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + timestamp: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + get: + operationId: getAccessRequestRecommendationsViewedItems + tags: + - IAI Access Request Recommendations + summary: List of Viewed Access Request Recommendations + description: This API returns the list of viewed access request recommendations. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **access.id**: *eq, in* + + **access.type**: *eq, in* + + **identityId**: *eq, in* + example: access.id eq "2c9180846b0a0583016b299f210c1314" + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **access.id, access.type, identityId, timestamp** + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns list of viewed access request recommendations. + content: + application/json: + schema: + type: array + items: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + timestamp: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /ai-access-request-recommendations/viewed-items/bulk-create: + post: + operationId: addAccessRequestRecommendationsViewedItems + tags: + - IAI Access Request Recommendations + summary: Notification of Viewed Access Request Recommendations in Bulk + description: This API consumes a notification that a set of recommended access request item were viewed. Future recommendations with these items will be marked with viewed=true. This can be useful for the consumer to determine if there are any new/unviewed recommendations. + requestBody: + description: The recommended access items that were viewed for an identity. + required: true + content: + application/json: + schema: + type: array + items: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + required: + - identityId + - access + responses: + '201': + description: Recommendations successfully stored as viewed. + content: + application/json: + schema: + type: array + items: + type: object + properties: + identityId: + type: string + format: UUID + description: The identity ID taking the action. + example: 2c91808570313110017040b06f344ec9 + access: + type: object + properties: + id: + type: string + format: UUID + description: ID of access item being recommended. + example: 2c9180835d2e5168015d32f890ca1581 + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + description: The type of access item. + example: ACCESS_PROFILE + timestamp: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/accounts/{id}/remove': + post: + operationId: deleteAccountAsync + summary: Remove Account + tags: + - Accounts + description: | + Use this endpoint to remove accounts from the system without provisioning changes to the source. Accounts that are removed could be re-created during the next aggregation. + + This endpoint is good for: + * Removing accounts that no longer exist on the source. + * Removing accounts that won't be aggregated following updates to the source configuration. + * Forcing accounts to be re-created following the next aggregation to re-run account processing, support testing, etc. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The account id + example: c350d6aa4f104c61b062cb632421ad10 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '202': + description: Accepted. Returns task result details of removal request. + content: + application/json: + schema: + type: object + description: Task result. + properties: + type: + type: string + description: Task result DTO type. + enum: + - TASK_RESULT + example: TASK_RESULT + id: + type: string + description: Task result ID. + example: 464ae7bf791e49fdb74606a2e4a89635 + name: + type: string + description: Task result display name. + nullable: true + example: null + example: + type: TASK_RESULT + id: 464ae7bf791e49fdb74606a2e4a89635 + name: null + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:account:remove' + '/identities-accounts/{id}/enable': + post: + operationId: enableAccountForIdentity + tags: + - Accounts + summary: Enable IDN Account for Identity + description: This API submits a task to enable IDN account for a single identity. + externalDocs: + description: Learn more about enabling identities here + url: 'https://documentation.sailpoint.com/saas/help/common/users/user_access.html#enabling-user-identities' + security: + - UserContextAuth: + - 'idn:accounts-state:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id. + example: 2c91808384203c2d018437e631158309 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/identities-accounts/{id}/disable': + post: + operationId: disableAccountForIdentity + tags: + - Accounts + summary: Disable IDN Account for Identity + description: This API submits a task to disable IDN account for a single identity. + externalDocs: + description: Learn more about disabling identities here + url: 'https://documentation.sailpoint.com/saas/help/common/users/user_access.html#disabling-user-identities' + security: + - UserContextAuth: + - 'idn:accounts-state:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id. + example: 2c91808384203c2d018437e631158309 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /identities-accounts/enable: + post: + operationId: enableAccountsForIdentities + tags: + - Accounts + summary: Enable IDN Accounts for Identities + description: This API submits tasks to enable IDN account for each identity provided in the request body. + externalDocs: + description: Learn more about enabling identities here + url: 'https://documentation.sailpoint.com/saas/help/common/users/user_access.html#enabling-user-identities' + security: + - UserContextAuth: + - 'idn:accounts-state:manage' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + identityIds: + description: The ids of the identities for which enable/disable accounts. + type: array + items: + type: string + example: + - 2c91808384203c2d018437e631158308 + - 2c9180858082150f0180893dbaf553fe + responses: + '207': + description: Bulk response details. + content: + application/json: + schema: + type: array + items: + type: object + description: Bulk response object. + properties: + id: + type: string + description: Identifier of bulk request item. + example: 2c9180858082150f0180893dbaf553fe + statusCode: + type: integer + format: int32 + description: Response status value. + example: 404 + message: + type: string + description: Status containing additional context information about failures. + example: Referenced identity "2c9180858082150f0180893dbaf553fe" was not found. + example: + - id: 2c9180858082150f0180893dbaf553fe + statusCode: 404 + message: Referenced identity "2c9180858082150f0180893dbaf553fe" was not found. + - id: 2c91808384203c2d018437e631158308 + statusCode: 202 + message: null + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /identities-accounts/disable: + post: + operationId: disableAccountsForIdentities + tags: + - Accounts + summary: Disable IDN Accounts for Identities + description: This API submits tasks to disable IDN account for each identity provided in the request body. + externalDocs: + description: Learn more about disabling identities here + url: 'https://documentation.sailpoint.com/saas/help/common/users/user_access.html#disabling-user-identities' + security: + - UserContextAuth: + - 'idn:accounts-state:manage' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + identityIds: + description: The ids of the identities for which enable/disable accounts. + type: array + items: + type: string + example: + - 2c91808384203c2d018437e631158308 + - 2c9180858082150f0180893dbaf553fe + responses: + '207': + description: Bulk response details. + content: + application/json: + schema: + type: array + items: + type: object + description: Bulk response object. + properties: + id: + type: string + description: Identifier of bulk request item. + example: 2c9180858082150f0180893dbaf553fe + statusCode: + type: integer + format: int32 + description: Response status value. + example: 404 + message: + type: string + description: Status containing additional context information about failures. + example: Referenced identity "2c9180858082150f0180893dbaf553fe" was not found. + example: + - id: 2c9180858082150f0180893dbaf553fe + statusCode: 404 + message: Referenced identity "2c9180858082150f0180893dbaf553fe" was not found. + - id: 2c91808384203c2d018437e631158308 + statusCode: 202 + message: null + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/account-aggregations/{id}/status': + get: + operationId: getAccountAggregationStatus + tags: + - Account Aggregations + summary: In-progress Account Aggregation status + description: |- + This API returns the status of an *in-progress* account aggregation, along with the total number of **NEW**, **CHANGED** and **DELETED** accounts found since the previous aggregation, and the number of those accounts that have been processed so far. + + Accounts that have not changed since the previous aggregation are not included in **totalAccounts** and **processedAccounts** counts returned by this API. This is distinct from **Accounts Scanned** shown in the Aggregation UI, which indicates total accounts scanned regardless of whether they changed or not. + + Since this endpoint reports on the status of an *in-progress* account aggregation, totalAccounts and processedAccounts may change between calls to this endpoint. + + *Only available up to an hour after the aggregation completes. May respond with *404 Not Found* after that.* + + A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN or DASHBOARD authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The account aggregation id + example: 2c91808477a6b0c60177a81146b8110b + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: An account aggregation status object + content: + application/json: + schema: + type: object + properties: + start: + type: string + format: date-time + example: '2021-01-31T14:30:05.104Z' + description: When the aggregation started. + status: + type: string + enum: + - STARTED + - ACCOUNTS_COLLECTED + - COMPLETED + - CANCELLED + - RETRIED + - TERMINATED + example: ACCOUNTS_COLLECTED + description: | + STARTED - Aggregation started, but source account iteration has not completed. + + ACCOUNTS_COLLECTED - Source account iteration completed, but all accounts have not yet been processed. + + COMPLETED - Aggregation completed (*possibly with errors*). + + CANCELLED - Aggregation cancelled by user. + + RETRIED - Aggregation retried because of connectivity issues with the Virtual Appliance. + + TERMINATED - Aggregation marked as failed after 3 tries after connectivity issues with the Virtual Appliance. + totalAccounts: + type: integer + example: 520 + description: 'The total number of *NEW, CHANGED and DELETED* accounts that need to be processed for this aggregation. This does not include accounts that were unchanged since the previous aggregation. This can be zero if there were no new, changed or deleted accounts since the previous aggregation. *Only available when status is ACCOUNTS_COLLECTED or COMPLETED.*' + processedAccounts: + type: integer + example: 150 + description: 'The number of *NEW, CHANGED and DELETED* accounts that have been processed so far. This reflects the number of accounts that have been processed at the time of the API call, and may increase on subsequent API calls while the status is ACCOUNTS_COLLECTED. *Only available when status is ACCOUNTS_COLLECTED or COMPLETED.*' + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /auth-profiles: + get: + operationId: getProfileConfigList + tags: + - Auth Profile + summary: Get list of Auth Profiles. + description: This API returns a list of auth profiles. + security: + - UserContextAuth: + - 'sp:auth-profile:read' + responses: + '200': + description: List of Auth Profiles + content: + application/json: + schema: + type: object + properties: + tenant: + type: string + description: Tenant name. + example: test-tenant + id: + type: string + description: Identity ID. + example: 2c91808458ae7a4f0158b1bbf8af0628 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/auth-profiles/{id}': + get: + operationId: getProfileConfig + tags: + - Auth Profile + summary: Get Auth Profile. + description: This API returns auth profile information. + security: + - UserContextAuth: + - 'sp:auth-profile:read' + responses: + '200': + description: Auth Profile + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: Authentication Profile name. + example: EndToEnd-Profile + offNetwork: + type: boolean + description: Use it to block access from off network. + default: false + example: true + untrustedGeography: + type: boolean + description: Use it to block access from untrusted geoographies. + default: false + example: true + applicationId: + type: string + description: Application ID. + example: 2c91808458ae7a4f0158b1bbf8af0628 + applicationName: + type: string + description: Application name. + example: EndToEnd-Source + type: + type: string + enum: + - BLOCK + - MFA + - NON_PTA + - PTA + description: Type of the Authentication Profile. + example: PTA + strongAuthLogin: + type: boolean + description: Use it to enable strong authentication. + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + patch: + operationId: patchProfileConfig + tags: + - Auth Profile + summary: Patch a specified Auth Profile + description: |- + This API updates an existing Auth Profile. The following fields are patchable: + **offNetwork**, **untrustedGeography**, **applicationId**, **applicationName**, **type** + parameters: + - name: id + in: path + description: ID of the Auth Profile to patch. + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + required: true + responses: + '200': + description: Responds with the Auth Profile as updated. + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: Authentication Profile name. + example: EndToEnd-Profile + offNetwork: + type: boolean + description: Use it to block access from off network. + default: false + example: true + untrustedGeography: + type: boolean + description: Use it to block access from untrusted geoographies. + default: false + example: true + applicationId: + type: string + description: Application ID. + example: 2c91808458ae7a4f0158b1bbf8af0628 + applicationName: + type: string + description: Application name. + example: EndToEnd-Source + type: + type: string + enum: + - BLOCK + - MFA + - NON_PTA + - PTA + description: Type of the Authentication Profile. + example: PTA + strongAuthLogin: + type: boolean + description: Use it to enable strong authentication. + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:auth-profile:update' + /connector-rules: + get: + tags: + - Connector Rule Management + operationId: getConnectorRuleList + summary: List Connector Rules + description: |- + Returns the list of connector rules. + A token with ORG_ADMIN authority is required to call this API. + responses: + '200': + description: A list of connector rules + content: + application/json: + schema: + type: array + items: + description: ConnectorRuleResponse + allOf: + - description: ConnectorRuleCreateRequest + type: object + required: + - name + - type + - sourceCode + properties: + name: + type: string + description: the name of the rule + example: WebServiceBeforeOperationRule + minLength: 1 + maxLength: 128 + description: + type: string + description: a description of the rule's purpose + example: This rule does that + type: + type: string + enum: + - BuildMap + - ConnectorAfterCreate + - ConnectorAfterDelete + - ConnectorAfterModify + - ConnectorBeforeCreate + - ConnectorBeforeDelete + - ConnectorBeforeModify + - JDBCBuildMap + - JDBCOperationProvisioning + - JDBCProvision + - PeopleSoftHRMSBuildMap + - PeopleSoftHRMSOperationProvisioning + - PeopleSoftHRMSProvision + - RACFPermissionCustomization + - SAPBuildMap + - SapHrManagerRule + - SapHrOperationProvisioning + - SapHrProvision + - SuccessFactorsOperationProvisioning + - WebServiceAfterOperationRule + - WebServiceBeforeOperationRule + description: the type of rule + example: BuildMap + signature: + description: The rule's function signature. Describes the rule's input arguments and output (if any) + type: object + required: + - input + properties: + input: + type: array + items: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + output: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + sourceCode: + description: SourceCode + type: object + required: + - version + - script + properties: + version: + type: string + description: the version of the code + example: '1.0' + script: + type: string + description: The code + example: return "Mr. " + firstName; + attributes: + type: object + nullable: true + description: a map of string to objects + example: {} + - type: object + nullable: true + required: + - id + - created + properties: + id: + type: string + description: the ID of the rule + example: 8113d48c0b914f17b4c6072d4dcb9dfe + created: + type: string + description: an ISO 8601 UTC timestamp when this rule was created + example: '021-07-22T15:59:23Z' + modified: + type: string + nullable: true + description: an ISO 8601 UTC timestamp when this rule was last modified + example: '021-07-22T15:59:23Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:rule-management-connector:read' + - 'idn:rule-management-connector:manage' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + post: + tags: + - Connector Rule Management + operationId: createConnectorRule + summary: Create Connector Rule + description: |- + Creates a new connector rule. + A token with ORG_ADMIN authority is required to call this API. + requestBody: + required: true + description: The connector rule to create + content: + application/json: + schema: + description: ConnectorRuleCreateRequest + type: object + required: + - name + - type + - sourceCode + properties: + name: + type: string + description: the name of the rule + example: WebServiceBeforeOperationRule + minLength: 1 + maxLength: 128 + description: + type: string + description: a description of the rule's purpose + example: This rule does that + type: + type: string + enum: + - BuildMap + - ConnectorAfterCreate + - ConnectorAfterDelete + - ConnectorAfterModify + - ConnectorBeforeCreate + - ConnectorBeforeDelete + - ConnectorBeforeModify + - JDBCBuildMap + - JDBCOperationProvisioning + - JDBCProvision + - PeopleSoftHRMSBuildMap + - PeopleSoftHRMSOperationProvisioning + - PeopleSoftHRMSProvision + - RACFPermissionCustomization + - SAPBuildMap + - SapHrManagerRule + - SapHrOperationProvisioning + - SapHrProvision + - SuccessFactorsOperationProvisioning + - WebServiceAfterOperationRule + - WebServiceBeforeOperationRule + description: the type of rule + example: BuildMap + signature: + description: The rule's function signature. Describes the rule's input arguments and output (if any) + type: object + required: + - input + properties: + input: + type: array + items: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + output: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + sourceCode: + description: SourceCode + type: object + required: + - version + - script + properties: + version: + type: string + description: the version of the code + example: '1.0' + script: + type: string + description: The code + example: return "Mr. " + firstName; + attributes: + type: object + nullable: true + description: a map of string to objects + example: {} + responses: + '201': + description: The created connector rule + content: + application/json: + schema: + description: ConnectorRuleResponse + allOf: + - description: ConnectorRuleCreateRequest + type: object + required: + - name + - type + - sourceCode + properties: + name: + type: string + description: the name of the rule + example: WebServiceBeforeOperationRule + minLength: 1 + maxLength: 128 + description: + type: string + description: a description of the rule's purpose + example: This rule does that + type: + type: string + enum: + - BuildMap + - ConnectorAfterCreate + - ConnectorAfterDelete + - ConnectorAfterModify + - ConnectorBeforeCreate + - ConnectorBeforeDelete + - ConnectorBeforeModify + - JDBCBuildMap + - JDBCOperationProvisioning + - JDBCProvision + - PeopleSoftHRMSBuildMap + - PeopleSoftHRMSOperationProvisioning + - PeopleSoftHRMSProvision + - RACFPermissionCustomization + - SAPBuildMap + - SapHrManagerRule + - SapHrOperationProvisioning + - SapHrProvision + - SuccessFactorsOperationProvisioning + - WebServiceAfterOperationRule + - WebServiceBeforeOperationRule + description: the type of rule + example: BuildMap + signature: + description: The rule's function signature. Describes the rule's input arguments and output (if any) + type: object + required: + - input + properties: + input: + type: array + items: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + output: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + sourceCode: + description: SourceCode + type: object + required: + - version + - script + properties: + version: + type: string + description: the version of the code + example: '1.0' + script: + type: string + description: The code + example: return "Mr. " + firstName; + attributes: + type: object + nullable: true + description: a map of string to objects + example: {} + - type: object + nullable: true + required: + - id + - created + properties: + id: + type: string + description: the ID of the rule + example: 8113d48c0b914f17b4c6072d4dcb9dfe + created: + type: string + description: an ISO 8601 UTC timestamp when this rule was created + example: '021-07-22T15:59:23Z' + modified: + type: string + nullable: true + description: an ISO 8601 UTC timestamp when this rule was last modified + example: '021-07-22T15:59:23Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:rule-management-connector:manage' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/connector-rules/{id}': + get: + tags: + - Connector Rule Management + summary: Connector-Rule by ID + operationId: getConnectorRule + description: |- + Returns the connector rule specified by ID. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - name: id + in: path + description: ID of the connector rule to retrieve + required: true + style: simple + explode: false + schema: + type: string + example: 8c190e6787aa4ed9a90bd9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Connector rule with the given ID + content: + application/json: + schema: + description: ConnectorRuleResponse + allOf: + - description: ConnectorRuleCreateRequest + type: object + required: + - name + - type + - sourceCode + properties: + name: + type: string + description: the name of the rule + example: WebServiceBeforeOperationRule + minLength: 1 + maxLength: 128 + description: + type: string + description: a description of the rule's purpose + example: This rule does that + type: + type: string + enum: + - BuildMap + - ConnectorAfterCreate + - ConnectorAfterDelete + - ConnectorAfterModify + - ConnectorBeforeCreate + - ConnectorBeforeDelete + - ConnectorBeforeModify + - JDBCBuildMap + - JDBCOperationProvisioning + - JDBCProvision + - PeopleSoftHRMSBuildMap + - PeopleSoftHRMSOperationProvisioning + - PeopleSoftHRMSProvision + - RACFPermissionCustomization + - SAPBuildMap + - SapHrManagerRule + - SapHrOperationProvisioning + - SapHrProvision + - SuccessFactorsOperationProvisioning + - WebServiceAfterOperationRule + - WebServiceBeforeOperationRule + description: the type of rule + example: BuildMap + signature: + description: The rule's function signature. Describes the rule's input arguments and output (if any) + type: object + required: + - input + properties: + input: + type: array + items: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + output: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + sourceCode: + description: SourceCode + type: object + required: + - version + - script + properties: + version: + type: string + description: the version of the code + example: '1.0' + script: + type: string + description: The code + example: return "Mr. " + firstName; + attributes: + type: object + nullable: true + description: a map of string to objects + example: {} + - type: object + nullable: true + required: + - id + - created + properties: + id: + type: string + description: the ID of the rule + example: 8113d48c0b914f17b4c6072d4dcb9dfe + created: + type: string + description: an ISO 8601 UTC timestamp when this rule was created + example: '021-07-22T15:59:23Z' + modified: + type: string + nullable: true + description: an ISO 8601 UTC timestamp when this rule was last modified + example: '021-07-22T15:59:23Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:rule-management-connector:read' + - 'idn:rule-management-connector:manage' + put: + tags: + - Connector Rule Management + summary: Update a Connector Rule + description: |- + Updates an existing connector rule with the one provided in the request body. Note that the fields 'id', 'name', and 'type' are immutable. + A token with ORG_ADMIN authority is required to call this API. + operationId: updateConnectorRule + parameters: + - name: id + in: path + description: ID of the connector rule to update + required: true + style: simple + explode: false + schema: + type: string + example: 8c190e6787aa4ed9a90bd9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: The connector rule with updated data + content: + application/json: + schema: + description: ConnectorRuleUpdateRequest + allOf: + - type: object + required: + - id + properties: + id: + type: string + description: the ID of the rule to update + example: 8113d48c0b914f17b4c6072d4dcb9dfe + - description: ConnectorRuleCreateRequest + type: object + required: + - name + - type + - sourceCode + properties: + name: + type: string + description: the name of the rule + example: WebServiceBeforeOperationRule + minLength: 1 + maxLength: 128 + description: + type: string + description: a description of the rule's purpose + example: This rule does that + type: + type: string + enum: + - BuildMap + - ConnectorAfterCreate + - ConnectorAfterDelete + - ConnectorAfterModify + - ConnectorBeforeCreate + - ConnectorBeforeDelete + - ConnectorBeforeModify + - JDBCBuildMap + - JDBCOperationProvisioning + - JDBCProvision + - PeopleSoftHRMSBuildMap + - PeopleSoftHRMSOperationProvisioning + - PeopleSoftHRMSProvision + - RACFPermissionCustomization + - SAPBuildMap + - SapHrManagerRule + - SapHrOperationProvisioning + - SapHrProvision + - SuccessFactorsOperationProvisioning + - WebServiceAfterOperationRule + - WebServiceBeforeOperationRule + description: the type of rule + example: BuildMap + signature: + description: The rule's function signature. Describes the rule's input arguments and output (if any) + type: object + required: + - input + properties: + input: + type: array + items: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + output: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + sourceCode: + description: SourceCode + type: object + required: + - version + - script + properties: + version: + type: string + description: the version of the code + example: '1.0' + script: + type: string + description: The code + example: return "Mr. " + firstName; + attributes: + type: object + nullable: true + description: a map of string to objects + example: {} + responses: + '200': + description: The updated connector rule + content: + application/json: + schema: + description: ConnectorRuleResponse + allOf: + - description: ConnectorRuleCreateRequest + type: object + required: + - name + - type + - sourceCode + properties: + name: + type: string + description: the name of the rule + example: WebServiceBeforeOperationRule + minLength: 1 + maxLength: 128 + description: + type: string + description: a description of the rule's purpose + example: This rule does that + type: + type: string + enum: + - BuildMap + - ConnectorAfterCreate + - ConnectorAfterDelete + - ConnectorAfterModify + - ConnectorBeforeCreate + - ConnectorBeforeDelete + - ConnectorBeforeModify + - JDBCBuildMap + - JDBCOperationProvisioning + - JDBCProvision + - PeopleSoftHRMSBuildMap + - PeopleSoftHRMSOperationProvisioning + - PeopleSoftHRMSProvision + - RACFPermissionCustomization + - SAPBuildMap + - SapHrManagerRule + - SapHrOperationProvisioning + - SapHrProvision + - SuccessFactorsOperationProvisioning + - WebServiceAfterOperationRule + - WebServiceBeforeOperationRule + description: the type of rule + example: BuildMap + signature: + description: The rule's function signature. Describes the rule's input arguments and output (if any) + type: object + required: + - input + properties: + input: + type: array + items: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + output: + type: object + nullable: true + properties: + name: + type: string + description: the name of the argument + example: firstName + description: + type: string + description: the description of the argument + example: the first name of the identity + type: + type: string + nullable: true + description: the programmatic type of the argument + example: String + required: + - name + sourceCode: + description: SourceCode + type: object + required: + - version + - script + properties: + version: + type: string + description: the version of the code + example: '1.0' + script: + type: string + description: The code + example: return "Mr. " + firstName; + attributes: + type: object + nullable: true + description: a map of string to objects + example: {} + - type: object + nullable: true + required: + - id + - created + properties: + id: + type: string + description: the ID of the rule + example: 8113d48c0b914f17b4c6072d4dcb9dfe + created: + type: string + description: an ISO 8601 UTC timestamp when this rule was created + example: '021-07-22T15:59:23Z' + modified: + type: string + nullable: true + description: an ISO 8601 UTC timestamp when this rule was last modified + example: '021-07-22T15:59:23Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:rule-management-connector:manage' + delete: + tags: + - Connector Rule Management + summary: Delete a Connector-Rule + description: |- + Deletes the connector rule specified by the given ID. + A token with ORG_ADMIN authority is required to call this API. + operationId: deleteConnectorRule + parameters: + - name: id + in: path + description: ID of the connector rule to delete + required: true + style: simple + explode: false + schema: + type: string + example: 8c190e6787aa4ed9a90bd9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:rule-management-connector:manage' + /connector-rules/validate: + post: + tags: + - Connector Rule Management + operationId: validateConnectorRule + summary: Validate Connector Rule + description: |- + Returns a list of issues within the code to fix, if any. + A token with ORG_ADMIN authority is required to call this API. + requestBody: + required: true + description: The code to validate + content: + application/json: + schema: + description: SourceCode + type: object + required: + - version + - script + properties: + version: + type: string + description: the version of the code + example: '1.0' + script: + type: string + description: The code + example: return "Mr. " + firstName; + responses: + '200': + description: The status of the code's eligibility as a connector rule + content: + application/json: + schema: + description: ConnectorRuleValidationResponse + type: object + required: + - state + - details + properties: + state: + type: string + enum: + - OK + - ERROR + example: ERROR + details: + type: array + items: + description: CodeErrorDetail + type: object + required: + - line + - column + - message + properties: + line: + type: integer + description: The line number where the issue occurred + example: 2 + column: + type: integer + description: the column number where the issue occurred + example: 5 + messsage: + type: string + description: a description of the issue in the code + example: Remove reference to .decrypt( + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:rule-management-connector:read' + - 'idn:rule-management-connector:manage' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /custom-password-instructions: + post: + operationId: createCustomPasswordInstructions + tags: + - Custom Password Instructions + summary: Create Custom Password Instructions + description: This API creates the custom password instructions for the specified page ID. A token with ORG_ADMIN authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + pageId: + type: string + description: 'The page ID that represents the page for forget user name, reset password and unlock account flow.' + enum: + - 'change-password:enter-password' + - 'change-password:finish' + - 'flow-selection:select' + - 'forget-username:user-email' + - 'mfa:enter-code' + - 'mfa:enter-kba' + - 'mfa:select' + - 'reset-password:enter-password' + - 'reset-password:enter-username' + - 'reset-password:finish' + - 'unlock-account:enter-username' + - 'unlock-account:finish' + pageContent: + type: string + description: 'The custom instructions for the specified page. Allow basic HTML format and maximum length is 1000 characters. The custom instructions will be sanitized to avoid attacks. If the customization text includes a link, like ... clicking on this will open the link on the current browser page. If you want your link to be redirected to a different page, please redirect it to "_blank" like this: link. This will open a new tab when the link is clicked. Notice we''re only supporting _blank as the redirection target.' + locale: + type: string + example: en + description: 'The locale for the custom instructions, a BCP47 language tag. The default value is \"default\".' + example: + pageId: 'reset-password:enter-password' + pageContent: See company password policies for details by clicking here + responses: + '200': + description: Reference to the custom password instructions. + content: + application/json: + schema: + type: object + properties: + pageId: + type: string + description: 'The page ID that represents the page for forget user name, reset password and unlock account flow.' + enum: + - 'change-password:enter-password' + - 'change-password:finish' + - 'flow-selection:select' + - 'forget-username:user-email' + - 'mfa:enter-code' + - 'mfa:enter-kba' + - 'mfa:select' + - 'reset-password:enter-password' + - 'reset-password:enter-username' + - 'reset-password:finish' + - 'unlock-account:enter-username' + - 'unlock-account:finish' + pageContent: + type: string + description: 'The custom instructions for the specified page. Allow basic HTML format and maximum length is 1000 characters. The custom instructions will be sanitized to avoid attacks. If the customization text includes a link, like ... clicking on this will open the link on the current browser page. If you want your link to be redirected to a different page, please redirect it to "_blank" like this: link. This will open a new tab when the link is clicked. Notice we''re only supporting _blank as the redirection target.' + locale: + type: string + example: en + description: 'The locale for the custom instructions, a BCP47 language tag. The default value is \"default\".' + example: + pageId: 'reset-password:enter-password' + locale: default + pageContent: See company password policies for details by clicking here + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/custom-password-instructions/{pageId}': + get: + operationId: getCustomPasswordInstructions + tags: + - Custom Password Instructions + summary: Get Custom Password Instructions by Page ID + description: This API returns the custom password instructions for the specified page ID. A token with ORG_ADMIN authority is required to call this API. + parameters: + - in: path + name: pageId + schema: + type: string + enum: + - 'change-password:enter-password' + - 'change-password:finish' + - 'flow-selection:select' + - 'forget-username:user-email' + - 'mfa:enter-code' + - 'mfa:enter-kba' + - 'mfa:select' + - 'reset-password:enter-password' + - 'reset-password:enter-username' + - 'reset-password:finish' + - 'unlock-account:enter-username' + - 'unlock-account:finish' + required: true + description: The page ID of custom password instructions to query. + example: 'mfa:select' + - in: query + name: locale + schema: + type: string + description: 'The locale for the custom instructions, a BCP47 language tag. The default value is \"default\".' + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Reference to the custom password instructions. + content: + application/json: + schema: + type: object + properties: + pageId: + type: string + description: 'The page ID that represents the page for forget user name, reset password and unlock account flow.' + enum: + - 'change-password:enter-password' + - 'change-password:finish' + - 'flow-selection:select' + - 'forget-username:user-email' + - 'mfa:enter-code' + - 'mfa:enter-kba' + - 'mfa:select' + - 'reset-password:enter-password' + - 'reset-password:enter-username' + - 'reset-password:finish' + - 'unlock-account:enter-username' + - 'unlock-account:finish' + pageContent: + type: string + description: 'The custom instructions for the specified page. Allow basic HTML format and maximum length is 1000 characters. The custom instructions will be sanitized to avoid attacks. If the customization text includes a link, like ... clicking on this will open the link on the current browser page. If you want your link to be redirected to a different page, please redirect it to "_blank" like this: link. This will open a new tab when the link is clicked. Notice we''re only supporting _blank as the redirection target.' + locale: + type: string + example: en + description: 'The locale for the custom instructions, a BCP47 language tag. The default value is \"default\".' + example: + pageId: 'reset-password:enter-password' + locale: default + pageContent: See company password policies for details by clicking here + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteCustomPasswordInstructions + tags: + - Custom Password Instructions + summary: Delete Custom Password Instructions by page ID + description: This API delete the custom password instructions for the specified page ID. A token with ORG_ADMIN authority is required to call this API. + parameters: + - in: path + name: pageId + schema: + type: string + enum: + - 'change-password:enter-password' + - 'change-password:finish' + - 'flow-selection:select' + - 'forget-username:user-email' + - 'mfa:enter-code' + - 'mfa:enter-kba' + - 'mfa:select' + - 'reset-password:enter-password' + - 'reset-password:enter-username' + - 'reset-password:finish' + - 'unlock-account:enter-username' + - 'unlock-account:finish' + required: true + description: The page ID of custom password instructions to delete. + example: 'mfa:select' + - in: query + name: locale + schema: + type: string + description: 'The locale for the custom instructions, a BCP47 language tag. The default value is \"default\".' + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /entitlements: + get: + operationId: listEntitlements + tags: + - Entitlements + summary: Gets a list of entitlements. + security: + - UserContextAuth: + - 'idn:entitlement:read' + - 'idn:entitlement:manage' + description: |- + This API returns a list of entitlements. + + This API can be used in one of the two following ways: either getting entitlements for a specific **account-id**, or getting via use of **filters** (those two options are exclusive). + + Any authenticated token can call this API. + parameters: + - in: query + name: account-id + schema: + type: string + description: 'The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).' + example: ef38f94347e94562b5bb8424a56397d8 + required: false + - in: query + name: segmented-for-identity + schema: + type: string + description: |- + If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID. + Cannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity. + example: me + required: false + - in: query + name: for-segment-ids + schema: + type: string + format: comma-separated + description: |- + If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs. + Cannot be specified with the **account-id** or **segmented-for-identity** param(s). + example: '041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649' + required: false + - in: query + name: include-unsegmented + schema: + type: boolean + default: true + description: 'Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.' + example: true + required: false + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable** + example: 'name,-modified' + required: false + style: form + explode: true + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, in, sw* + + **type**: *eq, in* + + **attribute**: *eq, in* + + **value**: *eq, in, sw* + + **source.id**: *eq, in* + + **requestable**: *eq* + + **created**: *gt, lt, ge, le* + + **modified**: *gt, lt, ge, le* + + **owner.id**: *eq, in* + example: attribute eq "memberOf" + required: false + style: form + explode: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of entitlements + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The entitlement id + example: 2c91808874ff91550175097daaec161c + name: + type: string + description: The entitlement name + example: LauncherTest2 + created: + type: string + description: Time when the entitlement was created + format: date-time + example: '2020-10-08T18:33:52.029Z' + modified: + type: string + description: Time when the entitlement was last modified + format: date-time + example: '2020-10-08T18:33:52.029Z' + attribute: + type: string + description: The entitlement attribute name + example: memberOf + nullable: true + value: + type: string + description: The value of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + sourceSchemaObjectType: + type: string + description: The object type of the entitlement from the source schema + example: group + privileged: + type: boolean + default: false + description: True if the entitlement is privileged + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: true + description: + type: string + nullable: true + description: The description of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + requestable: + type: boolean + default: false + description: True if the entitlement is requestable + example: true + attributes: + type: object + description: A map of free-form key-value pairs from the source system + example: + fieldName: fieldValue + additionalProperties: true + source: + type: object + properties: + id: + type: string + description: The source ID + example: 2c9180827ca885d7017ca8ce28a000eb + type: + type: string + description: 'The source type, will always be "SOURCE"' + example: SOURCE + name: + type: string + description: The source name + example: ODS-AD-Source + nullable: true + owner: + allOf: + - type: object + description: Simplified DTO for the owner object of the entitlement + properties: + id: + type: string + description: The owner id for the entitlement + example: 2a2fdacca5e345f18bf7970cfbb8fec2 + name: + type: string + description: The owner name for the entitlement + example: identity 1 + type: + type: string + enum: + - IDENTITY + description: The type of the owner. Initially only type IDENTITY is supported + example: IDENTITY + - nullable: true + directPermissions: + type: array + items: + type: object + description: 'Simplified DTO for the Permission objects stored in SailPoint''s database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.' + properties: + rights: + type: array + description: All the rights (e.g. actions) that this permission allows on the target + readOnly: true + items: + type: string + example: SELECT + target: + type: string + description: The target the permission would grants rights on. + readOnly: true + example: SYS.GV_$TRANSACTION + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Entitlement is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + manuallyUpdatedFields: + allOf: + - type: object + properties: + DISPLAY_NAME: + type: boolean + default: false + description: |- + True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property. + example: true + DESCRIPTION: + type: boolean + default: false + description: |- + True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property. + example: true + - nullable: true + description: 'Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.' + example: + DISPLAY_NAME: true + DESCRIPTION: true + accessModelMetadata: + allOf: + - type: object + properties: + attributes: + type: array + nullable: true + items: + type: object + properties: + key: + type: string + description: Technical name of the Attribute. This is unique and cannot be changed after creation. + example: iscPrivacy + name: + type: string + description: The display name of the key. + example: Privacy + multiselect: + type: boolean + default: false + description: Indicates whether the attribute can have multiple values. + example: false + status: + type: string + description: The status of the Attribute. + example: active + type: + type: string + description: The type of the Attribute. This can be either "custom" or "governance". + example: governance + objectTypes: + type: array + items: + type: string + nullable: true + description: An array of object types this attributes values can be applied to. Possible values are "all" or "entitlement". Value "all" means this attribute can be used with all object types that are supported. + example: + - entitlement + description: + type: string + description: The description of the Attribute. + example: Specifies the level of privacy associated with an access item. + values: + type: array + nullable: true + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + example: + - key: iscPrivacy + name: Privacy + multiselect: false + status: active + type: governance + objectTypes: + - all + description: Specifies the level of privacy associated with an access item. + values: + - value: public + name: Public + status: active + - nullable: true + description: Access Model Metadata (beta). + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/entitlements/{id}': + get: + operationId: getEntitlement + tags: + - Entitlements + summary: Get an entitlement + description: This API returns an entitlement by its ID. + security: + - UserContextAuth: + - 'idn:entitlement:read' + - 'idn:entitlement:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The entitlement ID + example: 2c91808874ff91550175097daaec161c + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: An entitlement + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The entitlement id + example: 2c91808874ff91550175097daaec161c + name: + type: string + description: The entitlement name + example: LauncherTest2 + created: + type: string + description: Time when the entitlement was created + format: date-time + example: '2020-10-08T18:33:52.029Z' + modified: + type: string + description: Time when the entitlement was last modified + format: date-time + example: '2020-10-08T18:33:52.029Z' + attribute: + type: string + description: The entitlement attribute name + example: memberOf + nullable: true + value: + type: string + description: The value of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + sourceSchemaObjectType: + type: string + description: The object type of the entitlement from the source schema + example: group + privileged: + type: boolean + default: false + description: True if the entitlement is privileged + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: true + description: + type: string + nullable: true + description: The description of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + requestable: + type: boolean + default: false + description: True if the entitlement is requestable + example: true + attributes: + type: object + description: A map of free-form key-value pairs from the source system + example: + fieldName: fieldValue + additionalProperties: true + source: + type: object + properties: + id: + type: string + description: The source ID + example: 2c9180827ca885d7017ca8ce28a000eb + type: + type: string + description: 'The source type, will always be "SOURCE"' + example: SOURCE + name: + type: string + description: The source name + example: ODS-AD-Source + nullable: true + owner: + allOf: + - type: object + description: Simplified DTO for the owner object of the entitlement + properties: + id: + type: string + description: The owner id for the entitlement + example: 2a2fdacca5e345f18bf7970cfbb8fec2 + name: + type: string + description: The owner name for the entitlement + example: identity 1 + type: + type: string + enum: + - IDENTITY + description: The type of the owner. Initially only type IDENTITY is supported + example: IDENTITY + - nullable: true + directPermissions: + type: array + items: + type: object + description: 'Simplified DTO for the Permission objects stored in SailPoint''s database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.' + properties: + rights: + type: array + description: All the rights (e.g. actions) that this permission allows on the target + readOnly: true + items: + type: string + example: SELECT + target: + type: string + description: The target the permission would grants rights on. + readOnly: true + example: SYS.GV_$TRANSACTION + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Entitlement is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + manuallyUpdatedFields: + allOf: + - type: object + properties: + DISPLAY_NAME: + type: boolean + default: false + description: |- + True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property. + example: true + DESCRIPTION: + type: boolean + default: false + description: |- + True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property. + example: true + - nullable: true + description: 'Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.' + example: + DISPLAY_NAME: true + DESCRIPTION: true + accessModelMetadata: + allOf: + - type: object + properties: + attributes: + type: array + nullable: true + items: + type: object + properties: + key: + type: string + description: Technical name of the Attribute. This is unique and cannot be changed after creation. + example: iscPrivacy + name: + type: string + description: The display name of the key. + example: Privacy + multiselect: + type: boolean + default: false + description: Indicates whether the attribute can have multiple values. + example: false + status: + type: string + description: The status of the Attribute. + example: active + type: + type: string + description: The type of the Attribute. This can be either "custom" or "governance". + example: governance + objectTypes: + type: array + items: + type: string + nullable: true + description: An array of object types this attributes values can be applied to. Possible values are "all" or "entitlement". Value "all" means this attribute can be used with all object types that are supported. + example: + - entitlement + description: + type: string + description: The description of the Attribute. + example: Specifies the level of privacy associated with an access item. + values: + type: array + nullable: true + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + example: + - key: iscPrivacy + name: Privacy + multiselect: false + status: active + type: governance + objectTypes: + - all + description: Specifies the level of privacy associated with an access item. + values: + - value: public + name: Public + status: active + - nullable: true + description: Access Model Metadata (beta). + example: + sourceSchemaObjectType: group + attribute: memberOf + attributes: + GroupType: Security + sAMAccountName: LauncherTest1 + GroupScope: Global + objectguid: '{01a6e70b-9705-4155-a5c6-492a9bcc8c64}' + objectSid: S-1-5-21-3585869415-1648031554-2909195034-1633 + cn: LauncherTest1 + msDS-PrincipalName: AUTOMATIONAD\LauncherTest1 + value: 'CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + description: some description + privileged: false + cloudGoverned: false + source: + type: SOURCE + id: 2c9180877504c40e0175097d5ce707c8 + name: EndToEnd-ADSource + owner: + id: 2c9180858315595501831958427e5424 + name: Addie Smith + type: IDENTITY + segments: + - 1d126fe0-45e2-4aea-bc64-a07e9344ef26 + manuallyUpdatedFields: + DISPLAY_NAME: true + DESCRIPTION: true + id: 2c91808c74ff913f0175097daa9d59cd + name: LauncherTest1 + created: '2020-10-08T18:33:52.029Z' + modified: '2021-01-19T16:53:35.707Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchEntitlement + tags: + - Entitlements + summary: Patch an entitlement + description: |- + This API updates an existing entitlement using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. + + The following fields are patchable: **requestable**, **privileged**, **segments**, **owner**, **name**, **description**, and **manuallyUpdatedFields** + + When you're patching owner, only owner type and owner id must be provided. Owner name is optional, and it won't be modified. If the owner name is provided, it should correspond to the real name. The only owner type currently supported is IDENTITY. + + A token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:entitlement:manage' + parameters: + - name: id + in: path + description: ID of the entitlement to patch + required: true + schema: + type: string + example: 2c91808a7813090a017814121e121518 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /requestable + value: true + examples: + Make an entitlement requestable and privileged in one call: + description: This example shows how multiple fields may be updated with a single patch call. + value: + - op: replace + path: /requestable + value: true + - op: replace + path: /privileged + value: true + Assign an entitlement to a segment: + description: This example shows how to use patch to assign an entitlement to a segment by adding the segment's ID to the entitlement's segments array. + value: + - op: add + path: /segments/- + value: f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + Assign an owner to an entitlement: + description: This example shows how to use patch to assign an owner to an entitlement by adding the owner's info to the entitlement. + value: + - op: add + path: /owner + value: + type: IDENTITY + id: 2c9180858315595501831958427e5424 + Replace an owner for an entitlement: + description: This example shows how to use patch to replace an entitlement's owner by replacing the owner's info to the entitlement. + value: + - op: replace + path: /owner + value: + type: IDENTITY + id: 2c9180858315595501831958427e5424 + Set entitlement manually updated fields: + description: 'This example shows how to set an entitlement''s manually updated fields values with patch request. Values for all manually updateable fields must be specified in the request. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.' + value: + - op: replace + path: /manuallyUpdatedFields + value: + DISPLAY_NAME: true + DESCRIPTION: true + Add the description for an entitlement: + description: This example shows how to use patch to add a description for the entitlement. + value: + - op: add + path: /description + value: new description for the entitlement + Update the name for an entitlement: + description: This example shows how to use patch to update an entitlement's name. + value: + - op: replace + path: /name + value: entitlement new name + responses: + '200': + description: Responds with the entitlement as updated. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The entitlement id + example: 2c91808874ff91550175097daaec161c + name: + type: string + description: The entitlement name + example: LauncherTest2 + created: + type: string + description: Time when the entitlement was created + format: date-time + example: '2020-10-08T18:33:52.029Z' + modified: + type: string + description: Time when the entitlement was last modified + format: date-time + example: '2020-10-08T18:33:52.029Z' + attribute: + type: string + description: The entitlement attribute name + example: memberOf + nullable: true + value: + type: string + description: The value of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + sourceSchemaObjectType: + type: string + description: The object type of the entitlement from the source schema + example: group + privileged: + type: boolean + default: false + description: True if the entitlement is privileged + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: true + description: + type: string + nullable: true + description: The description of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + requestable: + type: boolean + default: false + description: True if the entitlement is requestable + example: true + attributes: + type: object + description: A map of free-form key-value pairs from the source system + example: + fieldName: fieldValue + additionalProperties: true + source: + type: object + properties: + id: + type: string + description: The source ID + example: 2c9180827ca885d7017ca8ce28a000eb + type: + type: string + description: 'The source type, will always be "SOURCE"' + example: SOURCE + name: + type: string + description: The source name + example: ODS-AD-Source + nullable: true + owner: + allOf: + - type: object + description: Simplified DTO for the owner object of the entitlement + properties: + id: + type: string + description: The owner id for the entitlement + example: 2a2fdacca5e345f18bf7970cfbb8fec2 + name: + type: string + description: The owner name for the entitlement + example: identity 1 + type: + type: string + enum: + - IDENTITY + description: The type of the owner. Initially only type IDENTITY is supported + example: IDENTITY + - nullable: true + directPermissions: + type: array + items: + type: object + description: 'Simplified DTO for the Permission objects stored in SailPoint''s database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.' + properties: + rights: + type: array + description: All the rights (e.g. actions) that this permission allows on the target + readOnly: true + items: + type: string + example: SELECT + target: + type: string + description: The target the permission would grants rights on. + readOnly: true + example: SYS.GV_$TRANSACTION + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Entitlement is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + manuallyUpdatedFields: + allOf: + - type: object + properties: + DISPLAY_NAME: + type: boolean + default: false + description: |- + True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property. + example: true + DESCRIPTION: + type: boolean + default: false + description: |- + True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property. + example: true + - nullable: true + description: 'Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.' + example: + DISPLAY_NAME: true + DESCRIPTION: true + accessModelMetadata: + allOf: + - type: object + properties: + attributes: + type: array + nullable: true + items: + type: object + properties: + key: + type: string + description: Technical name of the Attribute. This is unique and cannot be changed after creation. + example: iscPrivacy + name: + type: string + description: The display name of the key. + example: Privacy + multiselect: + type: boolean + default: false + description: Indicates whether the attribute can have multiple values. + example: false + status: + type: string + description: The status of the Attribute. + example: active + type: + type: string + description: The type of the Attribute. This can be either "custom" or "governance". + example: governance + objectTypes: + type: array + items: + type: string + nullable: true + description: An array of object types this attributes values can be applied to. Possible values are "all" or "entitlement". Value "all" means this attribute can be used with all object types that are supported. + example: + - entitlement + description: + type: string + description: The description of the Attribute. + example: Specifies the level of privacy associated with an access item. + values: + type: array + nullable: true + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + example: + - key: iscPrivacy + name: Privacy + multiselect: false + status: active + type: governance + objectTypes: + - all + description: Specifies the level of privacy associated with an access item. + values: + - value: public + name: Public + status: active + - nullable: true + description: Access Model Metadata (beta). + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/entitlements/{id}/parents': + get: + operationId: listEntitlementParents + tags: + - Entitlements + summary: List of entitlements parents + description: This API returns a list of all parent entitlements of a given entitlement. + security: + - UserContextAuth: + - 'idn:entitlement:read' + - 'idn:entitlement:manage' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: path + name: id + schema: + type: string + required: true + description: Entitlement Id + example: 2c91808c74ff913f0175097daa9d59cd + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id** + example: 'name,-modified' + required: false + style: form + explode: true + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, in, sw* + + **type**: *eq, in* + + **attribute**: *eq, in* + + **value**: *eq, in, sw* + + **source.id**: *eq, in* + + **requestable**: *eq* + + **created**: *gt, lt, ge, le* + + **modified**: *gt, lt, ge, le* + example: attribute eq "memberOf" + required: false + style: form + explode: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of entitlements parents from an entitlement + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The entitlement id + example: 2c91808874ff91550175097daaec161c + name: + type: string + description: The entitlement name + example: LauncherTest2 + created: + type: string + description: Time when the entitlement was created + format: date-time + example: '2020-10-08T18:33:52.029Z' + modified: + type: string + description: Time when the entitlement was last modified + format: date-time + example: '2020-10-08T18:33:52.029Z' + attribute: + type: string + description: The entitlement attribute name + example: memberOf + nullable: true + value: + type: string + description: The value of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + sourceSchemaObjectType: + type: string + description: The object type of the entitlement from the source schema + example: group + privileged: + type: boolean + default: false + description: True if the entitlement is privileged + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: true + description: + type: string + nullable: true + description: The description of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + requestable: + type: boolean + default: false + description: True if the entitlement is requestable + example: true + attributes: + type: object + description: A map of free-form key-value pairs from the source system + example: + fieldName: fieldValue + additionalProperties: true + source: + type: object + properties: + id: + type: string + description: The source ID + example: 2c9180827ca885d7017ca8ce28a000eb + type: + type: string + description: 'The source type, will always be "SOURCE"' + example: SOURCE + name: + type: string + description: The source name + example: ODS-AD-Source + nullable: true + owner: + allOf: + - type: object + description: Simplified DTO for the owner object of the entitlement + properties: + id: + type: string + description: The owner id for the entitlement + example: 2a2fdacca5e345f18bf7970cfbb8fec2 + name: + type: string + description: The owner name for the entitlement + example: identity 1 + type: + type: string + enum: + - IDENTITY + description: The type of the owner. Initially only type IDENTITY is supported + example: IDENTITY + - nullable: true + directPermissions: + type: array + items: + type: object + description: 'Simplified DTO for the Permission objects stored in SailPoint''s database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.' + properties: + rights: + type: array + description: All the rights (e.g. actions) that this permission allows on the target + readOnly: true + items: + type: string + example: SELECT + target: + type: string + description: The target the permission would grants rights on. + readOnly: true + example: SYS.GV_$TRANSACTION + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Entitlement is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + manuallyUpdatedFields: + allOf: + - type: object + properties: + DISPLAY_NAME: + type: boolean + default: false + description: |- + True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property. + example: true + DESCRIPTION: + type: boolean + default: false + description: |- + True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property. + example: true + - nullable: true + description: 'Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.' + example: + DISPLAY_NAME: true + DESCRIPTION: true + accessModelMetadata: + allOf: + - type: object + properties: + attributes: + type: array + nullable: true + items: + type: object + properties: + key: + type: string + description: Technical name of the Attribute. This is unique and cannot be changed after creation. + example: iscPrivacy + name: + type: string + description: The display name of the key. + example: Privacy + multiselect: + type: boolean + default: false + description: Indicates whether the attribute can have multiple values. + example: false + status: + type: string + description: The status of the Attribute. + example: active + type: + type: string + description: The type of the Attribute. This can be either "custom" or "governance". + example: governance + objectTypes: + type: array + items: + type: string + nullable: true + description: An array of object types this attributes values can be applied to. Possible values are "all" or "entitlement". Value "all" means this attribute can be used with all object types that are supported. + example: + - entitlement + description: + type: string + description: The description of the Attribute. + example: Specifies the level of privacy associated with an access item. + values: + type: array + nullable: true + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + example: + - key: iscPrivacy + name: Privacy + multiselect: false + status: active + type: governance + objectTypes: + - all + description: Specifies the level of privacy associated with an access item. + values: + - value: public + name: Public + status: active + - nullable: true + description: Access Model Metadata (beta). + example: + - sourceSchemaObjectType: group + attribute: memberOf + attributes: + GroupType: Security + sAMAccountName: LauncherTest1 + GroupScope: Global + objectguid: '{01a6e70b-9705-4155-a5c6-492a9bcc8c64}' + objectSid: S-1-5-21-3585869415-1648031554-2909195034-1633 + cn: LauncherTest1 + msDS-PrincipalName: AUTOMATIONAD\LauncherTest1 + value: 'CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + description: some description + privileged: false + cloudGoverned: false + source: + type: SOURCE + id: 2c9180877504c40e0175097d5ce707c8 + name: EndToEnd-ADSource + owner: + id: 2a2fdacca5e345f18bf7970cfbb8fec2 + name: identity 1 + type: IDENTITY + segments: + - 1d126fe0-45e2-4aea-bc64-a07e9344ef26 + manuallyUpdatedFields: + DISPLAY_NAME: true + DESCRIPTION: true + id: 2c91808c74ff913f0175097daa9d59cd + name: LauncherTest1 + created: '2020-10-08T18:33:52.029Z' + modified: '2021-01-19T16:53:35.707Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/entitlements/{id}/children': + get: + operationId: listEntitlementChildren + tags: + - Entitlements + summary: List of entitlements children + description: This API returns a list of all child entitlements of a given entitlement. + security: + - UserContextAuth: + - 'idn:entitlement:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: path + name: id + schema: + type: string + required: true + description: Entitlement Id + example: 2c91808874ff91550175097daaec161c + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id** + example: 'name,-modified' + required: false + style: form + explode: true + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, in, sw* + + **type**: *eq, in* + + **attribute**: *eq, in* + + **value**: *eq, in, sw* + + **source.id**: *eq, in* + + **requestable**: *eq* + + **created**: *gt, lt, ge, le* + + **modified**: *gt, lt, ge, le* + example: attribute eq "memberOf" + required: false + style: form + explode: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of entitlements children from an entitlement + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The entitlement id + example: 2c91808874ff91550175097daaec161c + name: + type: string + description: The entitlement name + example: LauncherTest2 + created: + type: string + description: Time when the entitlement was created + format: date-time + example: '2020-10-08T18:33:52.029Z' + modified: + type: string + description: Time when the entitlement was last modified + format: date-time + example: '2020-10-08T18:33:52.029Z' + attribute: + type: string + description: The entitlement attribute name + example: memberOf + nullable: true + value: + type: string + description: The value of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + sourceSchemaObjectType: + type: string + description: The object type of the entitlement from the source schema + example: group + privileged: + type: boolean + default: false + description: True if the entitlement is privileged + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: true + description: + type: string + nullable: true + description: The description of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + requestable: + type: boolean + default: false + description: True if the entitlement is requestable + example: true + attributes: + type: object + description: A map of free-form key-value pairs from the source system + example: + fieldName: fieldValue + additionalProperties: true + source: + type: object + properties: + id: + type: string + description: The source ID + example: 2c9180827ca885d7017ca8ce28a000eb + type: + type: string + description: 'The source type, will always be "SOURCE"' + example: SOURCE + name: + type: string + description: The source name + example: ODS-AD-Source + nullable: true + owner: + allOf: + - type: object + description: Simplified DTO for the owner object of the entitlement + properties: + id: + type: string + description: The owner id for the entitlement + example: 2a2fdacca5e345f18bf7970cfbb8fec2 + name: + type: string + description: The owner name for the entitlement + example: identity 1 + type: + type: string + enum: + - IDENTITY + description: The type of the owner. Initially only type IDENTITY is supported + example: IDENTITY + - nullable: true + directPermissions: + type: array + items: + type: object + description: 'Simplified DTO for the Permission objects stored in SailPoint''s database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.' + properties: + rights: + type: array + description: All the rights (e.g. actions) that this permission allows on the target + readOnly: true + items: + type: string + example: SELECT + target: + type: string + description: The target the permission would grants rights on. + readOnly: true + example: SYS.GV_$TRANSACTION + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Entitlement is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + manuallyUpdatedFields: + allOf: + - type: object + properties: + DISPLAY_NAME: + type: boolean + default: false + description: |- + True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property. + example: true + DESCRIPTION: + type: boolean + default: false + description: |- + True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property. + example: true + - nullable: true + description: 'Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.' + example: + DISPLAY_NAME: true + DESCRIPTION: true + accessModelMetadata: + allOf: + - type: object + properties: + attributes: + type: array + nullable: true + items: + type: object + properties: + key: + type: string + description: Technical name of the Attribute. This is unique and cannot be changed after creation. + example: iscPrivacy + name: + type: string + description: The display name of the key. + example: Privacy + multiselect: + type: boolean + default: false + description: Indicates whether the attribute can have multiple values. + example: false + status: + type: string + description: The status of the Attribute. + example: active + type: + type: string + description: The type of the Attribute. This can be either "custom" or "governance". + example: governance + objectTypes: + type: array + items: + type: string + nullable: true + description: An array of object types this attributes values can be applied to. Possible values are "all" or "entitlement". Value "all" means this attribute can be used with all object types that are supported. + example: + - entitlement + description: + type: string + description: The description of the Attribute. + example: Specifies the level of privacy associated with an access item. + values: + type: array + nullable: true + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + example: + - key: iscPrivacy + name: Privacy + multiselect: false + status: active + type: governance + objectTypes: + - all + description: Specifies the level of privacy associated with an access item. + values: + - value: public + name: Public + status: active + - nullable: true + description: Access Model Metadata (beta). + example: + - sourceSchemaObjectType: group + attribute: memberOf + attributes: + GroupType: Security + sAMAccountName: LauncherTest1 + GroupScope: Global + objectguid: '{01a6e70b-9705-4155-a5c6-492a9bcc8c64}' + objectSid: S-1-5-21-3585869415-1648031554-2909195034-1633 + cn: LauncherTest1 + msDS-PrincipalName: AUTOMATIONAD\LauncherTest1 + value: 'CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + description: some description + privileged: false + cloudGoverned: false + source: + type: SOURCE + id: 2c9180877504c40e0175097d5ce707c8 + name: EndToEnd-ADSource + owner: + id: 2a2fdacca5e345f18bf7970cfbb8fec2 + name: identity 1 + type: IDENTITY + segments: + - 1d126fe0-45e2-4aea-bc64-a07e9344ef26 + manuallyUpdatedFields: + DISPLAY_NAME: true + DESCRIPTION: true + id: 2c91808c74ff913f0175097daa9d59cd + name: LauncherTest1 + created: '2020-10-08T18:33:52.029Z' + modified: '2021-01-19T16:53:35.707Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /entitlements/bulk-update: + post: + operationId: updateEntitlementsInBulk + tags: + - Entitlements + summary: Bulk update an entitlement list + description: |- + This API applies an update to every entitlement of the list. + + The number of entitlements to update is limited to 50 items maximum. + + The JsonPatch update follows the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. allowed operations : **{ "op": "replace", "path": "/privileged", "value": boolean }** **{ "op": "replace", "path": "/requestable","value": boolean }** + + A token with ORG_ADMIN or API authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + entitlementIds: + type: array + description: List of entitlement ids to update + maxItems: 50 + items: + type: string + example: + - 2c91808a7624751a01762f19d665220d + - 2c91808a7624751a01762f19d67c220e + - 2c91808a7624751a01762f19d692220f + jsonPatch: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /privileged + value: false + - op: replace + path: /requestable + value: false + example: + entitlementIds: + - 2c91808a7624751a01762f19d665220d + - 2c91808a7624751a01762f19d67c220e + - 2c91808a7624751a01762f19d692220f + jsonPatch: + - op: replace + path: /privileged + value: false + - op: replace + path: /requestable + value: false + required: + - entitlementIds + - jsonPatch + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/entitlements/{id}/entitlement-request-config': + get: + operationId: getEntitlementRequestConfig + tags: + - Entitlements + summary: Get Entitlement Request Config + description: This API returns the entitlement request config for a specified entitlement. + security: + - UserContextAuth: + - 'idn:entitlement:read' + - 'idn:entitlement:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Entitlement Id + example: 2c91808874ff91550175097daaec161c + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: An Entitlement Request Config + content: + application/json: + schema: + type: object + properties: + accessRequestConfig: + type: object + properties: + approvalSchemes: + type: array + description: Ordered list of approval steps for the access request. Empty when no approval is required. + items: + type: object + properties: + approverType: + type: string + enum: + - ENTITLEMENT_OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **ENTITLEMENT_OWNER**: Owner of the associated Entitlement + + **SOURCE_OWNER**: Owner of the associated Source + + **MANAGER**: Manager of the Identity for whom the request is being made + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: e3eab852-8315-467f-9de7-70eda97f63c8 + requestCommentRequired: + type: boolean + description: If the requester must provide a comment during access request. + default: false + example: true + denialCommentRequired: + type: boolean + description: If the reviewer must provide a comment when denying the access request. + default: false + example: false + example: + accessRequestConfig: + requestCommentRequired: true + denialCommentRequired: true + approvalSchemes: + - approverType: ENTITLEMENT_OWNER + approverId: null + - approverType: SOURCE_OWNER + approverId: null + - approverType: MANAGER + approverId: null + - approverType: GOVERNANCE_GROUP + approverId: 46c79819-a69f-49a2-becb-12c971ae66c6 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putEntitlementRequestConfig + tags: + - Entitlements + summary: Replace Entitlement Request Config + description: This API replaces the entitlement request config for a specified entitlement. + security: + - UserContextAuth: + - 'idn:entitlement:manage' + parameters: + - name: id + in: path + description: Entitlement ID + required: true + schema: + type: string + example: 2c91808a7813090a017814121e121518 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + accessRequestConfig: + type: object + properties: + approvalSchemes: + type: array + description: Ordered list of approval steps for the access request. Empty when no approval is required. + items: + type: object + properties: + approverType: + type: string + enum: + - ENTITLEMENT_OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **ENTITLEMENT_OWNER**: Owner of the associated Entitlement + + **SOURCE_OWNER**: Owner of the associated Source + + **MANAGER**: Manager of the Identity for whom the request is being made + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: e3eab852-8315-467f-9de7-70eda97f63c8 + requestCommentRequired: + type: boolean + description: If the requester must provide a comment during access request. + default: false + example: true + denialCommentRequired: + type: boolean + description: If the reviewer must provide a comment when denying the access request. + default: false + example: false + responses: + '200': + description: Responds with the entitlement request config as updated. + content: + application/json: + schema: + type: object + properties: + accessRequestConfig: + type: object + properties: + approvalSchemes: + type: array + description: Ordered list of approval steps for the access request. Empty when no approval is required. + items: + type: object + properties: + approverType: + type: string + enum: + - ENTITLEMENT_OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **ENTITLEMENT_OWNER**: Owner of the associated Entitlement + + **SOURCE_OWNER**: Owner of the associated Source + + **MANAGER**: Manager of the Identity for whom the request is being made + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: e3eab852-8315-467f-9de7-70eda97f63c8 + requestCommentRequired: + type: boolean + description: If the requester must provide a comment during access request. + default: false + example: true + denialCommentRequired: + type: boolean + description: If the reviewer must provide a comment when denying the access request. + default: false + example: false + example: + accessRequestConfig: + requestCommentRequired: true + denialCommentRequired: true + approvalSchemes: + - approverType: ENTITLEMENT_OWNER + approverId: null + - approverType: SOURCE_OWNER + approverId: null + - approverType: MANAGER + approverId: null + - approverType: GOVERNANCE_GROUP + approverId: 46c79819-a69f-49a2-becb-12c971ae66c6 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/entitlements/reset/sources/{id}': + post: + operationId: resetSourceEntitlements + tags: + - Entitlements + summary: Reset Source Entitlements + description: Removes all entitlements on a specific source. + parameters: + - name: id + in: path + description: ID of source for the entitlement reset + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '202': + description: Entitlement source reset task result + content: + application/json: + schema: + type: object + properties: + type: + type: string + description: The DTO type + example: TASK_RESULT + id: + type: string + description: The task ID of the object to which this reference applies + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: Entitlement Source Reset + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:entitlement:update' + '/entitlements/{id}/access-model-metadata/{attributeKey}/values/{attributeValue}': + post: + summary: Add metadata to an entitlement. + description: Add single Access Model Metadata to an entitlement. + tags: + - Entitlements + operationId: createAccessModelMetadataForEntitlement + security: + - UserContextAuth: + - 'idn:entitlement:update' + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The entitlement id. + example: 2c91808c74ff913f0175097daa9d59cd + - name: attributeKey + in: path + required: true + schema: + type: string + description: Technical name of the Attribute. + example: iscPrivacy + - name: attributeValue + in: path + required: true + schema: + type: string + description: Technical name of the Attribute Value. + example: public + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The entitlement id + example: 2c91808874ff91550175097daaec161c + name: + type: string + description: The entitlement name + example: LauncherTest2 + created: + type: string + description: Time when the entitlement was created + format: date-time + example: '2020-10-08T18:33:52.029Z' + modified: + type: string + description: Time when the entitlement was last modified + format: date-time + example: '2020-10-08T18:33:52.029Z' + attribute: + type: string + description: The entitlement attribute name + example: memberOf + nullable: true + value: + type: string + description: The value of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + sourceSchemaObjectType: + type: string + description: The object type of the entitlement from the source schema + example: group + privileged: + type: boolean + default: false + description: True if the entitlement is privileged + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: true + description: + type: string + nullable: true + description: The description of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + requestable: + type: boolean + default: false + description: True if the entitlement is requestable + example: true + attributes: + type: object + description: A map of free-form key-value pairs from the source system + example: + fieldName: fieldValue + additionalProperties: true + source: + type: object + properties: + id: + type: string + description: The source ID + example: 2c9180827ca885d7017ca8ce28a000eb + type: + type: string + description: 'The source type, will always be "SOURCE"' + example: SOURCE + name: + type: string + description: The source name + example: ODS-AD-Source + nullable: true + owner: + allOf: + - type: object + description: Simplified DTO for the owner object of the entitlement + properties: + id: + type: string + description: The owner id for the entitlement + example: 2a2fdacca5e345f18bf7970cfbb8fec2 + name: + type: string + description: The owner name for the entitlement + example: identity 1 + type: + type: string + enum: + - IDENTITY + description: The type of the owner. Initially only type IDENTITY is supported + example: IDENTITY + - nullable: true + directPermissions: + type: array + items: + type: object + description: 'Simplified DTO for the Permission objects stored in SailPoint''s database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.' + properties: + rights: + type: array + description: All the rights (e.g. actions) that this permission allows on the target + readOnly: true + items: + type: string + example: SELECT + target: + type: string + description: The target the permission would grants rights on. + readOnly: true + example: SYS.GV_$TRANSACTION + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Entitlement is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + manuallyUpdatedFields: + allOf: + - type: object + properties: + DISPLAY_NAME: + type: boolean + default: false + description: |- + True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property. + example: true + DESCRIPTION: + type: boolean + default: false + description: |- + True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property. + example: true + - nullable: true + description: 'Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.' + example: + DISPLAY_NAME: true + DESCRIPTION: true + accessModelMetadata: + allOf: + - type: object + properties: + attributes: + type: array + nullable: true + items: + type: object + properties: + key: + type: string + description: Technical name of the Attribute. This is unique and cannot be changed after creation. + example: iscPrivacy + name: + type: string + description: The display name of the key. + example: Privacy + multiselect: + type: boolean + default: false + description: Indicates whether the attribute can have multiple values. + example: false + status: + type: string + description: The status of the Attribute. + example: active + type: + type: string + description: The type of the Attribute. This can be either "custom" or "governance". + example: governance + objectTypes: + type: array + items: + type: string + nullable: true + description: An array of object types this attributes values can be applied to. Possible values are "all" or "entitlement". Value "all" means this attribute can be used with all object types that are supported. + example: + - entitlement + description: + type: string + description: The description of the Attribute. + example: Specifies the level of privacy associated with an access item. + values: + type: array + nullable: true + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + example: + - key: iscPrivacy + name: Privacy + multiselect: false + status: active + type: governance + objectTypes: + - all + description: Specifies the level of privacy associated with an access item. + values: + - value: public + name: Public + status: active + - nullable: true + description: Access Model Metadata (beta). + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + summary: Remove metadata from an entitlement. + description: Remove single Access Model Metadata from an entitlement. + tags: + - Entitlements + operationId: deleteAccessModelMetadataFromEntitlement + security: + - UserContextAuth: + - 'idn:entitlement:delete' + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The entitlement id. + example: 2c91808c74ff913f0175097daa9d59cd + - name: attributeKey + in: path + required: true + schema: + type: string + description: Technical name of the Attribute. + example: iscPrivacy + - name: attributeValue + in: path + required: true + schema: + type: string + description: Technical name of the Attribute Value. + example: public + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: OK + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/entitlements/aggregate/sources/{id}': + post: + tags: + - Entitlements + summary: Aggregate Entitlements + deprecated: true + operationId: importEntitlementsBySource + description: |- + Starts an entitlement aggregation on the specified source. Though this endpoint has been deprecated, you can find its Beta equivalent [here](https://developer.sailpoint.com/docs/api/beta/import-entitlements). + + If the target source is a direct connection, then the request body must be empty. You will also need to make sure the Content-Type header is not set. If you set the Content-Type header without specifying a body, then you will receive a 500 error. + + If the target source is a delimited file source, then the CSV file needs to be included in the request body. You will also need to set the Content-Type header to `multipart/form-data`. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Source Id + example: ef38f94347e94562b5bb8424a56397d8 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + content: + multipart/form-data: + schema: + type: object + properties: + csvFile: + type: string + format: binary + description: The CSV file containing the source entitlements to aggregate. + responses: + '202': + description: Aggregate Entitlements Task + content: + application/json: + schema: + type: object + properties: + id: + description: System-generated unique ID of the task this taskStatus represents + type: string + example: ef38f94347e94562b5bb8424a56397d8 + type: + description: Type of task this task represents + type: string + example: QUARTZ + uniqueName: + description: The name of the task + type: string + example: Cloud Group Aggregation + description: + description: The description of the task + type: string + example: Aggregate from the specified application + launcher: + description: The user who initiated the task + type: string + example: John Doe + created: + description: The creation date of the task + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + returns: + description: Return values from the task + type: array + items: + type: object + properties: + displayLabel: + description: The display label for the return value + type: string + example: TASK_OUT_ACCOUNT_GROUP_AGGREGATION_APPLICATIONS + attributeName: + description: The attribute name for the return value + type: string + example: applications + example: + - displayLabel: TASK_OUT_ACCOUNT_GROUP_AGGREGATION_APPLICATIONS + attributeName: applications + - displayLabel: TASK_OUT_ACCOUNT_GROUP_AGGREGATION_TOTAL + attributeName: total + - displayLabel: TASK_OUT_ACCOUNT_GROUP_AGGREGATION_CREATED + attributeName: groupsCreated + - displayLabel: TASK_OUT_ACCOUNT_GROUP_AGGREGATION_UPDATED + attributeName: groupsUpdated + - displayLabel: TASK_OUT_ACCOUNT_GROUP_AGGREGATION_DELETED + attributeName: groupsDeleted + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:entitlements:manage' + /generate-password-reset-token/digit: + post: + operationId: generateDigitToken + tags: + - Password Management + summary: Generate a digit token + description: 'This API is used to generate a digit token for password management. Requires authorization scope of "idn:password-digit-token:create".' + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - userId + properties: + userId: + type: string + description: The uid of the user requested for digit token + example: Abby.Smith + length: + type: integer + description: 'The length of digit token. It should be from 6 to 18, inclusive. The default value is 6.' + example: 8 + durationMinutes: + type: integer + description: The time to live for the digit token in minutes. The default value is 5 minutes. + example: 5 + example: + userId: Abby.Smith + length: 8 + durationMinutes: 5 + responses: + '200': + description: The digit token for password management. + content: + application/json: + schema: + type: object + properties: + digitToken: + type: string + description: The digit token for password management + example: 09087713 + requestId: + type: string + description: The reference ID of the digit token generation request + example: e1267ecd-fcd9-4c73-9c55-12555efad136 + example: + digitToken: 09087713 + requestId: e1267ecd-fcd9-4c73-9c55-12555efad136 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /historical-identities: + get: + operationId: listHistoricalIdentities + summary: Lists all the identities + description: 'This gets the list of identities for the customer. This list end point does not support count=true request param. The total count of identities would never be returned even if the count param is specified in the request Requires authorization scope of ''idn:identity-history:read''' + security: + - UserContextAuth: + - 'idn:identity-history:read' + tags: + - Identity History + parameters: + - in: query + name: starts-with-query + schema: + type: string + description: 'This param is used for starts-with search for first, last and display name of the identity' + example: Ada + - in: query + name: is-deleted + schema: + type: boolean + description: Indicates if we want to only list down deleted identities or not. + example: true + - in: query + name: is-active + schema: + type: boolean + description: Indicates if we want to only list active or inactive identities. + example: true + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of identities for the customer. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: the identity ID + example: bc693f07e7b645539626c25954c58554 + displayName: + type: string + description: the display name of the identity + example: Adam Zampa + firstName: + type: string + nullable: true + description: the first name of the identity + example: Adam + lastName: + type: string + nullable: true + description: the last name of the identity + example: Zampa + active: + type: boolean + default: true + description: indicates if an identity is active or not + example: true + deletedDate: + type: string + nullable: true + description: the date when the identity was deleted + example: '2007-03-01T13:00:00.000Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/historical-identities/{id}': + get: + operationId: getHistoricalIdentity + tags: + - Identity History + summary: Get latest snapshot of identity + description: 'This method retrieves a specified identity Requires authorization scope of ''idn:identity-history:read''' + security: + - UserContextAuth: + - 'idn:identity-history:read' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The identity object. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: the identity ID + example: bc693f07e7b645539626c25954c58554 + displayName: + type: string + description: the display name of the identity + example: Adam Zampa + snapshot: + type: string + description: the date when the identity record was created + example: '2007-03-01T13:00:00.000Z' + deletedDate: + type: string + description: the date when the identity was deleted + example: '2007-03-01T13:00:00.000Z' + accessItemCount: + type: object + description: A map containing the count of each access item + example: + app: 0 + role: 2 + entitlement: 4 + accessProfile: 3 + account: 1 + additionalProperties: + type: integer + format: int32 + attributes: + type: object + description: A map containing the identity attributes + additionalProperties: true + example: + jobTitle: HR Manager + location: NYC + firstname: Adam + lastname: Zampa + department: HR + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/historical-identities/{id}/access-items': + get: + operationId: listIdentityAccessItems + tags: + - Identity History + summary: Gets a list of access items for the identity filtered by item type + description: 'This method retrieves a list of access item for the identity filtered by the access item type Requires authorization scope of ''idn:identity-history:read'' ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: query + name: type + schema: + type: string + description: 'The type of access item for the identity. If not provided, it defaults to account' + example: account + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The list of access items. + content: + application/json: + schema: + type: array + items: + oneOf: + - type: object + properties: + accessType: + type: string + example: accessProfile + description: the access item type. accessProfile in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + name: + type: string + example: sample + description: the access profile name + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + description: + type: string + example: AccessProfile - Workday/Citizenship access + description: the description for the access profile + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + entitlementCount: + type: string + example: 12 + description: the number of entitlements the access profile will create + appDisplayName: + type: string + example: AppName + description: the name of + removeDate: + type: string + example: 2024-07-01T06:00:00.000Z + description: the date the access profile is no longer assigned to the specified identity + standalone: + type: boolean + example: false + description: indicates whether the access profile is standalone + revocable: + type: boolean + example: true + description: indicates whether the access profile is + required: + - standalone + - revocable + - type: object + properties: + accessType: + type: string + example: account + description: the access item type. account in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + nativeIdentity: + type: string + example: dr.arden.ogahn.d + description: the native identifier used to uniquely identify an acccount + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + entitlementCount: + type: string + example: 12 + description: the number of entitlements the account will create + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + - type: object + properties: + accessType: + type: string + example: app + description: the access item type. entitlement in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + displayName: + type: string + example: Display Name + description: the access item display name + sourceName: + type: string + example: appName + description: the associated source name if it exists + appRoleId: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the app role id + - type: object + properties: + accessType: + type: string + example: entitlement + description: the access item type. entitlement in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + attribute: + type: string + example: groups + description: the entitlement attribute + value: + type: string + example: Upward mobility access + description: the associated value + entitlementType: + type: string + example: entitlement + description: the type of entitlement + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + description: + type: string + example: Entitlement - Workday/Citizenship access + description: the description for the entitlment + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + standalone: + type: boolean + example: true + description: indicates whether the entitlement is standalone + privileged: + type: boolean + example: false + description: indicates whether the entitlement is privileged + cloudGoverned: + type: boolean + example: true + description: indicates whether the entitlement is cloud governed + required: + - standalone + - privileged + - cloudGoverned + - type: object + properties: + accessType: + type: string + example: role + description: the access item type. role in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + displayName: + type: string + example: sample + description: the role display name + description: + type: string + example: Role - Workday/Citizenship access + description: the description for the role + sourceName: + type: string + example: Source Name + description: the associated source name if it exists + removeDate: + type: string + example: 2024-07-01T06:00:00.000Z + description: the date the role is no longer assigned to the specified identity + revocable: + type: boolean + example: true + description: indicates whether the role is revocable + required: + - revocable + examples: + Access Profile: + description: An access profile response + value: + - accessType: accessProfile + id: 2c918087763e69d901763e72e97f006f + name: sample + sourceName: DataScienceDataset + sourceId: 2793o32dwd + description: AccessProfile - Workday/Citizenship access + displayName: Dr. Arden Rogahn MD + entitlementCount: 12 + appDisplayName: AppName + Account: + description: An account response + value: + - accessType: account + id: 2c918087763e69d901763e72e97f006f + nativeIdentity: dr.arden.ogahn.d + sourceName: DataScienceDataset + sourceId: 2793o32dwd + entitlementCount: 12 + displayName: Dr. Arden Rogahn MD + App: + description: An app response + value: + - accessType: app + id: 2c918087763e69d901763e72e97f006f + name: appName + Entitlement: + description: An entitlement event + value: + - accessType: entitlement + id: 2c918087763e69d901763e72e97f006f + attribute: groups + value: Upward mobility access + type: group + sourceName: DataScienceDataset + sourceId: 2793o32dwd + description: Entitlement - Workday/Citizenship access + displayName: Dr. Arden Rogahn MD + Role: + description: A role response + value: + - accessType: role + id: 2c918087763e69d901763e72e97f006f + name: sample + description: Role - Workday/Citizenship access + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/historical-identities/{id}/snapshots': + get: + operationId: listIdentitySnapshots + tags: + - Identity History + summary: Lists all the snapshots for the identity + description: 'This method retrieves all the snapshots for the identity Requires authorization scope of ''idn:identity-history:read'' ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: query + name: start + schema: + type: string + description: The specified start date + example: '2007-03-01T13:00:00Z' + - in: query + name: interval + schema: + type: string + enum: + - day + - month + description: The interval indicating the range in day or month for the specified interval-name + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A list of identity summary for each snapshot. + content: + application/json: + schema: + type: array + items: + type: object + properties: + snapshot: + type: string + description: the date when the identity record was created + example: '2007-03-01T13:00:00.000Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/historical-identities/{id}/snapshot-summary': + get: + operationId: getIdentitySnapshotSummary + tags: + - Identity History + summary: Gets the summary for the event count for a specific identity + description: 'This method gets the summary for the event count for a specific identity by month/day Requires authorization scope of ''idn:identity-history:read'' ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: query + name: before + schema: + type: string + description: The date before which snapshot summary is required + example: '2007-03-01T13:00:00Z' + - in: query + name: interval + schema: + type: string + enum: + - day + - month + description: The interval indicating day or month. Defaults to month if not specified + - in: query + name: time-zone + schema: + type: string + description: The time zone. Defaults to UTC if not provided + example: UTC + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A summary list of identity changes in date histogram format. + content: + application/json: + schema: + type: array + items: + type: object + properties: + name: + type: string + description: the name of metric + value: + type: number + description: the value associated to the metric + example: + name: '2021-04-01T00:00:00.000Z' + value: 2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/historical-identities/{id}/snapshots/{date}': + get: + operationId: getIdentitySnapshot + tags: + - Identity History + summary: Gets an identity snapshot at a given date + description: 'This method retrieves a specified identity snapshot at a given date Requires authorization scope of ''idn:identity-history:read'' ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: path + name: date + schema: + type: string + description: The specified date + example: '2007-03-01T13:00:00Z' + required: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The identity object. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: the identity ID + example: bc693f07e7b645539626c25954c58554 + displayName: + type: string + description: the display name of the identity + example: Adam Zampa + snapshot: + type: string + description: the date when the identity record was created + example: '2007-03-01T13:00:00.000Z' + deletedDate: + type: string + description: the date when the identity was deleted + example: '2007-03-01T13:00:00.000Z' + accessItemCount: + type: object + description: A map containing the count of each access item + example: + app: 0 + role: 2 + entitlement: 4 + accessProfile: 3 + account: 1 + additionalProperties: + type: integer + format: int32 + attributes: + type: object + description: A map containing the identity attributes + additionalProperties: true + example: + jobTitle: HR Manager + location: NYC + firstname: Adam + lastname: Zampa + department: HR + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/historical-identities/{id}/snapshots/{date}/access-items': + get: + operationId: listIdentitySnapshotAccessItems + tags: + - Identity History + summary: Gets the list of identity access items at a given date filterd by item type + description: 'This method retrieves the list of identity access items at a given date filterd by item type Requires authorization scope of ''idn:identity-history:read'' ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: path + name: date + schema: + type: string + required: true + description: The specified date + example: '2007-03-01T13:00:00Z' + - in: query + name: type + schema: + type: string + description: The access item type + example: account + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The identity object. + content: + application/json: + schema: + type: array + items: + oneOf: + - type: object + properties: + accessType: + type: string + example: accessProfile + description: the access item type. accessProfile in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + name: + type: string + example: sample + description: the access profile name + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + description: + type: string + example: AccessProfile - Workday/Citizenship access + description: the description for the access profile + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + entitlementCount: + type: string + example: 12 + description: the number of entitlements the access profile will create + appDisplayName: + type: string + example: AppName + description: the name of + removeDate: + type: string + example: 2024-07-01T06:00:00.000Z + description: the date the access profile is no longer assigned to the specified identity + standalone: + type: boolean + example: false + description: indicates whether the access profile is standalone + revocable: + type: boolean + example: true + description: indicates whether the access profile is + required: + - standalone + - revocable + - type: object + properties: + accessType: + type: string + example: account + description: the access item type. account in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + nativeIdentity: + type: string + example: dr.arden.ogahn.d + description: the native identifier used to uniquely identify an acccount + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + entitlementCount: + type: string + example: 12 + description: the number of entitlements the account will create + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + - type: object + properties: + accessType: + type: string + example: app + description: the access item type. entitlement in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + displayName: + type: string + example: Display Name + description: the access item display name + sourceName: + type: string + example: appName + description: the associated source name if it exists + appRoleId: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the app role id + - type: object + properties: + accessType: + type: string + example: entitlement + description: the access item type. entitlement in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + attribute: + type: string + example: groups + description: the entitlement attribute + value: + type: string + example: Upward mobility access + description: the associated value + entitlementType: + type: string + example: entitlement + description: the type of entitlement + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + description: + type: string + example: Entitlement - Workday/Citizenship access + description: the description for the entitlment + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + standalone: + type: boolean + example: true + description: indicates whether the entitlement is standalone + privileged: + type: boolean + example: false + description: indicates whether the entitlement is privileged + cloudGoverned: + type: boolean + example: true + description: indicates whether the entitlement is cloud governed + required: + - standalone + - privileged + - cloudGoverned + - type: object + properties: + accessType: + type: string + example: role + description: the access item type. role in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + displayName: + type: string + example: sample + description: the role display name + description: + type: string + example: Role - Workday/Citizenship access + description: the description for the role + sourceName: + type: string + example: Source Name + description: the associated source name if it exists + removeDate: + type: string + example: 2024-07-01T06:00:00.000Z + description: the date the role is no longer assigned to the specified identity + revocable: + type: boolean + example: true + description: indicates whether the role is revocable + required: + - revocable + examples: + Access Item AccessProfile Response: + description: An access profile response + value: + - type: accessProfile + id: 2c918087763e69d901763e72e97f006f + name: sample + sourceName: DataScienceDataset + sourceId: 2793o32dwd + description: AccessProfile - Workday/Citizenship access + displayName: Dr. Arden Rogahn MD + entitlementCount: 12 + appDisplayName: AppName + Access Item Account Response: + description: An account response + value: + - type: account + id: 2c918087763e69d901763e72e97f006f + nativeIdentity: dr.arden.ogahn.d + sourceName: DataScienceDataset + sourceId: 2793o32dwd + entitlementCount: 12 + displayName: Dr. Arden Rogahn MD + Access Item App Response: + description: An app response + value: + - type: app + id: 2c918087763e69d901763e72e97f006f + name: appName + Access Item Entitlement Response: + description: An entitlement event + value: + - type: entitlement + id: 2c918087763e69d901763e72e97f006f + attribute: groups + value: Upward mobility access + entitlementType: entitlement + sourceName: DataScienceDataset + sourceId: 2793o32dwd + description: Entitlement - Workday/Citizenship access + displayName: Dr. Arden Rogahn MD + Access Item Role Response: + description: A role response + value: + - type: role + id: 2c918087763e69d901763e72e97f006f + name: sample + description: Role - Workday/Citizenship access + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /common-access: + get: + operationId: getCommonAccess + summary: Get a paginated list of common access + tags: + - IAI Common Access + description: 'This endpoint returns the current common access for a customer. The returned items can be filtered and sorted. Requires authorization scope of iai:access-modeling:read' + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **status**: *eq, sw* + + **reviewedByUser** *eq* + + **access.id**: *eq, sw* + + **access.type**: *eq* + + **access.name**: *sw, eq* + + **access.description**: *sw, eq* + example: access.type eq "ROLE" + required: false + style: form + explode: true + schema: + type: string + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **access.name, status** + + By default the common access items are sorted by name, ascending. + example: access.name + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of common access for a customer. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Unique ID of the common access item + example: 555ab47a-0d32-4813-906f-adf3567de6a4 + access: + description: common access item + type: object + properties: + id: + type: string + description: Common access ID + type: + description: Common access type (ROLE or ACCESS_PROFILE) + type: string + enum: + - ACCESS_PROFILE + - ROLE + name: + type: string + description: Common access name + description: + type: string + description: Common access description + nullable: true + ownerName: + type: string + description: Common access owner name + ownerId: + type: string + description: Common access owner ID + status: + type: string + description: CONFIRMED or DENIED + commonAccessType: + type: string + example: UNSET + lastUpdated: + type: string + readOnly: true + format: date-time + reviewedByUser: + type: boolean + description: true if user has confirmed or denied status + lastReviewed: + type: string + readOnly: true + format: date-time + nullable: true + createdByUser: + type: boolean + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createCommonAccess + summary: Create common access items + tags: + - IAI Common Access + description: 'This API is used to add roles/access profiles to the list of common access for a customer. Requires authorization scope of iai:access-modeling:create' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + access: + type: object + properties: + id: + type: string + description: Common access ID + type: + description: Common access type (ROLE or ACCESS_PROFILE) + type: string + enum: + - ACCESS_PROFILE + - ROLE + name: + type: string + description: Common access name + description: + type: string + description: Common access description + nullable: true + ownerName: + type: string + description: Common access owner name + ownerId: + type: string + description: Common access owner ID + status: + type: string + enum: + - CONFIRMED + - DENIED + description: State of common access item. + responses: + '202': + description: Returns details of the common access classification request. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Common Access Item ID + access: + type: object + properties: + id: + type: string + description: Common access ID + type: + description: Common access type (ROLE or ACCESS_PROFILE) + type: string + enum: + - ACCESS_PROFILE + - ROLE + name: + type: string + description: Common access name + description: + type: string + description: Common access description + nullable: true + ownerName: + type: string + description: Common access owner name + ownerId: + type: string + description: Common access owner ID + status: + type: string + enum: + - CONFIRMED + - DENIED + description: State of common access item. + lastUpdated: + type: string + reviewedByUser: + type: boolean + lastReviewed: + type: string + createdByUser: + type: string + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /common-access/update-status: + post: + operationId: updateCommonAccessStatusInBulk + summary: Bulk update common access status + tags: + - IAI Common Access + description: 'This submits an update request to the common access application. At this time there are no parameters. Requires authorization scope of iai:access-modeling:update' + requestBody: + description: Confirm or deny in bulk the common access ids that are (or aren't) common access + required: true + content: + application/json: + schema: + type: array + items: + type: object + properties: + confirmedIds: + description: List of confirmed common access ids. + type: array + items: + type: string + format: uuid + deniedIds: + description: List of denied common access ids. + type: array + items: + type: string + format: uuid + responses: + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/historical-identities/{id}/events': + get: + operationId: getHistoricalIdentityEvents + tags: + - Identity History + summary: Lists all events for the given identity + description: 'This method retrieves all access events for the identity Requires authorization scope of ''idn:identity-history:read'' ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: query + name: from + schema: + type: string + description: The optional instant until which access events are returned + example: '2024-03-01T13:00:00Z' + - in: query + name: eventTypes + schema: + type: array + items: + type: string + description: 'An optional list of event types to return. If null or empty, all events are returned' + example: + - AccessAddedEvent + - AccessRemovedEvent + - in: query + name: accessItemTypes + schema: + type: array + items: + type: string + description: 'An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned' + example: + - entitlement + - account + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The list of events for the identity + content: + application/json: + schema: + type: array + items: + anyOf: + - type: object + properties: + accessItem: + type: object + oneOf: + - type: object + properties: + accessType: + type: string + example: accessProfile + description: the access item type. accessProfile in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + name: + type: string + example: sample + description: the access profile name + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + description: + type: string + example: AccessProfile - Workday/Citizenship access + description: the description for the access profile + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + entitlementCount: + type: string + example: 12 + description: the number of entitlements the access profile will create + appDisplayName: + type: string + example: AppName + description: the name of + removeDate: + type: string + example: 2024-07-01T06:00:00.000Z + description: the date the access profile is no longer assigned to the specified identity + standalone: + type: boolean + example: false + description: indicates whether the access profile is standalone + revocable: + type: boolean + example: true + description: indicates whether the access profile is + required: + - standalone + - revocable + - type: object + properties: + accessType: + type: string + example: account + description: the access item type. account in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + nativeIdentity: + type: string + example: dr.arden.ogahn.d + description: the native identifier used to uniquely identify an acccount + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + entitlementCount: + type: string + example: 12 + description: the number of entitlements the account will create + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + - type: object + properties: + accessType: + type: string + example: app + description: the access item type. entitlement in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + displayName: + type: string + example: Display Name + description: the access item display name + sourceName: + type: string + example: appName + description: the associated source name if it exists + appRoleId: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the app role id + - type: object + properties: + accessType: + type: string + example: entitlement + description: the access item type. entitlement in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + attribute: + type: string + example: groups + description: the entitlement attribute + value: + type: string + example: Upward mobility access + description: the associated value + entitlementType: + type: string + example: entitlement + description: the type of entitlement + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + description: + type: string + example: Entitlement - Workday/Citizenship access + description: the description for the entitlment + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + standalone: + type: boolean + example: true + description: indicates whether the entitlement is standalone + privileged: + type: boolean + example: false + description: indicates whether the entitlement is privileged + cloudGoverned: + type: boolean + example: true + description: indicates whether the entitlement is cloud governed + required: + - standalone + - privileged + - cloudGoverned + - type: object + properties: + accessType: + type: string + example: role + description: the access item type. role in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + displayName: + type: string + example: sample + description: the role display name + description: + type: string + example: Role - Workday/Citizenship access + description: the description for the role + sourceName: + type: string + example: Source Name + description: the associated source name if it exists + removeDate: + type: string + example: 2024-07-01T06:00:00.000Z + description: the date the role is no longer assigned to the specified identity + revocable: + type: boolean + example: true + description: indicates whether the role is revocable + required: + - revocable + example: + id: 8c190e6787aa4ed9a90bd9d5344523fb + accessType: account + nativeIdentity: 127999 + sourceName: JDBC Entitlements Source + entitlementCount: 0 + displayName: Sample Name + identityId: + type: string + description: the identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + eventType: + type: string + description: the event type + example: AccessItemAssociated + dt: + type: string + description: the date of event + example: '2019-03-08T22:37:33.901Z' + governanceEvent: + example: + name: Manager Certification for Jon Snow + dt: '2019-03-08T22:37:33.901Z' + type: certification + governanceId: 2c91808a77ff216301782327a50f09bf + owners: + - id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + reviewers: + - id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + decisionMaker: + id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + type: object + properties: + name: + type: string + description: 'The name of the governance event, such as the certification name or access request ID.' + example: Manager Certification for Jon Snow + dt: + type: string + description: The date that the certification or access request was completed. + example: '2019-03-08T22:37:33.901Z' + type: + type: string + enum: + - certification + - accessRequest + description: The type of governance event. + example: certification + governanceId: + type: string + description: The ID of the instance that caused the event - either the certification ID or access request ID. + example: 2c91808a77ff216301782327a50f09bf + owners: + type: array + description: The owners of the governance event (the certifiers or approvers) + items: + type: object + properties: + id: + type: string + description: the id of the certifier + example: 8a80828f643d484f01643e14202e206f + displayName: + type: string + description: the name of the certifier + example: John Snow + example: + - id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + reviewers: + type: array + description: 'The owners of the governance event (the certifiers or approvers), this field should be preferred over owners' + items: + type: object + properties: + id: + type: string + description: the id of the certifier + example: 8a80828f643d484f01643e14202e206f + displayName: + type: string + description: the name of the certifier + example: John Snow + example: + - id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + decisionMaker: + description: The decision maker + example: + id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + type: object + properties: + id: + type: string + description: the id of the certifier + example: 8a80828f643d484f01643e14202e206f + displayName: + type: string + description: the name of the certifier + example: John Snow + - type: object + properties: + accessItem: + type: object + oneOf: + - type: object + properties: + accessType: + type: string + example: accessProfile + description: the access item type. accessProfile in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + name: + type: string + example: sample + description: the access profile name + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + description: + type: string + example: AccessProfile - Workday/Citizenship access + description: the description for the access profile + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + entitlementCount: + type: string + example: 12 + description: the number of entitlements the access profile will create + appDisplayName: + type: string + example: AppName + description: the name of + removeDate: + type: string + example: 2024-07-01T06:00:00.000Z + description: the date the access profile is no longer assigned to the specified identity + standalone: + type: boolean + example: false + description: indicates whether the access profile is standalone + revocable: + type: boolean + example: true + description: indicates whether the access profile is + required: + - standalone + - revocable + - type: object + properties: + accessType: + type: string + example: account + description: the access item type. account in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + nativeIdentity: + type: string + example: dr.arden.ogahn.d + description: the native identifier used to uniquely identify an acccount + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + entitlementCount: + type: string + example: 12 + description: the number of entitlements the account will create + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + - type: object + properties: + accessType: + type: string + example: app + description: the access item type. entitlement in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + displayName: + type: string + example: Display Name + description: the access item display name + sourceName: + type: string + example: appName + description: the associated source name if it exists + appRoleId: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the app role id + - type: object + properties: + accessType: + type: string + example: entitlement + description: the access item type. entitlement in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + attribute: + type: string + example: groups + description: the entitlement attribute + value: + type: string + example: Upward mobility access + description: the associated value + entitlementType: + type: string + example: entitlement + description: the type of entitlement + sourceName: + type: string + example: DataScienceDataset + description: the name of the source + sourceId: + type: string + example: 2793o32dwd + description: the id of the source + description: + type: string + example: Entitlement - Workday/Citizenship access + description: the description for the entitlment + displayName: + type: string + example: Dr. Arden Rogahn MD + description: the display name of the identity + standalone: + type: boolean + example: true + description: indicates whether the entitlement is standalone + privileged: + type: boolean + example: false + description: indicates whether the entitlement is privileged + cloudGoverned: + type: boolean + example: true + description: indicates whether the entitlement is cloud governed + required: + - standalone + - privileged + - cloudGoverned + - type: object + properties: + accessType: + type: string + example: role + description: the access item type. role in this case + id: + type: string + example: 2c918087763e69d901763e72e97f006f + description: the access item id + displayName: + type: string + example: sample + description: the role display name + description: + type: string + example: Role - Workday/Citizenship access + description: the description for the role + sourceName: + type: string + example: Source Name + description: the associated source name if it exists + removeDate: + type: string + example: 2024-07-01T06:00:00.000Z + description: the date the role is no longer assigned to the specified identity + revocable: + type: boolean + example: true + description: indicates whether the role is revocable + required: + - revocable + example: + id: 8c190e6787aa4ed9a90bd9d5344523fb + accessType: account + nativeIdentity: 127999 + sourceName: JDBC Entitlements Source + entitlementCount: 0 + displayName: Sample Name + identityId: + type: string + description: the identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + eventType: + type: string + description: the event type + example: AccessItemRemoved + dt: + type: string + description: the date of event + example: '2019-03-08T22:37:33.901Z' + governanceEvent: + example: + name: Manager Certification for Jon Snow + dt: '2019-03-08T22:37:33.901Z' + type: certification + governanceId: 2c91808a77ff216301782327a50f09bf + owners: + - id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + reviewers: + - id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + decisionMaker: + id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + type: object + properties: + name: + type: string + description: 'The name of the governance event, such as the certification name or access request ID.' + example: Manager Certification for Jon Snow + dt: + type: string + description: The date that the certification or access request was completed. + example: '2019-03-08T22:37:33.901Z' + type: + type: string + enum: + - certification + - accessRequest + description: The type of governance event. + example: certification + governanceId: + type: string + description: The ID of the instance that caused the event - either the certification ID or access request ID. + example: 2c91808a77ff216301782327a50f09bf + owners: + type: array + description: The owners of the governance event (the certifiers or approvers) + items: + type: object + properties: + id: + type: string + description: the id of the certifier + example: 8a80828f643d484f01643e14202e206f + displayName: + type: string + description: the name of the certifier + example: John Snow + example: + - id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + reviewers: + type: array + description: 'The owners of the governance event (the certifiers or approvers), this field should be preferred over owners' + items: + type: object + properties: + id: + type: string + description: the id of the certifier + example: 8a80828f643d484f01643e14202e206f + displayName: + type: string + description: the name of the certifier + example: John Snow + example: + - id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + decisionMaker: + description: The decision maker + example: + id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + type: object + properties: + id: + type: string + description: the id of the certifier + example: 8a80828f643d484f01643e14202e206f + displayName: + type: string + description: the name of the certifier + example: John Snow + - type: object + properties: + changes: + type: array + items: + type: object + properties: + name: + type: string + description: the attribute name + previousValue: + type: string + description: the old value of attribute + newValue: + type: string + description: the new value of attribute + example: + name: firstname + previousValue: adam + newValue: zampa + eventType: + type: string + description: the event type + identityId: + type: string + description: the identity id + dt: + type: string + description: the date of event + example: + attributeChanges: + name: firstname + previousValue: adam + newValue: zampa + eventType: AttributesChanged + identityId: 8a80828f643d484f01643e14202e206f + dt: '2019-03-08T22:37:33.901Z' + - type: object + properties: + accessRequest: + description: the access request details + type: object + properties: + requesterId: + type: string + example: 2c91808a77ff216301782327a50f09bf + description: the requester Id + requesterName: + type: string + example: Bing C + description: the requesterName + items: + type: array + example: + - operation: Add + accessItemType: role + name: Role-1 + decision: APPROVED + description: The role descrition + sourceId: 8a80828f643d484f01643e14202e206f + sourceName: Source1 + approvalInfos: + - name: John Snow + id: 8a80828f643d484f01643e14202e2000 + status: Approved + items: + type: object + properties: + operation: + type: string + example: Add + description: the access request item operation + accessItemType: + type: string + example: role + description: the access item type + name: + type: string + example: Role-1 + description: the name of access request item + decision: + type: string + example: APPROVED + enum: + - APPROVED + - REJECTED + description: the final decision for the access request + description: + type: string + example: The role descrition + description: the description of access request item + sourceId: + type: string + example: 8a80828f643d484f01643e14202e206f + description: the source id + sourceName: + type: string + example: Source1 + description: the source Name + approvalInfos: + type: array + example: + - name: John Snow + id: 8a80828f643d484f01643e14202e2000 + status: Approved + items: + type: object + properties: + id: + type: string + example: 8a80828f643d484f01643e14202e2000 + description: the id of approver + name: + type: string + example: John Snow + description: the name of approver + status: + type: string + example: Approved + description: the status of the approval request + identityId: + type: string + example: 8a80828f643d484f01643e14202e206f + description: the identity id + eventType: + type: string + example: AccessRequested + description: the event type + dt: + type: string + example: '2019-03-08T22:37:33.901Z' + description: the date of event + - type: object + properties: + certificationId: + type: string + description: the id of the certification item + example: 2c91808a77ff216301782327a50f09bf + certificationName: + type: string + description: the certification item name + example: Cert name + signedDate: + type: string + description: the date ceritification was signed + example: '2019-03-08T22:37:33.901Z' + certifiers: + type: array + description: this field is deprecated and may go away + items: + type: object + properties: + id: + type: string + description: the id of the certifier + example: 8a80828f643d484f01643e14202e206f + displayName: + type: string + description: the name of the certifier + example: John Snow + example: + - id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + reviewers: + type: array + description: The list of identities who review this certification + items: + type: object + properties: + id: + type: string + description: the id of the certifier + example: 8a80828f643d484f01643e14202e206f + displayName: + type: string + description: the name of the certifier + example: John Snow + example: + - id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + signer: + description: Identity who signed off on the certification + example: + id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + type: object + properties: + id: + type: string + description: the id of the certifier + example: 8a80828f643d484f01643e14202e206f + displayName: + type: string + description: the name of the certifier + example: John Snow + eventType: + type: string + description: the event type + example: IdentityCertified + dt: + type: string + description: the date of event + example: '2019-03-08T22:37:33.901Z' + - type: object + properties: + eventType: + type: string + description: the event type + identityId: + type: string + description: the identity id + dt: + type: string + description: the date of event + account: + type: object + properties: + id: + type: string + description: the ID of the account in the database + nativeIdentity: + type: string + description: the native identifier of the account + displayName: + type: string + description: the display name of the account + sourceId: + type: string + description: the ID of the source for this account + sourceName: + type: string + description: the name of the source for this account + entitlementCount: + type: integer + description: the number of entitlements on this account + accessType: + type: string + description: this value is always "account" + statusChange: + type: object + properties: + previousStatus: + type: string + description: the previous status of the account + enum: + - enabled + - disabled + - locked + newStatus: + type: string + description: the new status of the account + enum: + - enabled + - disabled + - locked + example: + account: + id: 2c91808a77ff216301782327a50f09bf + nativeIdentity: 127999 + displayName: Sample Name + sourceId: 8a80828f643d484f01643e14202e206f + sourceName: JDBC Entitlements Source + entitlementCount: 0 + accessType: account + statusChange: + previousStatus: enabled + newStatus: disabled + eventType: AccountStatusChanged + identityId: 8a80828f643d484f01643e14202e206f + date: '2019-03-08T22:37:33.901Z' + examples: + AccessItemAssociated: + description: An Access item associated event + value: + - accessItem: + id: 8c190e6787aa4ed9a90bd9d5344523fb + accessType: account + nativeIdentity: 127999 + sourceName: JDBC Entitlements Source + entitlementCount: 0 + displayName: Sample Name + eventType: AccessItemAssociated + identityId: 8a80828f643d484f01643e14202e206f + dt: '2019-03-08T22:37:33.901Z' + governanceEvent: + name: Access Request 58 + dt: '2019-03-08T22:37:33.901Z' + type: accessRequest + governanceId: 2c91808a77ff216301782327a50f09e1 + owners: + - id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + reviewers: + - id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + decisionMaker: + id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + AccessItemRemoved: + description: An Access item removed event + value: + - accessItem: + id: 8c190e6787aa4ed9a90bd9d5344523fb + accessType: account + nativeIdentity: 127999 + sourceName: JDBC Entitlements Source + entitlementCount: 0 + displayName: Sample Name + eventType: AccessItemRemoved + identityId: 8a80828f643d484f01643e14202e206f + dt: '2019-03-08T22:37:33.901Z' + governanceEvent: + name: Manager Certification for Jon Snow + dt: '2019-03-08T22:37:33.901Z' + type: certification + governanceId: 2c91808a77ff216301782327a50f09bf + owners: + - id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + reviewers: + - id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + decisionMaker: + id: bc693f07e7b645539626c25954c58554 + displayName: Jon Snow + AttributesChanged: + description: An attribute changed event + value: + - attributeChanges: + - name: firstname + previousValue: adam + newValue: zampa + eventType: AttributesChanged + identityId: 8a80828f643d484f01643e14202e206f + dt: '2019-03-08T22:37:33.901Z' + AccessRequested: + description: An access requested event + value: + accessRequest: + requesterId: 2c91808a77ff216301782327a50f09bf + requestName: Bing C + items: + - operation: Add + accessItemType: role + name: Role-1 + decision: APPROVED + description: The role descrition + sourceId: 8a80828f643d484f01643e14202e206f + sourceName: Source1 + approvalInfos: + - name: John Snow + id: 8a80828f643d484f01643e14202e2000 + status: Approved + eventType: AccessRequested + identityId: 8a80828f643d484f01643e14202e206f + dt: '2019-03-08T22:37:33.901Z' + IdentityCertified: + description: An identity certified event + value: + - certification: + id: 2c91808a77ff216301782327a50f09bf + name: Cert name + signedDate: '2019-03-08T22:37:33.901Z' + certifiers: + - id: 8a80828f643d484f01643e14202e206f + displayName: John Snow + reviewers: + - id: 8a80828f643d484f01643e14202e206f + displayName: Daenerys Targaryen + signer: + id: 8a80828f643d484f01643e14202e206f + displayName: Tyrion Lannister + eventType: IdentityCertified + identityId: 8a80828f643d484f01643e14202e206f + dt: '2019-03-08T22:37:33.901Z' + AccountStatusChanged: + description: An account status changed event + value: + - account: + id: 2c91808a77ff216301782327a50f09bf + nativeIdentity: 127999 + displayName: Sample Name + sourceId: 8a80828f643d484f01643e14202e206f + sourceName: JDBC Entitlements Source + entitlementCount: 0 + accessType: account + statusChange: + previousStatus: ENABLED + newStatus: DISABLED + eventType: AccountStatusChanged + identityId: 8a80828f643d484f01643e14202e206f + dt: '2019-03-08T22:37:33.901Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/historical-identities/{id}/start-date': + get: + operationId: getIdentityStartDate + tags: + - Identity History + summary: Gets the start date of the identity + description: 'This method retrieves start date of the identity Requires authorization scope of ''idn:identity-history:read'' ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The start date of the identity + content: + application/json: + schema: + type: string + example: '2017-03-01T13:00:00.000Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/historical-identities/{id}/compare': + get: + operationId: compareIdentitySnapshots + tags: + - Identity History + summary: Gets a difference of count for each access item types for the given identity between 2 snapshots + description: 'This method gets a difference of count for each access item types for the given identity between 2 snapshots Requires authorization scope of ''idn:identity-history:read'' ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: query + name: snapshot1 + schema: + type: string + description: The snapshot 1 of identity + example: '2007-03-01T13:00:00Z' + - in: query + name: snapshot2 + schema: + type: string + description: The snapshot 2 of identity + example: '2008-03-01T13:00:00Z' + - in: query + name: accessItemTypes + schema: + type: array + items: + type: string + description: 'An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned ' + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A IdentityCompare object with difference details for each access item type + content: + application/json: + schema: + type: array + items: + type: object + properties: + accessItemDiff: + type: object + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on completion of the violation check. + additionalProperties: + type: object + example: + accessItemDiff: + role: + accessAdded: 2 + accessRemoved: 3 + entitlement: + accessAdded: 4 + accessRemoved: 0 + accessProfile: + accessAdded: 0 + accessRemoved: 1 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/historical-identities/{id}/compare/{access-type}': + get: + operationId: compareIdentitySnapshotsAccessType + tags: + - Identity History + summary: Gets a list of differences of specific accessType for the given identity between 2 snapshots + description: 'This method gets a list of differences of specific accessType for the given identity between 2 snapshots Requires authorization scope of ''idn:identity-history:read'' ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The identity id + example: 8c190e6787aa4ed9a90bd9d5344523fb + - in: path + name: accessType + schema: + type: string + required: true + description: The specific type which needs to be compared + example: role + - in: query + name: access-associated + schema: + type: boolean + description: 'Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed' + example: '2007-03-01T13:00:00Z' + - in: query + name: snapshot1 + schema: + type: string + description: The snapshot 1 of identity + example: '2008-03-01T13:00:00Z' + - in: query + name: snapshot2 + schema: + type: string + description: The snapshot 2 of identity + example: '2009-03-01T13:00:00Z' + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A list of events for the identity + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: the id of the access item + eventType: + type: string + enum: + - ADD + - REMOVE + displayName: + type: string + description: the display name of the access item + sourceName: + type: string + description: the source name of the access item + example: + id: 2c91808c7726345b017726a0a2fb013b + eventType: ADD + displayName: Test + sourceName: Source + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/identities/{identityId}/synchronize-attributes': + post: + operationId: synchronizeAttributesForIdentity + tags: + - Identities + summary: Attribute synchronization for single identity. + description: This end-point performs attribute synchronization for a selected identity. The endpoint can be called once in 10 seconds per identity. A token with ORG_ADMIN or API authority is required to call this API. + parameters: + - in: path + name: identityId + schema: + type: string + required: true + description: The Identity id + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '202': + description: An Identity Sync job + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Job ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + status: + type: string + description: The job status. + enum: + - QUEUED + - IN_PROGRESS + - SUCCESS + - ERROR + example: IN_PROGRESS + payload: + description: Job payload. + example: + type: SYNCHRONIZE_IDENTITY_ATTRIBUTES + dataJson: '{"identityId":"2c918083746f642c01746f990884012a"}' + type: object + properties: + type: + type: string + description: Payload type. + example: SYNCHRONIZE_IDENTITY_ATTRIBUTES + dataJson: + type: string + description: Payload type. + example: '{"identityId":"2c918083746f642c01746f990884012a"}' + required: + - type + - dataJson + required: + - id + - status + - payload + example: + id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3dfc + status: IN_PROGRESS + payload: + type: SYNCHRONIZE_IDENTITY_ATTRIBUTES + dataJson: '{"identityId":"2c918083746f642c01746f990884012a"}' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/identities/{identityId}/ownership': + get: + operationId: getIdentityOwnershipDetails + summary: Get ownership details + tags: + - Identities + description: |- + Use this API to return an identity's owned objects that will cause problems for deleting the identity. + Use this API as a checklist of objects that you need to reassign to a different identity before you can delete the identity. + For a full list of objects owned by an identity, use the [Search API](https://developer.sailpoint.com/docs/api/v3/search-post/). When you search for identities, the returned identities have a property, `owns`, that contains a more comprehensive list of identity's owned objects. + security: + - UserContextAuth: + - 'idn:identity:read' + parameters: + - in: path + name: identityId + schema: + type: string + required: true + description: Identity ID. + example: ff8081814d2a8036014d701f3fbf53fa + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Identity's ownership association details. + content: + application/json: + schema: + type: object + properties: + associationDetails: + type: array + description: list of all the resource associations for the identity + items: + type: object + properties: + associationType: + type: string + description: association type with the identity + example: ROLE_OWNER + entities: + type: array + description: the specific resource this identity has ownership on + items: + type: object + properties: + identityEntity: + type: object + properties: + id: + type: string + description: id of the resource to which the identity is associated + example: 031034e97f094a4096c1be53f75f6b91 + name: + type: string + description: name of the resource to which the identity is associated + example: Gaston.800ddf9640a + type: + type: string + description: type of the resource to which the identity is associated + example: CAMPAIGN_CAMPAIGNER + example: + id: b660a232f05b4e04812ca974b3011e0f + name: Gaston.800ddf9640a + type: ROLE + example: + associationDetails: + associationType: ROLE_OWNER + entities: + - id: b660a232f05b4e04812ca974b3011e0f + name: Gaston.800ddf9640a + type: ROLE + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /identities: + get: + operationId: listIdentities + tags: + - Identities + summary: List Identities + description: This API returns a list of identities. + security: + - UserContextAuth: + - 'idn:identity:read' + - 'idn:identity:manage' + parameters: + - in: query + name: filters + schema: + type: string + required: false + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, sw* + + **alias**: *eq, sw* + + **firstname**: *eq, sw* + + **lastname**: *eq, sw* + + **email**: *eq, sw* + + **cloudStatus**: *eq* + + **processingState**: *eq* + + **correlated**: *eq* + + **protected**: *eq* + example: id eq "6c9079b270a266a60170a2779fcb0006" or correlated eq false + - in: query + name: sorters + schema: + type: string + format: comma-separated + required: false + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, alias, cloudStatus** + example: 'name,-cloudStatus' + - in: query + name: defaultFilter + schema: + type: string + enum: + - CORRELATED_ONLY + - NONE + default: CORRELATED_ONLY + required: false + description: |- + Adds additional filter to filters query parameter. + + CORRELATED_ONLY adds correlated=true and returns only identities that are correlated. + + NONE does not add any and returns all identities that satisfy filters query parameter. + example: NONE + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of identities. + content: + application/json: + schema: + type: array + items: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + format: date-time + readOnly: true + example: '2023-01-03T21:16:22.432Z' + modified: + description: Last modification date of the Object + type: string + format: date-time + readOnly: true + example: '2023-01-03T21:16:22.432Z' + - type: object + title: IdentityDto + properties: + alias: + type: string + description: Alternate unique identifier for the identity + example: walter.white + emailAddress: + type: string + description: The email address of the identity + example: sender@example.com + nullable: true + processingState: + type: string + nullable: true + description: The processing state of the identity + enum: + - ERROR + - OK + - null + example: ERROR + identityStatus: + type: string + description: The identity's status in the system + enum: + - UNREGISTERED + - REGISTERED + - PENDING + - WARNING + - DISABLED + - ACTIVE + - DEACTIVATED + - TERMINATED + - ERROR + - LOCKED + example: LOCKED + managerRef: + type: object + description: Identity's manager. + nullable: true + properties: + type: + type: string + description: DTO type of identity's manager. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity's manager. + example: 2c4180a46faadee4016fb4e018c20626 + name: + type: string + description: Human-readable display name of identity's manager. + example: Robert Robinson + isManager: + type: boolean + description: Whether this identity is a manager of another identity + default: false + example: true + lastRefresh: + type: string + format: date-time + description: The last time the identity was refreshed by the system + example: '2020-11-22T15:42:31.123Z' + attributes: + type: object + description: A map with the identity attributes for the identity + example: '{"uid":"Walter White","firstname":"walter","cloudStatus":"UNREGISTERED","displayName":"Walter White","identificationNumber":"942","lastSyncDate":1470348809380,"email":"walter@gmail.com","lastname":"white"}' + lifecycleState: + allOf: + - type: object + properties: + stateName: + type: string + description: The name of the lifecycle state + example: active + manuallyUpdated: + type: boolean + description: Whether the lifecycle state has been manually or automatically set + example: true + required: + - stateName + - manuallyUpdated + - nullable: true + description: Lifecycle state details that include lifecycle state name and whether this lifecycle state has been set manually + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/identities/{id}': + get: + operationId: getIdentity + tags: + - Identities + summary: Identity Details + description: This API returns a single identity using the Identity ID. + security: + - UserContextAuth: + - 'idn:identity:read' + - 'idn:identity:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Identity Id + example: ef38f94347e94562b5bb8424a56397d8 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: An identity object + content: + application/json: + schema: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + format: date-time + readOnly: true + example: '2023-01-03T21:16:22.432Z' + modified: + description: Last modification date of the Object + type: string + format: date-time + readOnly: true + example: '2023-01-03T21:16:22.432Z' + - type: object + title: IdentityDto + properties: + alias: + type: string + description: Alternate unique identifier for the identity + example: walter.white + emailAddress: + type: string + description: The email address of the identity + example: sender@example.com + nullable: true + processingState: + type: string + nullable: true + description: The processing state of the identity + enum: + - ERROR + - OK + - null + example: ERROR + identityStatus: + type: string + description: The identity's status in the system + enum: + - UNREGISTERED + - REGISTERED + - PENDING + - WARNING + - DISABLED + - ACTIVE + - DEACTIVATED + - TERMINATED + - ERROR + - LOCKED + example: LOCKED + managerRef: + type: object + description: Identity's manager. + nullable: true + properties: + type: + type: string + description: DTO type of identity's manager. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity's manager. + example: 2c4180a46faadee4016fb4e018c20626 + name: + type: string + description: Human-readable display name of identity's manager. + example: Robert Robinson + isManager: + type: boolean + description: Whether this identity is a manager of another identity + default: false + example: true + lastRefresh: + type: string + format: date-time + description: The last time the identity was refreshed by the system + example: '2020-11-22T15:42:31.123Z' + attributes: + type: object + description: A map with the identity attributes for the identity + example: '{"uid":"Walter White","firstname":"walter","cloudStatus":"UNREGISTERED","displayName":"Walter White","identificationNumber":"942","lastSyncDate":1470348809380,"email":"walter@gmail.com","lastname":"white"}' + lifecycleState: + allOf: + - type: object + properties: + stateName: + type: string + description: The name of the lifecycle state + example: active + manuallyUpdated: + type: boolean + description: Whether the lifecycle state has been manually or automatically set + example: true + required: + - stateName + - manuallyUpdated + - nullable: true + description: Lifecycle state details that include lifecycle state name and whether this lifecycle state has been set manually + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteIdentity + tags: + - Identities + summary: Delete identity + description: The API returns successful response if the requested identity was deleted. + security: + - UserContextAuth: + - 'idn:identity:delete' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Identity Id + example: ef38f94347e94562b5bb8424a56397d8 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request is invalid. It may indicate that the specified identity is marked as protected and cannot be deleted. + content: + application/json: + schema: + type: object + properties: + message: + type: string + description: any additional context information of the http call result + example: Identity cannot be deleted as it is owner of following resources + associationDetails: + type: array + description: list of all the resource associations for the identity + items: + type: object + properties: + associationType: + type: string + description: association type with the identity + example: CAMPAIGN_OWNER + entities: + type: array + description: the specific resource this identity has ownership on + items: + type: object + properties: + identityEntity: + type: object + properties: + id: + type: string + description: id of the resource to which the identity is associated + example: 031034e97f094a4096c1be53f75f6b91 + name: + type: string + description: name of the resource to which the identity is associated + example: Gaston.800ddf9640a + type: + type: string + description: type of the resource to which the identity is associated + example: CAMPAIGN_CAMPAIGNER + example: + id: b660a232f05b4e04812ca974b3011e0f + name: Gaston.800ddf9640a + type: CAMPAIGN_CAMPAIGNER + example: + message: Identity is the owner of following resources + associationDetails: + associationType: CAMPAIGN_OWNER + entities: + - id: b660a232f05b4e04812ca974b3011e0f + name: Gaston.800ddf9640a + type: CAMPAIGN_CAMPAIGNER + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /identities/process: + post: + operationId: startIdentityProcessing + tags: + - Identities + summary: Process a list of identityIds + description: | + This operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing) and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing) that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized. + + This endpoint will perform the following tasks: + 1. Calculate identity attributes, including applying or running any rules or transforms (e.g. calculate Lifecycle State at a point-in-time it's expected to change). + 2. Evaluate role assignments, leading to assignment of new roles and removal of existing roles. + 3. Enforce provisioning for any assigned accesses that haven't been fulfilled (e.g. failure due to source health). + 4. Recalculate manager relationships. + 5. Potentially clean-up identity processing errors, assuming the error has been resolved. + + A token with ORG_ADMIN or HELPDESK authority is required to call this API. + externalDocs: + description: Learn more about manually processing identities here + url: 'https://documentation.sailpoint.com/saas/help/setup/identity_processing.html' + security: + - UserContextAuth: + - 'idn:identity:manage' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + identityIds: + type: array + minItems: 1 + maxItems: 250 + description: List of up to 250 identity IDs to process. + items: + type: string + example: ef38f94347e94562b5bb8424a56397d8 + responses: + '202': + description: Object containing the DTO type TASK_RESULT and the job id for the task + content: + application/json: + schema: + type: object + properties: + type: + type: string + description: the type of response reference + example: TASK_RESULT + id: + type: string + description: the task ID + example: 78733556-9ea3-4f59-bf69-e5cd92b011b4 + name: + type: string + description: 'the task name (not used in this endpoint, always null)' + example: 'null' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/identities/{id}/reset': + post: + operationId: resetIdentity + tags: + - Identities + summary: Reset an identity + description: Use this endpoint to reset a user's identity if they have forgotten their authentication information like their answers to knowledge-based questions. Resetting an identity de-registers the user and removes any elevated user levels they have. + security: + - UserContextAuth: + - 'idn:identity:update' + parameters: + - in: path + name: identityId + schema: + type: string + required: true + description: Identity Id + example: ef38f94347e94562b5bb8424a56397d8 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '202': + description: Accepted. The reset request accepted and is in progress. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/identities/{identityId}/role-assignments': + get: + operationId: getRoleAssignments + tags: + - Identities + summary: List role assignments + description: 'This returns either a list of Role Assignments when querying with either a Role Id or Role Name, or a list of Role Assignment References if querying with only identity Id.' + security: + - UserContextAuth: + - 'idn:identity:read' + parameters: + - in: path + name: identityId + schema: + type: string + required: true + description: Identity Id to get the role assignments for + example: ef38f94347e94562b5bb8424a56397d8 + - in: query + name: roleId + schema: + type: string + required: false + description: Role Id to filter the role assignments with + example: e7697a1e96d04db1ac7b0f4544915d2c + - in: query + name: roleName + schema: + type: string + required: false + description: Role name to filter the role assignments with + example: Engineer + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A role assignment object + content: + application/json: + schema: + type: array + items: + anyOf: + - type: object + properties: + id: + type: string + description: Assignment Id + example: 1cbb0705b38c4226b1334eadd8874086 + role: + description: Role Id and Name related to this assignment + example: + id: e7697a1e96d04db1ac7b0f4544915d2c + type: ROLE + name: Engineer + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + - type: object + properties: + id: + type: string + description: Assignment Id + example: 1cbb0705b38c4226b1334eadd8874086 + role: + description: Role Id and Name related to this assignment + example: + id: e7697a1e96d04db1ac7b0f4544915d2c + type: ROLE + name: Engineer + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + comments: + type: string + description: Comments added by the user when the assignment was made + example: I'm a new Engineer and need this role to do my work + assignmentSource: + type: string + description: Source describing how this assignment was made + example: UI + assigner: + description: The identity that performed the assignment. This could be blank or system + example: + id: 2c9180867c184ff6017c2a2fbf031666 + type: IDENTITY + name: Jeff Richardson + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + assignedDimensions: + type: array + description: Dimensions assigned related to this role + example: + - id: 1acc8ffe5fcf457090de28bee2af36ee + type: DIMENSION + name: Northeast region + items: + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + assignmentContext: + description: The context around the role assignment + example: + requested: + contextAttributes: + - attribute: department + value: Engineering + derived: false + matched: + - id: e7697a1e96d04db1ac7b0f4544915d2c + type: DIMENSION + name: Engineer + computedDate: 'Wed Feb 14 10:58:42' + type: object + properties: + requested: + type: object + properties: + contextAttributes: + type: array + items: + type: object + properties: + attribute: + type: string + description: The name of the attribute + example: location + value: + oneOf: + - type: string + example: Austin + - type: array + items: + type: string + example: + - Austin + - Houston + - Dallas + description: The value of the attribute. This can be either a string or a multi-valued string + example: Austin + derived: + type: boolean + description: True if the attribute was derived. + default: false + example: false + matched: + type: array + items: + type: object + properties: + roleRef: + description: Role Id and Name related to this match + example: + id: e7697a1e96d04db1ac7b0f4544915d2c + type: DIMENSION + name: Engineer + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + matchedAttributes: + type: array + items: + type: object + properties: + attribute: + type: string + description: The name of the attribute + example: location + value: + oneOf: + - type: string + example: Austin + - type: array + items: + type: string + example: + - Austin + - Houston + - Dallas + description: The value of the attribute. This can be either a string or a multi-valued string + example: Austin + derived: + type: boolean + description: True if the attribute was derived. + default: false + example: false + computedDate: + type: string + description: Date that the assignment will was evaluated + example: 'Wed Feb 14 10:58:42' + accountTargets: + type: array + items: + type: object + properties: + source: + description: Source Id and Name related to this assignment + example: + id: d18b74853739439986501ad180b27db6 + type: SOURCE + name: Active Directory + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + accountInfo: + type: object + properties: + nativeIdentity: + type: string + description: The unique ID of the account generated by the source system + example: 'CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + displayName: + type: string + description: Display name for this account + example: Abby.Smith + uuid: + type: string + description: UUID associated with this account + example: '{ad9fc391-246d-40af-b248-b6556a2b7c01}' + roleName: + type: string + description: Specific role name for this target if using multiple accounts + example: Marketing + removeDate: + type: string + description: Date that the assignment will be removed + example: 'Wed Feb 14 10:58:42' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/identities/{identityId}/role-assignments/{assignmentId}': + get: + operationId: getRoleAssignment + tags: + - Identities + summary: Role assignment details + security: + - UserContextAuth: + - 'idn:identity:read' + parameters: + - in: path + name: identityId + schema: + type: string + required: true + description: Identity Id + example: ef38f94347e94562b5bb8424a56397d8 + - in: path + name: assignmentId + schema: + type: string + required: true + description: Assignment Id + example: 1cbb0705b38c4226b1334eadd8874086 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A role assignment object + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Assignment Id + example: 1cbb0705b38c4226b1334eadd8874086 + role: + description: Role Id and Name related to this assignment + example: + id: e7697a1e96d04db1ac7b0f4544915d2c + type: ROLE + name: Engineer + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + comments: + type: string + description: Comments added by the user when the assignment was made + example: I'm a new Engineer and need this role to do my work + assignmentSource: + type: string + description: Source describing how this assignment was made + example: UI + assigner: + description: The identity that performed the assignment. This could be blank or system + example: + id: 2c9180867c184ff6017c2a2fbf031666 + type: IDENTITY + name: Jeff Richardson + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + assignedDimensions: + type: array + description: Dimensions assigned related to this role + example: + - id: 1acc8ffe5fcf457090de28bee2af36ee + type: DIMENSION + name: Northeast region + items: + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + assignmentContext: + description: The context around the role assignment + example: + requested: + contextAttributes: + - attribute: department + value: Engineering + derived: false + matched: + - id: e7697a1e96d04db1ac7b0f4544915d2c + type: DIMENSION + name: Engineer + computedDate: 'Wed Feb 14 10:58:42' + type: object + properties: + requested: + type: object + properties: + contextAttributes: + type: array + items: + type: object + properties: + attribute: + type: string + description: The name of the attribute + example: location + value: + oneOf: + - type: string + example: Austin + - type: array + items: + type: string + example: + - Austin + - Houston + - Dallas + description: The value of the attribute. This can be either a string or a multi-valued string + example: Austin + derived: + type: boolean + description: True if the attribute was derived. + default: false + example: false + matched: + type: array + items: + type: object + properties: + roleRef: + description: Role Id and Name related to this match + example: + id: e7697a1e96d04db1ac7b0f4544915d2c + type: DIMENSION + name: Engineer + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + matchedAttributes: + type: array + items: + type: object + properties: + attribute: + type: string + description: The name of the attribute + example: location + value: + oneOf: + - type: string + example: Austin + - type: array + items: + type: string + example: + - Austin + - Houston + - Dallas + description: The value of the attribute. This can be either a string or a multi-valued string + example: Austin + derived: + type: boolean + description: True if the attribute was derived. + default: false + example: false + computedDate: + type: string + description: Date that the assignment will was evaluated + example: 'Wed Feb 14 10:58:42' + accountTargets: + type: array + items: + type: object + properties: + source: + description: Source Id and Name related to this assignment + example: + id: d18b74853739439986501ad180b27db6 + type: SOURCE + name: Active Directory + type: object + properties: + id: + type: string + description: the application ID + example: ff8081814d977c21014da056804a0af3 + name: + type: string + description: the application name + example: Github + accountInfo: + type: object + properties: + nativeIdentity: + type: string + description: The unique ID of the account generated by the source system + example: 'CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + displayName: + type: string + description: Display name for this account + example: Abby.Smith + uuid: + type: string + description: UUID associated with this account + example: '{ad9fc391-246d-40af-b248-b6556a2b7c01}' + roleName: + type: string + description: Specific role name for this target if using multiple accounts + example: Marketing + removeDate: + type: string + description: Date that the assignment will be removed + example: 'Wed Feb 14 10:58:42' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /identity-attributes: + get: + operationId: listIdentityAttributes + tags: + - Identity Attributes + summary: List Identity Attributes + description: Use this API to get a collection of identity attributes. + security: + - UserContextAuth: + - 'idn:identity-profile-attribute-list:read' + parameters: + - in: query + name: includeSystem + schema: + type: boolean + default: false + description: Include 'system' attributes in the response. + required: false + example: false + - in: query + name: includeSilent + schema: + type: boolean + default: false + description: Include 'silent' attributes in the response. + required: false + example: false + - in: query + name: searchableOnly + schema: + type: boolean + default: false + description: Include only 'searchable' attributes in the response. + required: false + example: false + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of identity attributes. + content: + application/json: + schema: + type: array + items: + type: object + required: + - name + properties: + name: + type: string + description: Identity attribute's technical name. + example: costCenter + displayName: + type: string + description: Identity attribute's business-friendly name. + example: Cost Center + standard: + type: boolean + description: Indicates whether the attribute is 'standard' or 'default'. + default: false + example: false + type: + type: string + description: Identity attribute's type. + nullable: true + example: string + multi: + type: boolean + description: Indicates whether the identity attribute is multi-valued. + default: false + example: false + searchable: + type: boolean + description: Indicates whether the identity attribute is searchable. + default: false + example: false + system: + type: boolean + description: 'Indicates whether the identity attribute is ''system'', meaning that it doesn''t have a source and isn''t configurable.' + default: false + example: false + sources: + description: Identity attribute's list of sources - this specifies how the rule's value is derived. + type: array + items: + type: object + properties: + type: + type: string + description: Attribute mapping type. + example: rule + properties: + type: object + description: Attribute mapping properties. + example: + ruleType: IdentityAttribute + ruleName: Cloud Promote Identity Attribute + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createIdentityAttribute + tags: + - Identity Attributes + summary: Create Identity Attribute + description: Use this API to create a new identity attribute. + security: + - UserContextAuth: + - 'idn:identity-profile-attribute:create' + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: Identity attribute's technical name. + example: costCenter + displayName: + type: string + description: Identity attribute's business-friendly name. + example: Cost Center + standard: + type: boolean + description: Indicates whether the attribute is 'standard' or 'default'. + default: false + example: false + type: + type: string + description: Identity attribute's type. + nullable: true + example: string + multi: + type: boolean + description: Indicates whether the identity attribute is multi-valued. + default: false + example: false + searchable: + type: boolean + description: Indicates whether the identity attribute is searchable. + default: false + example: false + system: + type: boolean + description: 'Indicates whether the identity attribute is ''system'', meaning that it doesn''t have a source and isn''t configurable.' + default: false + example: false + sources: + description: Identity attribute's list of sources - this specifies how the rule's value is derived. + type: array + items: + type: object + properties: + type: + type: string + description: Attribute mapping type. + example: rule + properties: + type: object + description: Attribute mapping properties. + example: + ruleType: IdentityAttribute + ruleName: Cloud Promote Identity Attribute + responses: + '201': + description: The identity attribute was created successfully. + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: Identity attribute's technical name. + example: costCenter + displayName: + type: string + description: Identity attribute's business-friendly name. + example: Cost Center + standard: + type: boolean + description: Indicates whether the attribute is 'standard' or 'default'. + default: false + example: false + type: + type: string + description: Identity attribute's type. + nullable: true + example: string + multi: + type: boolean + description: Indicates whether the identity attribute is multi-valued. + default: false + example: false + searchable: + type: boolean + description: Indicates whether the identity attribute is searchable. + default: false + example: false + system: + type: boolean + description: 'Indicates whether the identity attribute is ''system'', meaning that it doesn''t have a source and isn''t configurable.' + default: false + example: false + sources: + description: Identity attribute's list of sources - this specifies how the rule's value is derived. + type: array + items: + type: object + properties: + type: + type: string + description: Attribute mapping type. + example: rule + properties: + type: object + description: Attribute mapping properties. + example: + ruleType: IdentityAttribute + ruleName: Cloud Promote Identity Attribute + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/identity-attributes/{name}': + get: + operationId: getIdentityAttribute + tags: + - Identity Attributes + summary: Get Identity Attribute + description: This gets an identity attribute for a given technical name. + security: + - UserContextAuth: + - 'idn:identity-profile-attribute:read' + parameters: + - in: path + name: name + schema: + type: string + description: The attribute's technical name. + required: true + example: displayName + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The identity attribute with the given name + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: Identity attribute's technical name. + example: costCenter + displayName: + type: string + description: Identity attribute's business-friendly name. + example: Cost Center + standard: + type: boolean + description: Indicates whether the attribute is 'standard' or 'default'. + default: false + example: false + type: + type: string + description: Identity attribute's type. + nullable: true + example: string + multi: + type: boolean + description: Indicates whether the identity attribute is multi-valued. + default: false + example: false + searchable: + type: boolean + description: Indicates whether the identity attribute is searchable. + default: false + example: false + system: + type: boolean + description: 'Indicates whether the identity attribute is ''system'', meaning that it doesn''t have a source and isn''t configurable.' + default: false + example: false + sources: + description: Identity attribute's list of sources - this specifies how the rule's value is derived. + type: array + items: + type: object + properties: + type: + type: string + description: Attribute mapping type. + example: rule + properties: + type: object + description: Attribute mapping properties. + example: + ruleType: IdentityAttribute + ruleName: Cloud Promote Identity Attribute + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putIdentityAttribute + tags: + - Identity Attributes + summary: Update Identity Attribute + description: 'This updates an existing identity attribute. Making an attribute searchable requires that the `system`, `standard`, and `multi` properties be set to false.' + security: + - UserContextAuth: + - 'idn:identity-profile-attribute:create' + parameters: + - in: path + name: name + schema: + type: string + description: The attribute's technical name. + required: true + example: displayName + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: Identity attribute's technical name. + example: costCenter + displayName: + type: string + description: Identity attribute's business-friendly name. + example: Cost Center + standard: + type: boolean + description: Indicates whether the attribute is 'standard' or 'default'. + default: false + example: false + type: + type: string + description: Identity attribute's type. + nullable: true + example: string + multi: + type: boolean + description: Indicates whether the identity attribute is multi-valued. + default: false + example: false + searchable: + type: boolean + description: Indicates whether the identity attribute is searchable. + default: false + example: false + system: + type: boolean + description: 'Indicates whether the identity attribute is ''system'', meaning that it doesn''t have a source and isn''t configurable.' + default: false + example: false + sources: + description: Identity attribute's list of sources - this specifies how the rule's value is derived. + type: array + items: + type: object + properties: + type: + type: string + description: Attribute mapping type. + example: rule + properties: + type: object + description: Attribute mapping properties. + example: + ruleType: IdentityAttribute + ruleName: Cloud Promote Identity Attribute + responses: + '200': + description: The identity attribute was updated successfully + content: + application/json: + schema: + type: object + required: + - name + properties: + name: + type: string + description: Identity attribute's technical name. + example: costCenter + displayName: + type: string + description: Identity attribute's business-friendly name. + example: Cost Center + standard: + type: boolean + description: Indicates whether the attribute is 'standard' or 'default'. + default: false + example: false + type: + type: string + description: Identity attribute's type. + nullable: true + example: string + multi: + type: boolean + description: Indicates whether the identity attribute is multi-valued. + default: false + example: false + searchable: + type: boolean + description: Indicates whether the identity attribute is searchable. + default: false + example: false + system: + type: boolean + description: 'Indicates whether the identity attribute is ''system'', meaning that it doesn''t have a source and isn''t configurable.' + default: false + example: false + sources: + description: Identity attribute's list of sources - this specifies how the rule's value is derived. + type: array + items: + type: object + properties: + type: + type: string + description: Attribute mapping type. + example: rule + properties: + type: object + description: Attribute mapping properties. + example: + ruleType: IdentityAttribute + ruleName: Cloud Promote Identity Attribute + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteIdentityAttribute + tags: + - Identity Attributes + summary: Delete Identity Attribute + description: This deletes an identity attribute with the given name. The `system` and `standard` properties must be set to false before you can delete an identity attribute. + security: + - UserContextAuth: + - 'idn:identity-profile-attribute:delete' + parameters: + - in: path + name: name + schema: + type: string + description: The attribute's technical name. + required: true + example: displayName + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /identity-attributes/bulk-delete: + delete: + operationId: deleteIdentityAttributesInBulk + tags: + - Identity Attributes + summary: Bulk delete Identity Attributes + description: Use this API to bulk delete identity attributes for a given set of names. Attributes that are currently mapped in an identity profile cannot be deleted. The `system` and `standard` properties must be set to 'false' before you can delete an identity attribute. + security: + - UserContextAuth: + - 'idn:identity-profile-attribute-bulk:delete' + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Identity attribute IDs. + properties: + ids: + description: List of identity attributes' technical names. + type: array + items: + type: string + example: name + example: + - name + - displayName + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /mail-from-attributes: + put: + security: + - UserContextAuth: + - 'sp:notification-mail-from-attributes:write' + operationId: putMailFromAttributes + tags: + - Notifications + summary: Change MAIL FROM domain + description: Change the MAIL FROM domain of an AWS SES email identity and provide the MX and TXT records to be placed in the caller's DNS + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + identity: + type: string + example: BobSmith@sailpoint.com + description: The identity or domain address + mailFromDomain: + type: string + example: example.sailpoint.com + description: The new MAIL FROM domain of the identity. Must be a subdomain of the identity. + description: MAIL FROM attributes for a domain / identity + example: + identity: BobSmith@sailpoint.com + mailFromDomain: example.sailpoint.com + responses: + '200': + description: MAIL FROM Attributes required to verify the change + content: + application/json: + schema: + type: object + properties: + identity: + type: string + example: bob.smith@sailpoint.com + description: The email identity + mailFromDomain: + type: string + example: foo.sailpoint.com + description: The name of a domain that an email identity uses as a custom MAIL FROM domain + mxRecord: + type: string + example: 10 feedback-smtp.us-east-1.amazonses.com + description: MX record that is required in customer's DNS to allow the domain to receive bounce and complaint notifications that email providers send you + txtRecord: + type: string + example: 'v=spf1 include:amazonses.com ~all' + description: TXT record that is required in customer's DNS in order to prove that Amazon SES is authorized to send email from your domain + mailFromDomainStatus: + type: string + enum: + - PENDING + - SUCCESS + - FAILED + example: PENDING + description: The current status of the MAIL FROM verification + description: MAIL FROM attributes for a domain / identity + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/mail-from-attributes/{identity}': + get: + security: + - UserContextAuth: + - 'sp:notification-mail-from-attributes:read' + operationId: getMailFromAttributes + tags: + - Notifications + summary: Get MAIL FROM Attributes + description: Retrieve MAIL FROM attributes for a given AWS SES identity. + parameters: + - in: query + name: id + required: true + schema: + type: string + description: 'Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status' + example: bobsmith@sailpoint.com + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: MAIL FROM Attributes object + content: + application/json: + schema: + type: object + properties: + identity: + type: string + example: bob.smith@sailpoint.com + description: The email identity + mailFromDomain: + type: string + example: foo.sailpoint.com + description: The name of a domain that an email identity uses as a custom MAIL FROM domain + mxRecord: + type: string + example: 10 feedback-smtp.us-east-1.amazonses.com + description: MX record that is required in customer's DNS to allow the domain to receive bounce and complaint notifications that email providers send you + txtRecord: + type: string + example: 'v=spf1 include:amazonses.com ~all' + description: TXT record that is required in customer's DNS in order to prove that Amazon SES is authorized to send email from your domain + mailFromDomainStatus: + type: string + enum: + - PENDING + - SUCCESS + - FAILED + example: PENDING + description: The current status of the MAIL FROM verification + description: MAIL FROM attributes for a domain / identity + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /generic-approvals: + get: + security: + - UserContextAuth: + - 'sp:approvals:read' + operationId: getApprovals + tags: + - Approvals + summary: Get Approvals + description: |- + Retrieve a list of approvals, which can be filtered by requester ID, status, or reference type. "Mine" query parameter can be used and it will return all approvals for the current approver. This endpoint is for generic approvals, different than the access-request-approval endpoint and does not include access-request-approvals. + Absence of all query parameters will will default to mine=true. + parameters: + - in: query + name: mine + schema: + type: boolean + description: Returns the list of approvals for the current caller + example: 'true' + - in: query + name: requesterId + schema: + type: string + description: Returns the list of approvals for a given requester ID + example: 17e633e7d57e481569df76323169deb6a + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **status**: *eq* + + **referenceType**: *eq* + example: filters=status eq PENDING + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of Approvals + content: + application/json: + schema: + type: array + items: + type: object + properties: + approvalId: + type: string + example: 38453251-6be2-5f8f-df93-5ce19e295837 + description: The Approval ID + approvers: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: Object representation of an approver of an approval + createdDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the approval was created + type: + type: string + example: ENTITLEMENT_DESCRIPTIONS + description: Type of approval + name: + type: array + items: + type: object + properties: + value: + type: string + example: Audit DB Access + description: Name of the approval + locale: + type: string + example: en_US + description: What locale the name of the approval is using + description: Approval Name Object + description: The name of the approval for a given locale + batchRequest: + type: object + description: The name of the approval for a given locale + example: + batchId: 38453251-6be2-5f8f-df93-5ce19e295837 + batchSize: 100 + properties: + batchId: + type: string + example: 38453251-6be2-5f8f-df93-5ce19e295837 + description: ID of the batch + batchSize: + type: integer + format: int64 + example: 100 + description: How many approvals are going to be in this batch. Defaults to 1 if not provided. + description: + type: array + items: + type: object + properties: + value: + type: string + example: This access allows viewing and editing of workflow resource + description: The description of what the approval is asking for + locale: + type: string + example: en_US + description: What locale the description of the approval is using + description: The description of what the approval is asking for + description: The description of the approval for a given locale + priority: + type: string + enum: + - HIGH + - MEDIUM + - LOW + example: HIGH + description: The priority of the approval + requester: + type: object + description: Object representation of the requester of the approval + example: + id: 85d173e7d57e496569df763231d6deb6a + type: IDENTITY + name: John Doe + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + comments: + type: array + items: + type: object + properties: + author: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + comment: + type: string + example: Looks good + description: Comment to be left on an approval + createdDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the comment was created + description: Comments Object + description: Object representation of a comment on the approval + approvedBy: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: Array of approvers who have approved the approval + rejectedBy: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: Array of approvers who have rejected the approval + completedDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the approval was completed + approvalCriteria: + type: string + enum: + - SINGLE + - DOUBLE + - TRIPLE + - QUARTER + - HALF + - ALL + example: SINGLE + description: Criteria that needs to be met for an approval to be marked as approved + status: + type: string + enum: + - PENDING + - APPROVED + - REJECTED + example: PENDING + description: The current status of the approval + additionalAttributes: + type: string + example: '{ "llm_description": "generated description" }' + description: Json string representing additional attributes known about the object to be approved. + referenceData: + type: array + items: + type: object + properties: + id: + type: string + example: 64012350-8fd9-4f6c-a170-1fe123683899 + description: Id of the reference object + type: + type: string + example: AccessRequestId + description: What reference object does this ID correspond to + description: Reference objects related to the approval + description: Reference data related to the approval + description: Approval Object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/generic-approvals/{id}': + get: + security: + - UserContextAuth: + - 'sp:approvals:read' + operationId: getApproval + tags: + - Approvals + summary: Get an approval + description: 'Retrieve a single approval for a given approval ID. This endpoint is for generic approvals, different than the access-request-approval endpoint and does not include access-request-approvals.' + parameters: + - in: path + name: id + required: true + schema: + type: string + description: ID of the approval that is to be returned + example: 38453251-6be2-5f8f-df93-5ce19e295837 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Approval object + content: + application/json: + schema: + type: object + properties: + approvalId: + type: string + example: 38453251-6be2-5f8f-df93-5ce19e295837 + description: The Approval ID + approvers: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: Object representation of an approver of an approval + createdDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the approval was created + type: + type: string + example: ENTITLEMENT_DESCRIPTIONS + description: Type of approval + name: + type: array + items: + type: object + properties: + value: + type: string + example: Audit DB Access + description: Name of the approval + locale: + type: string + example: en_US + description: What locale the name of the approval is using + description: Approval Name Object + description: The name of the approval for a given locale + batchRequest: + type: object + description: The name of the approval for a given locale + example: + batchId: 38453251-6be2-5f8f-df93-5ce19e295837 + batchSize: 100 + properties: + batchId: + type: string + example: 38453251-6be2-5f8f-df93-5ce19e295837 + description: ID of the batch + batchSize: + type: integer + format: int64 + example: 100 + description: How many approvals are going to be in this batch. Defaults to 1 if not provided. + description: + type: array + items: + type: object + properties: + value: + type: string + example: This access allows viewing and editing of workflow resource + description: The description of what the approval is asking for + locale: + type: string + example: en_US + description: What locale the description of the approval is using + description: The description of what the approval is asking for + description: The description of the approval for a given locale + priority: + type: string + enum: + - HIGH + - MEDIUM + - LOW + example: HIGH + description: The priority of the approval + requester: + type: object + description: Object representation of the requester of the approval + example: + id: 85d173e7d57e496569df763231d6deb6a + type: IDENTITY + name: John Doe + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + comments: + type: array + items: + type: object + properties: + author: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + comment: + type: string + example: Looks good + description: Comment to be left on an approval + createdDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the comment was created + description: Comments Object + description: Object representation of a comment on the approval + approvedBy: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: Array of approvers who have approved the approval + rejectedBy: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: Array of approvers who have rejected the approval + completedDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the approval was completed + approvalCriteria: + type: string + enum: + - SINGLE + - DOUBLE + - TRIPLE + - QUARTER + - HALF + - ALL + example: SINGLE + description: Criteria that needs to be met for an approval to be marked as approved + status: + type: string + enum: + - PENDING + - APPROVED + - REJECTED + example: PENDING + description: The current status of the approval + additionalAttributes: + type: string + example: '{ "llm_description": "generated description" }' + description: Json string representing additional attributes known about the object to be approved. + referenceData: + type: array + items: + type: object + properties: + id: + type: string + example: 64012350-8fd9-4f6c-a170-1fe123683899 + description: Id of the reference object + type: + type: string + example: AccessRequestId + description: What reference object does this ID correspond to + description: Reference objects related to the approval + description: Reference data related to the approval + description: Approval Object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + security: + - UserContextAuth: + - 'sp:approvals:write' + operationId: patchApproval + tags: + - Approvals + summary: Change an approval + description: Change the values of a given approval + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + comments: + type: object + items: + type: object + properties: + author: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + comment: + type: string + example: Looks good + description: Comment to be left on an approval + createdDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the comment was created + description: Comments Object + description: Object representation of a comment on the approval + example: + author: 85d173e7d57e496569df763231d6deb6a + comment: Looks good + createdDate: 2023-04-12T23:20:50.520Z + approvedBy: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: An array of identities who have approved the approval + rejectedBy: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: An array of identities who have rejected the approval + reassignFrom: + description: The identity that is replaced by reassignTo + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + reassignTo: + description: 'If reassigning this identity will replace reassignFrom, otherwise this identity will be added to the approval request' + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + additionalAttributes: + type: object + example: + any: any + additional: attributes + description: Any additional attributes that the approval request may need + description: Payload for changing the fields of an approval. + responses: + '200': + description: Approval object + content: + application/json: + schema: + type: object + properties: + approvalId: + type: string + example: 38453251-6be2-5f8f-df93-5ce19e295837 + description: The Approval ID + approvers: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: Object representation of an approver of an approval + createdDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the approval was created + type: + type: string + example: ENTITLEMENT_DESCRIPTIONS + description: Type of approval + name: + type: array + items: + type: object + properties: + value: + type: string + example: Audit DB Access + description: Name of the approval + locale: + type: string + example: en_US + description: What locale the name of the approval is using + description: Approval Name Object + description: The name of the approval for a given locale + batchRequest: + type: object + description: The name of the approval for a given locale + example: + batchId: 38453251-6be2-5f8f-df93-5ce19e295837 + batchSize: 100 + properties: + batchId: + type: string + example: 38453251-6be2-5f8f-df93-5ce19e295837 + description: ID of the batch + batchSize: + type: integer + format: int64 + example: 100 + description: How many approvals are going to be in this batch. Defaults to 1 if not provided. + description: + type: array + items: + type: object + properties: + value: + type: string + example: This access allows viewing and editing of workflow resource + description: The description of what the approval is asking for + locale: + type: string + example: en_US + description: What locale the description of the approval is using + description: The description of what the approval is asking for + description: The description of the approval for a given locale + priority: + type: string + enum: + - HIGH + - MEDIUM + - LOW + example: HIGH + description: The priority of the approval + requester: + type: object + description: Object representation of the requester of the approval + example: + id: 85d173e7d57e496569df763231d6deb6a + type: IDENTITY + name: John Doe + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + comments: + type: array + items: + type: object + properties: + author: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + comment: + type: string + example: Looks good + description: Comment to be left on an approval + createdDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the comment was created + description: Comments Object + description: Object representation of a comment on the approval + approvedBy: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: Array of approvers who have approved the approval + rejectedBy: + type: array + items: + type: object + properties: + id: + type: string + example: 85d173e7d57e496569df763231d6deb6a + description: The identity ID + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: 'Indication of what group the identity belongs to. Ie, IDENTITY, GOVERNANCE_GROUP, etc' + name: + type: string + example: John Doe + description: Name of the identity + description: Identity Object + description: Array of approvers who have rejected the approval + completedDate: + type: string + example: 2023-04-12T23:20:50.520Z + description: Date the approval was completed + approvalCriteria: + type: string + enum: + - SINGLE + - DOUBLE + - TRIPLE + - QUARTER + - HALF + - ALL + example: SINGLE + description: Criteria that needs to be met for an approval to be marked as approved + status: + type: string + enum: + - PENDING + - APPROVED + - REJECTED + example: PENDING + description: The current status of the approval + additionalAttributes: + type: string + example: '{ "llm_description": "generated description" }' + description: Json string representing additional attributes known about the object to be approved. + referenceData: + type: array + items: + type: object + properties: + id: + type: string + example: 64012350-8fd9-4f6c-a170-1fe123683899 + description: Id of the reference object + type: + type: string + example: AccessRequestId + description: What reference object does this ID correspond to + description: Reference objects related to the approval + description: Reference data related to the approval + description: Approval Object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /notification-template-defaults: + get: + operationId: listNotificationTemplateDefaults + tags: + - Notifications + summary: List Notification Template Defaults + description: 'This lists the default templates used for notifications, such as emails from IdentityNow.' + security: + - UserContextAuth: + - 'idn:notification-template-defaults:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: filters + schema: + type: string + example: key eq "cloud_manual_work_item_summary" + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **key**: *eq, in, sw* + + **medium**: *eq, sw* + + **locale**: *eq, sw* + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A list of the default template objects + content: + application/json: + schema: + type: array + items: + type: object + properties: + key: + type: string + example: cloud_manual_work_item_summary + description: The key of the default template + name: + type: string + example: Task Manager Subscription + description: The name of the default template + medium: + type: string + description: The message medium. More mediums may be added in the future. + enum: + - EMAIL + - PHONE + - SMS + - SLACK + - TEAMS + example: EMAIL + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en + subject: + type: string + example: 'You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.' + description: The subject of the default template + nullable: true + header: + type: string + nullable: true + example: null + deprecated: true + description: 'The header value is now located within the body field. If included with non-null values, will result in a 400.' + body: + type: string + example: Please go to the task manager + description: The body of the default template + footer: + type: string + nullable: true + example: null + deprecated: true + description: 'The footer value is now located within the body field. If included with non-null values, will result in a 400.' + from: + type: string + example: $__global.emailFromAddress + description: 'The "From:" address of the default template' + nullable: true + replyTo: + type: string + example: $__global.emailFromAddress + description: The "Reply To" field of the default template + nullable: true + description: + type: string + example: Daily digest - sent if number of outstanding tasks for task owner > 0 + description: The description of the default template + nullable: true + slackTemplate: + type: object + nullable: true + properties: + key: + type: string + nullable: true + text: + type: string + blocks: + type: string + nullable: true + attachments: + type: string + notificationType: + type: string + nullable: true + approvalId: + type: string + nullable: true + requestId: + type: string + nullable: true + requestedById: + type: string + nullable: true + isSubscription: + type: boolean + nullable: true + autoApprovalData: + type: object + nullable: true + properties: + isAutoApproved: + type: string + nullable: true + itemId: + type: string + nullable: true + itemType: + type: string + nullable: true + autoApprovalMessageJSON: + type: string + nullable: true + autoApprovalTitle: + type: string + nullable: true + customFields: + type: object + nullable: true + properties: + requestType: + type: string + nullable: true + containsDeny: + type: string + nullable: true + campaignId: + type: string + nullable: true + campaignStatus: + type: string + nullable: true + teamsTemplate: + type: object + nullable: true + properties: + key: + type: string + nullable: true + title: + type: string + nullable: true + text: + type: string + messageJSON: + type: string + nullable: true + isSubscription: + type: boolean + nullable: true + approvalId: + type: string + nullable: true + requestId: + type: string + nullable: true + requestedById: + type: string + nullable: true + notificationType: + type: string + nullable: true + autoApprovalData: + type: object + nullable: true + properties: + isAutoApproved: + type: string + nullable: true + itemId: + type: string + nullable: true + itemType: + type: string + nullable: true + autoApprovalMessageJSON: + type: string + nullable: true + autoApprovalTitle: + type: string + nullable: true + customFields: + type: object + nullable: true + properties: + requestType: + type: string + nullable: true + containsDeny: + type: string + nullable: true + campaignId: + type: string + nullable: true + campaignStatus: + type: string + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /notification-templates: + get: + operationId: listNotificationTemplates + tags: + - Notifications + summary: List Notification Templates + description: This lists the templates that you have modified for your site. + security: + - UserContextAuth: + - 'idn:notification-templates:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **key**: *eq, in, sw* + + **medium**: *eq, sw* + + **locale**: *eq, sw* + example: medium eq "EMAIL" + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A list of template objects for your site + content: + application/json: + schema: + type: array + items: + type: object + properties: + key: + type: string + example: cloud_manual_work_item_summary + description: The key of the template + name: + type: string + example: Task Manager Subscription + description: The name of the Task Manager Subscription + medium: + type: string + description: The message medium. More mediums may be added in the future. + enum: + - EMAIL + - PHONE + - SMS + - SLACK + - TEAMS + example: EMAIL + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en + subject: + type: string + example: 'You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.' + description: The subject line in the template + header: + type: string + nullable: true + example: null + deprecated: true + description: 'The header value is now located within the body field. If included with non-null values, will result in a 400.' + body: + type: string + example: Please go to the task manager + description: The body in the template + footer: + type: string + nullable: true + example: null + deprecated: true + description: 'The footer value is now located within the body field. If included with non-null values, will result in a 400.' + from: + type: string + example: $__global.emailFromAddress + description: 'The "From:" address in the template' + replyTo: + type: string + example: $__global.emailFromAddress + description: The "Reply To" line in the template + description: + type: string + example: Daily digest - sent if number of outstanding tasks for task owner > 0 + description: The description in the template + id: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + description: This is auto-generated. + created: + type: string + format: date-time + description: The time when this template is created. This is auto-generated. + example: '2020-01-01T00:00:00.000000Z' + modified: + type: string + format: date-time + description: The time when this template was last modified. This is auto-generated. + example: '2020-01-01T00:00:00.000000Z' + slackTemplate: + type: string + nullable: true + teamsTemplate: + type: string + nullable: true + required: + - key + - medium + - locale + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createNotificationTemplate + tags: + - Notifications + summary: Create Notification Template + description: |- + This creates a template for your site. + + You can also use this endpoint to update a template. First, copy the response body from the [get notification template endpoint](https://developer.sailpoint.com/idn/api/beta/get-notification-template) for a template you wish to update and paste it into the request body for this endpoint. Modify the fields you want to change and submit the POST request when ready. + security: + - UserContextAuth: + - 'idn:notification-templates:create' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + key: + type: string + example: cloud_manual_work_item_summary + description: The key of the template + name: + type: string + example: Task Manager Subscription + description: The name of the Task Manager Subscription + medium: + type: string + description: The message medium. More mediums may be added in the future. + enum: + - EMAIL + - PHONE + - SMS + - SLACK + - TEAMS + example: EMAIL + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en + subject: + type: string + example: 'You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.' + description: The subject line in the template + header: + type: string + nullable: true + example: null + deprecated: true + description: 'The header value is now located within the body field. If included with non-null values, will result in a 400.' + body: + type: string + example: Please go to the task manager + description: The body in the template + footer: + type: string + nullable: true + example: null + deprecated: true + description: 'The footer value is now located within the body field. If included with non-null values, will result in a 400.' + from: + type: string + example: $__global.emailFromAddress + description: 'The "From:" address in the template' + replyTo: + type: string + example: $__global.emailFromAddress + description: The "Reply To" line in the template + description: + type: string + example: Daily digest - sent if number of outstanding tasks for task owner > 0 + description: The description in the template + id: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + description: This is auto-generated. + created: + type: string + format: date-time + description: The time when this template is created. This is auto-generated. + example: '2020-01-01T00:00:00.000000Z' + modified: + type: string + format: date-time + description: The time when this template was last modified. This is auto-generated. + example: '2020-01-01T00:00:00.000000Z' + slackTemplate: + type: string + nullable: true + teamsTemplate: + type: string + nullable: true + required: + - key + - medium + - locale + responses: + '200': + description: A template object for your site + content: + application/json: + schema: + type: object + properties: + key: + type: string + example: cloud_manual_work_item_summary + description: The key of the template + name: + type: string + example: Task Manager Subscription + description: The name of the Task Manager Subscription + medium: + type: string + description: The message medium. More mediums may be added in the future. + enum: + - EMAIL + - PHONE + - SMS + - SLACK + - TEAMS + example: EMAIL + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en + subject: + type: string + example: 'You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.' + description: The subject line in the template + header: + type: string + nullable: true + example: null + deprecated: true + description: 'The header value is now located within the body field. If included with non-null values, will result in a 400.' + body: + type: string + example: Please go to the task manager + description: The body in the template + footer: + type: string + nullable: true + example: null + deprecated: true + description: 'The footer value is now located within the body field. If included with non-null values, will result in a 400.' + from: + type: string + example: $__global.emailFromAddress + description: 'The "From:" address in the template' + replyTo: + type: string + example: $__global.emailFromAddress + description: The "Reply To" line in the template + description: + type: string + example: Daily digest - sent if number of outstanding tasks for task owner > 0 + description: The description in the template + id: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + description: This is auto-generated. + created: + type: string + format: date-time + description: The time when this template is created. This is auto-generated. + example: '2020-01-01T00:00:00.000000Z' + modified: + type: string + format: date-time + description: The time when this template was last modified. This is auto-generated. + example: '2020-01-01T00:00:00.000000Z' + slackTemplate: + type: string + nullable: true + teamsTemplate: + type: string + nullable: true + required: + - key + - medium + - locale + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/notification-templates/{id}': + get: + operationId: getNotificationTemplate + tags: + - Notifications + summary: Get Notification Template By Id + description: This gets a template that you have modified for your site by Id. + parameters: + - name: id + in: path + description: Id of the Notification Template + required: true + style: simple + explode: false + schema: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A template object for your site + content: + application/json: + schema: + type: array + items: + type: object + properties: + key: + type: string + example: cloud_manual_work_item_summary + description: The key of the template + name: + type: string + example: Task Manager Subscription + description: The name of the Task Manager Subscription + medium: + type: string + description: The message medium. More mediums may be added in the future. + enum: + - EMAIL + - PHONE + - SMS + - SLACK + - TEAMS + example: EMAIL + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en + subject: + type: string + example: 'You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.' + description: The subject line in the template + header: + type: string + nullable: true + example: null + deprecated: true + description: 'The header value is now located within the body field. If included with non-null values, will result in a 400.' + body: + type: string + example: Please go to the task manager + description: The body in the template + footer: + type: string + nullable: true + example: null + deprecated: true + description: 'The footer value is now located within the body field. If included with non-null values, will result in a 400.' + from: + type: string + example: $__global.emailFromAddress + description: 'The "From:" address in the template' + replyTo: + type: string + example: $__global.emailFromAddress + description: The "Reply To" line in the template + description: + type: string + example: Daily digest - sent if number of outstanding tasks for task owner > 0 + description: The description in the template + id: + type: string + example: c17bea3a-574d-453c-9e04-4365fbf5af0b + description: This is auto-generated. + created: + type: string + format: date-time + description: The time when this template is created. This is auto-generated. + example: '2020-01-01T00:00:00.000000Z' + modified: + type: string + format: date-time + description: The time when this template was last modified. This is auto-generated. + example: '2020-01-01T00:00:00.000000Z' + slackTemplate: + type: string + nullable: true + teamsTemplate: + type: string + nullable: true + required: + - key + - medium + - locale + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /notification-templates/bulk-delete: + post: + operationId: deleteNotificationTemplatesInBulk + tags: + - Notifications + summary: Bulk Delete Notification Templates + description: 'This lets you bulk delete templates that you previously created for your site. Since this is a beta feature, please contact support to enable usage.' + security: + - UserContextAuth: + - 'idn:notification-templates:delete' + requestBody: + required: true + content: + application/json: + schema: + type: array + items: + type: object + properties: + key: + type: string + example: cloud_manual_work_item_summary + medium: + type: string + enum: + - EMAIL + - PHONE + - SMS + example: EMAIL + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en + required: + - key + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /org-config: + get: + operationId: getOrgConfig + tags: + - Org Config + summary: Get Org configuration settings + security: + - UserContextAuth: + - 'idn:org-configs:read' + - 'idn:org-configs:manage' + description: Get org configuration with only external (org admin) accessible properties for the current org. + responses: + '200': + description: Request succeeded. + content: + application/json: + schema: + type: object + description: DTO class for OrgConfig data accessible by customer external org admin ("ORG_ADMIN") users + properties: + orgName: + type: string + description: The name of the org. + example: acme-solar + timeZone: + type: string + description: The selected time zone which is to be used for the org. This directly affects when scheduled tasks are executed. Valid options can be found at /beta/org-config/valid-time-zones + example: America/Toronto + lcsChangeHonorsSourceEnableFeature: + type: boolean + description: Flag to determine whether the LCS_CHANGE_HONORS_SOURCE_ENABLE_FEATURE flag is enabled for the current org. + example: false + armCustomerId: + type: string + description: ARM Customer ID + nullable: true + example: DE38E75A-5FF6-4A65-5DC7-08D64426B09E + armSapSystemIdMappings: + type: string + description: 'A list of IDN::sourceId to ARM::systemId mappings.' + nullable: true + example: + - sourceId: 2c91808c791a94e501792388b0d62659 + systemId: '1556' + - sourceId: 2_2c91808c791a94e501792388b0d62659 + systemId: '2_1556' + - sourceId: 3_2c91808c791a94e501792388b0d62659 + systemId: '3_1556' + armAuth: + type: string + description: ARM authentication string + nullable: true + example: epiYNTRYA2S7swisDWk1Zv4VMNgvqEjiBh5_ufuCWsma2m-5XADijqBg0ijXLby5nS6lxZNXabhGnAPGeDGc4V3jQKrhwV-UHypRLs8ZLgOjiQNus9NimS0uPdKomRW6TFWqXyfnYd-znNgbbVuwUy9GyD9ebDVJSntPastxSx7UcyGuWBqfNZYpuxKRWe_7TVY60qL55jUqyz8N4XUbbdcxdbZ0uik6ut-Bv90MKTbZexBW_PR4qcgIkaEs4kIenLyBxnGziYo7AO0tJ8bGHO8FJRkibCpAQIt7PISLo7Gg_Xf9j10dKq2YDgy4pPTvz3fE2ZHYnXCXvXFSA-vVag== + armDb: + type: string + description: ARM database name + nullable: true + example: EU + armSsoUrl: + type: string + description: ARM SSO URL + nullable: true + example: 'https://your-arm-sso-url' + iaiEnableCertificationRecommendations: + type: boolean + description: Flag to determine whether IAI Certification Recommendations are enabled for the current org + example: true + sodReportConfigs: + type: array + items: + type: object + properties: + columnName: + type: string + description: Name of column in report + example: SOD Business Name + required: + type: boolean + description: 'If true, column is required in all reports, and this entry is immutable. A 400 error will result from any attempt to modify the column''s definition.' + example: true + default: false + included: + type: boolean + description: 'If true, column is included in the report. A 400 error will be thrown if an attempt is made to set included=false if required==true.' + example: false + default: false + order: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: Relative sort order for the column. Columns will be displayed left-to-right in nondecreasing order. + example: 2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + patch: + operationId: patchOrgConfig + tags: + - Org Config + summary: Patch an Org configuration property + security: + - UserContextAuth: + - 'idn:org-configs:manage' + description: 'Patch configuration of the current org using http://jsonpatch.com/ syntax. Commonly used for changing the time zone of an org.' + requestBody: + description: 'A list of schema attribute update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.' + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /timeZone + value: America/Toronto + required: true + responses: + '200': + description: The Org was successfully patched. + content: + application/json: + schema: + type: object + description: DTO class for OrgConfig data accessible by customer external org admin ("ORG_ADMIN") users + properties: + orgName: + type: string + description: The name of the org. + example: acme-solar + timeZone: + type: string + description: The selected time zone which is to be used for the org. This directly affects when scheduled tasks are executed. Valid options can be found at /beta/org-config/valid-time-zones + example: America/Toronto + lcsChangeHonorsSourceEnableFeature: + type: boolean + description: Flag to determine whether the LCS_CHANGE_HONORS_SOURCE_ENABLE_FEATURE flag is enabled for the current org. + example: false + armCustomerId: + type: string + description: ARM Customer ID + nullable: true + example: DE38E75A-5FF6-4A65-5DC7-08D64426B09E + armSapSystemIdMappings: + type: string + description: 'A list of IDN::sourceId to ARM::systemId mappings.' + nullable: true + example: + - sourceId: 2c91808c791a94e501792388b0d62659 + systemId: '1556' + - sourceId: 2_2c91808c791a94e501792388b0d62659 + systemId: '2_1556' + - sourceId: 3_2c91808c791a94e501792388b0d62659 + systemId: '3_1556' + armAuth: + type: string + description: ARM authentication string + nullable: true + example: epiYNTRYA2S7swisDWk1Zv4VMNgvqEjiBh5_ufuCWsma2m-5XADijqBg0ijXLby5nS6lxZNXabhGnAPGeDGc4V3jQKrhwV-UHypRLs8ZLgOjiQNus9NimS0uPdKomRW6TFWqXyfnYd-znNgbbVuwUy9GyD9ebDVJSntPastxSx7UcyGuWBqfNZYpuxKRWe_7TVY60qL55jUqyz8N4XUbbdcxdbZ0uik6ut-Bv90MKTbZexBW_PR4qcgIkaEs4kIenLyBxnGziYo7AO0tJ8bGHO8FJRkibCpAQIt7PISLo7Gg_Xf9j10dKq2YDgy4pPTvz3fE2ZHYnXCXvXFSA-vVag== + armDb: + type: string + description: ARM database name + nullable: true + example: EU + armSsoUrl: + type: string + description: ARM SSO URL + nullable: true + example: 'https://your-arm-sso-url' + iaiEnableCertificationRecommendations: + type: boolean + description: Flag to determine whether IAI Certification Recommendations are enabled for the current org + example: true + sodReportConfigs: + type: array + items: + type: object + properties: + columnName: + type: string + description: Name of column in report + example: SOD Business Name + required: + type: boolean + description: 'If true, column is required in all reports, and this entry is immutable. A 400 error will result from any attempt to modify the column''s definition.' + example: true + default: false + included: + type: boolean + description: 'If true, column is included in the report. A 400 error will be thrown if an attempt is made to set included=false if required==true.' + example: false + default: false + order: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: Relative sort order for the column. Columns will be displayed left-to-right in nondecreasing order. + example: 2 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /org-config/valid-time-zones: + get: + operationId: getValidTimeZones + tags: + - Org Config + summary: Get list of time zones + security: + - UserContextAuth: + - 'idn:org-configs:read' + - 'idn:org-configs-user:read' + description: Get a list of valid time zones that can be set in org configurations. + responses: + '200': + description: Request successful + content: + application/json: + schema: + type: array + items: + type: string + example: + - Etc/GMT-6 + - Etc/GMT+8 + - EST + - America/Chicago + - America/Toronto + - Asia/Gaza + - Europe/Brussels + - Europe/Kiev + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /outlier-summaries: + get: + operationId: getIdentityOutlierSnapshots + tags: + - IAI Outliers + summary: IAI Identity Outliers Summary + description: |- + This API receives a summary containing: the number of identities that customer has, the number of outliers, and the type of outlier + Requires authorization scope of 'iai:outliers-management:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - name: type + in: query + description: Type of the identity outliers snapshot to filter on + required: false + schema: + type: string + enum: + - LOW_SIMILARITY + - STRUCTURAL + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **snapshotDate**: *ge, le* + example: 'snapshotDate ge "2022-02-07T20:13:29.356648026Z"' + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **snapshotDate** + example: snapshotDate + required: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns list of objects. Each object is a summary to give high level statistics/counts of outliers + headers: + X-Total-Count: + description: The total result count. + schema: + type: integer + content: + application/json: + schema: + type: array + items: + type: object + properties: + type: + type: string + enum: + - LOW_SIMILARITY + - STRUCTURAL + description: The type of outlier summary + example: LOW_SIMILARITY + snapshotDate: + type: string + format: date-time + description: The date the bulk outlier detection ran/snapshot was created + example: '2021-05-01T18:40:35.772Z' + totalOutliers: + type: integer + description: Total number of outliers for the customer making the request + example: 50 + totalIdentities: + type: integer + description: Total number of identities for the customer making the request + example: 5000 + totalIgnored: + type: integer + default: 0 + example: 0 + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /outlier-summaries/latest: + get: + operationId: getLatestIdentityOutlierSnapshots + tags: + - IAI Outliers + summary: IAI Identity Outliers Latest Summary + description: |- + This API returns a most recent snapshot of each outlier type, each containing: the number of identities that customer has, the number of outliers, and the type of outlier + Requires authorization scope of 'iai:outliers-management:read' + parameters: + - name: type + in: query + description: Type of the identity outliers snapshot to filter on + required: false + schema: + type: string + enum: + - LOW_SIMILARITY + - STRUCTURAL + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns list of objects. Each object is a summary to give high level statistics/counts of outliers + content: + application/json: + schema: + type: array + items: + type: object + properties: + type: + type: string + enum: + - LOW_SIMILARITY + - STRUCTURAL + description: The type of outlier summary + example: LOW_SIMILARITY + snapshotDate: + type: string + format: date-time + description: The date the bulk outlier detection ran/snapshot was created + example: '2021-05-01T18:40:35.772Z' + totalOutliers: + type: integer + description: Total number of outliers for the customer making the request + example: 50 + totalIdentities: + type: integer + description: Total number of identities for the customer making the request + example: 5000 + totalIgnored: + type: integer + description: Total number of ignored outliers + example: 10 + '202': + description: Accepted - Returned if the request was successfully accepted into the system. + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /outliers: + get: + operationId: getIdentityOutliers + tags: + - IAI Outliers + summary: IAI Get Identity Outliers + description: |- + This API receives a list of outliers, containing data such as: identityId, outlier type, detection dates, identity attributes, if identity is ignore, and certification information + Requires authorization scope of 'iai:outliers-management:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: type + in: query + description: Type of the identity outliers snapshot to filter on + required: false + schema: + type: string + enum: + - LOW_SIMILARITY + - STRUCTURAL + example: LOW_SIMILARITY + - in: query + name: filters + required: false + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **attributes**: *eq, sw, co, in* + + **firstDetectionDate**: *ge, le* + + **certStatus**: *eq* + + **ignored**: *eq* + + **score**: *ge, le* + example: attributes.displayName sw "John" and certStatus eq "false" + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **firstDetectionDate, attributes, score** + example: 'attributes.displayName,firstDetectionDate,-score' + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns list of objects. Each object contains information about outliers + headers: + X-Total-Count: + description: The total result count. + schema: + type: integer + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The identity's unique identifier for the outlier record + example: 5be33d3e-c54d-4ed7-af73-2380543e8283 + identityId: + type: string + description: The ID of the identity that is detected as an outlier + example: 5be33d3e-c54d-4ed7-af73-2380543e8283 + type: + type: string + enum: + - LOW_SIMILARITY + - STRUCTURAL + description: The type of outlier summary + example: LOW_SIMILARITY + firstDetectionDate: + type: string + format: date-time + description: The first date the outlier was detected + example: '2021-05-01T18:40:35.772Z' + latestDetectionDate: + type: string + format: date-time + description: The most recent date the outlier was detected + example: '2021-05-03T18:40:35.772Z' + ignored: + type: boolean + description: Flag whether or not the outlier has been ignored + example: false + attributes: + type: object + description: Object containing mapped identity attributes + example: + displayName: John Smith + jobTitle: Software Engineer + department: Engineering + score: + type: number + format: float + description: The outlier score determined by the detection engine ranging from 0..1 + example: 0.92 + unignoreType: + type: string + enum: + - MANUAL + - AUTOMATIC + - null + description: Enum value of if the outlier manually or automatically un-ignored. Will be NULL if outlier is not ignored + example: MANUAL + nullable: true + unignoreDate: + type: string + format: date-time + description: shows date when last time has been unignored outlier + example: '2021-06-01T18:40:35.772Z' + nullable: true + ignoreDate: + type: string + format: date-time + description: shows date when last time has been ignored outlier + example: '2021-06-01T18:40:35.772Z' + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/outliers/{outlierId}/contributing-features': + get: + operationId: getPeerGroupOutliersContributingFeatures + tags: + - IAI Outliers + summary: Get identity outlier's contibuting features + description: |- + This API returns a list of contributing feature objects for a single outlier. The object contains: feature name, feature value type, value, importance, display name (translated text or message key), description (translated text or message key), translation messages object + Requires authorization scope of 'iai:outliers-management:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: include-translation-messages + in: query + description: Whether or not to include translation messages object in returned response + required: false + schema: + type: string + example: include-translation-messages= + - in: path + example: 2c918085842e69ae018432d22ccb212f + name: outlierId + schema: + type: string + required: true + description: The outlier id + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: importance + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **importance** + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns list of objects. Each object contains a feature and metadata about that feature + headers: + X-Total-Count: + description: The total result count. + schema: + type: integer + accept-language: + description: The locale to use for translations for displayName and description text + schema: + type: string + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Contributing feature id + example: 66e38828-5017-47af-92ff-9844871352c5 + name: + type: string + description: The name of the feature + example: entitlement_count + valueType: + type: string + enum: + - INTEGER + - FLOAT + description: The data type of the value field + example: INTEGER + value: + oneOf: + - type: number + format: float + minimum: 0 + maximum: 1 + - type: integer + format: int64 + description: The feature value + example: 0.92 + importance: + type: number + format: float + description: The importance of the feature. This can also be a negative value + minimum: -1 + maximum: 1 + example: -0.15 + displayName: + type: string + description: The (translated if header is passed) displayName for the feature + example: Number of entitlements + description: + type: string + description: The (translated if header is passed) description for the feature + example: The total number of entitlements belonging to an identity + translationMessages: + type: object + properties: + displayName: + type: object + properties: + key: + type: string + description: The key of the translation message + example: recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH + values: + type: array + description: The values corresponding to the translation messages + items: + type: string + example: + - '75' + - department + description: + type: object + properties: + key: + type: string + description: The key of the translation message + example: recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH + values: + type: array + description: The values corresponding to the translation messages + items: + type: string + example: + - '75' + - department + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/outliers/{outlierId}/feature-details/{contributingFeatureName}/access-items': + get: + operationId: listOutliersContributingFeatureAccessItems + tags: + - IAI Outliers + summary: Gets a list of access items associated with each identity outlier contributing feature + description: |- + This API returns a list of the enriched access items associated with each feature filtered by the access item type The object contains: accessItemId, display name (translated text or message key), description (translated text or message key), accessType, sourceName, extremelyRare + Requires authorization scope of 'iai:outliers-management:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: path + name: outlierId + schema: + type: string + required: true + description: The outlier id + example: 2c918085842e69ae018432d22ccb212f + - in: path + name: contributingFeatureName + schema: + type: string + enum: + - radical_entitlement_count + - entitlement_count + - max_jaccard_similarity + - mean_max_bundle_concurrency + - single_entitlement_bundle_count + - peerless_score + required: true + description: The name of contributing feature + example: entitlement_count + - in: query + name: accessType + required: false + schema: + type: string + description: 'The type of access item for the identity outlier contributing feature. If not provided, it returns all' + example: ENTITLEMENT + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + example: displayName + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **displayName** + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The list of access items. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The ID of the access item + example: 2c938083633d259901633d2623ec0375 + displayName: + type: string + description: the display name of the access item + example: Applied Research Access + description: + type: string + description: Description of the access item. + example: 'Access to research information, lab results, and schematics' + accessType: + type: string + example: ENTITLEMENT + description: The type of the access item. + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + sourceName: + type: string + example: appName + description: the associated source name if it exists + extremelyRare: + type: boolean + default: false + example: true + description: rarest access + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'iai:outliers-management:read' + /outliers/ignore: + post: + operationId: ignoreIdentityOutliers + tags: + - IAI Outliers + summary: IAI Identity Outliers Ignore + description: |- + This API receives a list of IdentityIDs in the request, changes the outliers to be ignored--returning a 204 if successful. + Requires authorization scope of 'iai:outliers-management:update' + requestBody: + required: true + content: + application/json: + schema: + type: array + items: + type: string + description: List of identity IDs to ignore from outlier listing + example: + - abc123def456 + - ghi789jkl012 + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /outliers/unignore: + post: + operationId: unIgnoreIdentityOutliers + tags: + - IAI Outliers + summary: IAI Identity Outliers Unignore + description: |- + This API receives a list of IdentityIDs in the request, changes the outliers to be un-ignored--returning a 204 if successful. + Requires authorization scope of 'iai:outliers-management:update' + requestBody: + required: true + content: + application/json: + schema: + type: array + items: + type: string + description: List of identity IDs to un-ignore from outlier listing + example: + - abc123def456 + - ghi789jkl012 + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /outliers/export: + get: + operationId: exportOutliersZip + tags: + - IAI Outliers + summary: IAI Identity Outliers Export + description: |- + This API exports a list of ignored outliers to a CSV as well as list of non-ignored outliers to a CSV. These two CSVs will be zipped and exported Columns will include: identityID, type, firstDetectionDate, latestDetectionDate, ignored, & attributes (defined set of identity attributes) + Requires authorization scope of 'iai:outliers-management:read' + parameters: + - name: type + in: query + description: Type of the identity outliers snapshot to filter on + required: false + schema: + type: string + enum: + - LOW_SIMILARITY + - STRUCTURAL + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns zip of 2 CSVs to download. 1 CSV for ignored outliers and 1 for non-ignored outliers + content: + application/zip: + schema: + type: string + format: binary + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/outlier-feature-summaries/{outlierFeatureId}': + get: + operationId: getOutlierContributingFeatureSummary + tags: + - IAI Outliers + summary: Get identity outlier contibuting feature summary + description: |- + This API returns a summary of a contributing feature for an identity outlier. The object contains: contributing feature name (translated text or message key), identity outlier display name, feature values, feature definition and explanation (translated text or message key), peer display name and identityId, access item reference, translation messages object + Requires authorization scope of 'iai:outliers-management:read' + parameters: + - in: path + name: outlierFeatureId + schema: + type: string + required: true + description: Contributing feature id + example: 04654b66-7561-4090-94f9-abee0722a1af + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns selected contributing feature summary for an outlier + headers: + accept-language: + description: The locale to use for translations + schema: + type: string + content: + application/json: + schema: + type: object + properties: + contributingFeatureName: + type: string + description: Contributing feature name + example: Rare Access + identityOutlierDisplayName: + type: string + description: Identity display name + example: John Smith + outlierFeatureDisplayValues: + type: array + items: + type: object + properties: + displayName: + type: string + example: Aliza Chris + description: display name + value: + type: string + example: 55 + description: value + valueType: + type: string + enum: + - INTEGER + - FLOAT + description: The data type of the value field + example: INTEGER + featureDefinition: + type: string + description: Definition of the feature + example: Identity total number of entitlements + featureExplanation: + type: string + description: Detailed explanation of the feature + example: An identity that has too much rare access has a higher change of becoming a security threat due to the unique access they possess + peerDisplayName: + type: string + description: outlier's peer identity display name + example: Mary Jane + peerIdentityId: + type: string + description: outlier's peer identity id + example: 9f9d5d53ad0e48fba7352f6da9f1b8gbg + accessItemReference: + type: object + description: Access Item reference + example: + displayName: All Rare Entitlements + searchPlaceholder: Search by name or description + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'iai:outliers-management:read' + '/peer-group-strategies/{strategy}/identity-outliers': + get: + operationId: getPeerGroupOutliers + tags: + - IAI Peer Group Strategies + summary: Identity Outliers List + deprecated: true + description: '-- Deprecated : See ''IAI Outliers'' This API will be used by Identity Governance systems to identify identities that are not included in an organization''s peer groups. By default, 250 identities are returned. You can specify between 1 and 1000 number of identities that can be returned.' + parameters: + - in: path + name: strategy + schema: + type: string + required: true + description: 'The strategy used to create peer groups. Currently, ''entitlement'' is supported.' + example: entitlement + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of identities that are not included in peer groups. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: A unique identifier for the peer group member. + type: + type: string + description: The type of the peer group member. + peer_group_id: + type: string + description: The ID of the peer group. + attributes: + type: object + additionalProperties: + type: object + description: 'Arbitrary key-value pairs, belonging to the peer group member.' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: [] + /notification-template-context: + get: + operationId: getNotificationsTemplateContext + tags: + - Notifications + summary: Get Notification Template Context + description: |- + The notification service maintains metadata to construct the notification templates or supply any information during the event propagation. The data-store where this information is retrieved is called "Global Context" (a.k.a. notification template context). It defines a set of attributes + that will be available per tenant (organization). + security: + - UserContextAuth: + - 'idn:notification-templates:read' + responses: + '200': + description: Notification template context attributes for a specific tenant. + content: + application/json: + schema: + type: object + properties: + attributes: + type: object + additionalProperties: true + description: A JSON object that stores the context. + example: + productUrl: 'https://test-org.identitysoon.com' + brandingConfigs: + default: + narrowLogoURL: null + productName: SailPoint + standardLogoURL: null + navigationColor: 011E64 + actionButtonColor: 20B2DE + emailFromAddress: null + activeLinkColor: 20B2DE + loginInformationalMessage: null + created: + type: string + description: When the global context was created + format: date-time + example: '2020-04-15T16:16:47.525Z' + modified: + type: string + description: When the global context was last modified + format: date-time + example: '2020-04-15T16:16:47.525Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/notification-preferences/{key}': + get: + operationId: listNotificationPreferences + tags: + - Notifications + summary: List Notification Preferences for tenant. + description: Returns a list of notification preferences for tenant. + security: + - UserContextAuth: + - 'idn:notification-preferences:read' + responses: + '200': + description: Return preference for the given notification key. + content: + application/json: + schema: + type: array + items: + type: object + description: Maps an Identity's attribute key to a list of preferred notification mediums. + properties: + key: + type: string + description: The template notification key. + example: cloud_manual_work_item_summary + mediums: + type: array + description: 'List of preferred notification mediums, i.e., the mediums (or method) for which notifications are enabled. More mediums may be added in the future.' + items: + type: string + enum: + - EMAIL + - SMS + - PHONE + - SLACK + - TEAMS + example: + - EMAIL + modified: + type: string + description: Modified date of preference + format: date-time + example: '2020-05-15T14:37:06.909Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /reassignment-configurations/types: + get: + operationId: getReassignmentConfigTypes + tags: + - Work Reassignment + summary: List Reassignment Config Types + description: Gets a collection of types which are available in the Reassignment Configuration UI. + security: + - UserContextAuth: + - 'idn:reassignment-configuration:read' + responses: + '200': + description: List of Reassignment Configuration Types + content: + application/json: + schema: + type: array + items: + type: object + description: Type of Reassignment Configuration. + properties: + priority: + type: integer + example: 1 + internalName: + type: string + description: Enum list of valid work types that can be selected for a Reassignment Configuration + enum: + - accessRequests + - certifications + - manualTasks + example: accessRequests + internalNameCamel: + type: string + description: Enum list of valid work types that can be selected for a Reassignment Configuration + enum: + - ACCESS_REQUESTS + - CERTIFICATIONS + - MANUAL_TASKS + example: ACCESS_REQUESTS + displayName: + type: string + description: Human readable display name of the type to be shown on UI + example: Access Requests + description: + type: string + description: 'Description of the type of work to be reassigned, displayed by the UI.' + example: Reassign Access Request Work Items for an identity + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /reassignment-configurations: + get: + operationId: listReassignmentConfigurations + tags: + - Work Reassignment + summary: List Reassignment Configurations + description: Gets all Reassignment configuration for the current org. + security: + - UserContextAuth: + - 'idn:reassignment-configuration:read' + responses: + '200': + description: A list of Reassignment Configurations for an org + content: + application/json: + schema: + type: array + items: + type: object + description: The response body of a Reassignment Configuration for a single identity + properties: + identity: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + configDetails: + type: array + description: Details of how work should be reassigned for an Identity + items: + type: object + description: The request body of Reassignment Configuration Details for a specific identity and config type + properties: + configType: + type: string + description: Enum list of valid work types that can be selected for a Reassignment Configuration + enum: + - ACCESS_REQUESTS + - CERTIFICATIONS + - MANUAL_TASKS + example: ACCESS_REQUESTS + targetIdentity: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + startDate: + type: string + description: The date from which to start reassigning work items + format: date-time + example: '2022-07-21T11:13:12.345Z' + endDate: + type: string + description: The date from which to stop reassigning work items. If this is an empty string it indicates a permanent reassignment. + format: date-time + example: '0001-01-01T00:00:00Z' + auditDetails: + type: object + description: Audit details for the reassignment configuration of an identity + properties: + created: + type: string + description: Initial date and time when the record was created + format: date-time + example: '2022-07-21T11:13:12.345Z' + createdBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + modified: + type: string + description: Last modified date and time for the record + format: date-time + example: '2022-07-21T11:13:12.345Z' + modifiedBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + post: + operationId: createReassignmentConfiguration + tags: + - Work Reassignment + summary: Create a Reassignment Configuration + description: Creates a new Reassignment Configuration for the specified identity. + security: + - UserContextAuth: + - 'idn:reassignment-configuration:create' + requestBody: + required: true + content: + application/json: + schema: + type: object + description: The request body for creation or update of a Reassignment Configuration for a single identity and work type + properties: + reassignedFromId: + type: string + description: The identity id to reassign an item from + example: 2c91808781a71ddb0181b9090b5c504e + reassignedToId: + type: string + description: The identity id to reassign an item to + example: 2c91808781a71ddb0181b9090b53504a + configType: + type: string + description: Enum list of valid work types that can be selected for a Reassignment Configuration + enum: + - ACCESS_REQUESTS + - CERTIFICATIONS + - MANUAL_TASKS + example: ACCESS_REQUESTS + startDate: + type: string + description: The date from which to start reassigning work items + format: date-time + example: '2022-07-21T11:13:12.345Z' + endDate: + type: string + description: The date from which to stop reassigning work items. If this is an null string it indicates a permanent reassignment. + format: date-time + nullable: true + example: '2022-07-30T17:00:00.000Z' + responses: + '201': + description: The newly created Reassignment Configuration object + content: + application/json: + schema: + type: object + description: The response body of a Reassignment Configuration for a single identity + properties: + identity: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + configDetails: + type: array + description: Details of how work should be reassigned for an Identity + items: + type: object + description: The request body of Reassignment Configuration Details for a specific identity and config type + properties: + configType: + type: string + description: Enum list of valid work types that can be selected for a Reassignment Configuration + enum: + - ACCESS_REQUESTS + - CERTIFICATIONS + - MANUAL_TASKS + example: ACCESS_REQUESTS + targetIdentity: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + startDate: + type: string + description: The date from which to start reassigning work items + format: date-time + example: '2022-07-21T11:13:12.345Z' + endDate: + type: string + description: The date from which to stop reassigning work items. If this is an empty string it indicates a permanent reassignment. + format: date-time + example: '0001-01-01T00:00:00Z' + auditDetails: + type: object + description: Audit details for the reassignment configuration of an identity + properties: + created: + type: string + description: Initial date and time when the record was created + format: date-time + example: '2022-07-21T11:13:12.345Z' + createdBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + modified: + type: string + description: Last modified date and time for the record + format: date-time + example: '2022-07-21T11:13:12.345Z' + modifiedBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/reassignment-configurations/{identityId}': + get: + operationId: getReassignmentConfiguration + tags: + - Work Reassignment + summary: Get Reassignment Configuration + description: Gets the Reassignment Configuration for an identity. + security: + - UserContextAuth: + - 'idn:reassignment-configuration:read' + parameters: + - in: path + name: identityId + schema: + type: string + description: unique identity id + required: true + example: 2c91808781a71ddb0181b9090b5c504f + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Reassignment Configuration for an identity + content: + application/json: + schema: + type: object + description: The response body of a Reassignment Configuration for a single identity + properties: + identity: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + configDetails: + type: array + description: Details of how work should be reassigned for an Identity + items: + type: object + description: The request body of Reassignment Configuration Details for a specific identity and config type + properties: + configType: + type: string + description: Enum list of valid work types that can be selected for a Reassignment Configuration + enum: + - ACCESS_REQUESTS + - CERTIFICATIONS + - MANUAL_TASKS + example: ACCESS_REQUESTS + targetIdentity: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + startDate: + type: string + description: The date from which to start reassigning work items + format: date-time + example: '2022-07-21T11:13:12.345Z' + endDate: + type: string + description: The date from which to stop reassigning work items. If this is an empty string it indicates a permanent reassignment. + format: date-time + example: '0001-01-01T00:00:00Z' + auditDetails: + type: object + description: Audit details for the reassignment configuration of an identity + properties: + created: + type: string + description: Initial date and time when the record was created + format: date-time + example: '2022-07-21T11:13:12.345Z' + createdBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + modified: + type: string + description: Last modified date and time for the record + format: date-time + example: '2022-07-21T11:13:12.345Z' + modifiedBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putReassignmentConfig + tags: + - Work Reassignment + summary: Update Reassignment Configuration + description: Replaces existing Reassignment configuration for an identity with the newly provided configuration. + security: + - UserContextAuth: + - 'idn:reassignment-configuration:update' + parameters: + - in: path + name: identityId + schema: + type: string + description: unique identity id + required: true + example: 2c91808781a71ddb0181b9090b5c504e + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json: + schema: + type: object + description: The request body for creation or update of a Reassignment Configuration for a single identity and work type + properties: + reassignedFromId: + type: string + description: The identity id to reassign an item from + example: 2c91808781a71ddb0181b9090b5c504e + reassignedToId: + type: string + description: The identity id to reassign an item to + example: 2c91808781a71ddb0181b9090b53504a + configType: + type: string + description: Enum list of valid work types that can be selected for a Reassignment Configuration + enum: + - ACCESS_REQUESTS + - CERTIFICATIONS + - MANUAL_TASKS + example: ACCESS_REQUESTS + startDate: + type: string + description: The date from which to start reassigning work items + format: date-time + example: '2022-07-21T11:13:12.345Z' + endDate: + type: string + description: The date from which to stop reassigning work items. If this is an null string it indicates a permanent reassignment. + format: date-time + nullable: true + example: '2022-07-30T17:00:00.000Z' + responses: + '200': + description: Reassignment Configuration updated + content: + application/json: + schema: + type: object + description: The response body of a Reassignment Configuration for a single identity + properties: + identity: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + configDetails: + type: array + description: Details of how work should be reassigned for an Identity + items: + type: object + description: The request body of Reassignment Configuration Details for a specific identity and config type + properties: + configType: + type: string + description: Enum list of valid work types that can be selected for a Reassignment Configuration + enum: + - ACCESS_REQUESTS + - CERTIFICATIONS + - MANUAL_TASKS + example: ACCESS_REQUESTS + targetIdentity: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + startDate: + type: string + description: The date from which to start reassigning work items + format: date-time + example: '2022-07-21T11:13:12.345Z' + endDate: + type: string + description: The date from which to stop reassigning work items. If this is an empty string it indicates a permanent reassignment. + format: date-time + example: '0001-01-01T00:00:00Z' + auditDetails: + type: object + description: Audit details for the reassignment configuration of an identity + properties: + created: + type: string + description: Initial date and time when the record was created + format: date-time + example: '2022-07-21T11:13:12.345Z' + createdBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + modified: + type: string + description: Last modified date and time for the record + format: date-time + example: '2022-07-21T11:13:12.345Z' + modifiedBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteReassignmentConfiguration + tags: + - Work Reassignment + summary: Delete Reassignment Configuration + description: Deletes all Reassignment Configuration for the specified identity + security: + - UserContextAuth: + - 'idn:reassignment-configuration:delete' + parameters: + - in: path + name: identityId + schema: + type: string + description: unique identity id + required: true + example: 2c91808781a71ddb0181b9090b5c504e + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: Reassignment Configuration deleted + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/reassignment-configurations/{identityId}/evaluate/{configType}': + get: + operationId: getEvaluateReassignmentConfiguration + tags: + - Work Reassignment + summary: Evaluate Reassignment Configuration + description: 'Evaluates the Reassignment Configuration for an `Identity` to determine if work items for the specified type should be reassigned. If a valid Reassignment Configuration is found for the identity & work type, then a lookup is initiated which recursively fetches the Reassignment Configuration for the next `TargetIdentity` until no more results are found or a max depth of 5. That lookup trail is provided in the response and the final reassigned identity in the lookup list is returned as the `reassignToId` property. If no Reassignment Configuration is found for the specified identity & config type then the requested Identity ID will be used as the `reassignToId` value and the lookupTrail node will be empty.' + security: + - UserContextAuth: + - 'idn:reassignment-configuration:evaluate' + parameters: + - in: path + name: identityId + required: true + schema: + type: string + description: unique identity id + example: 2c91808781a71ddb0181b9090b5c504e + - in: path + name: configType + required: true + schema: + type: string + description: Enum list of valid work types that can be selected for a Reassignment Configuration + enum: + - ACCESS_REQUESTS + - CERTIFICATIONS + - MANUAL_TASKS + example: ACCESS_REQUESTS + description: Reassignment work type + example: accessRequests + - in: query + name: exclusionFilters + required: false + schema: + type: array + items: + type: string + description: 'Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments' + example: SELF_REVIEW_DELEGATION + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Evaluated Reassignment Configuration + content: + application/json: + schema: + type: array + items: + type: object + description: The response body for Evaluate Reassignment Configuration + properties: + reassignToId: + type: string + description: The Identity ID which should be the recipient of any work items sent to a specific identity & work type + example: 869320b6b6f34a169b6178b1a865e66f + lookupTrail: + type: array + description: List of Reassignments found by looking up the next `TargetIdentity` in a ReassignmentConfiguration + items: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + reassignedToId: + type: string + description: The ID of the Identity who work is reassigned to + example: 869320b6b6f34a169b6178b1a865e66f + reassignedFromId: + type: string + description: The ID of the Identity who work is reassigned from + example: 51948a8f306a4e7a9a6f8f5d032fa59e + reassignmentType: + description: Reassignment type + type: string + enum: + - 'MANUAL_REASSIGNMENT,' + - 'AUTOMATIC_REASSIGNMENT,' + - 'AUTO_ESCALATION,' + - SELF_REVIEW_DELEGATION + example: AUTOMATIC_REASSIGNMENT + examples: + empty: + summary: Evaluate response when no Reassignment Configuration is found + value: + reassignToId: 2c9180825a6c1adc015a71c9023f0818 + lookupTrail: [] + longTrail: + summary: Evaluate response when a long Reassignment trail is found + value: + reassignToId: 2c9180825a6c1adc015a71c9023f0818 + lookupTrail: + - reassignedToId: 2c918084575812550157589064f33b89 + reassignedFromId: 2c9180825a6c1adc015a71c9023f0818 + reassignmentType: AUTOMATIC_REASSIGNMENT + - reassignedToId: 073204941f3f49c0b3a3c49d1c17ef0e + reassignedFromId: 2c918084575812550157589064f33b89 + reassignmentType: AUTOMATIC_REASSIGNMENT + - reassignedToId: 31d9c631f5574571a935aaa48a6255df + reassignedFromId: 073204941f3f49c0b3a3c49d1c17ef0e + reassignmentType: AUTOMATIC_REASSIGNMENT + - reassignedToId: 279de502e5dc43f4854e1b96f57c578f + reassignedFromId: 31d9c631f5574571a935aaa48a6255df + reassignmentType: AUTOMATIC_REASSIGNMENT + selfReview: + summary: Evaluate response when a self-review is found and manager or org admin escalation is applied + value: + reassignToId: 2c9180825a6c1adc015a71c9023f0818 + lookupTrail: + - reassignedToId: 2c918084575812550157589064f33b89 + reassignedFromId: 2c9180825a6c1adc015a71c9023f0818 + reassignmentType: AUTOMATIC_REASSIGNMENT + - reassignedToId: 073204941f3f49c0b3a3c49d1c17ef0e + reassignedFromId: 2c918084575812550157589064f33b89 + reassignmentType: AUTOMATIC_REASSIGNMENT + - reassignedToId: 31d9c631f5574571a935aaa48a6255df + reassignedFromId: 073204941f3f49c0b3a3c49d1c17ef0e + reassignmentType: SELF_REVIEW_DELEGATION + - reassignedToId: 279de502e5dc43f4854e1b96f57c578f + reassignedFromId: 31d9c631f5574571a935aaa48a6255df + reassignmentType: AUTOMATIC_REASSIGNMENT + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /reassignment-configurations/tenant-config: + get: + operationId: getTenantConfigConfiguration + tags: + - Work Reassignment + summary: Get Tenant-wide Reassignment Configuration settings + description: Gets the global Reassignment Configuration settings for the requestor's tenant. + security: + - UserContextAuth: + - 'idn:reassignment-tenant-configuration:read' + responses: + '200': + description: Tenant-wide Reassignment Configuration settings + content: + application/json: + schema: + type: object + description: Tenant-wide Reassignment Configuration settings + properties: + auditDetails: + type: object + description: Audit details for the reassignment configuration of an identity + properties: + created: + type: string + description: Initial date and time when the record was created + format: date-time + example: '2022-07-21T11:13:12.345Z' + createdBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + modified: + type: string + description: Last modified date and time for the record + format: date-time + example: '2022-07-21T11:13:12.345Z' + modifiedBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + configDetails: + type: object + description: Details of any tenant-wide Reassignment Configurations (eg. enabled/disabled) + properties: + disabled: + type: boolean + nullable: true + description: 'Flag to determine if Reassignment Configuration is enabled or disabled for a tenant. When this flag is set to true, Reassignment Configuration is disabled.' + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + put: + operationId: putTenantConfiguration + tags: + - Work Reassignment + summary: Update Tenant-wide Reassignment Configuration settings + description: Replaces existing Tenant-wide Reassignment Configuration settings with the newly provided settings. + security: + - UserContextAuth: + - 'idn:reassignment-tenant-configuration:update' + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Tenant-wide Reassignment Configuration settings + properties: + configDetails: + type: object + description: Details of any tenant-wide Reassignment Configurations (eg. enabled/disabled) + properties: + disabled: + type: boolean + nullable: true + description: 'Flag to determine if Reassignment Configuration is enabled or disabled for a tenant. When this flag is set to true, Reassignment Configuration is disabled.' + default: false + example: true + responses: + '200': + description: Tenant-wide Reassignment Configuration settings + content: + application/json: + schema: + type: object + description: Tenant-wide Reassignment Configuration settings + properties: + auditDetails: + type: object + description: Audit details for the reassignment configuration of an identity + properties: + created: + type: string + description: Initial date and time when the record was created + format: date-time + example: '2022-07-21T11:13:12.345Z' + createdBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + modified: + type: string + description: Last modified date and time for the record + format: date-time + example: '2022-07-21T11:13:12.345Z' + modifiedBy: + type: object + description: The definition of an Identity according to the Reassignment Configuration service + properties: + id: + type: string + description: The ID of the object + example: 2c91808380aa05580180aaaaf1940410 + name: + type: string + description: Human-readable display name of the object + example: William Wilson + configDetails: + type: object + description: Details of any tenant-wide Reassignment Configurations (eg. enabled/disabled) + properties: + disabled: + type: boolean + nullable: true + description: 'Flag to determine if Reassignment Configuration is enabled or disabled for a tenant. When this flag is set to true, Reassignment Configuration is disabled.' + default: false + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /recommendations/request: + post: + operationId: getRecommendations + summary: Returns a Recommendation Based on Object + tags: + - IAI Recommendations + description: The getRecommendations API returns recommendations based on the requested object. The recommendations are invoked by IdentityIQ and IdentityNow plug-ins that retrieve recommendations based on the performed calculations. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + requests: + type: array + items: + description: List of requests to retrieve recommendations + type: object + properties: + identityId: + type: string + description: The identity ID + example: 2c938083633d259901633d25c68c00fa + item: + type: object + properties: + id: + type: string + description: ID of the access item to retrieve the recommendation for. + example: 2c938083633d259901633d2623ec0375 + type: + type: string + example: ENTITLEMENT + description: Access item's type. + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + excludeInterpretations: + type: boolean + description: Exclude interpretations in the response if "true". Return interpretations in the response if this attribute is not specified. + default: 'false' + example: 'false' + includeTranslationMessages: + type: boolean + description: 'When set to true, the calling system uses the translated messages for the specified language' + default: 'false' + example: 'false' + includeDebugInformation: + type: boolean + description: Returns the recommender calculations if set to true + default: 'false' + example: 'true' + prescribeMode: + type: boolean + description: 'When set to true, uses prescribedRulesRecommenderConfig to get identity attributes and peer group threshold instead of standard config.' + default: 'false' + example: 'false' + responses: + '200': + description: The recommendations for a customer + content: + application/json: + schema: + type: object + properties: + response: + type: array + items: + type: object + properties: + request: + type: object + properties: + identityId: + type: string + description: The identity ID + example: 2c938083633d259901633d25c68c00fa + item: + type: object + properties: + id: + type: string + description: ID of the access item to retrieve the recommendation for. + example: 2c938083633d259901633d2623ec0375 + type: + type: string + example: ENTITLEMENT + description: Access item's type. + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + recommendation: + type: string + example: 'YES' + description: 'The recommendation - YES if the access is recommended, NO if not recommended, MAYBE if there is not enough information to make a recommendation, NOT_FOUND if the identity is not found in the system' + enum: + - 'YES' + - 'NO' + - MAYBE + - NOT_FOUND + interpretations: + type: array + items: + type: string + description: 'The list of interpretations explaining the recommendation. The array is empty if includeInterpretations is false or not present in the request. e.g. - [ "Not approved in the last 6 months." ]. Interpretations will be translated using the client''s locale as found in the Accept-Language header. If a translation for the client''s locale cannot be found, the US English translation will be returned.' + example: + - 75% of identities with the same department have this access. This information had a high impact on the overall score. + - 67% of identities with the same peer group have this access. This information had a low impact on the overall score. + - 42% of identities with the same location have this access. This information had a low impact on the overall score. + translationMessages: + type: array + example: + - key: recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH + values: + - '75' + - department + items: + type: object + properties: + key: + type: string + description: The key of the translation message + example: recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH + values: + type: array + description: The values corresponding to the translation messages + items: + type: string + example: + - '75' + - department + description: 'The list of translation messages, if they have been requested.' + recommenderCalculations: + description: The calcuations performed behind the scenes that provide recommendations to the user. + properties: + identityId: + type: string + description: The ID of the identity + example: 2c91808457d8f3ab0157e3e62cb4213c + entitlementId: + type: string + description: The entitlement ID + example: 2c91809050db617d0150e0bf3215385e + recommendation: + type: string + description: The actual recommendation + example: 'YES' + overallWeightedScore: + type: number + description: The overall weighted score + featureWeightedScores: + type: object + description: The weighted score of each individual feature + additionalProperties: + type: number + threshold: + type: number + description: The configured value against which the overallWeightedScore is compared + identityAttributes: + type: object + description: The values for your configured features + additionalProperties: + type: object + properties: + value: + type: string + featureValues: + description: The feature details + type: object + properties: + feature: + type: string + description: The type of feature + example: department + numerator: + type: integer + format: int32 + example: 14 + description: The number of identities that have access to the feature + denominator: + type: integer + format: int32 + example: 14 + description: The number of identities with the corresponding feature + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: [] + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /recommendations/config: + get: + operationId: getRecommendationsConfig + summary: Get certification recommendation config values + tags: + - IAI Recommendations + description: Retrieves configuration attributes used by certification recommendations. + responses: + '200': + description: Cert recommendation configuration attributes + content: + application/json: + schema: + type: object + properties: + recommenderFeatures: + type: array + items: + type: string + description: List of identity attributes to use for calculating certification recommendations + example: + - jobTitle + - location + - peer_group + - department + - active + peerGroupPercentageThreshold: + type: number + description: The percent value that the recommendation calculation must surpass to produce a YES recommendation + minimum: 0 + maximum: 1 + format: float + example: 0.5 + runAutoSelectOnce: + type: boolean + description: 'If true, rulesRecommenderConfig will be refreshed with new programatically selected attribute and threshold values on the next pipeline run' + default: false + example: false + onlyTuneThreshold: + type: boolean + description: 'If true, rulesRecommenderConfig will be refreshed with new programatically selected threshold values on the next pipeline run' + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: [] + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + put: + operationId: updateRecommendationsConfig + summary: Update certification recommendation config values + tags: + - IAI Recommendations + description: Updates configuration attributes used by certification recommendations. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + recommenderFeatures: + type: array + items: + type: string + description: List of identity attributes to use for calculating certification recommendations + example: + - jobTitle + - location + - peer_group + - department + - active + peerGroupPercentageThreshold: + type: number + description: The percent value that the recommendation calculation must surpass to produce a YES recommendation + minimum: 0 + maximum: 1 + format: float + example: 0.5 + runAutoSelectOnce: + type: boolean + description: 'If true, rulesRecommenderConfig will be refreshed with new programatically selected attribute and threshold values on the next pipeline run' + default: false + example: false + onlyTuneThreshold: + type: boolean + description: 'If true, rulesRecommenderConfig will be refreshed with new programatically selected threshold values on the next pipeline run' + default: false + example: false + responses: + '200': + description: Cert recommendation configuration attributes after update + content: + application/json: + schema: + type: object + properties: + recommenderFeatures: + type: array + items: + type: string + description: List of identity attributes to use for calculating certification recommendations + example: + - jobTitle + - location + - peer_group + - department + - active + peerGroupPercentageThreshold: + type: number + description: The percent value that the recommendation calculation must surpass to produce a YES recommendation + minimum: 0 + maximum: 1 + format: float + example: 0.5 + runAutoSelectOnce: + type: boolean + description: 'If true, rulesRecommenderConfig will be refreshed with new programatically selected attribute and threshold values on the next pipeline run' + default: false + example: false + onlyTuneThreshold: + type: boolean + description: 'If true, rulesRecommenderConfig will be refreshed with new programatically selected threshold values on the next pipeline run' + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: [] + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /role-insights/requests: + post: + operationId: createRoleInsightRequests + summary: Generate insights for roles + deprecated: true + tags: + - Role Insights + description: Submits a create role insights request to the role insights application. At this time there are no parameters. All business roles will be processed for the customer. + responses: + '201': + description: Submitted a role insights generation request + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Request Id for a role insight generation request + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + createdDate: + type: string + format: date-time + description: The date-time role insights request was created. + example: '2020-09-16T18:49:32.150Z' + lastGenerated: + type: string + format: date-time + description: The date-time role insights request was completed. + example: '2020-09-16T18:50:12.150Z' + numberOfUpdates: + type: integer + description: Total number of updates for this request. Starts with 0 and will have correct number when request is COMPLETED. + example: 0 + roleIds: + description: The role IDs that are in this request. + type: array + items: + type: string + status: + type: string + description: Request status + enum: + - CREATED + - IN PROGRESS + - COMPLETED + - FAILED + example: + id: c9aa02f7-86b0-4bc4-84bd-3116a6131e77 + createdDate: '2020-09-16T18:49:32.150Z' + lastGenerated: '2020-09-16T18:49:32.150Z' + numberOfUpdates: 0 + roleIds: + - 2c91808e720e94f8017253287c0a44f4 + - 2c918087723ac2800172532191540e03 + - 2c9180986e4c8592016e6b15eaef447c + status: CREATED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/role-insights/requests/{id}': + get: + operationId: getRoleInsightsRequests + summary: Returns metadata from prior request. + deprecated: true + tags: + - Role Insights + description: 'This endpoint returns details of a prior role insights request. ' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The role insights request id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns details of an earlier role insights request. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Request Id for a role insight generation request + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + createdDate: + type: string + format: date-time + description: The date-time role insights request was created. + example: '2020-09-16T18:49:32.150Z' + lastGenerated: + type: string + format: date-time + description: The date-time role insights request was completed. + example: '2020-09-16T18:50:12.150Z' + numberOfUpdates: + type: integer + description: Total number of updates for this request. Starts with 0 and will have correct number when request is COMPLETED. + example: 0 + roleIds: + description: The role IDs that are in this request. + type: array + items: + type: string + status: + type: string + description: Request status + enum: + - CREATED + - IN PROGRESS + - COMPLETED + - FAILED + example: + id: c9aa02f7-86b0-4bc4-84bd-3116a6131e77 + createdDate: '2020-09-16T18:49:32.150Z' + lastGenerated: '2020-09-16T18:49:32.150Z' + numberOfUpdates: 0 + roleIds: + - 2c91808e720e94f8017253287c0a44f4 + - 2c918087723ac2800172532191540e03 + - 2c9180986e4c8592016e6b15eaef447c + status: CREATED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /role-insights/summary: + get: + operationId: getRoleInsightsSummary + summary: Get role insights summary information + tags: + - Role Insights + description: This method returns high level summary information for role insights for a customer. + responses: + '200': + description: Succeeded. Returns high level counts. + content: + application/json: + schema: + type: object + properties: + numberOfUpdates: + type: integer + description: Total number of roles with updates + lastGenerated: + type: string + format: date-time + description: The date-time role insights were last found. + example: '2020-05-19T13:49:37.385Z' + entitlementsIncludedInRoles: + type: integer + description: The number of entitlements included in roles (vs free radicals). + example: 45 + totalNumberOfEntitlements: + type: integer + description: The total number of entitlements. + example: 250 + identitiesWithAccessViaRoles: + type: integer + description: The number of identities in roles vs. identities with just entitlements and not in roles. + example: 550 + totalNumberOfIdentities: + type: integer + description: The total number of identities. + example: 980 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /role-insights: + get: + operationId: getRoleInsights + summary: Get role insights + tags: + - Role Insights + description: This method returns detailed role insights for each role. + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: sorters + in: query + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities** + example: numberOfUpdates + required: false + style: form + explode: true + schema: + type: string + - name: filters + in: query + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *sw* + + **ownerName**: *sw* + + **description**: *sw* + required: false + style: form + explode: true + example: name sw "John" + schema: + type: string + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of roles with information about insights for each role. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Insight id + example: 1467e61e-f284-439c-ba2d-c6cc11cf0941 + numberOfUpdates: + type: integer + description: Total number of updates for this role + example: 5 + createdDate: + type: string + format: date-time + description: The date-time insights were last created for this role. + modifiedDate: + type: string + format: date-time + nullable: true + description: The date-time insights were last modified for this role. + example: '2020-05-19T13:49:37.385Z' + role: + description: A role + type: object + properties: + name: + type: string + description: Role name + example: Software Engineer + id: + type: string + description: Role id + example: 1467e61e-f284-439c-ba2d-c6cc11cf0941 + description: + type: string + description: Role description + example: Person who develops software + ownerName: + type: string + description: Role owner name + example: Bob + ownerId: + type: string + description: Role owner id + example: 1467e61e-f284-439c-ba2d-c6cc11cf0941 + insight: + description: The kind of insight this is and some stats + type: object + properties: + type: + type: string + description: The number of identities in this role with the entitlement. + example: ADD + identitiesWithAccess: + type: integer + description: The number of identities in this role with the entitlement. + example: 850 + identitiesImpacted: + type: integer + description: The number of identities in this role that do not have the specified entitlement. + example: 150 + totalNumberOfIdentities: + type: integer + description: The total number of identities. + example: 1000 + impactedIdentityNames: + type: string + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-insights/{insightId}': + get: + operationId: getRoleInsight + summary: Get a single role insight + tags: + - Role Insights + description: This endpoint gets role insights information for a role. + parameters: + - in: path + name: insightId + schema: + type: string + required: true + description: The role insight id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns information about insights for a single role. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Insight id + example: 1467e61e-f284-439c-ba2d-c6cc11cf0941 + numberOfUpdates: + type: integer + description: Total number of updates for this role + example: 5 + createdDate: + type: string + format: date-time + description: The date-time insights were last created for this role. + modifiedDate: + type: string + format: date-time + nullable: true + description: The date-time insights were last modified for this role. + example: '2020-05-19T13:49:37.385Z' + role: + description: A role + type: object + properties: + name: + type: string + description: Role name + example: Software Engineer + id: + type: string + description: Role id + example: 1467e61e-f284-439c-ba2d-c6cc11cf0941 + description: + type: string + description: Role description + example: Person who develops software + ownerName: + type: string + description: Role owner name + example: Bob + ownerId: + type: string + description: Role owner id + example: 1467e61e-f284-439c-ba2d-c6cc11cf0941 + insight: + description: The kind of insight this is and some stats + type: object + properties: + type: + type: string + description: The number of identities in this role with the entitlement. + example: ADD + identitiesWithAccess: + type: integer + description: The number of identities in this role with the entitlement. + example: 850 + identitiesImpacted: + type: integer + description: The number of identities in this role that do not have the specified entitlement. + example: 150 + totalNumberOfIdentities: + type: integer + description: The total number of identities. + example: 1000 + impactedIdentityNames: + type: string + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-insights/{insightId}/entitlement-changes': + get: + operationId: getRoleInsightsEntitlementsChanges + summary: Get entitlement insights for a role + tags: + - Role Insights + description: This endpoint returns entitlement insights for a role. + parameters: + - in: path + name: insightId + schema: + type: string + required: true + description: The role insight id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: sorters + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **identitiesWithAccess, name** + required: false + style: form + explode: true + schema: + type: string + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *sw* + + **description**: *sw* + required: false + style: form + example: name sw "Admin" + explode: true + schema: + type: string + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of entitlements to be added for a role. + content: + application/json: + schema: + type: array + items: + type: object + properties: + name: + type: string + description: Name of the entitlement + id: + type: string + description: Id of the entitlement + description: + type: string + description: Description for the entitlement + attribute: + type: string + description: Attribute for the entitlement + value: + type: string + description: Attribute value for the entitlement + source: + type: string + description: Source or the application for the entitlement + insight: + description: The kind of insight this is and some stats + type: object + properties: + type: + type: string + description: The number of identities in this role with the entitlement. + example: ADD + identitiesWithAccess: + type: integer + description: The number of identities in this role with the entitlement. + example: 850 + identitiesImpacted: + type: integer + description: The number of identities in this role that do not have the specified entitlement. + example: 150 + totalNumberOfIdentities: + type: integer + description: The total number of identities. + example: 1000 + impactedIdentityNames: + type: string + nullable: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-insights/{insightId}/entitlement-changes/download': + get: + operationId: downloadRoleInsightsEntitlementsChanges + summary: Download entitlement insights for a role + tags: + - Role Insights + description: This endpoint returns the entitlement insights for a role. + parameters: + - in: path + name: insightId + schema: + type: string + required: true + description: The role insight id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: sorters + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **identitiesWithAccess** + + The default sort is **identitiesWithAccess** in descending order. + required: false + example: identitiesWithAccess + style: form + explode: true + schema: + type: string + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *sw* + + **description**: *sw* + example: name sw "r" + required: false + style: form + explode: true + schema: + type: string + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a csv file containing a list of entitlements to be added for a role. + content: + text/csv: + schema: + type: string + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-insights/{insightId}/current-entitlements': + get: + operationId: getRoleInsightsCurrentEntitlements + summary: Get current entitlement for a role + tags: + - Role Insights + description: This endpoint gets the entitlements for a role. The term "current" is to distinguish from the entitlement(s) an insight might recommend adding. + parameters: + - in: path + name: insightId + schema: + type: string + required: true + description: The role insight id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *sw* + + **description**: *sw* + example: name sw "r" + required: false + style: form + explode: true + schema: + type: string + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of current or pre-existing entitlements for a role. + content: + application/json: + schema: + type: array + items: + type: object + properties: + name: + type: string + description: Name of the entitlement + id: + type: string + description: Id of the entitlement + description: + type: string + description: Description for the entitlement + source: + type: string + description: Source or the application for the entitlement + attribute: + type: string + description: Attribute for the entitlement + value: + type: string + description: Attribute value for the entitlement + example: + name: Administrator + id: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + description: Full administrative access to IdentityNow + source: IdentityNow + attribute: assignedGroups + value: ORG_ADMIN + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-insights/{insightId}/entitlement-changes/{entitlementId}/identities': + get: + operationId: getEntitlementChangesIdentities + summary: Get identities for a suggested entitlement (for a role) + tags: + - Role Insights + description: 'Role insights suggests entitlements to be added for a role. This endpoint returns a list of identities in the role, with or without the entitlements, for a suggested entitlement so that the user can see which identities would be affected if the suggested entitlement were to be added to the role.' + parameters: + - in: path + name: insightId + schema: + type: string + required: true + description: The role insight id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: entitlementId + schema: + type: string + required: true + description: The entitlement id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: hasEntitlement + description: Identity has this entitlement or not + required: false + style: form + explode: true + schema: + type: boolean + default: false + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: sorters + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name** + example: name + required: false + style: form + explode: true + schema: + type: string + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *sw* + example: name sw "Jan" + required: false + style: form + explode: true + schema: + type: string + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of identities with or without the entitlement. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Id for identity + name: + type: string + description: Name for identity + attributes: + type: object + additionalProperties: + type: string + example: + id: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + name: Adam Smith + attributes: + department: Human Resources-tah-mgb-dnd + firstName: Adam + jobTitle: Sales Analyst + location: Mexico + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /role-mining-sessions: + post: + operationId: createRoleMiningSessions + summary: Create a role mining session + tags: + - IAI Role Mining + description: This submits a create role mining session request to the role mining application. + requestBody: + description: Role mining session parameters + required: true + content: + application/json: + schema: + type: object + properties: + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + - displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 50 + format: int32 + prescribedPruneThreshold: + type: integer + description: The calculated prescribedPruneThreshold + nullable: true + example: 10 + format: int32 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + potentialRoleCount: + type: integer + description: Number of potential roles + example: 0 + format: int32 + potentialRolesReadyCount: + type: integer + description: Number of potential roles ready + example: 0 + format: int32 + type: + description: Role mining session type + example: SPECIALIZED + type: string + enum: + - SPECIALIZED + - COMMON + emailRecipientId: + type: string + description: The id of the user who will receive an email about the role mining session + nullable: true + example: 2c918090761a5aac0176215c46a62d58 + identityCount: + type: integer + description: Number of identities in the population which meet the search criteria or identity list provided + example: 0 + format: int32 + saved: + type: boolean + description: The session's saved status + default: false + example: true + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + responses: + '201': + description: Submitted a role mining session request + content: + application/json: + schema: + type: object + properties: + scope: + description: The scope of identities for this role mining session + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + minNumIdentitiesInPotentialRole: + type: integer + nullable: true + description: Minimum number of identities in a potential role + example: 20 + scopingMethod: + type: string + description: The scoping method of the role mining session + nullable: true + example: AUTO_RM + prescribedPruneThreshold: + type: integer + nullable: true + description: The computed (or prescribed) prune threshold for this session + example: 83 + pruneThreshold: + type: integer + nullable: true + description: The prune threshold to be used for this role mining session + example: 70 + potentialRoleCount: + type: integer + description: The number of potential roles + example: 8 + potentialRolesReadyCount: + type: integer + description: The number of potential roles which have completed processing + example: 4 + status: + description: The role mining session status + type: object + properties: + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + emailRecipientId: + type: string + description: The id of the user who will receive an email about the role mining session + nullable: true + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The session created by details + identityCount: + type: integer + description: The number of identities + example: 39 + saved: + type: boolean + description: The session's saved status + default: false + example: true + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + dataFilePath: + type: string + description: The data file path of the role mining session + nullable: true + id: + type: string + description: Session Id for this role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + createdDate: + type: string + format: date-time + description: The date-time when this role mining session was created. + modifiedDate: + type: string + format: date-time + description: The date-time when this role mining session was completed. + type: + description: Role mining session type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + example: + scope: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: null + scopingMethod: AUTO_RM + minNumIdentitiesInPotentialRole: 20 + pruneThreshold: 70 + prescribedPruneThreshold: 83 + potentialRoleCount: 8 + potentialRolesReadyCount: 4 + status: + state: POTENTIAL_ROLES_PROCESSING + type: SPECIALIZED + emailRecipientId: null + createdBy: null + identityCount: 0 + saved: false + name: null + dataFilePath: null + id: 602ba738-cf48-499b-a780-7b67b3fc1ecf + createdDate: '2021-09-08T16:11:05.348Z' + modifiedDate: '2021-09-08T16:11:05.348Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + get: + operationId: getRoleMiningSessions + summary: Retrieves all role mining sessions + tags: + - IAI Role Mining + description: Returns all role mining sessions that match the query parameters + parameters: + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **saved**: *eq* + + **name**: *eq, sw* + example: saved eq "true" and name sw "RM Session" + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **createdBy, createdDate** + example: 'createdBy,createdDate' + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns all role mining sessions that match the query parameters. + content: + application/json: + schema: + type: array + items: + type: object + properties: + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + - displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 50 + format: int32 + prescribedPruneThreshold: + type: integer + description: The calculated prescribedPruneThreshold + nullable: true + example: 10 + format: int32 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + potentialRoleCount: + type: integer + description: Number of potential roles + example: 0 + format: int32 + potentialRolesReadyCount: + type: integer + description: Number of potential roles ready + example: 0 + format: int32 + type: + description: Role mining session type + example: SPECIALIZED + type: string + enum: + - SPECIALIZED + - COMMON + emailRecipientId: + type: string + description: The id of the user who will receive an email about the role mining session + nullable: true + example: 2c918090761a5aac0176215c46a62d58 + identityCount: + type: integer + description: Number of identities in the population which meet the search criteria or identity list provided + example: 0 + format: int32 + saved: + type: boolean + description: The session's saved status + default: false + example: true + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}': + patch: + operationId: patchRoleMiningSession + summary: Patch a role mining session + tags: + - IAI Role Mining + description: 'The method updates an existing role mining session using PATCH. Supports op in {"replace"} and changes to pruneThreshold and/or minNumIdentitiesInPotentialRole. The potential roles in this role mining session is then re-calculated.' + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id to be patched + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + description: Replace pruneThreshold and/or minNumIdentitiesInPotentialRole in role mining session. Update saved status or saved name for a role mining session. + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /pruneThreshold + value: '83' + - op: replace + path: /minNumIdentitiesInPotentialRole + value: '10' + - op: replace + path: /saved + value: 'false' + - op: replace + path: /name + value: RM Session - 07/10/22 + - op: add + path: /name + value: RM Session - 07/10/22 + responses: + '202': + description: Success + content: + application/json: + schema: + type: object + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + get: + operationId: getRoleMiningSession + summary: Get a role mining session + tags: + - IAI Role Mining + description: The method retrieves a role mining session. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id to be retrieved. + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns a role mining session + content: + application/json: + schema: + type: object + properties: + scope: + description: The scope of identities for this role mining session + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + minNumIdentitiesInPotentialRole: + type: integer + nullable: true + description: Minimum number of identities in a potential role + example: 20 + scopingMethod: + type: string + description: The scoping method of the role mining session + nullable: true + example: AUTO_RM + prescribedPruneThreshold: + type: integer + nullable: true + description: The computed (or prescribed) prune threshold for this session + example: 83 + pruneThreshold: + type: integer + nullable: true + description: The prune threshold to be used for this role mining session + example: 70 + potentialRoleCount: + type: integer + description: The number of potential roles + example: 8 + potentialRolesReadyCount: + type: integer + description: The number of potential roles which have completed processing + example: 4 + status: + description: The role mining session status + type: object + properties: + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + emailRecipientId: + type: string + description: The id of the user who will receive an email about the role mining session + nullable: true + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The session created by details + identityCount: + type: integer + description: The number of identities + example: 39 + saved: + type: boolean + description: The session's saved status + default: false + example: true + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + dataFilePath: + type: string + description: The data file path of the role mining session + nullable: true + id: + type: string + description: Session Id for this role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + createdDate: + type: string + format: date-time + description: The date-time when this role mining session was created. + modifiedDate: + type: string + format: date-time + description: The date-time when this role mining session was completed. + type: + description: Role mining session type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + example: + scope: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: null + scopingMethod: AUTO_RM + minNumIdentitiesInPotentialRole: 20 + pruneThreshold: 70 + prescribedPruneThreshold: 83 + potentialRoleCount: 8 + potentialRolesReadyCount: 4 + status: + state: POTENTIAL_ROLES_PROCESSING + type: SPECIALIZED + emailRecipientId: null + createdBy: null + identityCount: 0 + saved: false + name: null + dataFilePath: null + id: 602ba738-cf48-499b-a780-7b67b3fc1ecf + createdDate: '2021-09-08T16:11:05.348Z' + modifiedDate: '2021-09-08T16:11:05.348Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/status': + get: + operationId: getRoleMiningSessionStatus + summary: Get role mining session status state + tags: + - IAI Role Mining + description: This method returns a role mining session status for a customer. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns session status + content: + application/json: + schema: + type: object + properties: + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-role-summaries': + get: + operationId: getPotentialRoleSummaries + summary: Retrieves all potential role summaries + tags: + - IAI Role Mining + description: This method returns the potential role summaries for a role mining session. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: sorters + required: false + style: form + explode: true + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **createdDate** + example: createdDate + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **createdById**: *eq, sw, co* + + **createdByName**: *eq, sw, co* + + **description**: *sw, co* + + **endDate**: *le, lt* + + **freshness**: *eq, ge, gt, le, lt* + + **name**: *eq, sw, co* + + **quality**: *eq, ge, gt, le, lt* + + **startDate**: *ge, gt* + + **saved**: *eq* + + **type**: *eq* + example: (createdByName co "int")and (createdById sw "2c9180907")and (type eq "COMMON")and ((name co "entt")or (saved eq true)) + required: false + style: form + explode: true + schema: + type: string + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of potential role summaries for a role mining session. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + name: + type: string + description: Name of the potential role + example: Potential Role - e0cc5d + potentialRoleRef: + description: Details about the potential role + type: object + properties: + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + name: + type: string + description: Name of the potential role + example: Potential Role - e0cc5d + identityCount: + type: integer + description: The number of identities in a potential role. + format: int32 + example: 25 + entitlementCount: + type: integer + description: The number of entitlements in a potential role. + format: int32 + example: 15 + identityGroupStatus: + type: string + description: The status for this identity group which can be "REQUESTED" or "OBTAINED" + example: OBTAINED + provisionState: + description: 'The status of provisioning for this potential role. Can be "POTENTIAL", "PENDING", "FAILED", or "COMPLETE".' + example: PENDING + type: string + enum: + - POTENTIAL + - PENDING + - COMPLETE + - FAILED + roleId: + type: string + description: ID of the provisioned role in IIQ or IDN. Null if this potential role has not been provisioned. + nullable: true + example: 2a4be6fbcf3c4e66b95a0c15ffd591 + density: + type: integer + description: The density metric (0-100) of this potential role. Higher density values indicate higher similarity amongst the identities. + format: int32 + example: 90 + freshness: + type: integer + description: The freshness metric (0-100) of this potential role. Higher freshness values indicate this potential role is more distinctive compared to existing roles. + format: int32 + example: 70 + quality: + type: integer + description: The quality metric (0-100) of this potential role. Higher quality values indicate this potential role has high density and freshness. + format: int32 + example: 80 + type: + description: Role mining potential type. + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The potential role created by details + createdDate: + type: string + format: date-time + description: The date-time when this potential role was created. + saved: + type: boolean + description: The potential role's saved status + default: false + example: true + description: + type: string + nullable: true + description: Description of the potential role + session: + description: The session parameters of the potential role. + type: object + properties: + id: + type: string + description: The ID of the role mining session + example: 9f36f5e5-1e81-4eca-b087-548959d91c71 + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 5 + format: int32 + saved: + type: boolean + default: true + description: The session's saved status + example: true + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: + description: Role mining potential type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + scopingMethod: + description: Scoping method used in current role mining session + type: string + enum: + - MANUAL + - AUTO_RM + example: MANUAL + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}': + get: + operationId: getPotentialRole + summary: Retrieves a specific potential role + tags: + - IAI Role Mining + description: This method returns a specific potential role for a role mining session. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of potential roles for a role mining session. + content: + application/json: + schema: + type: object + properties: + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The session created by details + density: + type: integer + description: The density of a potential role. + example: 75 + format: int32 + description: + type: string + nullable: true + description: The description of a potential role. + example: Potential Role for Accounting dept + entitlementCount: + type: integer + description: The number of entitlements in a potential role. + example: 25 + format: int32 + excludedEntitlements: + description: The list of entitlement ids to be excluded. + nullable: true + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + freshness: + type: integer + description: The freshness of a potential role. + example: 75 + format: int32 + identityCount: + type: integer + description: The number of identities in a potential role. + example: 25 + format: int32 + identityDistribution: + description: Identity attribute distribution. + nullable: true + type: array + items: + type: object + properties: + attributeName: + type: string + description: Id of the potential role + example: department + distribution: + type: array + items: + type: object + additionalProperties: + type: string + example: + - attributeValue: NM Tier 3 + count: 6 + identityIds: + description: The list of ids in a potential role. + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + name: + type: string + description: Name of the potential role. + example: Saved Potential Role - 07/10 + provisionState: + description: The provisioning state of a potential role. + nullable: true + type: string + enum: + - POTENTIAL + - PENDING + - COMPLETE + - FAILED + example: POTENTIAL + quality: + type: integer + description: The quality of a potential role. + example: 100 + format: int32 + roleId: + type: string + nullable: true + description: The roleId of a potential role. + example: 07a0b4e2-7a76-44fa-bd0b-c64654b66519 + saved: + type: boolean + description: The potential role's saved status. + example: true + session: + description: The session parameters of the potential role. + type: object + properties: + id: + type: string + description: The ID of the role mining session + example: 9f36f5e5-1e81-4eca-b087-548959d91c71 + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 5 + format: int32 + saved: + type: boolean + default: true + description: The session's saved status + example: true + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: + description: Role mining potential type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + scopingMethod: + description: Scoping method used in current role mining session + type: string + enum: + - MANUAL + - AUTO_RM + example: MANUAL + type: + description: Role mining potential type. + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + createdDate: + type: string + format: date-time + description: The date-time when this potential role was created. + modifiedDate: + type: string + format: date-time + description: The date-time when this potential role was modified. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchPotentialRole + summary: Update a potential role + tags: + - IAI Role Mining + description: | + The method updates an existing potential role using. + + The following fields can be modified: + + * `description` + + * `name` + + * `saved` + + + >**NOTE: All other fields cannot be modified.** + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: The potential role summary id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json-patch+json: + schema: + type: array + items: + allOf: + - type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + properties: + op: + type: string + description: The operation to be performed + enum: + - remove + - replace + example: replace + example: + - op: remove + path: /description + - op: replace + path: /description + value: Acct I - Potential Role + - op: remove + path: /saved + - op: replace + path: /saved + value: 'false' + - op: remove + path: /name + - op: replace + path: /name + value: Potential Role Accounting + responses: + '200': + description: Succeeded. Returns the potential role summary based on the potentialRoleId provided. + content: + application/json: + schema: + type: object + items: + type: object + properties: + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The session created by details + density: + type: integer + description: The density of a potential role. + example: 75 + format: int32 + description: + type: string + nullable: true + description: The description of a potential role. + example: Potential Role for Accounting dept + entitlementCount: + type: integer + description: The number of entitlements in a potential role. + example: 25 + format: int32 + excludedEntitlements: + description: The list of entitlement ids to be excluded. + nullable: true + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + freshness: + type: integer + description: The freshness of a potential role. + example: 75 + format: int32 + identityCount: + type: integer + description: The number of identities in a potential role. + example: 25 + format: int32 + identityDistribution: + description: Identity attribute distribution. + nullable: true + type: array + items: + type: object + properties: + attributeName: + type: string + description: Id of the potential role + example: department + distribution: + type: array + items: + type: object + additionalProperties: + type: string + example: + - attributeValue: NM Tier 3 + count: 6 + identityIds: + description: The list of ids in a potential role. + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + name: + type: string + description: Name of the potential role. + example: Saved Potential Role - 07/10 + provisionState: + description: The provisioning state of a potential role. + nullable: true + type: string + enum: + - POTENTIAL + - PENDING + - COMPLETE + - FAILED + example: POTENTIAL + quality: + type: integer + description: The quality of a potential role. + example: 100 + format: int32 + roleId: + type: string + nullable: true + description: The roleId of a potential role. + example: 07a0b4e2-7a76-44fa-bd0b-c64654b66519 + saved: + type: boolean + description: The potential role's saved status. + example: true + session: + description: The session parameters of the potential role. + type: object + properties: + id: + type: string + description: The ID of the role mining session + example: 9f36f5e5-1e81-4eca-b087-548959d91c71 + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 5 + format: int32 + saved: + type: boolean + default: true + description: The session's saved status + example: true + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: + description: Role mining potential type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + scopingMethod: + description: Scoping method used in current role mining session + type: string + enum: + - MANUAL + - AUTO_RM + example: MANUAL + type: + description: Role mining potential type. + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + createdDate: + type: string + format: date-time + description: The date-time when this potential role was created. + modifiedDate: + type: string + format: date-time + description: The date-time when this potential role was modified. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}/applications': + get: + operationId: getPotentialRoleApplications + summary: Retrieves the applications of a potential role for a role mining session + tags: + - IAI Role Mining + description: This method returns the applications of a potential role for a role mining session. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of potential roles for a role mining session. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Id of the potential role + name: + type: string + description: Name of the potential role + example: + id: 2c9180877212632a017228d5a796292b + name: Slack + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularities': + get: + operationId: getEntitlementsPotentialRole + summary: Retrieves entitlements for a potential role in a role mining session + tags: + - IAI Role Mining + description: This method returns entitlements for a potential role in a role mining session. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: includeCommonAccess + description: Boolean determining whether common access entitlements will be included or not + example: true + required: false + style: form + explode: true + schema: + type: boolean + default: true + - in: query + name: sorters + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **popularity, entitlementName, applicationName** + + The default sort is **popularity** in descending order. + example: popularity + required: false + style: form + explode: true + schema: + type: string + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **applicationName**: *sw* + + **entitlementRef.name**: *sw* + example: applicationName sw "AD" + required: false + style: form + explode: true + schema: + type: string + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of entitlements for a potential role. + content: + application/json: + schema: + type: array + items: + type: object + properties: + entitlementRef: + description: Details about the entitlement + example: + id: 2c91808a7e95e6e0017e96e2086206c8 + name: App.entitlement.1 + description: Entitlement 1 + attribute: groups + type: object + properties: + id: + type: string + description: Id of the entitlement + example: 2c91808a7e95e6e0017e96e2086206c8 + name: + type: string + description: Name of the entitlement + example: App.entitlement.1 + description: + type: string + description: Description forthe entitlement + nullable: true + example: Entitlement 1 + attribute: + type: string + description: The entitlement attribute + example: groups + name: + type: string + description: Name of the entitlement + example: Add/modify/delete users + applicationName: + type: string + description: Application name of the entitlement + example: AppName + identityCount: + type: integer + description: The number of identities with this entitlement in a role. + format: int32 + example: 45 + popularity: + type: number + description: The % popularity of this entitlement in a role. + format: float + example: 65.2 + popularityInOrg: + type: number + description: The % popularity of this entitlement in the org. + format: float + example: 35.8 + sourceId: + type: string + description: The ID of the source/application. + example: 2c9180877620c1460176267f336a106f + activitySourceState: + type: string + description: The status of activity data for the source. Value is complete or notComplete. + nullable: true + example: complete + sourceUsagePercent: + type: number + description: The percentage of identities in the potential role that have usage of the source/application of this entitlement. + format: float + nullable: true + example: 65.6 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: [] + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularity-distribution': + get: + operationId: getEntitlementDistributionPotentialRole + summary: Retrieves entitlement popularity distribution for a potential role in a role mining session + tags: + - IAI Role Mining + description: This method returns entitlement popularity distribution for a potential role in a role mining session. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: includeCommonAccess + description: Boolean determining whether common access entitlements will be included or not + required: false + style: form + explode: true + schema: + type: boolean + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a map containing entitlement popularity distribution for a potential role. + content: + application/json: + schema: + type: object + additionalProperties: + type: integer + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/edit-entitlements': + post: + operationId: updateEntitlementsPotentialRole + summary: Edit entitlements for a potential role to exclude some entitlements + tags: + - IAI Role Mining + description: This endpoint adds or removes entitlements from an exclusion list for a potential role. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: Role mining session parameters + required: true + content: + application/json: + schema: + type: object + properties: + ids: + description: The list of entitlement ids to be edited + type: array + items: + type: string + exclude: + type: boolean + description: 'If true, add ids to be exclusion list. If false, remove ids from the exclusion list.' + example: + ids: + - entId1 + - entId2 + exclude: true + responses: + '201': + description: Adds or removes entitlements from a potential role's entitlement exclusion list. + content: + application/json: + schema: + type: object + properties: + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The session created by details + density: + type: integer + description: The density of a potential role. + example: 75 + format: int32 + description: + type: string + nullable: true + description: The description of a potential role. + example: Potential Role for Accounting dept + entitlementCount: + type: integer + description: The number of entitlements in a potential role. + example: 25 + format: int32 + excludedEntitlements: + description: The list of entitlement ids to be excluded. + nullable: true + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + freshness: + type: integer + description: The freshness of a potential role. + example: 75 + format: int32 + identityCount: + type: integer + description: The number of identities in a potential role. + example: 25 + format: int32 + identityDistribution: + description: Identity attribute distribution. + nullable: true + type: array + items: + type: object + properties: + attributeName: + type: string + description: Id of the potential role + example: department + distribution: + type: array + items: + type: object + additionalProperties: + type: string + example: + - attributeValue: NM Tier 3 + count: 6 + identityIds: + description: The list of ids in a potential role. + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + name: + type: string + description: Name of the potential role. + example: Saved Potential Role - 07/10 + provisionState: + description: The provisioning state of a potential role. + nullable: true + type: string + enum: + - POTENTIAL + - PENDING + - COMPLETE + - FAILED + example: POTENTIAL + quality: + type: integer + description: The quality of a potential role. + example: 100 + format: int32 + roleId: + type: string + nullable: true + description: The roleId of a potential role. + example: 07a0b4e2-7a76-44fa-bd0b-c64654b66519 + saved: + type: boolean + description: The potential role's saved status. + example: true + session: + description: The session parameters of the potential role. + type: object + properties: + id: + type: string + description: The ID of the role mining session + example: 9f36f5e5-1e81-4eca-b087-548959d91c71 + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 5 + format: int32 + saved: + type: boolean + default: true + description: The session's saved status + example: true + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: + description: Role mining potential type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + scopingMethod: + description: Scoping method used in current role mining session + type: string + enum: + - MANUAL + - AUTO_RM + example: MANUAL + type: + description: Role mining potential type. + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + createdDate: + type: string + format: date-time + description: The date-time when this potential role was created. + modifiedDate: + type: string + format: date-time + description: The date-time when this potential role was modified. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/identities': + get: + operationId: getIdentitiesPotentialRole + summary: Retrieves identities for a potential role in a role mining session + tags: + - IAI Role Mining + description: This method returns identities for a potential role in a role mining session. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: sorters + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name** + required: false + style: form + explode: true + example: name + schema: + type: string + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *sw* + required: false + style: form + explode: true + schema: + type: string + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of identities for a potential role. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Id of the identity + name: + type: string + description: Name of the identity + attributes: + type: object + additionalProperties: + type: string + example: + id: 2c9180877212632a017228d5934525e6 + name: Allene Abernathy-Welch + attributes: + jobTitle: SQL Developer + department: IT + location: NYC + firstName: Allene + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export': + get: + operationId: exportRoleMiningPotentialRole + summary: Export (download) details for a potential role in a role mining session + tags: + - IAI Role Mining + description: This endpoint downloads all the information for a potential role in a role mining session. Includes identities and entitlements in the potential role. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role. + content: + application/zip: + schema: + type: string + format: binary + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async': + post: + operationId: exportRoleMiningPotentialRoleAsync + summary: Asynchronously export details for a potential role in a role mining session and upload to S3 + tags: + - IAI Role Mining + description: This endpoint uploads all the information for a potential role in a role mining session to S3 as a downloadable zip archive. Includes identities and entitlements in the potential role. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 278359a6-04b7-4669-9468-924cf580964a + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + content: + application/json: + schema: + type: object + properties: + minEntitlementPopularity: + type: integer + description: The minimum popularity among identities in the role which an entitlement must have to be included in the report + example: 0 + includeCommonAccess: + type: boolean + description: 'If false, do not include entitlements that are highly popular among the entire orginization' + example: true + example: + minEntitlementPopularity: 0 + includeCommonAccess: true + responses: + '202': + description: Job Submitted. Returns a reportId that can be used to download the zip once complete + content: + application/json: + schema: + allOf: + - type: object + properties: + minEntitlementPopularity: + type: integer + description: The minimum popularity among identities in the role which an entitlement must have to be included in the report + example: 0 + includeCommonAccess: + type: boolean + description: 'If false, do not include entitlements that are highly popular among the entire orginization' + example: true + example: + minEntitlementPopularity: 0 + includeCommonAccess: true + - type: object + properties: + exportId: + type: string + format: uuid + description: ID used to reference this export + example: 0c6cdb76-1227-4aaf-af21-192dbdfbfa04 + status: + description: The status of this export + example: QUEUED + type: string + enum: + - QUEUED + - IN_PROGRESS + - SUCCESS + - ERROR + example: + exportId: 0c6cdb76-1227-4aaf-af21-192dbdfbfa04 + status: QUEUED + minEntitlementPopularity: 0 + includeCommonAccess: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}': + get: + operationId: exportRoleMiningPotentialRoleStatus + summary: Retrieve status of a potential role export job + tags: + - IAI Role Mining + description: This endpoint retrieves information about the current status of a potential role export. + parameters: + - in: path + name: sessionId + schema: + type: string + format: uuid + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + format: uuid + required: true + description: A potential role id in a role mining session + example: 278359a6-04b7-4669-9468-924cf580964a + - in: path + name: exportId + schema: + type: string + format: uuid + required: true + description: The id of a previously run export job for this potential role + example: 4940ffd4-836f-48a3-b2b0-6d498c3fdf40 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Success. Returns the current status of this export + content: + application/json: + schema: + allOf: + - type: object + properties: + minEntitlementPopularity: + type: integer + description: The minimum popularity among identities in the role which an entitlement must have to be included in the report + example: 0 + includeCommonAccess: + type: boolean + description: 'If false, do not include entitlements that are highly popular among the entire orginization' + example: true + example: + minEntitlementPopularity: 0 + includeCommonAccess: true + - type: object + properties: + exportId: + type: string + format: uuid + description: ID used to reference this export + example: 0c6cdb76-1227-4aaf-af21-192dbdfbfa04 + status: + description: The status of this export + example: QUEUED + type: string + enum: + - QUEUED + - IN_PROGRESS + - SUCCESS + - ERROR + example: + exportId: 0c6cdb76-1227-4aaf-af21-192dbdfbfa04 + status: QUEUED + minEntitlementPopularity: 0 + includeCommonAccess: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}/download': + get: + operationId: downloadRoleMiningPotentialRoleZip + summary: Export (download) details for a potential role in a role mining session + tags: + - IAI Role Mining + description: This endpoint downloads a completed export of information for a potential role in a role mining session. + parameters: + - in: path + name: sessionId + schema: + type: string + format: uuid + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + format: uuid + required: true + description: A potential role id in a role mining session + example: 278359a6-04b7-4669-9468-924cf580964a + - in: path + name: exportId + schema: + type: string + format: uuid + required: true + description: The id of a previously run export job for this potential role + example: 4940ffd4-836f-48a3-b2b0-6d498c3fdf40 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role. + content: + application/zip: + schema: + type: string + format: binary + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/provision': + post: + operationId: createPotentialRoleProvisionRequest + summary: Create request to provision a potential role into an actual role. + tags: + - IAI Role Mining + description: This method starts a job to provision a potential role + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: min-entitlement-popularity + description: Minimum popularity required for an entitlement to be included in the provisioned role. + required: false + style: form + explode: true + schema: + type: integer + default: 0 + minimum: 0 + maximum: 100 + - in: query + name: include-common-access + description: Boolean determining whether common access entitlements will be included in the provisioned role. + required: false + style: form + explode: true + schema: + type: boolean + default: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: Required information to create a new role + content: + application/json: + schema: + type: object + properties: + roleName: + type: string + description: Name of the new role being created + example: Finance - Accounting + roleDescription: + type: string + description: Short description of the new role being created + example: General access for accounting department + ownerId: + type: string + description: ID of the identity that will own this role + example: 2b568c65bc3c4c57a43bd97e3a8e41 + includeIdentities: + type: boolean + description: 'When true, create access requests for the identities associated with the potential role' + default: false + example: true + directlyAssignedEntitlements: + type: boolean + description: 'When true, assign entitlements directly to the role; otherwise, create access profiles containing the entitlements' + default: false + example: false + responses: + '202': + description: Accepted. Returns a potential role summary including the status of the provison request + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + name: + type: string + description: Name of the potential role + example: Potential Role - e0cc5d + potentialRoleRef: + description: Details about the potential role + type: object + properties: + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + name: + type: string + description: Name of the potential role + example: Potential Role - e0cc5d + identityCount: + type: integer + description: The number of identities in a potential role. + format: int32 + example: 25 + entitlementCount: + type: integer + description: The number of entitlements in a potential role. + format: int32 + example: 15 + identityGroupStatus: + type: string + description: The status for this identity group which can be "REQUESTED" or "OBTAINED" + example: OBTAINED + provisionState: + description: 'The status of provisioning for this potential role. Can be "POTENTIAL", "PENDING", "FAILED", or "COMPLETE".' + example: PENDING + type: string + enum: + - POTENTIAL + - PENDING + - COMPLETE + - FAILED + roleId: + type: string + description: ID of the provisioned role in IIQ or IDN. Null if this potential role has not been provisioned. + nullable: true + example: 2a4be6fbcf3c4e66b95a0c15ffd591 + density: + type: integer + description: The density metric (0-100) of this potential role. Higher density values indicate higher similarity amongst the identities. + format: int32 + example: 90 + freshness: + type: integer + description: The freshness metric (0-100) of this potential role. Higher freshness values indicate this potential role is more distinctive compared to existing roles. + format: int32 + example: 70 + quality: + type: integer + description: The quality metric (0-100) of this potential role. Higher quality values indicate this potential role has high density and freshness. + format: int32 + example: 80 + type: + description: Role mining potential type. + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The potential role created by details + createdDate: + type: string + format: date-time + description: The date-time when this potential role was created. + saved: + type: boolean + description: The potential role's saved status + default: false + example: true + description: + type: string + nullable: true + description: Description of the potential role + session: + description: The session parameters of the potential role. + type: object + properties: + id: + type: string + description: The ID of the role mining session + example: 9f36f5e5-1e81-4eca-b087-548959d91c71 + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 5 + format: int32 + saved: + type: boolean + default: true + description: The session's saved status + example: true + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: + description: Role mining potential type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + scopingMethod: + description: Scoping method used in current role mining session + type: string + enum: + - MANUAL + - AUTO_RM + example: MANUAL + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/excluded-entitlements': + get: + operationId: getExcludedEntitlementsPotentialRole + summary: Retrieves excluded entitlements for a potential role in a role mining session + tags: + - IAI Role Mining + description: This method returns excluded entitlements for a potential role in a role mining session. + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id in a role mining session + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: query + name: sorters + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **popularity** + example: populariity + required: false + style: form + explode: true + schema: + type: string + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **applicationName**: *sw* + + **entitlementRef.name**: *sw* + example: applicationName sw "AD" + required: false + style: form + explode: true + schema: + type: string + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of excluded entitlements for a potential roles. + content: + application/json: + schema: + type: array + items: + type: object + properties: + entitlementRef: + description: Details about the entitlement + example: + id: 2c91808a7e95e6e0017e96e2086206c8 + name: App.entitlement.1 + description: Entitlement 1 + attribute: groups + type: object + properties: + id: + type: string + description: Id of the entitlement + example: 2c91808a7e95e6e0017e96e2086206c8 + name: + type: string + description: Name of the entitlement + example: App.entitlement.1 + description: + type: string + description: Description forthe entitlement + nullable: true + example: Entitlement 1 + attribute: + type: string + description: The entitlement attribute + example: groups + name: + type: string + description: Name of the entitlement + example: Add/modify/delete users + applicationName: + type: string + description: Application name of the entitlement + example: AppName + identityCount: + type: integer + description: The number of identities with this entitlement in a role. + format: int32 + example: 45 + popularity: + type: number + description: The % popularity of this entitlement in a role. + format: float + example: 65.2 + popularityInOrg: + type: number + description: The % popularity of this entitlement in the org. + format: float + example: 35.8 + sourceId: + type: string + description: The ID of the source/application. + example: 2c9180877620c1460176267f336a106f + activitySourceState: + type: string + description: The status of activity data for the source. Value is complete or notComplete. + nullable: true + example: complete + sourceUsagePercent: + type: number + description: The percentage of identities in the potential role that have usage of the source/application of this entitlement. + format: float + nullable: true + example: 65.6 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /role-mining-potential-roles: + get: + operationId: getAllPotentialRoleSummaries + summary: Retrieves all potential role summaries + tags: + - IAI Role Mining + description: Returns all potential role summaries that match the query parameters + security: + - UserContextAuth: [] + parameters: + - in: query + name: sorters + required: false + style: form + explode: true + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality** + example: createdDate + - in: query + name: filters + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **createdById**: *eq, sw, co* + + **createdByName**: *eq, sw, co* + + **description**: *sw, co* + + **endDate**: *le, lt* + + **freshness**: *eq, ge, gt, le, lt* + + **name**: *eq, sw, co, ge, gt, le, lt* + + **quality**: *eq, ge, gt, le, lt* + + **startDate**: *ge, gt* + + **saved**: *eq* + + **type**: *eq, ge, gt, le, lt* + + **scopingMethod**: *eq* + + **sessionState**: *eq* + + **identityAttribute**: *co* + example: (createdByName co "int") and (createdById sw "2c9180907") and (type eq "COMMON") and ((name co "entt") or (saved eq true)) + required: false + style: form + explode: true + schema: + type: string + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns all potential role summaries that match the query parameters. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + name: + type: string + description: Name of the potential role + example: Potential Role - e0cc5d + potentialRoleRef: + description: Details about the potential role + type: object + properties: + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + name: + type: string + description: Name of the potential role + example: Potential Role - e0cc5d + identityCount: + type: integer + description: The number of identities in a potential role. + format: int32 + example: 25 + entitlementCount: + type: integer + description: The number of entitlements in a potential role. + format: int32 + example: 15 + identityGroupStatus: + type: string + description: The status for this identity group which can be "REQUESTED" or "OBTAINED" + example: OBTAINED + provisionState: + description: 'The status of provisioning for this potential role. Can be "POTENTIAL", "PENDING", "FAILED", or "COMPLETE".' + example: PENDING + type: string + enum: + - POTENTIAL + - PENDING + - COMPLETE + - FAILED + roleId: + type: string + description: ID of the provisioned role in IIQ or IDN. Null if this potential role has not been provisioned. + nullable: true + example: 2a4be6fbcf3c4e66b95a0c15ffd591 + density: + type: integer + description: The density metric (0-100) of this potential role. Higher density values indicate higher similarity amongst the identities. + format: int32 + example: 90 + freshness: + type: integer + description: The freshness metric (0-100) of this potential role. Higher freshness values indicate this potential role is more distinctive compared to existing roles. + format: int32 + example: 70 + quality: + type: integer + description: The quality metric (0-100) of this potential role. Higher quality values indicate this potential role has high density and freshness. + format: int32 + example: 80 + type: + description: Role mining potential type. + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The potential role created by details + createdDate: + type: string + format: date-time + description: The date-time when this potential role was created. + saved: + type: boolean + description: The potential role's saved status + default: false + example: true + description: + type: string + nullable: true + description: Description of the potential role + session: + description: The session parameters of the potential role. + type: object + properties: + id: + type: string + description: The ID of the role mining session + example: 9f36f5e5-1e81-4eca-b087-548959d91c71 + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 5 + format: int32 + saved: + type: boolean + default: true + description: The session's saved status + example: true + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: + description: Role mining potential type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + scopingMethod: + description: Scoping method used in current role mining session + type: string + enum: + - MANUAL + - AUTO_RM + example: MANUAL + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-potential-roles/{potentialRoleId}': + get: + operationId: getRoleMiningPotentialRole + summary: Retrieves a specific potential role + tags: + - IAI Role Mining + description: This method returns a specific potential role. + security: + - UserContextAuth: [] + parameters: + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of potential roles for a role mining session. + content: + application/json: + schema: + type: object + properties: + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The session created by details + density: + type: integer + description: The density of a potential role. + example: 75 + format: int32 + description: + type: string + nullable: true + description: The description of a potential role. + example: Potential Role for Accounting dept + entitlementCount: + type: integer + description: The number of entitlements in a potential role. + example: 25 + format: int32 + excludedEntitlements: + description: The list of entitlement ids to be excluded. + nullable: true + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + freshness: + type: integer + description: The freshness of a potential role. + example: 75 + format: int32 + identityCount: + type: integer + description: The number of identities in a potential role. + example: 25 + format: int32 + identityDistribution: + description: Identity attribute distribution. + nullable: true + type: array + items: + type: object + properties: + attributeName: + type: string + description: Id of the potential role + example: department + distribution: + type: array + items: + type: object + additionalProperties: + type: string + example: + - attributeValue: NM Tier 3 + count: 6 + identityIds: + description: The list of ids in a potential role. + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + name: + type: string + description: Name of the potential role. + example: Saved Potential Role - 07/10 + provisionState: + description: The provisioning state of a potential role. + nullable: true + type: string + enum: + - POTENTIAL + - PENDING + - COMPLETE + - FAILED + example: POTENTIAL + quality: + type: integer + description: The quality of a potential role. + example: 100 + format: int32 + roleId: + type: string + nullable: true + description: The roleId of a potential role. + example: 07a0b4e2-7a76-44fa-bd0b-c64654b66519 + saved: + type: boolean + description: The potential role's saved status. + example: true + session: + description: The session parameters of the potential role. + type: object + properties: + id: + type: string + description: The ID of the role mining session + example: 9f36f5e5-1e81-4eca-b087-548959d91c71 + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 5 + format: int32 + saved: + type: boolean + default: true + description: The session's saved status + example: true + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: + description: Role mining potential type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + scopingMethod: + description: Scoping method used in current role mining session + type: string + enum: + - MANUAL + - AUTO_RM + example: MANUAL + type: + description: Role mining potential type. + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + createdDate: + type: string + format: date-time + description: The date-time when this potential role was created. + modifiedDate: + type: string + format: date-time + description: The date-time when this potential role was modified. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + patch: + operationId: patchPotentialRole + summary: Update a potential role + tags: + - IAI Role Mining + description: | + The method updates an existing potential role using. + + The following fields can be modified: + + * `description` + + * `name` + + * `saved` + + + >**NOTE: All other fields cannot be modified.** + security: + - UserContextAuth: [] + parameters: + - in: path + name: sessionId + schema: + type: string + required: true + description: The role mining session id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: The potential role summary id + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json-patch+json: + schema: + type: array + items: + allOf: + - type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + properties: + op: + type: string + description: The operation to be performed + enum: + - remove + - replace + example: replace + example: + - op: remove + path: /description + - op: replace + path: /description + value: Acct I - Potential Role + - op: remove + path: /saved + - op: replace + path: /saved + value: 'false' + - op: remove + path: /name + - op: replace + path: /name + value: Potential Role Accounting + responses: + '200': + description: Succeeded. Returns the potential role summary based on the potentialRoleId provided. + content: + application/json: + schema: + type: object + items: + type: object + properties: + createdBy: + oneOf: + - type: object + properties: + id: + type: string + description: ID of the creator + example: 2c918090761a5aac0176215c46a62d58 + displayName: + type: string + description: The display name of the creator + example: Ashley.Pierce + - type: string + nullable: true + description: Workaround to support null + example: Dummy + description: The session created by details + density: + type: integer + description: The density of a potential role. + example: 75 + format: int32 + description: + type: string + nullable: true + description: The description of a potential role. + example: Potential Role for Accounting dept + entitlementCount: + type: integer + description: The number of entitlements in a potential role. + example: 25 + format: int32 + excludedEntitlements: + description: The list of entitlement ids to be excluded. + nullable: true + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + freshness: + type: integer + description: The freshness of a potential role. + example: 75 + format: int32 + identityCount: + type: integer + description: The number of identities in a potential role. + example: 25 + format: int32 + identityDistribution: + description: Identity attribute distribution. + nullable: true + type: array + items: + type: object + properties: + attributeName: + type: string + description: Id of the potential role + example: department + distribution: + type: array + items: + type: object + additionalProperties: + type: string + example: + - attributeValue: NM Tier 3 + count: 6 + identityIds: + description: The list of ids in a potential role. + type: array + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + name: + type: string + description: Name of the potential role. + example: Saved Potential Role - 07/10 + provisionState: + description: The provisioning state of a potential role. + nullable: true + type: string + enum: + - POTENTIAL + - PENDING + - COMPLETE + - FAILED + example: POTENTIAL + quality: + type: integer + description: The quality of a potential role. + example: 100 + format: int32 + roleId: + type: string + nullable: true + description: The roleId of a potential role. + example: 07a0b4e2-7a76-44fa-bd0b-c64654b66519 + saved: + type: boolean + description: The potential role's saved status. + example: true + session: + description: The session parameters of the potential role. + type: object + properties: + id: + type: string + description: The ID of the role mining session + example: 9f36f5e5-1e81-4eca-b087-548959d91c71 + name: + type: string + description: The session's saved name + nullable: true + example: Saved RM Session - 07/10 + minNumIdentitiesInPotentialRole: + type: integer + description: Minimum number of identities in a potential role + nullable: true + example: 20 + format: int32 + pruneThreshold: + type: integer + description: The prune threshold to be used or null to calculate prescribedPruneThreshold + nullable: true + example: 5 + format: int32 + saved: + type: boolean + default: true + description: The session's saved status + example: true + scope: + description: The scope of identities for this role mining session + example: + identityIds: [] + criteria: 'source.name:DataScienceDataset' + attributeFilterCriteria: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: object + properties: + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + criteria: + type: string + description: The "search" criteria that produces the list of identities for this role mining session. + nullable: true + example: 'source.name:DataScienceDataset' + attributeFilterCriteria: + type: array + items: + type: object + description: The filter criteria for this role mining session. + nullable: true + example: + displayName: + untranslated: 'Location: Miami' + ariaLabel: + untranslated: 'Location: Miami' + data: + displayName: + translateKey: IDN.IDENTITY_ATTRIBUTES.LOCATION + name: location + operator: EQUALS + values: + - Miami + type: + description: Role mining potential type + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + state: + description: Role mining session state + type: string + enum: + - CREATED + - UPDATED + - IDENTITIES_OBTAINED + - PRUNE_THRESHOLD_OBTAINED + - POTENTIAL_ROLES_PROCESSING + - POTENTIAL_ROLES_CREATED + example: CREATED + scopingMethod: + description: Scoping method used in current role mining session + type: string + enum: + - MANUAL + - AUTO_RM + example: MANUAL + type: + description: Role mining potential type. + type: string + enum: + - SPECIALIZED + - COMMON + example: SPECIALIZED + id: + type: string + description: Id of the potential role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + createdDate: + type: string + format: date-time + description: The date-time when this potential role was created. + modifiedDate: + type: string + format: date-time + description: The date-time when this potential role was modified. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /role-mining-potential-roles/saved: + get: + operationId: getSavedPotentialRoles + summary: Retrieves all saved potential roles + tags: + - IAI Role Mining + description: This method returns all saved potential roles (draft roles). + security: + - UserContextAuth: [] + parameters: + - in: query + name: sorters + required: false + style: form + explode: true + schema: + type: string + format: comma-separated + description: 'Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified**' + example: modified + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of draft roles for a role mining session. + content: + application/json: + schema: + type: array + items: + type: object + properties: + name: + type: string + description: Name of the draft role + example: Saved RM Session - 07/10 + description: + type: string + description: Draft role description + example: Person who develops software + identityIds: + type: array + items: + type: string + description: The list of identities for this role mining session. + example: + - 2c918090761a5aac0176215c46a62d58 + - 2c918090761a5aac01722015c46a62d42 + entitlementIds: + type: array + items: + type: string + description: The list of entitlement ids for this role mining session. + example: + - 2c91808a7624751a01762f19d665220d + - 2c91808a7624751a01762f19d67c220e + excludedEntitlements: + type: array + description: The list of excluded entitlement ids. + items: + type: string + example: + - 07a0b4e2 + - 13b4e2a0 + modified: + type: string + format: date-time + description: Last modified date + example: '2020-09-16T18:49:32.150Z' + type: + description: Role mining session type + example: SPECIALIZED + type: string + enum: + - SPECIALIZED + - COMMON + id: + type: string + description: Id of the potential draft role + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + createdDate: + type: string + format: date-time + description: The date-time when this potential draft role was created. + modifiedDate: + type: string + format: date-time + description: The date-time when this potential draft role was modified. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/role-mining-potential-roles/{potentialRoleId}/sources/{sourceId}/identityUsage': + get: + operationId: getPotentialRoleSourceIdentityUsage + summary: Retrieves potential role source usage + tags: + - IAI Role Mining + description: This method returns source usageCount (as number of days in the last 90 days) for each identity in a potential role. + security: + - UserContextAuth: [] + parameters: + - in: path + name: potentialRoleId + schema: + type: string + required: true + description: A potential role id + example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923 + - in: path + name: sourceId + schema: + type: string + required: true + description: A source id + example: 2c9180877620c1460176267f336a106f + - in: query + name: sorters + required: false + style: form + explode: true + schema: + type: string + format: comma-separated + description: 'Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount**' + example: '-usageCount' + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Succeeded. Returns a list of source usage for the identities in a potential role. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The identity ID + example: 2c918089762475180176267f894b54dc + displayName: + type: string + description: Display name for the identity + example: Kirk Koepp + email: + type: string + description: Email address for the identity + example: kirk.koepp@testmail.identitynow.com + usageCount: + type: integer + description: The number of days there has been usage of the source by the identity. + format: int32 + example: 25 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/roles/{id}/entitlements': + get: + operationId: getRoleEntitlements + tags: + - Roles + summary: List role's Entitlements + description: |- + This API lists the Entitlements associated with a given role. + + A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. + parameters: + - name: id + in: path + description: ID of the containing role + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **name**: *eq, sw* + + **attribute**: *eq, sw* + + **value**: *eq, sw* + + **created**: *gt, lt, ge, le* + + **modified**: *gt, lt, ge, le* + + **owner.id**: *eq, in* + + **source.id**: *eq, in* + example: attribute eq "memberOf" + required: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, attribute, value, created, modified** + example: 'name,-modified' + required: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of Entitlements + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The entitlement id + example: 2c91808874ff91550175097daaec161c + name: + type: string + description: The entitlement name + example: LauncherTest2 + created: + type: string + description: Time when the entitlement was created + format: date-time + example: '2020-10-08T18:33:52.029Z' + modified: + type: string + description: Time when the entitlement was last modified + format: date-time + example: '2020-10-08T18:33:52.029Z' + attribute: + type: string + description: The entitlement attribute name + example: memberOf + nullable: true + value: + type: string + description: The value of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + sourceSchemaObjectType: + type: string + description: The object type of the entitlement from the source schema + example: group + privileged: + type: boolean + default: false + description: True if the entitlement is privileged + example: true + cloudGoverned: + type: boolean + default: false + description: True if the entitlement is cloud governed + example: true + description: + type: string + nullable: true + description: The description of the entitlement + example: 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local' + requestable: + type: boolean + default: false + description: True if the entitlement is requestable + example: true + attributes: + type: object + description: A map of free-form key-value pairs from the source system + example: + fieldName: fieldValue + additionalProperties: true + source: + type: object + properties: + id: + type: string + description: The source ID + example: 2c9180827ca885d7017ca8ce28a000eb + type: + type: string + description: 'The source type, will always be "SOURCE"' + example: SOURCE + name: + type: string + description: The source name + example: ODS-AD-Source + nullable: true + owner: + allOf: + - type: object + description: Simplified DTO for the owner object of the entitlement + properties: + id: + type: string + description: The owner id for the entitlement + example: 2a2fdacca5e345f18bf7970cfbb8fec2 + name: + type: string + description: The owner name for the entitlement + example: identity 1 + type: + type: string + enum: + - IDENTITY + description: The type of the owner. Initially only type IDENTITY is supported + example: IDENTITY + - nullable: true + directPermissions: + type: array + items: + type: object + description: 'Simplified DTO for the Permission objects stored in SailPoint''s database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.' + properties: + rights: + type: array + description: All the rights (e.g. actions) that this permission allows on the target + readOnly: true + items: + type: string + example: SELECT + target: + type: string + description: The target the permission would grants rights on. + readOnly: true + example: SYS.GV_$TRANSACTION + segments: + type: array + items: + type: string + nullable: true + description: 'List of IDs of segments, if any, to which this Entitlement is assigned.' + example: + - f7b1b8a3-5fed-4fd4-ad29-82014e137e19 + - 29cb6c06-1da8-43ea-8be4-b3125f248f2a + manuallyUpdatedFields: + allOf: + - type: object + properties: + DISPLAY_NAME: + type: boolean + default: false + description: |- + True if the entitlements name was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `name` property. + example: true + DESCRIPTION: + type: boolean + default: false + description: |- + True if the entitlement description was updated manually via entitlement import csv or patch endpoint. False means that property value has not been change after first entitlement aggregation. + Field refers to [Entitlement response schema](https://developer.sailpoint.com/idn/api/beta/get-entitlement) > `description` property. + example: true + - nullable: true + description: 'Object contains entitlement manually updated fields. Field value is true if is was updated manually via entitlement import csv or patch endpoint. Field value is false if that property value has not been changed after first entitlement aggregation. Values for all manually updatable fields must be specified. For now only two entitlement fields support this: DISPLAY_NAME and DESCRIPTION.' + example: + DISPLAY_NAME: true + DESCRIPTION: true + accessModelMetadata: + allOf: + - type: object + properties: + attributes: + type: array + nullable: true + items: + type: object + properties: + key: + type: string + description: Technical name of the Attribute. This is unique and cannot be changed after creation. + example: iscPrivacy + name: + type: string + description: The display name of the key. + example: Privacy + multiselect: + type: boolean + default: false + description: Indicates whether the attribute can have multiple values. + example: false + status: + type: string + description: The status of the Attribute. + example: active + type: + type: string + description: The type of the Attribute. This can be either "custom" or "governance". + example: governance + objectTypes: + type: array + items: + type: string + nullable: true + description: An array of object types this attributes values can be applied to. Possible values are "all" or "entitlement". Value "all" means this attribute can be used with all object types that are supported. + example: + - entitlement + description: + type: string + description: The description of the Attribute. + example: Specifies the level of privacy associated with an access item. + values: + type: array + nullable: true + items: + type: object + properties: + value: + type: string + description: Technical name of the Attribute value. This is unique and cannot be changed after creation. + example: public + name: + type: string + description: The display name of the Attribute value. + example: Public + status: + type: string + description: The status of the Attribute value. + example: active + example: + - key: iscPrivacy + name: Privacy + multiselect: false + status: active + type: governance + objectTypes: + - all + description: Specifies the level of privacy associated with an access item. + values: + - value: public + name: Public + status: active + - nullable: true + description: Access Model Metadata (beta). + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:role-unchecked:read' + - 'idn:role-unchecked:manage' + - 'idn:role-checked:manage' + - 'idn:role-checked:read' + /send-test-notification: + post: + operationId: sendTestNotification + tags: + - Notifications + summary: Send Test Notification + description: Send a Test Notification + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + key: + type: string + description: The template notification key. + example: cloud_manual_work_item_summary + medium: + type: string + description: The notification medium. Has to be one of the following enum values. + enum: + - EMAIL + - SLACK + - TEAMS + context: + type: object + description: A Json object that denotes the context specific to the template. + example: + key: cloud_manual_work_item_summary + medium: EMAIL + context: + numberOfPendingTasks: '4' + ownerId: 201327fda1c44704ac01181e963d463c + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/sim-integrations/{id}': + put: + tags: + - SIM Integrations + summary: Update an existing SIM integration + description: Update an existing SIM integration. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: putSIMIntegration + requestBody: + description: The full DTO of the integration containing the updated model + content: + application/json: + schema: + type: object + title: Sim Integration Details + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + format: date-time + readOnly: true + example: '2023-01-03T21:16:22.432Z' + modified: + description: Last modification date of the Object + type: string + format: date-time + readOnly: true + example: '2023-01-03T21:16:22.432Z' + - type: object + properties: + description: + type: string + description: The description of the integration + example: Integration description + nullable: false + type: + type: string + description: The integration type + example: ServiceNow Service Desk + nullable: false + attributes: + type: object + description: The attributes map containing the credentials used to configure the integration. + nullable: true + example: '{"uid":"Walter White","firstname":"walter","cloudStatus":"UNREGISTERED","displayName":"Walter White","identificationNumber":"942","lastSyncDate":1470348809380,"email":"walter@gmail.com","lastname":"white"}' + sources: + type: array + description: The list of sources (managed resources) + items: + type: string + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + nullable: false + cluster: + type: string + description: The cluster/proxy + example: xyzzy999 + nullable: false + statusMap: + type: object + description: Custom mapping between the integration result and the provisioning result + example: + closed_cancelled: Failed + closed_complete: Committed + closed_incomplete: Failed + closed_rejected: Failed + in_process: Queued + requested: Queued + request: + type: object + description: Request data to customize desc and body of the created ticket + example: + description: 'SailPoint Access Request,' + req_description: 'The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,' + req_short_description: 'SailPoint New Access Request Created from IdentityNow,' + short_description: SailPoint Access Request $!plan.arguments.identityRequestId + beforeProvisioningRule: + description: Before provisioning rule of integration + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + type: string + description: ID of the rule + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Human-readable display name of the rule + example: Example Rule + required: true + parameters: + - name: id + in: path + description: The id of the integration. + schema: + type: string + example: 12345 + required: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: details of the updated integration + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + properties: + type: + description: The type of object being referenced + enum: + - SOURCE + example: SOURCE + id: + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + name: + description: Human-readable display name of the source + example: My Source + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:create' + get: + tags: + - SIM Integrations + summary: Get a SIM integration details. + description: Get the details of a SIM integration. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: getSIMIntegration + parameters: + - name: id + in: path + description: The id of the integration. + schema: + type: string + example: 12345 + required: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The DTO containing the details of the SIM integration + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + properties: + type: + description: The type of object being referenced + enum: + - SOURCE + example: SOURCE + id: + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + name: + description: Human-readable display name of the source + example: My Source + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:read' + delete: + tags: + - SIM Integrations + summary: Delete a SIM integration + description: Get the details of a SIM integration. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: deleteSIMIntegration + parameters: + - name: id + description: The id of the integration to delete. + in: path + schema: + type: string + example: 12345 + required: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: No content response + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:write' + patch: + tags: + - SIM Integrations + summary: Patch a SIM attribute. + description: Patch a SIM attribute given a JsonPatch object. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: patchSIMAttributes + requestBody: + required: true + description: The JsonPatch object that describes the changes of SIM + content: + application/json-patch+json: + schema: + type: object + description: 'A JSONPatch document as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + properties: + operations: + description: Operations to be applied + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]" + parameters: + - name: id + description: SIM integration id + in: path + schema: + type: string + example: 12345 + required: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The updated DTO containing the details of the SIM integration. + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + properties: + type: + description: The type of object being referenced + enum: + - SOURCE + example: SOURCE + id: + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + name: + description: Human-readable display name of the source + example: My Source + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:write' + '/sim-integrations/{id}/beforeProvisioningRule': + patch: + tags: + - SIM Integrations + summary: Patch a SIM beforeProvisioningRule attribute. + description: Patch a SIM beforeProvisioningRule attribute given a JsonPatch object. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: patchBeforeProvisioningRule + requestBody: + required: true + description: The JsonPatch object that describes the changes of SIM beforeProvisioningRule. + content: + application/json-patch+json: + schema: + type: object + description: 'A JSONPatch document as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + properties: + operations: + description: Operations to be applied + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]" + parameters: + - name: id + in: path + description: SIM integration id + schema: + type: string + example: 12345 + required: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The updated DTO containing the details of the SIM integration. + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + properties: + type: + description: The type of object being referenced + enum: + - SOURCE + example: SOURCE + id: + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + name: + description: Human-readable display name of the source + example: My Source + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:write' + /sim-integrations: + get: + tags: + - SIM Integrations + summary: List the existing SIM integrations. + description: List the existing SIM integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: getSIMIntegrations + responses: + '200': + description: The DTO containing the details of the SIM integration + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + properties: + type: + description: The type of object being referenced + enum: + - SOURCE + example: SOURCE + id: + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + name: + description: Human-readable display name of the source + example: My Source + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:read' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + post: + tags: + - SIM Integrations + summary: Create new SIM integration + description: Create a new SIM Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint. + operationId: createSIMIntegration + requestBody: + description: DTO containing the details of the SIM integration + content: + application/json: + schema: + type: object + title: Sim Integration Details + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + format: date-time + readOnly: true + example: '2023-01-03T21:16:22.432Z' + modified: + description: Last modification date of the Object + type: string + format: date-time + readOnly: true + example: '2023-01-03T21:16:22.432Z' + - type: object + properties: + description: + type: string + description: The description of the integration + example: Integration description + nullable: false + type: + type: string + description: The integration type + example: ServiceNow Service Desk + nullable: false + attributes: + type: object + description: The attributes map containing the credentials used to configure the integration. + nullable: true + example: '{"uid":"Walter White","firstname":"walter","cloudStatus":"UNREGISTERED","displayName":"Walter White","identificationNumber":"942","lastSyncDate":1470348809380,"email":"walter@gmail.com","lastname":"white"}' + sources: + type: array + description: The list of sources (managed resources) + items: + type: string + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + nullable: false + cluster: + type: string + description: The cluster/proxy + example: xyzzy999 + nullable: false + statusMap: + type: object + description: Custom mapping between the integration result and the provisioning result + example: + closed_cancelled: Failed + closed_complete: Committed + closed_incomplete: Failed + closed_rejected: Failed + in_process: Queued + requested: Queued + request: + type: object + description: Request data to customize desc and body of the created ticket + example: + description: 'SailPoint Access Request,' + req_description: 'The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,' + req_short_description: 'SailPoint New Access Request Created from IdentityNow,' + short_description: SailPoint Access Request $!plan.arguments.identityRequestId + beforeProvisioningRule: + description: Before provisioning rule of integration + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + type: string + description: ID of the rule + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Human-readable display name of the rule + example: Example Rule + required: true + responses: + '200': + description: details of the created integration + content: + application/json: + schema: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + properties: + type: + description: The type of object being referenced + enum: + - SOURCE + example: SOURCE + id: + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + name: + description: Human-readable display name of the source + example: My Source + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:service-desk-admin:create' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /sp-config/export: + post: + operationId: exportSpConfig + security: + - UserContextAuth: + - 'sp:config:read' + - 'sp:config:manage' + tags: + - SP-Config + summary: Initiates configuration objects export job + description: |- + This post will export objects from the tenant to a JSON configuration file. + For more information about the object types that currently support export functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects). + requestBody: + description: Export options control what will be included in the export. + required: true + content: + application/json: + schema: + type: object + allOf: + - type: object + properties: + excludeTypes: + description: Object type names to be excluded from an sp-config export command. + type: array + items: + type: string + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + example: SOURCE + includeTypes: + description: Object type names to be included in an sp-config export command. IncludeTypes takes precedence over excludeTypes. + type: array + items: + type: string + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + example: TRIGGER_SUBSCRIPTION + objectOptions: + description: Additional options targeting specific objects related to each item in the includeTypes field + type: object + additionalProperties: + type: object + properties: + includedIds: + description: Object ids to be included in an import or export. + type: array + items: + type: string + example: be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + includedNames: + description: Object names to be included in an import or export. + type: array + items: + type: string + example: Test Object + example: + TRIGGER_SUBSCRIPTION: + includedIds: + - be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + includedNames: + - Test 2 + properties: + description: + type: string + description: Optional user defined description/name for export job. + example: Export Job 1 Test + examples: + Export all objects available: + description: Export all object types available in IDN. + value: + description: Export all available objects + excludeTypes: [] + includeTypes: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + objectOptions: {} + Export sources by ID: + description: Export only sources that match the IDs specified in the export options. + value: + description: Export sources by ID + excludeTypes: [] + includeTypes: + - SOURCE + objectOptions: + SOURCE: + includedIds: + - be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + - be9p119e-90e1-49pk-ac9f-fa576e96c9e4 + includedNames: [] + Export transforms by name: + description: Export only transforms that match the names specified in the export options. + value: + description: Export transforms by name + excludeTypes: [] + includeTypes: + - TRANSFORM + objectOptions: + TRANSFORM: + includedIds: [] + includedNames: + - Remove Diacritical Marks + - Common - Location Lookup + Export trigger subscriptions triggers and transforms with custom options: + description: Export trigger subscriptions and transforms that match the export options. + value: + description: Export trigger subscriptions and transforms with custom filter options + excludeTypes: [] + includeTypes: + - TRANSFORM + - TRIGGER_SUBSCRIPTION + objectOptions: + TRANSFORM: + includedIds: [] + includedNames: + - Remove Diacritical Marks + - Common - Location Lookup + TRIGGER_SUBSCRIPTION: + includedIds: + - be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + - be9p119e-90e1-49pk-ac9f-fa576e96c9e4 + includedNames: + - 'NGROK Test: fire and forget' + - Manager Certification + responses: + '202': + description: Export job accepted and queued for processing. + content: + application/json: + schema: + allOf: + - type: object + properties: + jobId: + type: string + description: Unique id assigned to this job. + example: 3469b87d-48ca-439a-868f-2160001da8c1 + status: + type: string + description: Status of the job. + enum: + - NOT_STARTED + - IN_PROGRESS + - COMPLETE + - CANCELLED + - FAILED + example: COMPLETE + type: + type: string + description: 'Type of the job, either export or import.' + enum: + - EXPORT + - IMPORT + example: IMPORT + expiration: + type: string + format: date-time + description: The time until which the artifacts will be available for download. + example: '2021-05-11T22:23:16Z' + created: + type: string + format: date-time + description: The time the job was started. + example: '2021-05-11T22:23:16Z' + modified: + type: string + format: date-time + description: The time of the last update to the job. + example: '2021-05-11T22:23:16Z' + required: + - jobId + - status + - type + - expiration + - created + - modified + - type: object + required: + - description + properties: + description: + type: string + description: Optional user defined description/name for export job. + example: ETS configuration objects from Acme-Solar sandbox + '400': + description: | + Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/sp-config/export/{id}': + get: + operationId: getSpConfigExportStatus + security: + - UserContextAuth: + - 'sp:config:read' + - 'sp:config:manage' + tags: + - SP-Config + summary: Get export job status + description: |- + This gets the status of the export job identified by the `id` parameter. + The request will need one of the following security scopes: + - sp:config:read - sp:config:manage + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the export job whose status will be returned. + example: ef38f94347e94562b5bb8424a56397d8 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Export job status successfully returned. + content: + application/json: + schema: + allOf: + - allOf: + - type: object + properties: + jobId: + type: string + description: Unique id assigned to this job. + example: 3469b87d-48ca-439a-868f-2160001da8c1 + status: + type: string + description: Status of the job. + enum: + - NOT_STARTED + - IN_PROGRESS + - COMPLETE + - CANCELLED + - FAILED + example: COMPLETE + type: + type: string + description: 'Type of the job, either export or import.' + enum: + - EXPORT + - IMPORT + example: IMPORT + expiration: + type: string + format: date-time + description: The time until which the artifacts will be available for download. + example: '2021-05-11T22:23:16Z' + created: + type: string + format: date-time + description: The time the job was started. + example: '2021-05-11T22:23:16Z' + modified: + type: string + format: date-time + description: The time of the last update to the job. + example: '2021-05-11T22:23:16Z' + required: + - jobId + - status + - type + - expiration + - created + - modified + - type: object + required: + - description + properties: + description: + type: string + description: Optional user defined description/name for export job. + example: ETS configuration objects from Acme-Solar sandbox + - type: object + required: + - completed + properties: + completed: + type: string + format: date-time + description: The time the job was completed. + example: '2021-05-11T22:23:16Z' + example: + jobId: 1e824aa0-4c6e-4f14-95e9-e7dc5234aa51 + status: COMPLETE + type: EXPORT + message: null + description: Export Job 1 Test + expiration: '2021-05-20T15:04:24Z' + created: '2021-05-13T15:04:24.112Z' + modified: '2021-05-13T15:04:27.363Z' + completed: '2021-05-13T15:04:27.358Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sp-config/export/{id}/download': + get: + operationId: getSpConfigExport + tags: + - SP-Config + summary: Download export job result. + description: |- + This endpoint gets the export file resulting from the export job with the requested `id` and downloads it to a file. + The request will need one of the following security scopes: + - sp:config:read - sp:config:manage + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the export job whose results will be downloaded. + example: ef38f94347e94562b5bb8424a56397d8 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Exported JSON objects. + content: + application/json: + schema: + type: object + title: Config Export Response Body + description: Response model for config export download response. + properties: + version: + type: integer + description: Current version of the export results object. + example: 1 + timestamp: + type: string + format: date-time + description: Time the export was completed. + example: '2021-05-11T22:23:16Z' + tenant: + type: string + description: Name of the tenant where this export originated. + example: sample-tenant + description: + type: string + description: Optional user defined description/name for export job. + example: Export Job 1 Test + options: + description: Options used to create this export. + type: object + properties: + excludeTypes: + description: Object type names to be excluded from an sp-config export command. + type: array + items: + type: string + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + example: SOURCE + includeTypes: + description: Object type names to be included in an sp-config export command. IncludeTypes takes precedence over excludeTypes. + type: array + items: + type: string + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + example: TRIGGER_SUBSCRIPTION + objectOptions: + description: Additional options targeting specific objects related to each item in the includeTypes field + type: object + additionalProperties: + type: object + properties: + includedIds: + description: Object ids to be included in an import or export. + type: array + items: + type: string + example: be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + includedNames: + description: Object names to be included in an import or export. + type: array + items: + type: string + example: Test Object + example: + TRIGGER_SUBSCRIPTION: + includedIds: + - be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + includedNames: + - Test 2 + objects: + type: array + items: + type: object + title: Config Object for Export and Import + description: Config export and import format for individual object configurations. + properties: + version: + type: integer + description: Current version of configuration object. + example: 1 + self: + type: object + description: Self block for imported/exported object. + properties: + type: + type: string + description: 'Imported/exported object''s DTO type. Import is currently only possible with the IDENTITY_OBJECT_CONFIG, IDENTITY_PROFILE, RULE, SOURCE, TRANSFORM, and TRIGGER_SUBSCRIPTION object types.' + enum: + - ACCESS_PROFILE + - ACCESS_REQUEST_CONFIG + - ATTR_SYNC_SOURCE_CONFIG + - AUTH_ORG + - CAMPAIGN_FILTER + - FORM_DEFINITION + - GOVERNANCE_GROUP + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - LIFECYCLE_STATE + - NOTIFICATION_TEMPLATE + - PASSWORD_POLICY + - PASSWORD_SYNC_GROUP + - PUBLIC_IDENTITIES_CONFIG + - ROLE + - RULE + - SEGMENT + - SERVICE_DESK_INTEGRATION + - SOD_POLICY + - SOURCE + - TAG + - TRANSFORM + - TRIGGER_SUBSCRIPTION + - WORKFLOW + example: SOURCE + id: + type: string + description: Imported/exported object's ID. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Imported/exported object's display name. + example: HR Active Directory + object: + description: Object details. Format dependant on the object type. + additionalProperties: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /sp-config/import: + post: + operationId: importSpConfig + tags: + - SP-Config + summary: Initiates configuration objects import job + description: |- + This post will import objects from a JSON configuration file into a tenant. By default, every import will first export all existing objects supported by sp-config as a backup before the import is attempted. The backup is provided so that the state of the configuration prior to the import is available for inspection or restore if needed. The backup can be skipped by setting "excludeBackup" to true in the import options. If a backup is performed, the id of the backup will be provided in the ImportResult as the "exportJobId". This can be downloaded using the /sp-config/export/{exportJobId}/download endpoint. + You cannot currently import from the Non-Employee Lifecycle Management (NELM) source. You cannot use this endpoint to back up or store NELM data. + For more information about the object types that currently support import functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects). + The request will need the following security scope: + - sp:config:manage + parameters: + - in: query + name: preview + schema: + type: boolean + default: false + required: false + description: 'This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is "true", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.' + example: 'true' + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: "The form-data \"name\" attribute for the file content must be \"data\".\n\n__Example__\n\n data: \"config_export_0340b957-5caa-44f6-ada2-d3c4c5bd0b19.json\",\n options: {\n \"excludeTypes\": [],\n \"includeTypes\": [\"TRIGGER_SUBSCRIPTION\"],\n \"objectOptions\": {\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [ \"193446a1-c431-4326-8ba7-d6eebf922948\"],\n \"includedNames\":[]\n }\n },\n \"defaultReferences\": [\n {\n \"type\": \"TRIGGER_SUBSCRIPTION\",\n \"id\": \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"name\": \"Test Trigger\"\n }\n ],\n \"excludeBackup\": false\n }\n\n__Sample Import File__\n\n {\n \t\"version\": 1,\n \t\"timestamp\": \"2021-05-10T15:19:23.425041-05:00\",\n \t\"tenant\": \"sampleTenant\",\n \t\"options\": {\n \t\t\"excludeTypes\": [],\n \t\t\"includeTypes\": [\"TRIGGER_SUBSCRIPTION\"],\n \t\t\"objectOptions\": null\n \t},\n \t\"objects\": [{\n \t\t\t\"version\": 1,\n \t\t\t\"self\": {\n \t\t\t\t\"type\": \"TRIGGER_SUBSCRIPTION\",\n \t\t\t\t\"name\": \"test trigger\",\n \t\t\t\t\"id\": \"193446a1-c431-4326-8ba7-d6eebf922948\"\n \t\t\t},\n \t\t\t\"object\": {\n \t\t\t\t\"type\": \"HTTP\",\n \t\t\t\t\"enabled\": true,\n \t\t\t\t\"httpConfig\": {\n \t\t\t\t\t\"url\": \"https://localhost\",\n \t\t\t\t\t\"httpAuthenticationType\": \"NO_AUTH\",\n \t\t\t\t\t\"basicAuthConfig\": null,\n \t\t\t\t\t\"bearerTokenAuthConfig\": null,\n \t\t\t\t\t\"httpDispatchMode\": \"SYNC\"\n \t\t\t\t},\n \t\t\t\t\"triggerName\": \"Access Request Submitted\",\n \t\t\t\t\"responseDeadline\": \"PT1H\",\n \t\t\t\t\"name\": \"test trigger\",\n \t\t\t\t\"triggerId\": \"idn:access-request-pre-approval\"\n \t\t\t}\n \t\t}\n \t]\n }\n" + required: true + content: + multipart/form-data: + schema: + type: object + properties: + data: + type: string + format: binary + description: JSON file containing the objects to be imported. + options: + type: object + properties: + excludeTypes: + description: Object type names to be excluded from an sp-config export command. + type: array + items: + type: string + enum: + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - RULE + - SOURCE + - TRANSFORM + - TRIGGER_SUBSCRIPTION + example: SOURCE + includeTypes: + description: Object type names to be included in an sp-config export command. IncludeTypes takes precedence over excludeTypes. + type: array + items: + type: string + enum: + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - RULE + - SOURCE + - TRANSFORM + - TRIGGER_SUBSCRIPTION + example: TRIGGER_SUBSCRIPTION + objectOptions: + description: Additional options targeting specific objects related to each item in the includeTypes field + type: object + additionalProperties: + type: object + properties: + includedIds: + description: Object ids to be included in an import or export. + type: array + items: + type: string + example: be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + includedNames: + description: Object names to be included in an import or export. + type: array + items: + type: string + example: Test Object + example: + TRIGGER_SUBSCRIPTION: + includedIds: + - be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + includedNames: + - Test 2 + defaultReferences: + description: List of object types that can be used to resolve references on import. + type: array + items: + type: string + enum: + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - RULE + - SOURCE + - TRANSFORM + - TRIGGER_SUBSCRIPTION + example: TRIGGER_SUBSCRIPTION + excludeBackup: + description: 'By default, every import will first export all existing objects supported by sp-config as a backup before the import is attempted. If excludeBackup is true, the backup will not be performed.' + type: boolean + default: false + example: 'false' + required: + - data + example: + data: config_export_0340b957-5caa-44f6-ada2-d3c4c5bd0b19.json + options: + excludeTypes: [] + includeTypes: + - TRIGGER_SUBSCRIPTION + objectOptions: + TRIGGER_SUBSCRIPTION: + includedIds: + - be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + includedNames: + - Lori Test 2 + defaultReferences: + - type: TRIGGER_SUBSCRIPTION + id: be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + name: Test Trigger + excludeBackup: false + responses: + '202': + description: Import job accepted and queued for processing. + content: + application/json: + schema: + type: object + properties: + jobId: + type: string + description: Unique id assigned to this job. + example: 3469b87d-48ca-439a-868f-2160001da8c1 + status: + type: string + description: Status of the job. + enum: + - NOT_STARTED + - IN_PROGRESS + - COMPLETE + - CANCELLED + - FAILED + example: COMPLETE + type: + type: string + description: 'Type of the job, either export or import.' + enum: + - EXPORT + - IMPORT + example: IMPORT + expiration: + type: string + format: date-time + description: The time until which the artifacts will be available for download. + example: '2021-05-11T22:23:16Z' + created: + type: string + format: date-time + description: The time the job was started. + example: '2021-05-11T22:23:16Z' + modified: + type: string + format: date-time + description: The time of the last update to the job. + example: '2021-05-11T22:23:16Z' + required: + - jobId + - status + - type + - expiration + - created + - modified + '400': + description: | + Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sp-config/import/{id}': + get: + operationId: getSpConfigImportStatus + security: + - UserContextAuth: + - 'sp:config:manage' + tags: + - SP-Config + summary: Get import job status + description: |- + This gets the status of the import job identified by the `id` parameter. + For more information about the object types that currently support import functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects). + The request will need the following security scope: + - sp:config:manage + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the import job whose status will be returned. + example: ef38f94347e94562b5bb8424a56397d8 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Import job status successfully returned. + content: + application/json: + schema: + allOf: + - type: object + properties: + jobId: + type: string + description: Unique id assigned to this job. + example: 3469b87d-48ca-439a-868f-2160001da8c1 + status: + type: string + description: Status of the job. + enum: + - NOT_STARTED + - IN_PROGRESS + - COMPLETE + - CANCELLED + - FAILED + example: COMPLETE + type: + type: string + description: 'Type of the job, either export or import.' + enum: + - EXPORT + - IMPORT + example: IMPORT + expiration: + type: string + format: date-time + description: The time until which the artifacts will be available for download. + example: '2021-05-11T22:23:16Z' + created: + type: string + format: date-time + description: The time the job was started. + example: '2021-05-11T22:23:16Z' + modified: + type: string + format: date-time + description: The time of the last update to the job. + example: '2021-05-11T22:23:16Z' + required: + - jobId + - status + - type + - expiration + - created + - modified + - type: object + required: + - completed + - message + properties: + message: + type: string + description: This message contains additional information about the overall status of the job. + example: Download import results for details. + completed: + type: string + format: date-time + description: The time the job was completed. + example: '2021-05-11T22:23:16Z' + example: + jobId: 4fb10503-1c49-4603-8f8d-886e1f6aa47b + status: COMPLETE + type: IMPORT + message: Download import results for details. + description: null + expiration: '2021-05-20T16:42:39Z' + created: '2021-05-13T16:42:39.333Z' + modified: '2021-05-13T16:42:40.71Z' + completed: '2021-05-13T16:42:40.705Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sp-config/import/{id}/download': + get: + operationId: getSpConfigImport + tags: + - SP-Config + summary: Download import job result + description: |- + This gets import file resulting from the import job with the requested id and downloads it to a file. The downloaded file will contain the results of the import operation, including any error, warning or informational messages associated with the import. + The request will need the following security scope: + - sp:config:manage + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the import job whose results will be downloaded. + example: ef38f94347e94562b5bb8424a56397d8 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: 'Import results JSON object, containing detailed results of the import operation.' + content: + application/json: + schema: + type: object + title: Config Import Response Body + description: Response Body for Config Import command. + properties: + results: + type: object + additionalProperties: + type: object + title: Import Object Response Body + description: Response model for import of a single object. + properties: + infos: + description: Informational messages returned from the target service on import. + type: array + items: + type: object + title: Config Import/Export Message + description: Message model for Config Import/Export. + properties: + key: + type: string + description: Message key. + example: UNKNOWN_REFERENCE_RESOLVER + text: + type: string + description: Message text. + example: 'Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]' + details: + type: object + description: 'Message details if any, in key:value pairs.' + additionalProperties: + type: object + example: + details: message details + required: + - key + - text + - details + warnings: + description: Warning messages returned from the target service on import. + type: array + items: + type: object + title: Config Import/Export Message + description: Message model for Config Import/Export. + properties: + key: + type: string + description: Message key. + example: UNKNOWN_REFERENCE_RESOLVER + text: + type: string + description: Message text. + example: 'Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]' + details: + type: object + description: 'Message details if any, in key:value pairs.' + additionalProperties: + type: object + example: + details: message details + required: + - key + - text + - details + errors: + description: Error messages returned from the target service on import. + type: array + items: + type: object + title: Config Import/Export Message + description: Message model for Config Import/Export. + properties: + key: + type: string + description: Message key. + example: UNKNOWN_REFERENCE_RESOLVER + text: + type: string + description: Message text. + example: 'Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]' + details: + type: object + description: 'Message details if any, in key:value pairs.' + additionalProperties: + type: object + example: + details: message details + required: + - key + - text + - details + importedObjects: + description: References to objects that were created or updated by the import. + type: array + items: + type: object + description: Object created or updated by import. + properties: + type: + type: string + description: DTO type of object created or updated by import. + enum: + - IDENTITY_OBJECT_CONFIG + - IDENTITY_PROFILE + - RULE + - SOURCE + - TRANSFORM + - TRIGGER_SUBSCRIPTION + example: SOURCE + id: + type: string + description: ID of object created or updated by import. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Display name of object created or updated by import. + example: HR Active Directory + required: + - infos + - warnings + - errors + - importedObjects + description: The results of an object configuration import job. + example: + results: + TRIGGER_SUBSCRIPTION: + infos: + - key: IMPORT_PREVIEW + text: 'Object to be imported: [c953134c-2224-42f2-a84e-fa5cbb395904, Test 2]' + detail: null + - key: IMPORT_PREVIEW + text: 'Object to be imported: [be9e116d-08e1-49fc-ab7f-fa585e96c9e4, Test 1]' + detail: null + warnings: [] + errors: [] + importedObjects: [] + exportJobId: + type: string + description: 'If a backup was performed before the import, this will contain the jobId of the backup job. This id can be used to retrieve the json file of the backup export.' + example: be9e116d-08e1-49fc-ab7f-fa585e96c9e4 + required: + - results + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /sp-config/config-objects: + get: + operationId: listSpConfigObjects + security: + - UserContextAuth: + - 'sp:config:read' + - 'sp:config:manage' + tags: + - SP-Config + summary: Get config object details + description: This gets the list of object configurations which are known to the tenant export/import service. Object configurations that contain "importUrl" and "exportUrl" are available for export/import. + responses: + '200': + description: Object configurations returned successfully. + content: + application/json: + schema: + type: array + items: + title: Object Configuration Model + description: Response model for get object configuration. + type: object + properties: + objectType: + type: string + description: The object type this configuration is for. + example: TRIGGER_SUBSCRIPTION + resolveByIdUrl: + description: Url and query parameters to be used to resolve this type of object by Id. + type: object + title: Resolver URL Format for Object Configuration. + properties: + url: + description: URL for the target object endpoint. + type: string + example: 'ets://trigger-subscriptions/$id' + query: + description: Any query parameters that are needed for the URL. + type: object + nullable: true + example: null + resolveByNameUrl: + type: array + items: + type: object + title: Resolver URL Format for Object Configuration. + description: Format of resolver URLs for Object Configurations + properties: + url: + description: URL for the target object endpoint. + type: string + example: 'ets://trigger-subscriptions/$id' + query: + description: Any query parameters that are needed for the URL. + type: object + nullable: true + example: null + description: Url and query parameters to be used to resolve this type of object by name. + exportUrl: + type: object + title: Resolver URL Format for Object Configuration. + description: Format of resolver URLs for Object Configurations + properties: + url: + description: URL for the target object endpoint. + type: string + example: 'ets://trigger-subscriptions/$id' + query: + description: Any query parameters that are needed for the URL. + type: object + nullable: true + example: null + exportRight: + type: string + description: Rights needed by the invoker of sp-config/export in order to export this type of object. + example: 'idn:trigger-service-subscriptions:read' + exportLimit: + type: integer + format: int32 + description: Pagination limit imposed by the target service for this object type. + example: 10 + importUrl: + type: object + title: Resolver URL Format for Object Configuration. + description: Format of resolver URLs for Object Configurations + properties: + url: + description: URL for the target object endpoint. + type: string + example: 'ets://trigger-subscriptions/$id' + query: + description: Any query parameters that are needed for the URL. + type: object + nullable: true + example: null + importRight: + type: string + description: Rights needed by the invoker of sp-config/import in order to import this type of object. + example: 'idn:trigger-service-subscriptions:create' + importLimit: + type: integer + format: int32 + description: Pagination limit imposed by the target service for this object type. + example: 10 + referenceExtractors: + type: array + nullable: true + description: List of json paths within an exported object of this type that represent references that need to be resolved. + items: + type: string + example: + - $.owner + signatureRequired: + type: boolean + default: false + description: 'If true, this type of object will be JWS signed and cannot be modified before import.' + example: false + legacyObject: + type: boolean + default: false + example: false + onePerTenant: + type: boolean + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/sources/{id}/attribute-sync-config': + get: + operationId: getSourceAttrSyncConfig + tags: + - Sources + summary: Attribute Sync Config + description: |- + This API returns the existing attribute synchronization configuration for a source specified by the given ID. The response contains all attributes, regardless of whether they enabled or not. + A token with ORG_ADMIN or HELPDESK authority is required to call this API. + security: + - UserContextAuth: + - 'idn:attr-sync-source-config:read' + - 'idn:attr-sync-source-config:manage' + parameters: + - in: path + name: id + required: true + schema: + type: string + description: The source id + example: 2c9180835d191a86015d28455b4a2329 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Attribute synchronization configuration for a source + content: + application/json: + schema: + type: object + description: Specification of attribute sync configuration for a source + required: + - source + - attributes + properties: + source: + type: object + description: Target source for attribute synchronization. + properties: + type: + type: string + description: DTO type of target source for attribute synchronization. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of target source for attribute synchronization. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of target source for attribute synchronization. + example: HR Active Directory + attributes: + type: array + description: Attribute synchronization configuration for specific identity attributes in the context of a source + items: + type: object + description: Specification of source attribute sync mapping configuration for an identity attribute + required: + - name + - displayName + - enabled + - target + properties: + name: + type: string + description: Name of the identity attribute + example: email + displayName: + type: string + description: Display name of the identity attribute + example: Email + enabled: + type: boolean + description: Determines whether or not the attribute is enabled for synchronization + example: true + target: + type: string + description: Name of the source account attribute to which the identity attribute value will be synchronized if enabled + example: mail + example: + - name: email + displayName: Email + enabled: true + target: mail + - name: firstname + displayName: First Name + enabled: false + target: givenName + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putSourceAttrSyncConfig + tags: + - Sources + summary: Update Attribute Sync Config + description: |- + Replaces the attribute synchronization configuration for the source specified by the given ID with the configuration provided in the request body. Only the "enabled" field of the values in the "attributes" array is mutable. Attempting to change other attributes or add new values to the "attributes" array will result in an error. + + A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:attr-sync-source-config:manage' + parameters: + - in: path + name: id + required: true + schema: + type: string + description: The source id + example: 2c9180835d191a86015d28455b4a2329 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Specification of attribute sync configuration for a source + required: + - source + - attributes + properties: + source: + type: object + description: Target source for attribute synchronization. + properties: + type: + type: string + description: DTO type of target source for attribute synchronization. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of target source for attribute synchronization. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of target source for attribute synchronization. + example: HR Active Directory + attributes: + type: array + description: Attribute synchronization configuration for specific identity attributes in the context of a source + items: + type: object + description: Specification of source attribute sync mapping configuration for an identity attribute + required: + - name + - displayName + - enabled + - target + properties: + name: + type: string + description: Name of the identity attribute + example: email + displayName: + type: string + description: Display name of the identity attribute + example: Email + enabled: + type: boolean + description: Determines whether or not the attribute is enabled for synchronization + example: true + target: + type: string + description: Name of the source account attribute to which the identity attribute value will be synchronized if enabled + example: mail + example: + - name: email + displayName: Email + enabled: true + target: mail + - name: firstname + displayName: First Name + enabled: false + target: givenName + responses: + '200': + description: Updated attribute synchronization configuration for a source + content: + application/json: + schema: + type: object + description: Specification of attribute sync configuration for a source + required: + - source + - attributes + properties: + source: + type: object + description: Target source for attribute synchronization. + properties: + type: + type: string + description: DTO type of target source for attribute synchronization. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of target source for attribute synchronization. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of target source for attribute synchronization. + example: HR Active Directory + attributes: + type: array + description: Attribute synchronization configuration for specific identity attributes in the context of a source + items: + type: object + description: Specification of source attribute sync mapping configuration for an identity attribute + required: + - name + - displayName + - enabled + - target + properties: + name: + type: string + description: Name of the identity attribute + example: email + displayName: + type: string + description: Display name of the identity attribute + example: Email + enabled: + type: boolean + description: Determines whether or not the attribute is enabled for synchronization + example: true + target: + type: string + description: Name of the source account attribute to which the identity attribute value will be synchronized if enabled + example: mail + example: + - name: email + displayName: Email + enabled: true + target: mail + - name: firstname + displayName: First Name + enabled: false + target: givenName + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/connector/check-connection': + post: + operationId: testSourceConnection + tags: + - Sources + summary: Check connection for source connector. + description: |- + This endpoint validates that the configured credentials are valid and will properly authenticate with the source identified by the sourceId path parameter. + A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:source-connector:manage' + parameters: + - in: path + name: sourceId + schema: + type: string + required: true + description: The ID of the Source. + example: cef3ee201db947c5912551015ba0c679 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The result of checking connection to the source connector with response from it. + content: + application/json: + schema: + type: object + title: Status Response + description: 'Response model for connection check, configuration test and ping of source connectors.' + properties: + id: + type: string + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + readOnly: true + name: + type: string + description: Name of the source + example: 'ODS-AD-Test [source-999999]' + readOnly: true + status: + type: string + enum: + - SUCCESS + - FAILURE + description: The status of the health check. + example: SUCCESS + readOnly: true + elapsedMillis: + type: integer + description: The number of milliseconds spent on the entire request. + example: 1000 + readOnly: true + details: + type: object + description: | + The document contains the results of the health check. + The schema of this document depends on the type of source used. + readOnly: true + example: + useTLSForIQService: false + IQService: + TLS Port: 0 + .NET CLR Version: 4.0.30319.42000 + SecondaryServiceStatus: Running + Port: 5050 + Host: AUTOMATION-AD + Name: IQService + IQServiceStatus: Running + SecondaryService: IQService-Instance1-Secondary + Version: IQService Sep-2020 + secondaryPort: 5051 + OS Architecture: AMD64 + Operating System: Microsoft Windows Server 2012 R2 Standard + highestDotNetVersion: 4.8 or later + Build Time: '09/22/2020 06:34 AM -0500' + IQServiceClientAuthEnabled: false + requestProcessedOn: '1/19/2021 1:47:14 PM' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/connector/peek-resource-objects': + post: + operationId: peekResourceObjects + tags: + - Sources + summary: Peek source connector's resource objects + description: |- + Retrieves a sample of data returned from account and group aggregation requests. + A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:source-connector:manage' + parameters: + - in: path + name: sourceId + schema: + type: string + required: true + description: The ID of the Source + example: cef3ee201db947c5912551015ba0c679 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json: + schema: + example: + objectType: resource + maxCount: 50 + type: object + title: Resource Objects Request + description: Request model for peek resource objects from source connectors. + properties: + objectType: + type: string + description: The type of resource objects to iterate over. + default: account + example: group + maxCount: + type: integer + description: The maximum number of resource objects to iterate over and return. + default: 25 + example: 100 + responses: + '200': + description: List of resource objects that was fetched from the source connector. + content: + application/json: + schema: + type: object + title: Resource Objects Response + description: Response model for peek resource objects from source connectors. + properties: + id: + type: string + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + readOnly: true + name: + type: string + description: Name of the source + example: 'ODS-AD-Test [source-999999]' + readOnly: true + objectCount: + type: integer + description: The number of objects that were fetched by the connector. + example: 25 + readOnly: true + elapsedMillis: + type: integer + description: The number of milliseconds spent on the entire request. + example: 1055 + readOnly: true + resourceObjects: + type: array + items: + type: object + title: Resource Object + description: Representation of the object which is returned from source connectors. + properties: + instance: + description: Identifier of the specific instance where this object resides. + type: string + readOnly: true + identity: + description: Native identity of the object in the Source. + type: string + example: 'CN=Aaron Carr,OU=test1,DC=test2,DC=test' + readOnly: true + uuid: + description: Universal unique identifier of the object in the Source. + type: string + example: '{abf7bd9b-68b4-4d21-9b70-870c58ebf844}' + readOnly: true + previousIdentity: + description: Native identity that the object has previously. + type: string + readOnly: true + name: + description: Display name for this object. + type: string + example: Aaron Carr + readOnly: true + objectType: + description: Type of object. + type: string + example: account + readOnly: true + incomplete: + description: 'A flag indicating that this is an incomplete object. Used in special cases where the connector has to return account information in several phases and the objects might not have a complete set of all account attributes. The attributes in this object will replace the corresponding attributes in the Link, but no other Link attributes will be changed.' + type: boolean + example: false + readOnly: true + incremental: + description: A flag indicating that this is an incremental change object. This is similar to incomplete but it also means that the values of any multi-valued attributes in this object should be merged with the existing values in the Link rather than replacing the existing Link value. + type: boolean + example: false + readOnly: true + delete: + description: A flag indicating that this object has been deleted. This is set only when doing delta aggregation and the connector supports detection of native deletes. + type: boolean + example: false + readOnly: true + remove: + description: A flag set indicating that the values in the attributes represent things to remove rather than things to add. Setting this implies incremental. The values which are always for multi-valued attributes are removed from the current values. + type: boolean + example: false + readOnly: true + missing: + description: A list of attribute names that are not included in this object. This is only used with SMConnector and will only contain "groups". + type: array + items: + type: string + example: + - missFieldOne + - missFieldTwo + readOnly: true + attributes: + description: Attributes of this ResourceObject. + type: object + example: + telephoneNumber: 12-(345)678-9012 + mail: example@test.com + displayName: Aaron Carr + readOnly: true + finalUpdate: + description: 'In Aggregation, for sparse object the count for total accounts scanned identities updated is not incremented.' + type: boolean + example: false + readOnly: true + description: Fetched objects from the source connector. + readOnly: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/connector/ping-cluster': + post: + operationId: pingCluster + tags: + - Sources + summary: Ping cluster for source connector + description: |- + This endpoint validates that the cluster being used by the source is reachable from IdentityNow. + A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:source-connector:manage' + parameters: + - in: path + name: sourceId + schema: + type: string + required: true + description: The ID of the Source + example: cef3ee201db947c5912551015ba0c679 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The result of pinging connection with the source connector. + content: + application/json: + schema: + type: object + title: Status Response + description: 'Response model for connection check, configuration test and ping of source connectors.' + properties: + id: + type: string + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + readOnly: true + name: + type: string + description: Name of the source + example: 'ODS-AD-Test [source-999999]' + readOnly: true + status: + type: string + enum: + - SUCCESS + - FAILURE + description: The status of the health check. + example: SUCCESS + readOnly: true + elapsedMillis: + type: integer + description: The number of milliseconds spent on the entire request. + example: 1000 + readOnly: true + details: + type: object + description: | + The document contains the results of the health check. + The schema of this document depends on the type of source used. + readOnly: true + example: + useTLSForIQService: false + IQService: + TLS Port: 0 + .NET CLR Version: 4.0.30319.42000 + SecondaryServiceStatus: Running + Port: 5050 + Host: AUTOMATION-AD + Name: IQService + IQServiceStatus: Running + SecondaryService: IQService-Instance1-Secondary + Version: IQService Sep-2020 + secondaryPort: 5051 + OS Architecture: AMD64 + Operating System: Microsoft Windows Server 2012 R2 Standard + highestDotNetVersion: 4.8 or later + Build Time: '09/22/2020 06:34 AM -0500' + IQServiceClientAuthEnabled: false + requestProcessedOn: '1/19/2021 1:47:14 PM' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/connector/test-configuration': + post: + operationId: testSourceConfiguration + tags: + - Sources + summary: Test configuration for source connector + description: |- + This endpoint performs a more detailed validation of the source's configuration that can take longer than the lighter weight credential validation performed by the checkConnection API. + A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:source-connector:manage' + parameters: + - in: path + name: sourceId + schema: + type: string + required: true + description: The ID of the Source + example: cef3ee201db947c5912551015ba0c679 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: The result of testing source connector configuration with response from it. + content: + application/json: + schema: + type: object + title: Status Response + description: 'Response model for connection check, configuration test and ping of source connectors.' + properties: + id: + type: string + description: ID of the source + example: 2c91808568c529c60168cca6f90c1313 + readOnly: true + name: + type: string + description: Name of the source + example: 'ODS-AD-Test [source-999999]' + readOnly: true + status: + type: string + enum: + - SUCCESS + - FAILURE + description: The status of the health check. + example: SUCCESS + readOnly: true + elapsedMillis: + type: integer + description: The number of milliseconds spent on the entire request. + example: 1000 + readOnly: true + details: + type: object + description: | + The document contains the results of the health check. + The schema of this document depends on the type of source used. + readOnly: true + example: + useTLSForIQService: false + IQService: + TLS Port: 0 + .NET CLR Version: 4.0.30319.42000 + SecondaryServiceStatus: Running + Port: 5050 + Host: AUTOMATION-AD + Name: IQService + IQServiceStatus: Running + SecondaryService: IQService-Instance1-Secondary + Version: IQService Sep-2020 + secondaryPort: 5051 + OS Architecture: AMD64 + Operating System: Microsoft Windows Server 2012 R2 Standard + highestDotNetVersion: 4.8 or later + Build Time: '09/22/2020 06:34 AM -0500' + IQServiceClientAuthEnabled: false + requestProcessedOn: '1/19/2021 1:47:14 PM' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{id}/connectors/source-config': + get: + operationId: getSourceConfig + tags: + - Sources + summary: Gets source config with language translations + description: |- + Looks up and returns the source config for the requested source id after populating the source config values and applying language translations. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The Source id + - in: query + name: locale + schema: + type: string + enum: + - de + - false + - fi + - sv + - ru + - pt + - ko + - zh-TW + - en + - it + - fr + - zh-CN + - hu + - es + - cs + - ja + - pl + - da + - nl + description: 'The locale to apply to the config. If no viable locale is given, it will default to "en"' + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A Connector Detail object + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: The connector name + example: JDBC + sourceConfigXml: + type: string + description: XML representation of the source config data + example: "
\n\t
" + sourceConfig: + type: string + description: JSON representation of the source config data + example: + Form: + Field: + _defaultValue: 'true' + _hidden: 'true' + _name: cloudAuthEnabled + _type: boolean + _value: 'true' + _xmlns: 'http://www.sailpoint.com/xsd/sailpoint_form_1_0.xsd' + _connectorName: Active Directory - Direct + _directConnect: 'true' + _name: Active Directory + _status: released + _type: SourceConfig + __text: \n\t + directConnect: + type: boolean + description: true if the source is a direct connect source + example: true + fileUpload: + type: boolean + description: 'Connector config''s file upload attribute, false if not there' + example: false + uploadedFiles: + type: string + description: List of uploaded file strings for the connector + example: [] + connectorMetadata: + type: object + description: Object containing metadata pertinent to the UI to be used + example: + supportedUI: EXTJS + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{sourceId}/native-change-detection-config': + get: + operationId: getNativeChangeDetectionConfig + tags: + - Sources + summary: Native Change Detection Configuration + security: + - UserContextAuth: + - 'idn:sources:read' + description: |- + This API returns the existing native change detection configuration for a source specified by the given ID. + A token with ORG_ADMIN authority is required to call this API. + parameters: + - in: path + name: id + required: true + schema: + type: string + description: The source id + example: 2c9180835d191a86015d28455b4a2329 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Native change detection configuration for a source + content: + application/json: + schema: + type: object + description: Source configuration information for Native Change Detection that is read and used by account aggregation process. + properties: + enabled: + description: A flag indicating if Native Change Detection is enabled for a source. + type: boolean + example: true + default: false + operations: + type: array + description: Operation types for which Native Change Detection is enabled for a source. + items: + type: string + enum: + - ACCOUNT_UPDATED + - ACCOUNT_CREATED + - ACCOUNT_DELETED + example: + - ACCOUNT_UPDATED + - ACCOUNT_DELETED + allEntitlements: + description: A flag indicating that all entitlements participate in Native Change Detection. + type: boolean + example: false + default: false + allNonEntitlementAttributes: + description: A flag indicating that all non-entitlement account attributes participate in Native Change Detection. + type: boolean + example: false + default: false + selectedEntitlements: + description: If allEntitlements flag is off this field lists entitlements that participate in Native Change Detection. + type: array + items: + type: string + example: + - memberOf + - memberOfSharedMailbox + selectedNonEntitlementAttributes: + description: If allNonEntitlementAttributes flag is off this field lists non-entitlement account attributes that participate in Native Change Detection. + externalDocs: + description: Learn more about account attributes here. + url: 'https://documentation.sailpoint.com/saas/help/accounts/schema.html' + type: array + items: + type: string + example: + - lastName + - phoneNumber + - objectType + - servicePrincipalName + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + put: + operationId: putNativeChangeDetectionConfig + tags: + - Sources + summary: Update Native Change Detection Configuration + security: + - UserContextAuth: + - 'idn:sources:update' + description: |- + Replaces the native change detection configuration for the source specified by the given ID with the configuration provided in the request body. + + A token with ORG_ADMIN authority is required to call this API. + parameters: + - in: path + name: id + required: true + schema: + type: string + description: The source id + example: 2c9180835d191a86015d28455b4a2329 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Source configuration information for Native Change Detection that is read and used by account aggregation process. + properties: + enabled: + description: A flag indicating if Native Change Detection is enabled for a source. + type: boolean + example: true + default: false + operations: + type: array + description: Operation types for which Native Change Detection is enabled for a source. + items: + type: string + enum: + - ACCOUNT_UPDATED + - ACCOUNT_CREATED + - ACCOUNT_DELETED + example: + - ACCOUNT_UPDATED + - ACCOUNT_DELETED + allEntitlements: + description: A flag indicating that all entitlements participate in Native Change Detection. + type: boolean + example: false + default: false + allNonEntitlementAttributes: + description: A flag indicating that all non-entitlement account attributes participate in Native Change Detection. + type: boolean + example: false + default: false + selectedEntitlements: + description: If allEntitlements flag is off this field lists entitlements that participate in Native Change Detection. + type: array + items: + type: string + example: + - memberOf + - memberOfSharedMailbox + selectedNonEntitlementAttributes: + description: If allNonEntitlementAttributes flag is off this field lists non-entitlement account attributes that participate in Native Change Detection. + externalDocs: + description: Learn more about account attributes here. + url: 'https://documentation.sailpoint.com/saas/help/accounts/schema.html' + type: array + items: + type: string + example: + - lastName + - phoneNumber + - objectType + - servicePrincipalName + responses: + '200': + description: Updated native change detection configuration for a source + content: + application/json: + schema: + type: object + description: Source configuration information for Native Change Detection that is read and used by account aggregation process. + properties: + enabled: + description: A flag indicating if Native Change Detection is enabled for a source. + type: boolean + example: true + default: false + operations: + type: array + description: Operation types for which Native Change Detection is enabled for a source. + items: + type: string + enum: + - ACCOUNT_UPDATED + - ACCOUNT_CREATED + - ACCOUNT_DELETED + example: + - ACCOUNT_UPDATED + - ACCOUNT_DELETED + allEntitlements: + description: A flag indicating that all entitlements participate in Native Change Detection. + type: boolean + example: false + default: false + allNonEntitlementAttributes: + description: A flag indicating that all non-entitlement account attributes participate in Native Change Detection. + type: boolean + example: false + default: false + selectedEntitlements: + description: If allEntitlements flag is off this field lists entitlements that participate in Native Change Detection. + type: array + items: + type: string + example: + - memberOf + - memberOfSharedMailbox + selectedNonEntitlementAttributes: + description: If allNonEntitlementAttributes flag is off this field lists non-entitlement account attributes that participate in Native Change Detection. + externalDocs: + description: Learn more about account attributes here. + url: 'https://documentation.sailpoint.com/saas/help/accounts/schema.html' + type: array + items: + type: string + example: + - lastName + - phoneNumber + - objectType + - servicePrincipalName + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteNativeChangeDetectionConfig + tags: + - Sources + summary: Delete Native Change Detection Configuration + description: |- + Deletes the native change detection configuration for the source specified by the given ID. + A token with API, or ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:sources:update' + parameters: + - in: path + name: id + required: true + schema: + type: string + description: The source id + example: 2c9180835d191a86015d28455b4a2329 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{id}/remove-accounts': + post: + operationId: deleteAccountsAsync + summary: Remove All Accounts in a Source + tags: + - Sources + description: | + Use this endpoint to remove all accounts from the system without provisioning changes to the source. Accounts that are removed could be re-created during the next aggregation. + + This endpoint is good for: + * Removing accounts that no longer exist on the source. + * Removing accounts that won't be aggregated following updates to the source configuration. + * Forcing accounts to be re-created following the next aggregation to re-run account processing, support testing, etc. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The source id + example: ebbf35756e1140699ce52b233121384a + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '202': + description: Accepted. Returns task result details of removal request. + content: + application/json: + schema: + type: object + description: Task result. + properties: + type: + type: string + description: Task result DTO type. + enum: + - TASK_RESULT + example: TASK_RESULT + id: + type: string + description: Task result ID. + example: 464ae7bf791e49fdb74606a2e4a89635 + name: + type: string + description: Task result display name. + nullable: true + example: null + example: + type: TASK_RESULT + id: 464ae7bf791e49fdb74606a2e4a89635 + name: null + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:account:remove' + '/sources/{id}/synchronize-attributes': + post: + operationId: syncAttributesForSource + tags: + - Sources + summary: Synchronize single source attributes. + description: |- + This end-point performs attribute synchronization for a selected source. + A token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The Source id + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '202': + description: A Source Sync job + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: Job ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + status: + type: string + description: The job status. + enum: + - QUEUED + - IN_PROGRESS + - SUCCESS + - ERROR + example: IN_PROGRESS + payload: + description: Job payload. + example: + type: SYNCHRONIZE_SOURCE_ATTRIBUTES + dataJson: '{"sourceId":"2c918083746f642c01746f990884012a"}' + type: object + properties: + type: + type: string + description: Payload type. + example: SYNCHRONIZE_SOURCE_ATTRIBUTES + dataJson: + type: string + description: Payload type. + example: '{"sourceId":"2c918083746f642c01746f990884012a"}' + required: + - type + - dataJson + required: + - id + - status + - payload + example: + id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + status: IN_PROGRESS + payload: + type: SYNCHRONIZE_SOURCE_ATTRIBUTES + dataJson: '{"sourceId":"2c918083746f642c01746f990884012a"}' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{id}/entitlement-request-config': + get: + security: + - UserContextAuth: + - 'idn:sources:read' + - 'idn:sources:manage' + operationId: getSourceEntitlementRequestConfig + summary: Get Source Entitlement Request Configuration + tags: + - Sources + description: |- + This API gets the current entitlement request configuration for a source. This source-level configuration should apply for all the entitlements in the source. + + Access request to any entitlements in the source should follow this configuration unless a separate entitlement-level configuration is defined. + - During access request, this source-level entitlement request configuration overrides the global organization-level configuration. + - However, the entitlement-level configuration (if defined) overrides this source-level configuration. + + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + responses: + '200': + description: Source Entitlement Request Configuration Details. + content: + application/json: + schema: + type: object + description: Entitlement Request Configuration + properties: + accessRequestConfig: + description: Configuration for requesting access to entitlements + type: object + properties: + approvalSchemes: + type: array + description: Ordered list of approval steps for the access request. Empty when no approval is required. + items: + type: object + properties: + approverType: + type: string + enum: + - ENTITLEMENT_OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **ENTITLEMENT_OWNER**: Owner of the associated Entitlement + + **SOURCE_OWNER**: Owner of the associated Source + + **MANAGER**: Manager of the Identity for whom the request is being made + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: e3eab852-8315-467f-9de7-70eda97f63c8 + requestCommentRequired: + type: boolean + description: If the requester must provide a comment during access request. + default: false + example: true + denialCommentRequired: + type: boolean + description: If the reviewer must provide a comment when denying the access request. + default: false + example: false + examples: + Get default config: + description: The default config for a source should look like the following where the empty approvalSchemes indicates that no approvals are required. + value: + accessRequestConfig: + approvalSchemes: [] + requestCommentRequired: false + denialCommentRequired: false + Get config with one approval: + description: 'In case of a single approval, the config could look like the following.' + value: + accessRequestConfig: + approvalSchemes: + - approverId: null + approverType: SOURCE_OWNER + requestCommentRequired: true + denialCommentRequired: false + Get config with multiple approvals: + description: 'In case of multiple levels of approvals the config could look like the following. In this scenario, access request review process should go through all the approvers sequentially.' + value: + accessRequestConfig: + approvalSchemes: + - approverId: null + approverType: ENTITLEMENT_OWNER + - approverId: null + approverType: SOURCE_OWNER + - approverId: 95e538a3-30c1-433a-af05-4bed973bbc22 + approverType: GOVERNANCE_GROUP + requestCommentRequired: true + denialCommentRequired: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + put: + security: + - UserContextAuth: + - 'idn:sources:manage' + operationId: updateSourceEntitlementRequestConfig + summary: Update Source Entitlement Request Configuration + tags: + - Sources + description: |- + This API replaces the current entitlement request configuration for a source. This source-level configuration should apply for all the entitlements in the source. + + Access request to any entitlements in the source should follow this configuration unless a separate entitlement-level configuration is defined. + - During access request, this source-level entitlement request configuration overrides the global organization-level configuration. + - However, the entitlement-level configuration (if defined) overrides this source-level configuration. + + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: object + description: Entitlement Request Configuration + properties: + accessRequestConfig: + description: Configuration for requesting access to entitlements + type: object + properties: + approvalSchemes: + type: array + description: Ordered list of approval steps for the access request. Empty when no approval is required. + items: + type: object + properties: + approverType: + type: string + enum: + - ENTITLEMENT_OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **ENTITLEMENT_OWNER**: Owner of the associated Entitlement + + **SOURCE_OWNER**: Owner of the associated Source + + **MANAGER**: Manager of the Identity for whom the request is being made + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: e3eab852-8315-467f-9de7-70eda97f63c8 + requestCommentRequired: + type: boolean + description: If the requester must provide a comment during access request. + default: false + example: true + denialCommentRequired: + type: boolean + description: If the reviewer must provide a comment when denying the access request. + default: false + example: false + examples: + Set config with no approvals: + description: 'If no approvals are required, the following config can be set.' + value: + accessRequestConfig: + approvalSchemes: [] + Set config with one approval: + description: In case of single approval the following config can be set. + value: + accessRequestConfig: + approvalSchemes: + - approverType: SOURCE_OWNER + requestCommentRequired: true + denialCommentRequired: false + Set config with multiple approvals: + description: 'In case of multiple levels of approvals the following config can be set. In this scenario, access request review process should go through all the approvers sequentially.' + value: + accessRequestConfig: + approvalSchemes: + - approverType: ENTITLEMENT_OWNER + - approverType: SOURCE_OWNER + - approverType: GOVERNANCE_GROUP + approverId: 95e538a3-30c1-433a-af05-4bed973bbc22 + requestCommentRequired: true + denialCommentRequired: false + responses: + '200': + description: Source Entitlement Request Configuration Details. + content: + application/json: + schema: + type: object + description: Entitlement Request Configuration + properties: + accessRequestConfig: + description: Configuration for requesting access to entitlements + type: object + properties: + approvalSchemes: + type: array + description: Ordered list of approval steps for the access request. Empty when no approval is required. + items: + type: object + properties: + approverType: + type: string + enum: + - ENTITLEMENT_OWNER + - SOURCE_OWNER + - MANAGER + - GOVERNANCE_GROUP + description: |- + Describes the individual or group that is responsible for an approval step. Values are as follows. + + **ENTITLEMENT_OWNER**: Owner of the associated Entitlement + + **SOURCE_OWNER**: Owner of the associated Source + + **MANAGER**: Manager of the Identity for whom the request is being made + + **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field + example: GOVERNANCE_GROUP + approverId: + type: string + nullable: true + description: 'Id of the specific approver, used only when approverType is GOVERNANCE_GROUP' + example: e3eab852-8315-467f-9de7-70eda97f63c8 + requestCommentRequired: + type: boolean + description: If the requester must provide a comment during access request. + default: false + example: true + denialCommentRequired: + type: boolean + description: If the reviewer must provide a comment when denying the access request. + default: false + example: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/sources/{id}/load-accounts': + post: + tags: + - Sources + summary: Account Aggregation + operationId: importAccounts + description: |- + Starts an account aggregation on the specified source. + If the target source is a delimited file source, then the CSV file needs to be included in the request body. + You will also need to set the Content-Type header to `multipart/form-data`. + A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:sources:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Source Id + example: ef38f94347e94562b5bb8424a56397d8 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + content: + multipart/form-data: + schema: + type: object + properties: + file: + type: string + format: binary + description: The CSV file containing the source accounts to aggregate. + disableOptimization: + type: string + example: 'true' + description: Use this flag to reprocess every account whether or not the data has changed. + responses: + '202': + description: Aggregate Accounts Task + content: + application/json: + schema: + type: object + properties: + success: + type: boolean + description: The status of the result + default: 'true' + example: 'true' + task: + type: object + properties: + id: + description: System-generated unique ID of the task this taskStatus represents + type: string + example: ef38f94347e94562b5bb8424a56397d8 + type: + description: Type of task this task represents + type: string + example: QUARTZ + name: + description: The name of the aggregation process + type: string + example: Cloud Account Aggregation + description: + description: The description of the task + type: string + example: Aggregate from the specified application + launcher: + description: The user who initiated the task + type: string + example: John Doe + created: + type: string + description: The Task creation date + format: date-time + example: '2020-09-07T42:14:00.364Z' + launched: + type: string + nullable: true + format: date-time + description: The task start date + example: '2020-09-07T42:14:00.521Z' + completed: + type: string + nullable: true + format: date-time + description: The task completion date + example: '2020-09-07T42:14:01.137Z' + completionStatus: + type: string + nullable: true + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + description: Task completion status. + example: Success + parentName: + type: string + nullable: true + description: Name of the parent task if exists. + example: Audit Report + messages: + type: array + description: List of the messages dedicated to the report. From task definition perspective here usually should be warnings or errors. + example: [] + items: + type: object + properties: + type: + type: string + description: Type of the message. + enum: + - INFO + - WARN + - ERROR + example: WARN + error: + type: boolean + default: false + description: Flag whether message is an error. + example: false + warning: + type: boolean + default: false + description: Flag whether message is a warning. + example: true + key: + type: string + description: Message string identifier. + example: This aggregation failed because the currently running aggregation must complete before the next one can start. + localizedText: + type: string + description: Message context with the locale based language. + example: This aggregation failed because the currently running aggregation must complete before the next one can start. + progress: + type: string + nullable: true + description: Current task state. + example: Initializing... + attributes: + type: object + description: Extra attributes map(dictionary) for the task. + properties: + appId: + description: The id of the source + type: string + example: c31386cb18bb403cbb6df4c86294ff82 + optimizedAggregation: + description: The indicator if the aggregation process was enabled/disabled for the aggregation job + type: string + example: enabled + additionalProperties: + type: object + returns: + type: array + description: Return values from the task + items: + type: object + properties: + displayLabel: + type: string + description: The display label of the return value + example: TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS + attributeName: + type: string + description: The attribute name of the return value + example: applications + example: + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS + attributeName: applications + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_TOTAL + attributeName: total + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_OPTIMIZED + attributeName: optimizedAggregation + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_IGNORED + attributeName: ignored + - displayLabel: TASK_OUT_UNCHANGED_ACCOUNTS + attributeName: optimized + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_CREATED + attributeName: created + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_UPDATED + attributeName: updated + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_DELETED + attributeName: deleted + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_MANAGER_CHANGES + attributeName: managerChanges + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_BUSINESS_ROLE_CHANGES + attributeName: detectedRoleChanges + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_EXCEPTION_CHANGES + attributeName: exceptionChanges + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_POLICIES + attributeName: policies + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_POLICY_VIOLATIONS + attributeName: policyViolations + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_POLICY_NOTIFICATIONS + attributeName: policyNotifications + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_SCORES_CHANGED + attributeName: scoresChanged + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_SNAPSHOTS_CREATED + attributeName: snapshotsCreated + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_CREATED + attributeName: scopesCreated + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_CORRELATED + attributeName: scopesCorrelated + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_SELECTED + attributeName: scopesSelected + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_DORMANT + attributeName: scopesDormant + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_UNSCOPED_IDENTITIES + attributeName: unscopedIdentities + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_CERTIFICATIONS_CREATED + attributeName: certificationsCreated + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_CERTIFICATIONS_DELETED + attributeName: certificationsDeleted + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS_GENERATED + attributeName: applicationsGenerated + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_MANAGED_ATTRIBUTES_PROMOTED + attributeName: managedAttributesCreated + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_MANAGED_ATTRIBUTES_PROMOTED_BY_APP + attributeName: managedAttributesCreatedByApplication + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_IDENTITYENTITLEMENTS_CREATED + attributeName: identityEntitlementsCreated + - displayLabel: TASK_OUT_ACCOUNT_AGGREGATION_GROUPS_CREATED + attributeName: groupsCreated + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/sources/{id}/load-uncorrelated-accounts': + post: + tags: + - Sources + summary: Process Uncorrelated Accounts + operationId: importUncorrelatedAccounts + description: File is required for upload. You will also need to set the Content-Type header to `multipart/form-data` + security: + - UserContextAuth: + - 'idn:sources:manage' + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Source Id + example: 75dbec1ebe154d5785da27b95e1dd5d7 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + content: + multipart/form-data: + schema: + type: object + properties: + file: + type: string + format: binary + responses: + '202': + description: Uncorrelated Accounts Task + content: + application/json: + schema: + type: object + properties: + success: + type: boolean + description: The status of the result + default: 'true' + example: 'true' + task: + type: object + properties: + id: + description: System-generated unique ID of the task this taskStatus represents + type: string + example: 90b83a6bb737489494794f84cd3a51e6 + type: + description: Type of task this task represents + type: string + example: QUARTZ + name: + description: The name of uncorrelated accounts process + type: string + example: Cloud Process Uncorrelated Accounts + description: + description: The description of the task + type: string + example: Processes uncorrelated accounts for the specified application. + launcher: + description: The user who initiated the task + type: string + example: John Doe + created: + type: string + description: The Task creation date + format: date-time + example: '2020-09-07T42:14:00.364Z' + launched: + type: string + nullable: true + format: date-time + description: The task start date + example: '2020-09-07T42:14:00.521Z' + completed: + type: string + nullable: true + format: date-time + description: The task completion date + example: '2020-09-07T42:14:01.137Z' + completionStatus: + type: string + nullable: true + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + description: Task completion status. + example: Success + parentName: + type: string + nullable: true + description: Name of the parent task if exists. + example: Audit Report + messages: + type: array + description: List of the messages dedicated to the report. From task definition perspective here usually should be warnings or errors. + example: [] + items: + type: object + properties: + type: + type: string + description: Type of the message. + enum: + - INFO + - WARN + - ERROR + example: WARN + error: + type: boolean + default: false + description: Flag whether message is an error. + example: false + warning: + type: boolean + default: false + description: Flag whether message is a warning. + example: true + key: + type: string + description: Message string identifier. + example: This correlation failed because the currently running correlation must complete before the next one can start. + localizedText: + type: string + description: Message context with the locale based language. + example: This correlation failed because the currently running correlation must complete before the next one can start. + progress: + type: string + nullable: true + description: Current task state. + example: Initializing... + attributes: + type: object + description: Extra attributes map(dictionary) for the task. + properties: + qpocJobId: + description: The id of qpoc job + type: string + example: 5d303d46-fc51-48cd-9c6d-4e211e3ab63c + taskStartDelay: + description: the task start delay value + example: '' + returns: + description: Return values from the task + type: object + example: + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_APPLICATIONS + attributeName: applications + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_TOTAL + attributeName: total + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_IGNORED + attributeName: correlationFailures + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_FAILURES + attributeName: ignored + - displayLabel: TASK_OUT_UNCHANGED_ACCOUNTS + attributeName: optimized + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION__CREATED + attributeName: created + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_UPDATED + attributeName: updated + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_DELETED + attributeName: deleted + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_MANAGER_CHANGES + attributeName: managerChanges + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_BUSINESS_ROLE_CHANGES + attributeName: detectedRoleChanges + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_EXCEPTION_CHANGES + attributeName: exceptionChanges + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_POLICIES + attributeName: policies + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_POLICY_VIOLATIONS + attributeName: policyViolations + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_POLICY_NOTIFICATIONS + attributeName: policyNotifications + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_SCORES_CHANGED + attributeName: scoresChanged + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_SNAPSHOTS_CREATED + attributeName: snapshotsCreated + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_SCOPES_CREATED + attributeName: scopesCreated + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_SCOPES_CORRELATED + attributeName: scopesCorrelated + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_SCOPES_SELECTED + attributeName: scopesSelected + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_SCOPES_DORMANT + attributeName: scopesDormant + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_UNSCOPED_IDENTITIES + attributeName: unscopedIdentities + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_CERTIFICATIONS_CREATED + attributeName: certificationsCreated + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_CERTIFICATIONS_DELETED + attributeName: certificationsDeleted + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_APPLICATIONS_GENERATED + attributeName: applicationsGenerated + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_MANAGED_ATTRIBUTES_PROMOTED + attributeName: managedAttributesCreated + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_MANAGED_ATTRIBUTES_PROMOTED_BY_APP + attributeName: managedAttributesCreatedByApplication + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_IDENTITYENTITLEMENTS_CREATED + attributeName: identityEntitlementsCreated + - displayLabel: TASK_OUT_ACCOUNT_CORRELATION_GROUPS_CREATED + attributeName: groupsCreated + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/task-status/{id}': + get: + tags: + - Task Management + summary: Get task status by ID. + description: Get a TaskStatus for a task by task ID. + operationId: getTaskStatus + parameters: + - name: id + in: path + description: Task ID. + required: true + example: 00eebcf881994e419d72e757fd30dc0e + style: simple + explode: false + schema: + type: string + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Responds with a TaskStatus for the task with the given task ID. + content: + application/json: + schema: + description: Details and current status of a specific task + required: + - id + - type + - uniqueName + - description + - parentName + - attributes + - created + - modified + - launched + - launcher + - completed + - completionStatus + - messages + - progress + - percentComplete + - returns + type: object + properties: + id: + description: System-generated unique ID of the task this TaskStatus represents + type: string + example: id12345 + type: + description: Type of task this TaskStatus represents + type: string + enum: + - QUARTZ + - QPOC + - QUEUED_TASK + example: QUARTZ + uniqueName: + description: Name of the task this TaskStatus represents + type: string + example: Big Task + description: + description: Description of the task this TaskStatus represents + type: string + example: A Really Big Task + parentName: + description: Name of the parent of the task this TaskStatus represents + nullable: true + type: string + example: Parent Task + launcher: + description: Service to execute the task this TaskStatus represents + type: string + example: sweep + target: + type: object + nullable: true + properties: + id: + description: Target ID + type: string + example: c6dc37bf508149b28ce5b7d90ca4bbf9 + type: + description: Target type + type: string + nullable: true + enum: + - APPLICATION + - IDENTITY + - null + example: APPLICATION + name: + description: Target name + type: string + example: 'Active Directory [source]' + created: + description: Creation date of the task this TaskStatus represents + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + modified: + description: Last modification date of the task this TaskStatus represents + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + launched: + description: Launch date of the task this TaskStatus represents + nullable: true + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + completed: + description: Completion date of the task this TaskStatus represents + nullable: true + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + completionStatus: + description: Completion status of the task this TaskStatus represents + type: string + nullable: true + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMPERROR + - null + example: SUCCESS + messages: + description: Messages associated with the task this TaskStatus represents + type: array + items: + description: TaskStatus Message + required: + - key + - localizedText + - type + - parameters + type: object + properties: + type: + description: Type of the message + type: string + enum: + - INFO + - WARN + - ERROR + example: INFO + localizedText: + description: Localized form of the message + type: object + nullable: true + required: + - locale + - message + properties: + locale: + description: Message locale + type: string + example: An error has occurred! + message: + description: Message text + type: string + example: Error has occurred! + key: + description: Key of the message + type: string + example: akey + parameters: + description: Message parameters for internationalization + nullable: true + type: array + items: + type: object + example: + - name: value + returns: + description: Return values from the task this TaskStatus represents + type: array + items: + description: Task return details + required: + - name + - attributeName + type: object + properties: + name: + description: Display name of the TaskReturnDetails + type: string + example: label + attributeName: + description: Attribute the TaskReturnDetails is for + type: string + example: identityCount + attributes: + description: Attributes of the task this TaskStatus represents + type: object + additionalProperties: true + example: + identityCount: 0 + progress: + description: Current progress of the task this TaskStatus represents + nullable: true + type: string + example: Started + percentComplete: + description: Current percentage completion of the task this TaskStatus represents + type: integer + example: 100 + taskDefinitionSummary: + description: 'Definition of a type of task, used to invoke tasks' + required: + - arguments + - description + - executor + - id + - uniqueName + - parentName + type: object + properties: + id: + description: System-generated unique ID of the TaskDefinition + type: string + example: 2c91808475b4334b0175e1dff64b63c5 + uniqueName: + description: Name of the TaskDefinition + type: string + example: Cloud Account Aggregation + description: + description: Description of the TaskDefinition + type: string + example: Aggregates from the specified application. + parentName: + description: Name of the parent of the TaskDefinition + type: string + example: Cloud Account Aggregation + executor: + description: Executor of the TaskDefinition + nullable: true + type: string + example: sailpoint.task.ServiceTaskExecutor + arguments: + description: 'Formal parameters of the TaskDefinition, without values' + type: object + additionalProperties: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden, generally due to a lack of security rights' + '404': + description: TaskStatus with the given id was not found. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:task-management:read' + patch: + operationId: updateTaskStatus + tags: + - Task Management + summary: Update task status by ID + description: Update a current task status by task ID. Use this API to clear a pending task by updating the completionStatus and completed attributes. + parameters: + - name: id + in: path + description: Task ID. + example: 00eebcf881994e419d72e757fd30dc0e + required: true + style: simple + explode: false + schema: + type: string + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + description: The JSONPatch payload used to update the object. + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /completionStatus + value: Error + - op: replace + path: /completed + value: 2024-05-17T19:33:16.470Z + responses: + '200': + description: 'This response indicates the PATCH operation succeeded, and the API returns the updated task object.' + content: + application/json: + schema: + description: Details and current status of a specific task + required: + - id + - type + - uniqueName + - description + - parentName + - attributes + - created + - modified + - launched + - launcher + - completed + - completionStatus + - messages + - progress + - percentComplete + - returns + type: object + properties: + id: + description: System-generated unique ID of the task this TaskStatus represents + type: string + example: id12345 + type: + description: Type of task this TaskStatus represents + type: string + enum: + - QUARTZ + - QPOC + - QUEUED_TASK + example: QUARTZ + uniqueName: + description: Name of the task this TaskStatus represents + type: string + example: Big Task + description: + description: Description of the task this TaskStatus represents + type: string + example: A Really Big Task + parentName: + description: Name of the parent of the task this TaskStatus represents + nullable: true + type: string + example: Parent Task + launcher: + description: Service to execute the task this TaskStatus represents + type: string + example: sweep + target: + type: object + nullable: true + properties: + id: + description: Target ID + type: string + example: c6dc37bf508149b28ce5b7d90ca4bbf9 + type: + description: Target type + type: string + nullable: true + enum: + - APPLICATION + - IDENTITY + - null + example: APPLICATION + name: + description: Target name + type: string + example: 'Active Directory [source]' + created: + description: Creation date of the task this TaskStatus represents + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + modified: + description: Last modification date of the task this TaskStatus represents + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + launched: + description: Launch date of the task this TaskStatus represents + nullable: true + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + completed: + description: Completion date of the task this TaskStatus represents + nullable: true + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + completionStatus: + description: Completion status of the task this TaskStatus represents + type: string + nullable: true + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMPERROR + - null + example: SUCCESS + messages: + description: Messages associated with the task this TaskStatus represents + type: array + items: + description: TaskStatus Message + required: + - key + - localizedText + - type + - parameters + type: object + properties: + type: + description: Type of the message + type: string + enum: + - INFO + - WARN + - ERROR + example: INFO + localizedText: + description: Localized form of the message + type: object + nullable: true + required: + - locale + - message + properties: + locale: + description: Message locale + type: string + example: An error has occurred! + message: + description: Message text + type: string + example: Error has occurred! + key: + description: Key of the message + type: string + example: akey + parameters: + description: Message parameters for internationalization + nullable: true + type: array + items: + type: object + example: + - name: value + returns: + description: Return values from the task this TaskStatus represents + type: array + items: + description: Task return details + required: + - name + - attributeName + type: object + properties: + name: + description: Display name of the TaskReturnDetails + type: string + example: label + attributeName: + description: Attribute the TaskReturnDetails is for + type: string + example: identityCount + attributes: + description: Attributes of the task this TaskStatus represents + type: object + additionalProperties: true + example: + identityCount: 0 + progress: + description: Current progress of the task this TaskStatus represents + nullable: true + type: string + example: Started + percentComplete: + description: Current percentage completion of the task this TaskStatus represents + type: integer + example: 100 + taskDefinitionSummary: + description: 'Definition of a type of task, used to invoke tasks' + required: + - arguments + - description + - executor + - id + - uniqueName + - parentName + type: object + properties: + id: + description: System-generated unique ID of the TaskDefinition + type: string + example: 2c91808475b4334b0175e1dff64b63c5 + uniqueName: + description: Name of the TaskDefinition + type: string + example: Cloud Account Aggregation + description: + description: Description of the TaskDefinition + type: string + example: Aggregates from the specified application. + parentName: + description: Name of the parent of the TaskDefinition + type: string + example: Cloud Account Aggregation + executor: + description: Executor of the TaskDefinition + nullable: true + type: string + example: sailpoint.task.ServiceTaskExecutor + arguments: + description: 'Formal parameters of the TaskDefinition, without values' + type: object + additionalProperties: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:task-management:write' + /task-status: + get: + tags: + - Task Management + summary: Retrieve a task status list. + description: | + Use this endpoint to get a list of **completed** tasks. To get a list of tasks **in-progress**, please use the [get pending tasks](https://developer.sailpoint.com/docs/api/beta/get-pending-tasks) endpoint. + operationId: getTaskStatusList + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + example: completionStatus eq "Success" + required: false + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in* + + **sourceId**: *eq, in* + + **completionStatus**: *eq, in* + + **type**: *eq, in* + - in: query + name: sorters + schema: + type: string + format: comma-separated + example: '-created' + required: false + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **created** + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Responds with a TaskStatus for the task with the given task ID. + content: + application/json: + schema: + type: array + items: + description: Details and current status of a specific task + required: + - id + - type + - uniqueName + - description + - parentName + - attributes + - created + - modified + - launched + - launcher + - completed + - completionStatus + - messages + - progress + - percentComplete + - returns + type: object + properties: + id: + description: System-generated unique ID of the task this TaskStatus represents + type: string + example: id12345 + type: + description: Type of task this TaskStatus represents + type: string + enum: + - QUARTZ + - QPOC + - QUEUED_TASK + example: QUARTZ + uniqueName: + description: Name of the task this TaskStatus represents + type: string + example: Big Task + description: + description: Description of the task this TaskStatus represents + type: string + example: A Really Big Task + parentName: + description: Name of the parent of the task this TaskStatus represents + nullable: true + type: string + example: Parent Task + launcher: + description: Service to execute the task this TaskStatus represents + type: string + example: sweep + target: + type: object + nullable: true + properties: + id: + description: Target ID + type: string + example: c6dc37bf508149b28ce5b7d90ca4bbf9 + type: + description: Target type + type: string + nullable: true + enum: + - APPLICATION + - IDENTITY + - null + example: APPLICATION + name: + description: Target name + type: string + example: 'Active Directory [source]' + created: + description: Creation date of the task this TaskStatus represents + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + modified: + description: Last modification date of the task this TaskStatus represents + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + launched: + description: Launch date of the task this TaskStatus represents + nullable: true + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + completed: + description: Completion date of the task this TaskStatus represents + nullable: true + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + completionStatus: + description: Completion status of the task this TaskStatus represents + type: string + nullable: true + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMPERROR + - null + example: SUCCESS + messages: + description: Messages associated with the task this TaskStatus represents + type: array + items: + description: TaskStatus Message + required: + - key + - localizedText + - type + - parameters + type: object + properties: + type: + description: Type of the message + type: string + enum: + - INFO + - WARN + - ERROR + example: INFO + localizedText: + description: Localized form of the message + type: object + nullable: true + required: + - locale + - message + properties: + locale: + description: Message locale + type: string + example: An error has occurred! + message: + description: Message text + type: string + example: Error has occurred! + key: + description: Key of the message + type: string + example: akey + parameters: + description: Message parameters for internationalization + nullable: true + type: array + items: + type: object + example: + - name: value + returns: + description: Return values from the task this TaskStatus represents + type: array + items: + description: Task return details + required: + - name + - attributeName + type: object + properties: + name: + description: Display name of the TaskReturnDetails + type: string + example: label + attributeName: + description: Attribute the TaskReturnDetails is for + type: string + example: identityCount + attributes: + description: Attributes of the task this TaskStatus represents + type: object + additionalProperties: true + example: + identityCount: 0 + progress: + description: Current progress of the task this TaskStatus represents + nullable: true + type: string + example: Started + percentComplete: + description: Current percentage completion of the task this TaskStatus represents + type: integer + example: 100 + taskDefinitionSummary: + description: 'Definition of a type of task, used to invoke tasks' + required: + - arguments + - description + - executor + - id + - uniqueName + - parentName + type: object + properties: + id: + description: System-generated unique ID of the TaskDefinition + type: string + example: 2c91808475b4334b0175e1dff64b63c5 + uniqueName: + description: Name of the TaskDefinition + type: string + example: Cloud Account Aggregation + description: + description: Description of the TaskDefinition + type: string + example: Aggregates from the specified application. + parentName: + description: Name of the parent of the TaskDefinition + type: string + example: Cloud Account Aggregation + executor: + description: Executor of the TaskDefinition + nullable: true + type: string + example: sailpoint.task.ServiceTaskExecutor + arguments: + description: 'Formal parameters of the TaskDefinition, without values' + type: object + additionalProperties: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:task-management:read' + /task-status/pending-tasks: + get: + tags: + - Task Management + summary: Retrieve a pending task list. + description: Retrieve a list of TaskStatus for pending tasks. + operationId: getPendingTasks + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Responds with a list of TaskStatus for pending tasks. + content: + application/json: + schema: + type: array + items: + description: Details and current status of a specific task + required: + - id + - type + - uniqueName + - description + - parentName + - attributes + - created + - modified + - launched + - launcher + - completed + - completionStatus + - messages + - progress + - percentComplete + - returns + type: object + properties: + id: + description: System-generated unique ID of the task this TaskStatus represents + type: string + example: id12345 + type: + description: Type of task this TaskStatus represents + type: string + enum: + - QUARTZ + - QPOC + - QUEUED_TASK + example: QUARTZ + uniqueName: + description: Name of the task this TaskStatus represents + type: string + example: Big Task + description: + description: Description of the task this TaskStatus represents + type: string + example: A Really Big Task + parentName: + description: Name of the parent of the task this TaskStatus represents + nullable: true + type: string + example: Parent Task + launcher: + description: Service to execute the task this TaskStatus represents + type: string + example: sweep + target: + type: object + nullable: true + properties: + id: + description: Target ID + type: string + example: c6dc37bf508149b28ce5b7d90ca4bbf9 + type: + description: Target type + type: string + nullable: true + enum: + - APPLICATION + - IDENTITY + - null + example: APPLICATION + name: + description: Target name + type: string + example: 'Active Directory [source]' + created: + description: Creation date of the task this TaskStatus represents + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + modified: + description: Last modification date of the task this TaskStatus represents + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + launched: + description: Launch date of the task this TaskStatus represents + nullable: true + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + completed: + description: Completion date of the task this TaskStatus represents + nullable: true + type: string + format: date-time + example: '2020-07-11T21:23:15.000Z' + completionStatus: + description: Completion status of the task this TaskStatus represents + type: string + nullable: true + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMPERROR + - null + example: SUCCESS + messages: + description: Messages associated with the task this TaskStatus represents + type: array + items: + description: TaskStatus Message + required: + - key + - localizedText + - type + - parameters + type: object + properties: + type: + description: Type of the message + type: string + enum: + - INFO + - WARN + - ERROR + example: INFO + localizedText: + description: Localized form of the message + type: object + nullable: true + required: + - locale + - message + properties: + locale: + description: Message locale + type: string + example: An error has occurred! + message: + description: Message text + type: string + example: Error has occurred! + key: + description: Key of the message + type: string + example: akey + parameters: + description: Message parameters for internationalization + nullable: true + type: array + items: + type: object + example: + - name: value + returns: + description: Return values from the task this TaskStatus represents + type: array + items: + description: Task return details + required: + - name + - attributeName + type: object + properties: + name: + description: Display name of the TaskReturnDetails + type: string + example: label + attributeName: + description: Attribute the TaskReturnDetails is for + type: string + example: identityCount + attributes: + description: Attributes of the task this TaskStatus represents + type: object + additionalProperties: true + example: + identityCount: 0 + progress: + description: Current progress of the task this TaskStatus represents + nullable: true + type: string + example: Started + percentComplete: + description: Current percentage completion of the task this TaskStatus represents + type: integer + example: 100 + taskDefinitionSummary: + description: 'Definition of a type of task, used to invoke tasks' + required: + - arguments + - description + - executor + - id + - uniqueName + - parentName + type: object + properties: + id: + description: System-generated unique ID of the TaskDefinition + type: string + example: 2c91808475b4334b0175e1dff64b63c5 + uniqueName: + description: Name of the TaskDefinition + type: string + example: Cloud Account Aggregation + description: + description: Description of the TaskDefinition + type: string + example: Aggregates from the specified application. + parentName: + description: Name of the parent of the TaskDefinition + type: string + example: Cloud Account Aggregation + executor: + description: Executor of the TaskDefinition + nullable: true + type: string + example: sailpoint.task.ServiceTaskExecutor + arguments: + description: 'Formal parameters of the TaskDefinition, without values' + type: object + additionalProperties: true + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + security: + - UserContextAuth: + - 'idn:task-management:read' + head: + tags: + - Task Management + summary: Retrieve headers only for pending task list. + description: Retrieve headers for a list of TaskStatus for pending tasks. + operationId: getPendingTaskHeaders + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Responds with headers for List of TaskStatus for pending tasks. + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + security: + - UserContextAuth: + - 'idn:task-management:read' + /tenant: + get: + operationId: getTenant + tags: + - Tenant + summary: Get Tenant Information. + description: This rest endpoint can be used to retrieve tenant details. + security: + - UserContextAuth: + - 'sp:tenant:read' + responses: + '200': + description: Tenant Info + content: + application/json: + schema: + type: object + properties: + id: + type: string + readOnly: true + description: The unique identifier for the Tenant + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Abbreviated name of the Tenant + example: acme + fullName: + type: string + description: Human-readable name of the Tenant + example: 'Acme, Inc' + pod: + type: string + description: Deployment pod for the Tenant + example: example-pod + region: + type: string + description: Deployment region for the Tenant + example: us-east-1 + description: + type: string + description: Description of the Tenant + example: Description of the Tenant + products: + type: array + items: + type: object + properties: + productName: + type: string + description: Name of the Product + example: idn + url: + type: string + description: URL of the Product + example: 'https://tenant-name.identitynow.com' + productTenantId: + type: string + description: An identifier for a specific product-tenant combination + example: tenant#product + productRegion: + type: string + description: Product region + example: us-east-1 + productRight: + type: string + description: Right needed for the Product + example: 'idn:ui:view' + apiUrl: + nullable: true + type: string + description: API URL of the Product + example: 'https://tenant-name.api.identitynow.com' + licenses: + type: array + items: + type: object + properties: + licenseId: + type: string + description: Name of the license + example: 'idn:access-request' + legacyFeatureName: + type: string + description: Legacy name of the license + example: ACCESS_REQUEST + attributes: + type: object + additionalProperties: true + description: Additional attributes for a product + example: + domain: 'https://tenant-name.identitynow.com' + maxRegisteredUsers: 250 + zone: + type: string + description: Zone + example: Deployment zone for the Product + status: + type: string + description: Status of the product + example: active + statusDateTime: + type: string + format: date-time + description: Status datetime + example: '2020-05-19T13:49:37.385Z' + reason: + type: string + description: If there's a tenant provisioning failure then reason will have the description of error + example: Reason + notes: + type: string + description: Product could have additional notes added during tenant provisioning. + example: Example notes + dateCreated: + nullable: true + type: string + format: date-time + description: Date when the product was created + example: '2020-05-19T13:49:37.385Z' + lastUpdated: + nullable: true + type: string + format: date-time + description: Date when the product was last updated + example: '2020-05-19T13:49:37.385Z' + orgType: + nullable: true + type: string + enum: + - development + - staging + - production + - test + - partner + - training + - demonstration + - sandbox + - null + description: Type of org + example: test + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /triggers: + get: + operationId: listTriggers + tags: + - Triggers + summary: List Triggers + description: Gets a list of triggers that are available in the tenant. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + required: false + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, ge, le* + example: 'id eq "idn:access-request-post-approval"' + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **id, name** + example: name + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of triggers. + content: + application/json: + schema: + type: array + items: + type: object + required: + - id + - name + - type + - inputSchema + - exampleInput + properties: + id: + type: string + description: Unique identifier of the trigger. + example: 'idn:access-request-dynamic-approver' + name: + type: string + description: Trigger Name. + example: Access Request Dynamic Approver + type: + example: REQUEST_RESPONSE + type: string + description: The type of trigger. + enum: + - REQUEST_RESPONSE + - FIRE_AND_FORGET + description: + type: string + description: Trigger Description. + example: Trigger for getting a dynamic approver. + inputSchema: + type: string + description: The JSON schema of the payload that will be sent by the trigger to the subscribed service. + example: '{"definitions":{"record:AccessRequestDynamicApproverInput":{"type":"object","required":["accessRequestId","requestedFor","requestedItems","requestedBy"],"additionalProperties":true,"properties":{"accessRequestId":{"type":"string"},"requestedFor":{"$ref":"#/definitions/record:requestedForIdentityRef"},"requestedItems":{"type":"array","items":{"$ref":"#/definitions/record:requestedObjectRef"}},"requestedBy":{"$ref":"#/definitions/record:requestedByIdentityRef"}}},"record:requestedForIdentityRef":{"type":"object","required":["id","name","type"],"additionalProperties":true,"properties":{"id":{"type":"string"},"name":{"type":"string"},"type":{"type":"string"}}},"record:requestedObjectRef":{"type":"object","optional":["description","comment"],"required":["id","name","type","operation"],"additionalProperties":true,"properties":{"id":{"type":"string"},"name":{"type":"string"},"description":{"oneOf":[{"type":"null"},{"type":"string"}]},"type":{"type":"string"},"operation":{"type":"string"},"comment":{"oneOf":[{"type":"null"},{"type":"string"}]}}},"record:requestedByIdentityRef":{"type":"object","required":["type","id","name"],"additionalProperties":true,"properties":{"type":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"}}}},"$ref":"#/definitions/record:AccessRequestDynamicApproverInput"}' + exampleInput: + description: An example of the JSON payload that will be sent by the trigger to the subscribed service. + oneOf: + - title: Access Request Dynamic Approver + type: object + required: + - accessRequestId + - requestedFor + - requestedItems + - requestedBy + properties: + accessRequestId: + type: string + description: | + The unique ID of the access request object. Can be used with the [access request status endpoint](https://developer.sailpoint.com/idn/api/beta/list-access-request-status) to get the status of the request. + example: 4b4d982dddff4267ab12f0f1e72b5a6d + requestedFor: + type: array + description: Identities access was requested for. + items: + type: object + description: Identity the access item is requested for. + properties: + type: + type: string + description: DTO type of identity the access item is requested for. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity the access item is requested for. + example: 2c4180a46faadee4016fb4e018c20626 + name: + type: string + description: Human-readable display name of identity the access item is requested for. + example: Robert Robinson + minItems: 1 + maxItems: 10 + requestedItems: + description: The access items that are being requested. + type: array + items: + type: object + required: + - id + - name + - type + - operation + properties: + id: + type: string + description: The unique ID of the access item. + example: 2c91808b6ef1d43e016efba0ce470904 + name: + type: string + description: Human friendly name of the access item. + example: Engineering Access + description: + nullable: true + type: string + description: Extended description of the access item. + example: Engineering Access + type: + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: The type of access item being requested. + example: ACCESS_PROFILE + operation: + enum: + - Add + - Remove + description: Grant or revoke the access item + example: Add + comment: + nullable: true + type: string + description: A comment from the requestor on why the access is needed. + example: William needs this access for his day to day job activities. + minItems: 1 + maxItems: 25 + requestedBy: + allOf: + - type: object + description: Access item requester's identity. + properties: + type: + type: string + description: Access item requester's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Access item requester's identity ID. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Access item owner's human-readable display name. + example: William Wilson + - title: Access Request Post Approval + type: object + required: + - accessRequestId + - requestedFor + - requestedItemsStatus + - requestedBy + properties: + accessRequestId: + type: string + description: The unique ID of the access request. + example: 2c91808b6ef1d43e016efba0ce470904 + requestedFor: + required: + - id + - type + - name + type: array + description: Identities access was requested for. + items: + type: object + description: Identity the access item is requested for. + properties: + type: + type: string + description: DTO type of identity the access item is requested for. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity the access item is requested for. + example: 2c4180a46faadee4016fb4e018c20626 + name: + type: string + description: Human-readable display name of identity the access item is requested for. + example: Robert Robinson + minItems: 1 + maxItems: 10 + requestedItemsStatus: + description: Details on the outcome of each access item. + type: array + items: + type: object + required: + - id + - name + - type + - operation + - approvalInfo + properties: + id: + type: string + description: The unique ID of the access item being requested. + example: 2c91808b6ef1d43e016efba0ce470904 + name: + type: string + description: The human friendly name of the access item. + example: Engineering Access + description: + nullable: true + type: string + description: Detailed description of the access item. + example: Access to engineering database + type: + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: The type of access item. + example: ACCESS_PROFILE + operation: + enum: + - Add + - Remove + description: The action to perform on the access item. + example: Add + comment: + nullable: true + type: string + description: A comment from the identity requesting the access. + example: William needs this access to do his job. + clientMetadata: + description: Additional customer defined metadata about the access item. + nullable: true + type: object + additionalProperties: true + example: + applicationName: My application + approvalInfo: + description: A list of one or more approvers for the access request. + type: array + items: + type: object + required: + - approvalDecision + - approverName + - approver + properties: + approvalComment: + nullable: true + type: string + description: A comment left by the approver. + example: This access looks good. Approved. + approvalDecision: + enum: + - APPROVED + - DENIED + description: The final decision of the approver. + example: APPROVED + approverName: + type: string + description: The name of the approver + example: Stephen.Austin + approver: + required: + - id + - type + - name + allOf: + - type: object + description: Identity who approved the access item request. + properties: + type: + type: string + description: DTO type of identity who approved the access item request. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity who approved the access item request. + example: 2c3780a46faadee4016fb4e018c20652 + name: + type: string + description: Human-readable display name of identity who approved the access item request. + example: Allen Albertson + description: The identity of the approver. + properties: + type: + enum: + - IDENTITY + example: IDENTITY + description: The type of object that is referenced + requestedBy: + required: + - id + - type + - name + allOf: + - type: object + description: Access item requester's identity. + properties: + type: + type: string + description: Access item requester's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Access item requester's identity ID. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Access item owner's human-readable display name. + example: William Wilson + - title: Access Request Pre Approval + type: object + required: + - accessRequestId + - requestedFor + - requestedItems + - requestedBy + properties: + accessRequestId: + type: string + description: The unique ID of the access request. + example: 2c91808b6ef1d43e016efba0ce470904 + requestedFor: + required: + - id + - type + - name + type: array + description: Identities access was requested for. + items: + type: object + description: Identity the access item is requested for. + properties: + type: + type: string + description: DTO type of identity the access item is requested for. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity the access item is requested for. + example: 2c4180a46faadee4016fb4e018c20626 + name: + type: string + description: Human-readable display name of identity the access item is requested for. + example: Robert Robinson + minItems: 1 + maxItems: 10 + requestedItems: + description: Details of the access items being requested. + type: array + items: + type: object + required: + - id + - name + - type + - operation + properties: + id: + type: string + description: The unique ID of the access item being requested. + example: 2c91808b6ef1d43e016efba0ce470904 + name: + type: string + description: The human friendly name of the access item. + example: Engineering Access + description: + nullable: true + type: string + description: Detailed description of the access item. + example: Access to engineering database + type: + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: The type of access item. + example: ACCESS_PROFILE + operation: + enum: + - Add + - Remove + description: The action to perform on the access item. + example: Add + comment: + nullable: true + type: string + description: A comment from the identity requesting the access. + example: William needs this access to do his job. + minItems: 1 + maxItems: 25 + requestedBy: + required: + - id + - type + - name + allOf: + - type: object + description: Access item requester's identity. + properties: + type: + type: string + description: Access item requester's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Access item requester's identity ID. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Access item owner's human-readable display name. + example: William Wilson + - title: Account Aggregation Completed + type: object + required: + - source + - status + - started + - completed + - errors + - warnings + - stats + properties: + source: + required: + - type + - name + - id + type: object + description: The source the accounts are being aggregated from. + properties: + type: + type: string + description: The DTO type of the source the accounts are being aggregated from. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: The ID of the source the accounts are being aggregated from. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Display name of the source the accounts are being aggregated from. + example: HR Active Directory + status: + description: The overall status of the aggregation. + enum: + - Success + - Failed + - Terminated + example: Success + started: + type: string + format: date-time + description: The date and time when the account aggregation started. + example: '2020-06-29T22:01:50.474Z' + completed: + type: string + format: date-time + description: The date and time when the account aggregation finished. + example: '2020-06-29T22:02:04.090Z' + errors: + nullable: true + description: A list of errors that occurred during the aggregation. + type: array + items: + type: string + description: A descriptive error message. + example: Accounts unable to be aggregated. + warnings: + nullable: true + description: A list of warnings that occurred during the aggregation. + type: array + items: + type: string + description: A descriptive warning message. + example: Account Skipped + stats: + type: object + description: Overall statistics about the account aggregation. + required: + - scanned + - unchanged + - changed + - added + - removed + properties: + scanned: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: The number of accounts which were scanned / iterated over. + example: 200 + unchanged: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: 'The number of accounts which existed before, but had no changes.' + example: 190 + changed: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: 'The number of accounts which existed before, but had changes.' + example: 6 + added: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: The number of accounts which are new - have not existed before. + example: 4 + removed: + type: integer + minimum: 0 + maximum: 2147483647 + format: int32 + description: 'The number accounts which existed before, but no longer exist (thus getting removed).' + example: 3 + - title: Account Attributes Changed + type: object + required: + - identity + - source + - account + - changes + properties: + identity: + required: + - id + - type + - name + type: object + description: The identity whose account attributes were updated. + properties: + type: + type: string + description: DTO type of the identity whose account attributes were updated. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of the identity whose account attributes were updated. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Display name of the identity whose account attributes were updated. + example: Michael Michaels + source: + required: + - id + - type + - name + type: object + description: The source that contains the account. + properties: + id: + description: ID of the object to which this reference applies + type: string + example: 4e4d982dddff4267ab12f0f1e72b5a6d + type: + type: string + enum: + - SOURCE + example: SOURCE + description: The type of object that is referenced + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: Corporate Active Directory + account: + type: object + description: Details of the account where the attributes changed. + required: + - id + - uuid + - name + - nativeIdentity + - type + properties: + id: + type: string + description: SailPoint generated unique identifier. + example: 52170a74-ca89-11ea-87d0-0242ac130003 + uuid: + nullable: true + type: string + description: The source's unique identifier for the account. UUID is generated by the source system. + example: 1cb1f07d-3e5a-4431-becd-234fa4306108 + name: + type: string + description: Name of the account. + example: john.doe + nativeIdentity: + type: string + description: Unique ID of the account on the source. + example: 'cn=john.doe,ou=users,dc=acme,dc=com' + type: + enum: + - ACCOUNT + description: The type of the account + example: ACCOUNT + changes: + type: array + description: A list of attributes that changed. + items: + type: object + required: + - attribute + - oldValue + - newValue + properties: + attribute: + type: string + description: The name of the attribute. + example: sn + oldValue: + description: The previous value of the attribute. + nullable: true + oneOf: + - type: string + - type: boolean + - type: array + items: + nullable: true + type: string + example: doe + newValue: + description: The new value of the attribute. + nullable: true + oneOf: + - type: string + - type: boolean + - type: array + items: + nullable: true + type: string + example: ryans + - title: Account Correlated + type: object + required: + - identity + - source + - account + - attributes + properties: + identity: + required: + - type + - name + - id + type: object + description: Identity the account is correlated with. + properties: + type: + type: string + description: DTO type of the identity the account is correlated with. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of the identity the account is correlated with. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Display name of the identity the account is correlated with. + example: Michael Michaels + source: + required: + - id + - type + - name + type: object + description: The source the accounts are being correlated from. + properties: + type: + type: string + description: The DTO type of the source the accounts are being correlated from. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: The ID of the source the accounts are being correlated from. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Display name of the source the accounts are being correlated from. + example: HR Active Directory + account: + type: object + description: The correlated account. + required: + - id + - name + - nativeIdentity + - type + properties: + type: + type: string + description: The correlated account's DTO type. + enum: + - ACCOUNT + example: ACCOUNT + id: + type: string + description: The correlated account's ID. + example: 98da47c31df444558c211f9b205184f6 + name: + type: string + description: The correlated account's display name. + example: Brian Mendoza + nativeIdentity: + type: string + description: Unique ID of the account on the source. + example: 'cn=john.doe,ou=users,dc=acme,dc=com' + uuid: + nullable: true + type: string + description: The source's unique identifier for the account. UUID is generated by the source system. + example: 1cb1f07d-3e5a-4431-becd-234fa4306108 + attributes: + type: object + description: The attributes associated with the account. Attributes are unique per source. + additionalProperties: true + example: + sn: doe + givenName: john + memberOf: + - 'cn=g1,ou=groups,dc=acme,dc=com' + - 'cn=g2,ou=groups,dc=acme,dc=com' + - 'cn=g3,ou=groups,dc=acme,dc=com' + entitlementCount: + type: integer + format: int32 + description: The number of entitlements associated with this account. + example: 0 + - title: Accounts Collected for Aggregation + type: object + required: + - source + - status + - started + - completed + - errors + - warnings + - stats + properties: + source: + required: + - id + - type + - name + type: object + description: Reference to the source that has been aggregated. + properties: + id: + description: ID of the object to which this reference applies + type: string + example: 4e4d982dddff4267ab12f0f1e72b5a6d + type: + type: string + enum: + - SOURCE + example: SOURCE + description: The type of object that is referenced + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: Corporate Active Directory + status: + description: The overall status of the collection. + enum: + - Success + - Failed + - Terminated + example: Success + started: + type: string + format: date-time + description: The date and time when the account collection started. + example: '2020-06-29T22:01:50.474Z' + completed: + type: string + format: date-time + description: The date and time when the account collection finished. + example: '2020-06-29T22:02:04.090Z' + errors: + nullable: true + description: A list of errors that occurred during the collection. + type: array + items: + type: string + description: A descriptive error message. + example: Unable to collect accounts for aggregation. + warnings: + nullable: true + description: A list of warnings that occurred during the collection. + type: array + items: + type: string + description: A descriptive warning message. + example: Account Skipped + stats: + type: object + description: Overall statistics about the account collection. + required: + - scanned + - unchanged + - changed + - added + - removed + properties: + scanned: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: The number of accounts which were scanned / iterated over. + example: 200 + unchanged: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: 'The number of accounts which existed before, but had no changes.' + example: 190 + changed: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: 'The number of accounts which existed before, but had changes.' + example: 6 + added: + type: integer + format: int32 + minimum: 0 + maximum: 2147483647 + description: The number of accounts which are new - have not existed before. + example: 4 + removed: + type: integer + minimum: 0 + maximum: 2147483647 + format: int32 + description: 'The number accounts which existed before, but no longer exist (thus getting removed).' + example: 3 + - title: Account Uncorrelated + type: object + required: + - identity + - source + - account + properties: + identity: + required: + - type + - name + - id + type: object + description: Identity the account is uncorrelated with. + properties: + type: + type: string + description: DTO type of the identity the account is uncorrelated with. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of the identity the account is uncorrelated with. + example: 2c3780a46faadee4016fb4e018c20652 + name: + type: string + description: Display name of the identity the account is uncorrelated with. + example: Allen Albertson + source: + required: + - type + - name + - id + type: object + description: The source the accounts are uncorrelated from. + properties: + type: + type: string + description: The DTO type of the source the accounts are uncorrelated from. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: The ID of the source the accounts are uncorrelated from. + example: 2c6180835d191a86015d28455b4b231b + name: + type: string + description: Display name of the source the accounts are uncorrelated from. + example: Corporate Directory + account: + type: object + description: Uncorrelated account. + required: + - id + - name + - nativeIdentity + - type + properties: + type: + enum: + - ACCOUNT + description: Uncorrelated account's DTO type. + example: ACCOUNT + id: + type: string + description: Uncorrelated account's ID. + example: 4dd497e3723e439991cb6d0e478375dd + name: + type: string + description: Uncorrelated account's display name. + example: Sadie Jensen + nativeIdentity: + type: string + description: Unique ID of the account on the source. + example: 'cn=john.doe,ou=users,dc=acme,dc=com' + uuid: + nullable: true + type: string + description: The source's unique identifier for the account. UUID is generated by the source system. + example: 1cb1f07d-3e5a-4431-becd-234fa4306108 + entitlementCount: + type: integer + format: int32 + description: The number of entitlements associated with this account. + example: 0 + - title: Campaign Activated + type: object + required: + - campaign + properties: + campaign: + type: object + description: Details about the certification campaign that was activated. + required: + - id + - name + - description + - created + - deadline + - type + - campaignOwner + - status + properties: + id: + type: string + description: Unique ID for the campaign. + example: 2c91808576f886190176f88cac5a0010 + name: + type: string + description: The human friendly name of the campaign. + example: Manager Access Campaign + description: + type: string + description: Extended description of the campaign. + example: Audit access for all employees. + created: + type: string + format: date-time + description: The date and time the campaign was created. + example: '2021-02-16T03:04:45.815Z' + modified: + nullable: true + type: string + format: date-time + description: The date and time the campaign was last modified. + example: '2021-02-16T03:06:45.815Z' + deadline: + type: string + format: date-time + description: The date and time the campaign is due. + example: '2021-03-16T03:04:45.815Z' + type: + description: The type of campaign. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + campaignOwner: + type: object + description: Details of the identity that owns the campaign. + required: + - id + - displayName + - email + properties: + id: + type: string + description: The unique ID of the identity. + example: 37f080867702c1910177031320c40n27 + displayName: + type: string + description: The human friendly name of the identity. + example: John Snow + email: + type: string + description: The primary email address of the identity. + example: john.snow@example.com + status: + enum: + - ACTIVE + description: The current status of the campaign. + example: ACTIVE + - title: Campaign Ended + type: object + required: + - campaign + properties: + campaign: + type: object + description: Details about the certification campaign that ended. + required: + - id + - name + - description + - created + - deadline + - type + - campaignOwner + - status + properties: + id: + type: string + description: Unique ID for the campaign. + example: 2c91808576f886190176f88cac5a0010 + name: + type: string + description: The human friendly name of the campaign. + example: Manager Access Campaign + description: + type: string + description: Extended description of the campaign. + example: Audit access for all employees. + created: + type: string + format: date-time + description: The date and time the campaign was created. + example: '2021-02-16T03:04:45.815Z' + modified: + nullable: true + type: string + format: date-time + description: The date and time the campaign was last modified. + example: '2021-03-16T03:06:45.815Z' + deadline: + type: string + format: date-time + description: The date and time the campaign is due. + example: '2021-03-16T03:04:45.815Z' + type: + description: The type of campaign. + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + example: MANAGER + campaignOwner: + type: object + description: Details of the identity that owns the campaign. + required: + - id + - displayName + - email + properties: + id: + type: string + description: The unique ID of the identity. + example: 37f080867702c1910177031320c40n27 + displayName: + type: string + description: The human friendly name of the identity. + example: John Snow + email: + type: string + description: The primary email address of the identity. + example: john.snow@example.com + status: + enum: + - COMPLETED + description: The current status of the campaign. + example: COMPLETED + - title: Campaign Generated + type: object + required: + - campaign + properties: + campaign: + description: Details about the campaign that was generated. + type: object + required: + - id + - name + - description + - created + - type + - campaignOwner + - status + properties: + id: + type: string + description: The unique ID of the campaign. + example: 2c91808576f886190176f88cac5a0010 + name: + type: string + description: Human friendly name of the campaign. + example: Manager Access Campaign + description: + type: string + description: Extended description of the campaign. + example: Audit access for all employees. + created: + type: string + format: date-time + description: The date and time the campaign was created. + example: '2021-02-16T03:04:45.815Z' + modified: + nullable: true + type: string + description: The date and time the campaign was last modified. + example: '2021-02-17T03:04:45.815Z' + deadline: + nullable: true + type: string + description: The date and time when the campaign must be finished by. + example: '2021-02-18T03:04:45.815Z' + type: + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + - ROLE_COMPOSITION + description: The type of campaign that was generated. + example: MANAGER + campaignOwner: + type: object + description: The identity that owns the campaign. + required: + - id + - displayName + - email + properties: + id: + type: string + description: The unique ID of the identity. + example: 37f080867702c1910177031320c40n27 + displayName: + type: string + description: The display name of the identity. + example: John Snow + email: + type: string + description: The primary email address of the identity. + example: john.snow@example.com + status: + enum: + - STAGED + - ACTIVATING + - ACTIVE + description: The current status of the campaign. + example: STAGED + - title: Certification Signed Off + type: object + required: + - certification + properties: + certification: + description: The certification campaign that was signed off on. + required: + - id + - name + - created + allOf: + - type: object + required: + - campaignRef + - completed + - decisionsMade + - decisionsTotal + - due + - signed + - reviewer + - campaignOwner + - hasErrors + - phase + - entitiesCompleted + - entitiesTotal + properties: + campaignRef: + type: object + required: + - id + - name + - type + - campaignType + - description + - correlatedStatus + - mandatoryCommentRequirement + properties: + id: + type: string + description: The unique ID of the campaign. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the campaign. + example: Campaign Name + type: + type: string + enum: + - CAMPAIGN + description: The type of object that is being referenced. + example: CAMPAIGN + campaignType: + type: string + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + description: The type of the campaign. + example: MANAGER + description: + type: string + description: The description of the campaign set by the admin who created it. + nullable: true + example: A description of the campaign + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + phase: + type: string + description: | + The current phase of the campaign. + * `STAGED`: The campaign is waiting to be activated. + * `ACTIVE`: The campaign is active. + * `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete. + enum: + - STAGED + - ACTIVE + - SIGNED + example: ACTIVE + due: + type: string + format: date-time + description: The due date of the certification. + example: '2018-10-19T13:49:37.385Z' + signed: + type: string + format: date-time + description: The date the reviewer signed off on the certification. + example: '2018-10-19T13:49:37.385Z' + reviewer: + description: A reference to the reviewer of the campaign. + type: object + required: + - type + - id + - name + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: The reviewer's display name. + example: Michael Michaels + email: + type: string + nullable: true + description: The reviewing identity's email. Only applicable to `IDENTITY`. + example: reviewer@test.com + reassignment: + nullable: true + description: A reference to a reviewer that this campaign has been reassigned to. + type: object + properties: + from: + description: Previous certification. + type: object + allOf: + - type: object + description: Certification for review. + properties: + type: + type: string + description: DTO type of certification for review. + enum: + - CERTIFICATION + example: IDENTITY + id: + type: string + description: ID of certification for review. + example: 7589a83cec4b4f138ce56c1a5ef0756d + name: + type: string + description: Display name of certification for review. + example: Manager Access for Michael Michaels + - type: object + properties: + reviewer: + description: Certification reviewer + type: object + required: + - type + - id + - name + properties: + type: + type: string + description: The reviewer's DTO type. + enum: + - IDENTITY + - GOVERNANCE_GROUP + example: IDENTITY + id: + type: string + description: The reviewer's ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: The reviewer's display name. + example: Michael Michaels + email: + type: string + nullable: true + description: The reviewing identity's email. Only applicable to `IDENTITY`. + example: reviewer@test.com + comment: + type: string + description: Comments from the previous reviewer. + example: Please review + hasErrors: + type: boolean + example: false + description: Indicates it the certification has any errors. + errorMessage: + type: string + nullable: true + example: The certification has an error + description: A message indicating what the error is. + completed: + type: boolean + description: Indicates if all certification decisions have been made. + example: false + decisionsMade: + type: integer + description: The number of approve/revoke/acknowledge decisions that have been made by the reviewer. + example: 20 + format: int32 + decisionsTotal: + type: integer + description: The total number of approve/revoke/acknowledge decisions for the certification. + example: 40 + format: int32 + entitiesCompleted: + type: integer + description: 'The number of entities (identities, access profiles, roles, etc.) for which all decisions have been made and are complete.' + example: 5 + format: int32 + entitiesTotal: + type: integer + format: int32 + description: 'The total number of entities (identities, access profiles, roles, etc.) in the certification, both complete and incomplete.' + example: 10 + properties: + id: + type: string + description: Unique ID of the certification. + example: 2c91808576f886190176f88caf0d0067 + name: + type: string + description: The name of the certification. + example: Manager Access Review for Alice Baker + created: + type: string + format: date-time + description: The date and time the certification was created. + example: '2020-02-16T03:04:45.815Z' + modified: + nullable: true + type: string + format: date-time + description: The date and time the certification was last modified. + example: '2020-02-16T03:06:45.815Z' + - title: Identity Attributes Changed + type: object + required: + - identity + - changes + properties: + identity: + required: + - id + - type + - name + type: object + description: Identity whose attributes changed. + properties: + type: + type: string + description: DTO type of identity whose attributes changed. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity whose attributes changed. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Display name of identity whose attributes changed. + example: Michael Michaels + changes: + description: A list of one or more identity attributes that changed on the identity. + type: array + items: + type: object + required: + - attribute + properties: + attribute: + type: string + description: The name of the identity attribute that changed. + example: department + oldValue: + description: The value of the identity attribute before it changed. + nullable: true + example: sales + oneOf: + - type: string + - type: boolean + - type: array + items: + type: string + - type: object + nullable: true + additionalProperties: + oneOf: + - type: string + - type: number + - type: integer + - type: boolean + newValue: + description: The value of the identity attribute after it changed. + example: marketing + oneOf: + - type: string + - type: boolean + - type: array + items: + type: string + - type: object + nullable: true + additionalProperties: + oneOf: + - type: string + - type: number + - type: integer + - type: boolean + - title: Identity Created + type: object + required: + - identity + - attributes + properties: + identity: + required: + - id + - type + - name + type: object + description: Created identity. + properties: + type: + type: string + description: Created identity's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Created identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Created identity's display name. + example: Michael Michaels + attributes: + type: object + description: The attributes assigned to the identity. Attributes are determined by the identity profile. + additionalProperties: true + example: + firstname: John + - title: Identity Deleted + type: object + required: + - identity + - attributes + properties: + identity: + required: + - id + - type + - name + type: object + description: Deleted identity. + properties: + type: + type: string + description: Deleted identity's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Deleted identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Deleted identity's display name. + example: Michael Michaels + attributes: + type: object + description: The attributes assigned to the identity. Attributes are determined by the identity profile. + additionalProperties: true + example: + firstname: John + - title: Provisioning Completed + type: object + required: + - trackingNumber + - sources + - recipient + - accountRequests + properties: + trackingNumber: + type: string + description: The reference number of the provisioning request. Useful for tracking status in the Account Activity search interface. + example: 4b4d982dddff4267ab12f0f1e72b5a6d + sources: + type: string + description: One or more sources that the provisioning transaction(s) were done against. Sources are comma separated. + example: 'Corp AD, Corp LDAP, Corp Salesforce' + action: + nullable: true + type: string + description: Origin of where the provisioning request came from. + example: IdentityRefresh + errors: + nullable: true + description: A list of any accumulated error messages that occurred during provisioning. + type: array + items: + type: string + example: Connector AD Failed + warnings: + nullable: true + description: A list of any accumulated warning messages that occurred during provisioning. + type: array + items: + type: string + example: Notification Skipped due to invalid email + recipient: + required: + - id + - type + - name + type: object + description: Provisioning recpient. + properties: + type: + type: string + description: Provisioning recipient DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Provisioning recipient's identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Provisioning recipient's display name. + example: Michael Michaels + requester: + nullable: true + required: + - id + - type + - name + type: object + description: Provisioning requester's identity. + properties: + type: + type: string + description: Provisioning requester's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Provisioning requester's identity ID. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Provisioning owner's human-readable display name. + example: William Wilson + accountRequests: + type: array + description: A list of provisioning instructions to perform on an account-by-account basis. + items: + type: object + required: + - source + - accountOperation + - provisioningResult + - provisioningTarget + properties: + source: + required: + - id + - type + - name + type: object + description: Reference to the source being provisioned against. + properties: + id: + description: ID of the object to which this reference applies + type: string + example: 4e4d982dddff4267ab12f0f1e72b5a6d + type: + type: string + enum: + - SOURCE + example: SOURCE + description: The type of object that is referenced + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: Corporate Active Directory + accountId: + type: string + description: The unique idenfier of the account being provisioned. + example: 'CN=Chewy.Bacca,ou=hardcorefigter,ou=wookies,dc=starwars,dc=com' + accountOperation: + type: string + description: 'The provisioning operation; typically Create, Modify, Enable, Disable, Unlock, or Delete.' + example: Modify + provisioningResult: + description: 'The overall result of the provisioning transaction; this could be success, pending, failed, etc.' + enum: + - SUCCESS + - PENDING + - FAILED + example: SUCCESS + provisioningTarget: + type: string + description: 'The name of the provisioning channel selected; this could be the same as the source, or could be a Service Desk Integration Module (SDIM).' + example: Corp AD + ticketId: + nullable: true + type: string + description: 'A reference to a tracking number, if this is sent to a Service Desk Integration Module (SDIM).' + example: '72619262' + attributeRequests: + nullable: true + description: A list of attributes as part of the provisioning transaction. + type: array + items: + type: object + required: + - attributeName + - operation + properties: + attributeName: + type: string + description: The name of the attribute being provisioned. + example: memberOf + attributeValue: + nullable: true + type: string + description: The value of the attribute being provisioned. + example: 'CN=jedi,DC=starwars,DC=com' + operation: + enum: + - Add + - Set + - Remove + description: The operation to handle the attribute. + example: Add + - title: Saved Search Complete + type: object + required: + - fileName + - ownerEmail + - ownerName + - query + - searchName + - searchResults + - signedS3Url + properties: + fileName: + type: string + description: A name for the report file. + example: Modified.zip + ownerEmail: + type: string + description: The email address of the identity that owns the saved search. + example: test@sailpoint.com + ownerName: + type: string + description: The name of the identity that owns the saved search. + example: Cloud Support + query: + type: string + description: The search query that was used to generate the report. + example: 'modified:[now-7y/d TO now]' + searchName: + type: string + description: The name of the saved search. + example: Modified Activity + searchResults: + type: object + description: 'A preview of the search results for each object type. This includes a count as well as headers, and the first several rows of data, per object type.' + properties: + Account: + description: A table of accounts that match the search criteria. + nullable: true + type: object + required: + - count + - noun + - preview + properties: + count: + type: string + description: The number of rows in the table. + example: 3 + noun: + type: string + description: The type of object represented in the table. + example: accounts + preview: + description: A sample of the data in the table. + type: array + items: + type: array + items: + type: string + example: Robert.Chase + example: [] + Entitlement: + description: A table of entitlements that match the search criteria. + nullable: true + type: object + required: + - count + - noun + - preview + properties: + count: + type: string + description: The number of rows in the table. + example: 2 + noun: + type: string + description: The type of object represented in the table. + example: entitlements + preview: + description: A sample of the data in the table. + type: array + items: + type: array + items: + type: string + example: Administrator + example: [] + Identity: + description: A table of identities that match the search criteria. + nullable: true + type: object + required: + - count + - noun + - preview + properties: + count: + type: string + description: The number of rows in the table. + example: 2 + noun: + type: string + description: The type of object represented in the table. + example: identities + preview: + description: A sample of the data in the table. + type: array + items: + type: array + items: + type: string + example: Carol Shelby + example: [] + signedS3Url: + type: string + description: The Amazon S3 URL to download the report from. + example: 'https://sptcbu-org-data-useast1.s3.amazonaws.com/arsenal-john/reports/Events%20Export.2020-05-06%2018%2759%20GMT.3e580592-86e4-4953-8aea-49e6ef20a086.zip?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20200506T185919Z&X-Amz-SignedHeaders=host&X-Amz-Expires=899&X-Amz-Credential=AKIAV5E54XOGTS4Q4L7A%2F20200506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=2e732bb97a12a1fd8a215613e3c31fcdae8ba1fb6a25916843ab5b51d2ddefbc' + - title: Source Account Created + type: object + required: + - id + - nativeIdentifier + - sourceId + - sourceName + - identityId + - identityName + - attributes + properties: + uuid: + type: string + description: Source unique identifier for the identity. UUID is generated by the source system. + example: b7264868-7201-415f-9118-b581d431c688 + id: + type: string + description: SailPoint generated unique identifier. + example: ee769173319b41d19ccec35ba52f237b + nativeIdentifier: + type: string + description: Unique ID of the account on the source. + example: E009 + sourceId: + type: string + description: The ID of the source. + example: 2c918082814e693601816e09471b29b6 + sourceName: + type: string + description: The name of the source. + example: Active Directory + identityId: + type: string + description: The ID of the identity that is correlated with this account. + example: ee769173319b41d19ccec6c235423237b + identityName: + type: string + description: The name of the identity that is correlated with this account. + example: john.doe + attributes: + type: object + additionalProperties: true + description: The attributes of the account. The contents of attributes depends on the account schema for the source. + example: + firstname: John + lastname: Doe + email: john.doe@gmail.com + department: Sales + displayName: John Doe + created: '2020-04-27T16:48:33.597Z' + employeeNumber: E009 + uid: E009 + inactive: 'true' + phone: null + identificationNumber: E009 + - title: Source Account Deleted + type: object + required: + - id + - nativeIdentifier + - sourceId + - sourceName + - identityId + - identityName + - attributes + properties: + uuid: + type: string + description: Source unique identifier for the identity. UUID is generated by the source system. + example: b7264868-7201-415f-9118-b581d431c688 + id: + type: string + description: SailPoint generated unique identifier. + example: ee769173319b41d19ccec35ba52f237b + nativeIdentifier: + type: string + description: Unique ID of the account on the source. + example: E009 + sourceId: + type: string + description: The ID of the source. + example: 2c918082814e693601816e09471b29b6 + sourceName: + type: string + description: The name of the source. + example: Active Directory + identityId: + type: string + description: The ID of the identity that is correlated with this account. + example: ee769173319b41d19ccec6c235423237b + identityName: + type: string + description: The name of the identity that is correlated with this account. + example: john.doe + attributes: + type: object + additionalProperties: true + description: The attributes of the account. The contents of attributes depends on the account schema for the source. + example: + firstname: John + lastname: Doe + email: john.doe@gmail.com + department: Sales + displayName: John Doe + created: '2020-04-27T16:48:33.597Z' + employeeNumber: E009 + uid: E009 + inactive: 'true' + phone: null + identificationNumber: E009 + - title: Source Account Updated + type: object + required: + - id + - nativeIdentifier + - sourceId + - sourceName + - identityId + - identityName + - attributes + properties: + uuid: + type: string + description: Source unique identifier for the identity. UUID is generated by the source system. + example: b7264868-7201-415f-9118-b581d431c688 + id: + type: string + description: SailPoint generated unique identifier. + example: ee769173319b41d19ccec35ba52f237b + nativeIdentifier: + type: string + description: Unique ID of the account on the source. + example: E009 + sourceId: + type: string + description: The ID of the source. + example: 2c918082814e693601816e09471b29b6 + sourceName: + type: string + description: The name of the source. + example: Active Directory + identityId: + type: string + description: The ID of the identity that is correlated with this account. + example: ee769173319b41d19ccec6c235423237b + identityName: + type: string + description: The name of the identity that is correlated with this account. + example: john.doe + attributes: + type: object + additionalProperties: true + description: The attributes of the account. The contents of attributes depends on the account schema for the source. + example: + firstname: John + lastname: Doe + email: john.doe@gmail.com + department: Sales + displayName: John Doe + created: '2020-04-27T16:48:33.597Z' + employeeNumber: E009 + uid: E009 + inactive: 'true' + phone: null + identificationNumber: E009 + - title: Source Created + type: object + required: + - id + - name + - type + - created + - connector + - actor + properties: + id: + type: string + description: The unique ID of the source. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Human friendly name of the source. + example: Test source + type: + type: string + description: The connection type. + example: DIRECT_CONNECT + created: + type: string + format: date-time + description: The date and time the source was created. + example: '2021-03-29T22:01:50.474Z' + connector: + type: string + description: The connector type used to connect to the source. + example: active-directory + actor: + required: + - id + - name + - type + type: object + description: Identity who created the source. + properties: + type: + type: string + description: DTO type of identity who created the source. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity who created the source. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Display name of identity who created the source. + example: William Wilson + - title: Source Deleted + type: object + required: + - id + - name + - type + - deleted + - connector + - actor + properties: + id: + type: string + description: The unique ID of the source. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Human friendly name of the source. + example: Test source + type: + type: string + description: The connection type. + example: DIRECT_CONNECT + deleted: + type: string + format: date-time + description: The date and time the source was deleted. + example: '2021-03-29T22:01:50.474Z' + connector: + type: string + description: The connector type used to connect to the source. + example: active-directory + actor: + required: + - id + - name + - type + type: object + description: Identity who deleted the source. + properties: + type: + type: string + description: DTO type of identity who deleted the source. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity who deleted the source. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Display name of identity who deleted the source. + example: William Wilson + - title: Source Updated + type: object + required: + - id + - name + - type + - modified + - connector + - actor + properties: + id: + type: string + description: The unique ID of the source. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: The user friendly name of the source. + example: Corporate Active Directory + type: + type: string + description: The connection type of the source. + example: DIRECT_CONNECT + modified: + type: string + format: date-time + description: The date and time the source was modified. + example: '2021-03-29T22:01:50.474Z' + connector: + type: string + description: The connector type used to connect to the source. + example: active-directory + actor: + required: + - type + - name + type: object + description: Identity who updated the source. + properties: + type: + type: string + description: DTO type of identity who updated the source. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of identity who updated the source. + example: 2c7180a46faadee4016fb4e018c20648 + name: + type: string + description: Display name of identity who updated the source. + example: William Wilson + - title: VA Cluster Status Change Event + type: object + required: + - created + - type + - application + - healthCheckResult + - previousHealthCheckResult + properties: + created: + type: string + format: date-time + description: The date and time the status change occurred. + example: '2020-06-29T22:01:50.474Z' + type: + enum: + - SOURCE + - CLUSTER + description: The type of the object that initiated this event. + example: CLUSTER + application: + type: object + description: Details about the `CLUSTER` or `SOURCE` that initiated this event. + required: + - id + - name + - attributes + properties: + id: + type: string + description: The GUID of the application + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: The name of the application + example: Production VA Cluster + attributes: + type: object + description: Custom map of attributes for a source. This will only be populated if type is `SOURCE` and the source has a proxy. + additionalProperties: true + nullable: true + example: null + healthCheckResult: + type: object + description: The results of the most recent health check. + required: + - message + - resultType + - status + properties: + message: + type: string + description: Detailed message of the result of the health check. + example: Test Connection failed with exception. Error message - java.lang Exception + resultType: + type: string + description: The type of the health check result. + example: SOURCE_STATE_ERROR_CLUSTER + status: + enum: + - Succeeded + - Failed + description: The status of the health check. + example: Succeeded + previousHealthCheckResult: + type: object + description: The results of the last health check. + required: + - message + - resultType + - status + properties: + message: + type: string + description: Detailed message of the result of the health check. + example: Test Connection failed with exception. Error message - java.lang Exception + resultType: + type: string + description: The type of the health check result. + example: SOURCE_STATE_ERROR_CLUSTER + status: + enum: + - Succeeded + - Failed + description: The status of the health check. + example: Failed + outputSchema: + type: string + description: The JSON schema of the response that will be sent by the subscribed service to the trigger in response to an event. This only applies to a trigger type of `REQUEST_RESPONSE`. + nullable: true + example: '{"definitions":{"record:AccessRequestDynamicApproverOutput":{"type":["null","object"],"required":["id","name","type"],"additionalProperties":true,"properties":{"id":{"type":"string"},"name":{"type":"string"},"type":{"type":"string"}}}},"$ref":"#/definitions/record:AccessRequestDynamicApproverOutput"}' + exampleOutput: + description: An example of the JSON payload that will be sent by the subscribed service to the trigger in response to an event. + nullable: true + oneOf: + - title: Access Request Dynamic Approver + type: object + nullable: true + required: + - id + - name + - type + properties: + id: + type: string + description: The unique ID of the identity to add to the approver list for the access request. + example: 2c91808b6ef1d43e016efba0ce470906 + name: + type: string + description: The name of the identity to add to the approver list for the access request. + example: Adam Adams + type: + enum: + - IDENTITY + - GOVERNANCE_GROUP + description: The type of object being referenced. + example: IDENTITY + - title: Access Request Pre Approval + type: object + required: + - approved + - comment + - approver + properties: + approved: + type: boolean + description: Whether or not to approve the access request. + example: false + comment: + type: string + description: A comment about the decision to approve or deny the request. + example: 'This access should be denied, because this will cause an SOD violation.' + approver: + type: string + description: The name of the entity that approved or denied the request. + example: AcmeCorpExternalIntegration + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:trigger-service-subscriptions:read' + /trigger-subscriptions: + post: + operationId: createSubscription + tags: + - Triggers + summary: Create a Subscription + description: |- + This API creates a new subscription to a trigger and defines trigger invocation details. The type of subscription determines which config object is required: + * HTTP subscriptions require httpConfig + * EventBridge subscriptions require eventBridgeConfig + requestBody: + required: true + content: + application/json: + schema: + type: object + required: + - triggerId + - type + - name + properties: + name: + type: string + description: Subscription name. + example: Access request subscription + description: + type: string + description: Subscription description. + example: Access requested to site xyz + triggerId: + type: string + description: ID of trigger subscribed to. + example: 'idn:access-requested' + type: + type: string + enum: + - HTTP + - EVENTBRIDGE + - INLINE + - SCRIPT + - WORKFLOW + description: 'Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.' + example: HTTP + responseDeadline: + type: string + description: 'Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.' + example: PT1H + default: PT1H + httpConfig: + description: Config required if HTTP subscription type is used. + type: object + properties: + url: + type: string + description: URL of the external/custom integration. + example: 'https://www.example.com' + httpDispatchMode: + type: string + description: 'HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.' + enum: + - SYNC + - ASYNC + - DYNAMIC + example: SYNC + httpAuthenticationType: + type: string + description: |- + Defines the HTTP Authentication type. Additional values may be added in the future. + + If *NO_AUTH* is selected, no extra information will be in HttpConfig. + + If *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings. + + If *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string. + enum: + - NO_AUTH + - BASIC_AUTH + - BEARER_TOKEN + default: NO_AUTH + example: BASIC_AUTH + basicAuthConfig: + type: object + properties: + userName: + type: string + description: The username to authenticate. + example: user@example.com + password: + type: string + nullable: true + description: 'The password to authenticate. On response, this field is set to null as to not return secrets.' + example: null + nullable: true + description: Config required if BASIC_AUTH is used. + bearerTokenAuthConfig: + type: object + properties: + bearerToken: + type: string + nullable: true + description: Bearer token + example: null + nullable: true + description: 'Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets.' + required: + - url + - httpDispatchMode + eventBridgeConfig: + description: Config required if EVENTBRIDGE subscription type is used. + type: object + properties: + awsAccount: + type: string + description: AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource. + example: '123456789012' + awsRegion: + type: string + description: 'AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.' + example: us-west-1 + required: + - awsAccount + - awsRegion + enabled: + type: boolean + description: |- + Whether subscription should receive real-time trigger invocations or not. + + Test trigger invocations are always enabled regardless of this option. + default: true + example: true + filter: + type: string + description: JSONPath filter to conditionally invoke trigger when expression evaluates to true. + example: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + externalDocs: + description: JSONPath filter documentation + url: 'https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events' + examples: + HTTP Subscription: + value: + name: Access request subscription + description: Access requested to site xyz + triggerId: 'idn:access-requested' + type: HTTP + httpConfig: + url: 'https://www.example.com' + httpDispatchMode: SYNC + httpAuthenticationType: BASIC_AUTH + basicAuthConfig: + userName: user@example.com + password: eRtg4%6yuI! + enabled: true + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + HTTP Async Subscription: + value: + name: Access request subscription + description: Access requested to site xyz + triggerId: 'idn:access-requested' + type: HTTP + responseDeadline: PT1H + httpConfig: + url: 'https://www.example.com' + httpDispatchMode: ASYNC + httpAuthenticationType: BASIC_AUTH + basicAuthConfig: + userName: user@example.com + password: eRtg4%6yuI! + enabled: true + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + EventBridge Subscription: + value: + name: Access request subscription + description: Access requested to site xyz + triggerId: 'idn:access-requested' + type: EVENTBRIDGE + eventBridgeConfig: + awsAccount: '123456789012' + awsRegion: us-west-1 + enabled: true + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + responses: + '201': + description: New subscription to a trigger. The trigger can now be invoked by the method defined in the subscription. + content: + application/json: + schema: + type: object + required: + - id + - triggerId + - type + - name + - triggerName + - enabled + properties: + id: + type: string + description: Subscription ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: Subscription name. + example: Access request subscription + description: + type: string + description: Subscription description. + example: Access requested to site xyz + triggerId: + type: string + description: ID of trigger subscribed to. + example: 'idn:access-request-post-approval' + triggerName: + type: string + description: Trigger name of trigger subscribed to. + example: Access Requested + type: + type: string + enum: + - HTTP + - EVENTBRIDGE + - INLINE + - SCRIPT + - WORKFLOW + description: 'Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.' + example: HTTP + responseDeadline: + type: string + description: 'Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.' + example: PT1H + default: PT1H + httpConfig: + description: Config required if HTTP subscription type is used. + type: object + properties: + url: + type: string + description: URL of the external/custom integration. + example: 'https://www.example.com' + httpDispatchMode: + type: string + description: 'HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.' + enum: + - SYNC + - ASYNC + - DYNAMIC + example: SYNC + httpAuthenticationType: + type: string + description: |- + Defines the HTTP Authentication type. Additional values may be added in the future. + + If *NO_AUTH* is selected, no extra information will be in HttpConfig. + + If *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings. + + If *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string. + enum: + - NO_AUTH + - BASIC_AUTH + - BEARER_TOKEN + default: NO_AUTH + example: BASIC_AUTH + basicAuthConfig: + type: object + properties: + userName: + type: string + description: The username to authenticate. + example: user@example.com + password: + type: string + nullable: true + description: 'The password to authenticate. On response, this field is set to null as to not return secrets.' + example: null + nullable: true + description: Config required if BASIC_AUTH is used. + bearerTokenAuthConfig: + type: object + properties: + bearerToken: + type: string + nullable: true + description: Bearer token + example: null + nullable: true + description: 'Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets.' + required: + - url + - httpDispatchMode + eventBridgeConfig: + description: Config required if EVENTBRIDGE subscription type is used. + type: object + properties: + awsAccount: + type: string + description: AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource. + example: '123456789012' + awsRegion: + type: string + description: 'AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.' + example: us-west-1 + required: + - awsAccount + - awsRegion + enabled: + type: boolean + description: |- + Whether subscription should receive real-time trigger invocations or not. + Test trigger invocations are always enabled regardless of this option. + default: true + example: true + filter: + type: string + description: JSONPath filter to conditionally invoke trigger when expression evaluates to true. + example: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + externalDocs: + description: JSONPath filter documentation + url: 'https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:trigger-service-subscriptions:manage' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + get: + operationId: listSubscriptions + tags: + - Triggers + summary: List Subscriptions + description: Gets a list of all trigger subscriptions. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + required: false + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq* + + **triggerId**: *eq* + + **type**: *eq, le* + example: id eq "12cff757-c0c0-413b-8ad7-2a47956d1e89" + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **triggerId, triggerName** + example: triggerName + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of subscriptions. + content: + application/json: + schema: + type: array + items: + type: object + required: + - id + - triggerId + - type + - name + - triggerName + - enabled + properties: + id: + type: string + description: Subscription ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: Subscription name. + example: Access request subscription + description: + type: string + description: Subscription description. + example: Access requested to site xyz + triggerId: + type: string + description: ID of trigger subscribed to. + example: 'idn:access-request-post-approval' + triggerName: + type: string + description: Trigger name of trigger subscribed to. + example: Access Requested + type: + type: string + enum: + - HTTP + - EVENTBRIDGE + - INLINE + - SCRIPT + - WORKFLOW + description: 'Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.' + example: HTTP + responseDeadline: + type: string + description: 'Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.' + example: PT1H + default: PT1H + httpConfig: + description: Config required if HTTP subscription type is used. + type: object + properties: + url: + type: string + description: URL of the external/custom integration. + example: 'https://www.example.com' + httpDispatchMode: + type: string + description: 'HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.' + enum: + - SYNC + - ASYNC + - DYNAMIC + example: SYNC + httpAuthenticationType: + type: string + description: |- + Defines the HTTP Authentication type. Additional values may be added in the future. + + If *NO_AUTH* is selected, no extra information will be in HttpConfig. + + If *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings. + + If *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string. + enum: + - NO_AUTH + - BASIC_AUTH + - BEARER_TOKEN + default: NO_AUTH + example: BASIC_AUTH + basicAuthConfig: + type: object + properties: + userName: + type: string + description: The username to authenticate. + example: user@example.com + password: + type: string + nullable: true + description: 'The password to authenticate. On response, this field is set to null as to not return secrets.' + example: null + nullable: true + description: Config required if BASIC_AUTH is used. + bearerTokenAuthConfig: + type: object + properties: + bearerToken: + type: string + nullable: true + description: Bearer token + example: null + nullable: true + description: 'Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets.' + required: + - url + - httpDispatchMode + eventBridgeConfig: + description: Config required if EVENTBRIDGE subscription type is used. + type: object + properties: + awsAccount: + type: string + description: AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource. + example: '123456789012' + awsRegion: + type: string + description: 'AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.' + example: us-west-1 + required: + - awsAccount + - awsRegion + enabled: + type: boolean + description: |- + Whether subscription should receive real-time trigger invocations or not. + Test trigger invocations are always enabled regardless of this option. + default: true + example: true + filter: + type: string + description: JSONPath filter to conditionally invoke trigger when expression evaluates to true. + example: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + externalDocs: + description: JSONPath filter documentation + url: 'https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events' + examples: + HTTP Subscription: + value: + - id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: Access request subscription + description: Access requested to site xyz + triggerId: 'idn:access-requested' + triggerName: Access Requested + type: HTTP + httpConfig: + url: 'https://www.example.com' + httpDispatchMode: SYNC + httpAuthenticationType: BASIC_AUTH + basicAuthConfig: + userName: user@example.com + password: null + enabled: true + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + HTTP Async Subscription: + value: + name: Access request subscription + description: Access requested to site xyz + triggerId: 'idn:access-requested' + triggerName: Access Requested + type: HTTP + responseDeadline: PT1H + httpConfig: + url: 'https://www.example.com' + httpDispatchMode: ASYNC + httpAuthenticationType: BASIC_AUTH + basicAuthConfig: + userName: user@example.com + password: null + enabled: true + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + EventBridge Subscription: + value: + - id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: Access request subscription + description: Access requested to site xyz + triggerId: 'idn:access-requested' + triggerName: Access Requested + type: EVENTBRIDGE + eventBridgeConfig: + awsAccount: '123456789012' + awsRegion: us-west-1 + enabled: true + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:trigger-service-subscriptions:read' + '/trigger-subscriptions/{id}': + put: + operationId: updateSubscription + tags: + - Triggers + summary: Update a Subscription + description: |- + This API updates a trigger subscription in IdentityNow, using a full object representation. In other words, the existing + Subscription is completely replaced. The following fields are immutable: + + + * id + + * triggerId + + + Attempts to modify these fields result in 400. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Subscription ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + name: + type: string + description: Subscription name. + example: Access request subscription + description: + type: string + description: Subscription description. + example: Access requested to site xyz + type: + type: string + enum: + - HTTP + - EVENTBRIDGE + - INLINE + - SCRIPT + - WORKFLOW + description: 'Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.' + example: HTTP + responseDeadline: + type: string + description: 'Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.' + example: PT1H + default: PT1H + httpConfig: + description: Config required if HTTP subscription type is used. + type: object + properties: + url: + type: string + description: URL of the external/custom integration. + example: 'https://www.example.com' + httpDispatchMode: + type: string + description: 'HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.' + enum: + - SYNC + - ASYNC + - DYNAMIC + example: SYNC + httpAuthenticationType: + type: string + description: |- + Defines the HTTP Authentication type. Additional values may be added in the future. + + If *NO_AUTH* is selected, no extra information will be in HttpConfig. + + If *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings. + + If *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string. + enum: + - NO_AUTH + - BASIC_AUTH + - BEARER_TOKEN + default: NO_AUTH + example: BASIC_AUTH + basicAuthConfig: + type: object + properties: + userName: + type: string + description: The username to authenticate. + example: user@example.com + password: + type: string + nullable: true + description: 'The password to authenticate. On response, this field is set to null as to not return secrets.' + example: null + nullable: true + description: Config required if BASIC_AUTH is used. + bearerTokenAuthConfig: + type: object + properties: + bearerToken: + type: string + nullable: true + description: Bearer token + example: null + nullable: true + description: 'Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets.' + required: + - url + - httpDispatchMode + eventBridgeConfig: + description: Config required if EVENTBRIDGE subscription type is used. + type: object + properties: + awsAccount: + type: string + description: AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource. + example: '123456789012' + awsRegion: + type: string + description: 'AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.' + example: us-west-1 + required: + - awsAccount + - awsRegion + enabled: + type: boolean + description: |- + Whether subscription should receive real-time trigger invocations or not. + + Test trigger invocations are always enabled regardless of this option. + default: true + example: true + filter: + type: string + description: JSONPath filter to conditionally invoke trigger when expression evaluates to true. + example: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + externalDocs: + description: JSONPath filter documentation + url: 'https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events' + examples: + HTTP Subscription: + value: + name: Access request subscription + description: Access requested to site xyz + type: HTTP + httpConfig: + url: 'https://www.example.com' + httpDispatchMode: SYNC + httpAuthenticationType: BASIC_AUTH + basicAuthConfig: + userName: user@example.com + password: eRtg4%6yuI! + enabled: true + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + HTTP Async Subscription: + value: + name: Access request subscription + description: Access requested to site xyz + type: HTTP + responseDeadline: PT1H + httpConfig: + url: 'https://www.example.com' + httpDispatchMode: ASYNC + httpAuthenticationType: BASIC_AUTH + basicAuthConfig: + userName: user@example.com + password: eRtg4%6yuI! + enabled: true + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + EventBridge Subscription: + value: + name: Access request subscription + description: Access requested to site xyz + type: EVENTBRIDGE + eventBridgeConfig: + awsAccount: '123456789012' + awsRegion: us-west-1 + enabled: true + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + responses: + '200': + description: Updated subscription. + content: + application/json: + schema: + type: object + required: + - id + - triggerId + - type + - name + - triggerName + - enabled + properties: + id: + type: string + description: Subscription ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: Subscription name. + example: Access request subscription + description: + type: string + description: Subscription description. + example: Access requested to site xyz + triggerId: + type: string + description: ID of trigger subscribed to. + example: 'idn:access-request-post-approval' + triggerName: + type: string + description: Trigger name of trigger subscribed to. + example: Access Requested + type: + type: string + enum: + - HTTP + - EVENTBRIDGE + - INLINE + - SCRIPT + - WORKFLOW + description: 'Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.' + example: HTTP + responseDeadline: + type: string + description: 'Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.' + example: PT1H + default: PT1H + httpConfig: + description: Config required if HTTP subscription type is used. + type: object + properties: + url: + type: string + description: URL of the external/custom integration. + example: 'https://www.example.com' + httpDispatchMode: + type: string + description: 'HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.' + enum: + - SYNC + - ASYNC + - DYNAMIC + example: SYNC + httpAuthenticationType: + type: string + description: |- + Defines the HTTP Authentication type. Additional values may be added in the future. + + If *NO_AUTH* is selected, no extra information will be in HttpConfig. + + If *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings. + + If *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string. + enum: + - NO_AUTH + - BASIC_AUTH + - BEARER_TOKEN + default: NO_AUTH + example: BASIC_AUTH + basicAuthConfig: + type: object + properties: + userName: + type: string + description: The username to authenticate. + example: user@example.com + password: + type: string + nullable: true + description: 'The password to authenticate. On response, this field is set to null as to not return secrets.' + example: null + nullable: true + description: Config required if BASIC_AUTH is used. + bearerTokenAuthConfig: + type: object + properties: + bearerToken: + type: string + nullable: true + description: Bearer token + example: null + nullable: true + description: 'Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets.' + required: + - url + - httpDispatchMode + eventBridgeConfig: + description: Config required if EVENTBRIDGE subscription type is used. + type: object + properties: + awsAccount: + type: string + description: AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource. + example: '123456789012' + awsRegion: + type: string + description: 'AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.' + example: us-west-1 + required: + - awsAccount + - awsRegion + enabled: + type: boolean + description: |- + Whether subscription should receive real-time trigger invocations or not. + Test trigger invocations are always enabled regardless of this option. + default: true + example: true + filter: + type: string + description: JSONPath filter to conditionally invoke trigger when expression evaluates to true. + example: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + externalDocs: + description: JSONPath filter documentation + url: 'https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:trigger-service-subscriptions:manage' + patch: + operationId: patchSubscription + tags: + - Triggers + summary: Patch a Subscription + description: |- + This API updates a trigger subscription in IdentityNow, using a set of instructions to modify a subscription partially. The following fields are patchable: + + **name**, **description**, **enabled**, **type**, **filter**, **responseDeadline**, **httpConfig**, **eventBridgeConfig**, **workflowConfig** + parameters: + - in: path + name: id + schema: + type: string + required: true + description: ID of the Subscription to patch + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json-patch+json: + schema: + description: Operations to be applied + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + anyOf: + - type: string + - type: integer + - type: object + - type: array + items: + anyOf: + - type: string + - type: integer + - type: object + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + example: + - op: replace + path: /description + value: A new description + - op: replace + path: /name + value: A new name + responses: + '200': + description: Updated subscription. + content: + application/json: + schema: + type: object + required: + - id + - triggerId + - type + - name + - triggerName + - enabled + properties: + id: + type: string + description: Subscription ID. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + name: + type: string + description: Subscription name. + example: Access request subscription + description: + type: string + description: Subscription description. + example: Access requested to site xyz + triggerId: + type: string + description: ID of trigger subscribed to. + example: 'idn:access-request-post-approval' + triggerName: + type: string + description: Trigger name of trigger subscribed to. + example: Access Requested + type: + type: string + enum: + - HTTP + - EVENTBRIDGE + - INLINE + - SCRIPT + - WORKFLOW + description: 'Subscription type. **NOTE** If type is EVENTBRIDGE, then eventBridgeConfig is required. If type is HTTP, then httpConfig is required.' + example: HTTP + responseDeadline: + type: string + description: 'Deadline for completing REQUEST_RESPONSE trigger invocation, represented in ISO-8601 duration format.' + example: PT1H + default: PT1H + httpConfig: + description: Config required if HTTP subscription type is used. + type: object + properties: + url: + type: string + description: URL of the external/custom integration. + example: 'https://www.example.com' + httpDispatchMode: + type: string + description: 'HTTP response modes, i.e. SYNC, ASYNC, or DYNAMIC.' + enum: + - SYNC + - ASYNC + - DYNAMIC + example: SYNC + httpAuthenticationType: + type: string + description: |- + Defines the HTTP Authentication type. Additional values may be added in the future. + + If *NO_AUTH* is selected, no extra information will be in HttpConfig. + + If *BASIC_AUTH* is selected, HttpConfig will include BasicAuthConfig with Username and Password as strings. + + If *BEARER_TOKEN* is selected, HttpConfig will include BearerTokenAuthConfig with Token as string. + enum: + - NO_AUTH + - BASIC_AUTH + - BEARER_TOKEN + default: NO_AUTH + example: BASIC_AUTH + basicAuthConfig: + type: object + properties: + userName: + type: string + description: The username to authenticate. + example: user@example.com + password: + type: string + nullable: true + description: 'The password to authenticate. On response, this field is set to null as to not return secrets.' + example: null + nullable: true + description: Config required if BASIC_AUTH is used. + bearerTokenAuthConfig: + type: object + properties: + bearerToken: + type: string + nullable: true + description: Bearer token + example: null + nullable: true + description: 'Config required if BEARER_TOKEN authentication is used. On response, this field is set to null as to not return secrets.' + required: + - url + - httpDispatchMode + eventBridgeConfig: + description: Config required if EVENTBRIDGE subscription type is used. + type: object + properties: + awsAccount: + type: string + description: AWS Account Number (12-digit number) that has the EventBridge Partner Event Source Resource. + example: '123456789012' + awsRegion: + type: string + description: 'AWS Region that has the EventBridge Partner Event Source Resource. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a full list of available values.' + example: us-west-1 + required: + - awsAccount + - awsRegion + enabled: + type: boolean + description: |- + Whether subscription should receive real-time trigger invocations or not. + Test trigger invocations are always enabled regardless of this option. + default: true + example: true + filter: + type: string + description: JSONPath filter to conditionally invoke trigger when expression evaluates to true. + example: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + externalDocs: + description: JSONPath filter documentation + url: 'https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:trigger-service-subscriptions:manage' + delete: + operationId: deleteSubscription + tags: + - Triggers + summary: Delete a Subscription + description: Deletes an existing subscription to a trigger. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: Subscription ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: Subscription is deleted successfully. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:trigger-service-subscriptions:manage' + /trigger-subscriptions/validate-filter: + post: + operationId: testSubscriptionFilter + tags: + - Triggers + summary: Validate a Subscription Filter + description: |- + Validates a JSONPath filter expression against a provided mock input. + Request requires a security scope of: + requestBody: + required: true + content: + application/json: + schema: + required: + - input + - filter + type: object + properties: + input: + type: object + description: Mock input to evaluate filter expression against. + example: + identityId: 201327fda1c44704ac01181e963d463c + filter: + type: string + description: JSONPath filter to conditionally invoke trigger when expression evaluates to true. + example: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + externalDocs: + description: JSONPath filter documentation + url: 'https://developer.sailpoint.com/idn/docs/event-triggers/filtering-events' + example: + input: + identityId: 201327fda1c44704ac01181e963d463c + filter: '$[?($.identityId == "201327fda1c44704ac01181e963d463c")]' + responses: + '200': + description: Boolean whether specified filter expression is valid against the input. + content: + application/json: + schema: + type: object + properties: + isValid: + type: boolean + default: false + description: 'When this field is true, the filter expression is valid against the input.' + example: true + isValidJSONPath: + type: boolean + default: false + description: 'When this field is true, the filter expression is using a valid JSON path.' + example: true + isPathExist: + type: boolean + default: false + description: 'When this field is true, the filter expression is using an existing path.' + example: true + example: + isValid: true + isValidJSONPath: true + isPathExist: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:trigger-service-subscriptions:manage' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /trigger-invocations/status: + get: + operationId: listTriggerInvocationStatus + tags: + - Triggers + summary: List Latest Invocation Statuses + description: |- + Gets a list of latest invocation statuses. + Statuses of successful invocations are available for up to 24 hours. Statuses of failed invocations are available for up to 48 hours. + This endpoint may only fetch up to 2000 invocations, and should not be treated as a representation of the full history of invocations. + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + required: false + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **triggerId**: *eq* + + **subscriptionId**: *eq* + example: 'triggerId eq "idn:access-request-dynamic-approver"' + - in: query + name: sorters + required: false + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **triggerId, subscriptionName, created, completed** + example: created + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of latest invocation statuses. + content: + application/json: + schema: + type: array + items: + type: object + required: + - id + - triggerId + - subscriptionId + - startInvocationInput + - type + - subscriptionName + - created + properties: + id: + type: string + description: Invocation ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + triggerId: + type: string + description: Trigger ID + example: 'idn:access-request-post-approval' + subscriptionName: + type: string + description: Subscription name + example: Access request subscription + subscriptionId: + type: string + description: Subscription ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + type: + type: string + description: |- + Defines the Invocation type. + + **TEST** The trigger was invocated as a test, either via the test subscription button in the UI or via the start test invocation API. + + **REAL_TIME** The trigger subscription is live and was invocated by a real event in IdentityNow. + enum: + - TEST + - REAL_TIME + example: TEST + created: + type: string + format: date-time + description: Invocation created timestamp. ISO-8601 in UTC. + example: '2020-03-27T20:40:10.738Z' + completed: + type: string + format: date-time + description: Invocation completed timestamp; empty fields imply invocation is in-flight or not completed. ISO-8601 in UTC. + example: '2020-03-27T20:42:14.738Z' + startInvocationInput: + description: Data related to start of trigger invocation. + type: object + properties: + triggerId: + type: string + description: Trigger ID + example: 'idn:access-requested' + input: + type: object + example: + identityId: 201327fda1c44704ac01181e963d463c + description: Trigger input payload. Its schema is defined in the trigger definition. + contentJson: + type: object + example: + workflowId: 1234 + description: JSON map of invocation metadata + completeInvocationInput: + description: Data related to end of trigger invocation. + type: object + properties: + localizedError: + type: object + nullable: true + description: Localized error message to indicate a failed invocation or error if any. + required: + - locale + - message + properties: + locale: + description: Message locale + type: string + example: An error has occurred! + message: + description: Message text + type: string + example: Error has occurred! + output: + type: object + nullable: true + example: + approved: false + description: Trigger output that completed the invocation. Its schema is defined in the trigger definition. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:trigger-service-invocation-status:read' + - 'sp:trigger-service-invocation-status:manage' + '/trigger-invocations/{id}/complete': + post: + operationId: completeTriggerInvocation + tags: + - Triggers + summary: Complete Trigger Invocation + description: Completes an invocation to a REQUEST_RESPONSE type trigger. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the invocation to complete. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + secret: + type: string + description: Unique invocation secret that was generated when the invocation was created. Required to authenticate to the endpoint. + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + error: + type: string + description: The error message to indicate a failed invocation or error if any. + example: Access request is denied. + output: + type: object + example: + approved: false + description: Trigger output to complete the invocation. Its schema is defined in the trigger definition. + required: + - secret + - output + example: + secret: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + output: + approved: false + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /trigger-invocations/test: + post: + operationId: startTestTriggerInvocation + tags: + - Triggers + summary: Start a Test Invocation + description: 'Initiate a test event for all subscribers of the specified event trigger. If there are no subscribers to the specified trigger in the tenant, then no test event will be sent.' + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + triggerId: + type: string + example: 'idn:access-request-post-approval' + description: Trigger ID + input: + type: object + example: + identityId: 201327fda1c44704ac01181e963d463c + description: 'Mock input to use for test invocation. This must adhere to the input schema defined in the trigger being invoked. If this property is omitted, then the default trigger sample payload will be sent.' + contentJson: + type: object + example: + workflowId: 1234 + description: JSON map of invocation metadata. + subscriptionIds: + type: array + items: + type: string + example: + - 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + description: 'Only send the test event to the subscription IDs listed. If omitted, the test event will be sent to all subscribers.' + required: + - triggerId + - contentJson + examples: + Test Trigger with Mock Input: + value: + triggerId: 'idn:access-requested' + input: + identityId: 201327fda1c44704ac01181e963d463c + contentJson: + workflowId: 1234 + Send Test to only One Subscriber: + value: + triggerId: 'idn:access-requested' + contentJson: + workflowId: 1234 + subscriptionIds: + - 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + responses: + '200': + description: Test trigger invocations that have been started for specified subscription(s). + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: Invocation ID + example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde + triggerId: + type: string + description: Trigger ID + example: 'idn:access-requested' + secret: + type: string + description: Unique invocation secret. + example: 0f979022-08be-44f2-b6f9-7393ec73ed9b + contentJson: + type: object + example: + workflowId: 1234 + description: JSON map of invocation metadata. + '204': + description: 'Trigger invocation is skipped, because tenant has not subscribed to the specified trigger.' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'sp:trigger-service-invocation-status:manage' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /ui-metadata/tenant: + get: + operationId: getTenantUiMetadata + tags: + - UI Metadata + summary: Get a tenant UI metadata + description: |- + This API endpoint retrieves UI metadata configured for your tenant. + A token with ORG_ADMIN authority is required to call this API. + security: + - UserContextAuth: + - 'idn:ui-access-metadata-page:read' + responses: + '200': + description: A tenant UI metadata object + content: + application/json: + schema: + type: object + properties: + iframeWhiteList: + type: string + nullable: true + description: 'Parameter that organizational administrators can adjust to permit another domain to encapsulate IDN within an iframe. If you would like to reset the value use "null". It will only allow include into iframe non authenticated portions of the product, such as password reset.' + example: 'http://example.com http://example2.com' + usernameLabel: + type: string + nullable: true + description: Descriptor for the username input field. If you would like to reset the value use "null". + example: Email + usernameEmptyText: + type: string + nullable: true + description: Placeholder text displayed in the username input field. If you would like to reset the value use "null". + example: Please provide your work email address... + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + put: + operationId: setTenantUiMetadata + tags: + - UI Metadata + summary: Update tenant UI metadata + description: |- + This API endpoint updates UI metadata for your tenant. These changes may require up to 5 minutes to take effect on the UI. + A token with ORG_ADMIN authority is required to call this API. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + iframeWhiteList: + type: string + nullable: true + description: 'Parameter that organizational administrators can adjust to permit another domain to encapsulate IDN within an iframe. If you would like to reset the value use "null". It will only allow include into iframe non authenticated portions of the product, such as password reset.' + example: 'http://example.com http://example2.com' + usernameLabel: + type: string + nullable: true + description: Descriptor for the username input field. If you would like to reset the value use "null". + example: Email + usernameEmptyText: + type: string + nullable: true + description: Placeholder text displayed in the username input field. If you would like to reset the value use "null". + example: Please provide your work email address... + security: + - UserContextAuth: + - 'idn:ui-access-metadata-page:manage' + responses: + '200': + description: A tenant UI metadata object + content: + application/json: + schema: + type: object + properties: + iframeWhiteList: + type: string + nullable: true + description: 'Parameter that organizational administrators can adjust to permit another domain to encapsulate IDN within an iframe. If you would like to reset the value use "null". It will only allow include into iframe non authenticated portions of the product, such as password reset.' + example: 'http://example.com http://example2.com' + usernameLabel: + type: string + nullable: true + description: Descriptor for the username input field. If you would like to reset the value use "null". + example: Email + usernameEmptyText: + type: string + nullable: true + description: Placeholder text displayed in the username input field. If you would like to reset the value use "null". + example: Please provide your work email address... + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /verified-from-addresses: + get: + operationId: listFromAddresses + tags: + - Notifications + summary: List From Addresses + description: Retrieve a list of sender email addresses and their verification statuses + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **email**: *eq, ge, le, sw* + example: email eq "john.doe@company.com" + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **email** + example: email + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of Email Status + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + nullable: true + email: + type: string + example: sender@example.com + isVerifiedByDomain: + type: boolean + example: false + verificationStatus: + type: string + enum: + - PENDING + - SUCCESS + - FAILED + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + operationId: createVerifiedFromAddress + tags: + - Notifications + summary: Create Verified From Address + description: Create a new sender email address and initiate verification process. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + nullable: true + email: + type: string + example: sender@example.com + isVerifiedByDomain: + type: boolean + example: false + verificationStatus: + type: string + enum: + - PENDING + - SUCCESS + - FAILED + example: + email: sender@example.com + responses: + '201': + description: New Verified Email Status + content: + application/json: + schema: + type: object + properties: + id: + type: string + nullable: true + email: + type: string + example: sender@example.com + isVerifiedByDomain: + type: boolean + example: false + verificationStatus: + type: string + enum: + - PENDING + - SUCCESS + - FAILED + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/verified-from-addresses/{id}': + delete: + operationId: deleteVerifiedFromAddress + tags: + - Notifications + summary: Delete Verified From Address + description: Delete a verified sender email address + parameters: + - in: path + name: id + schema: + type: string + required: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /verified-domains: + get: + security: + - UserContextAuth: + - 'sp:notification-dkim-attributes:read' + operationId: getDkimAttributes + tags: + - Notifications + summary: Get DKIM Attributes + description: Retrieve DKIM (DomainKeys Identified Mail) attributes for all your tenants' AWS SES identities. Limits retrieval to 100 identities per call. + responses: + '200': + description: List of DKIM Attributes + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + example: 123b45b0-aaaa-bbbb-a7db-123456a56abc + description: UUID associated with domain to be verified + address: + type: string + example: BobSmith@sailpoint.com + description: The identity or domain address + dkimEnabled: + type: boolean + default: false + example: true + description: Whether or not DKIM has been enabled for this domain / identity + dkimTokens: + type: array + items: + type: string + example: + - uq1m3jjk25ckd3whl4n7y46c56r5l6aq + - u7pm38jky9ckdawhlsn7y4dcj6f5lpgq + - uhpm3jjkjjckdkwhlqn7yw6cjer5tpay + description: The tokens to be added to a DNS for verification + dkimVerificationStatus: + type: string + example: Success + description: 'The current status if the domain /identity has been verified. Ie Success, Failed, Pending' + description: DKIM attributes for a domain or identity + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + post: + security: + - UserContextAuth: + - 'sp:notification-verify-domain-dkim:write' + operationId: createDomainDkim + tags: + - Notifications + summary: Verify domain address via DKIM + description: Create a domain to be verified via DKIM (DomainKeys Identified Mail) + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + domain: + type: string + example: sailpoint.com + description: A domain address + responses: + '200': + description: List of DKIM tokens required for the verification process. + content: + application/json: + schema: + type: object + properties: + id: + type: string + example: 123b45b0-aaaa-bbbb-a7db-123456a56abc + description: New UUID associated with domain to be verified + domain: + type: string + example: sailpoint.com + description: A domain address + dkimEnabled: + default: false + example: true + description: DKIM is enabled for this domain + dkimTokens: + type: array + items: + type: string + example: + - token1 + - token2 + - token3 + description: DKIM tokens required for authentication + dkimVerificationStatus: + type: string + example: PENDING + description: Status of DKIM authentication + description: Domain status DTO containing everything required to verify via DKIM + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '405': + description: 'Method Not Allowed - indicates that the server knows the request method, but the target resource doesn''t support this method.' + content: + application/json: + schema: + type: object + properties: + errorName: + description: A message describing the error + example: NotSupportedException + errorMessage: + description: Description of the error + example: Cannot consume content type + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /workgroups: + get: + operationId: listWorkgroups + tags: + - Governance Groups + summary: List Governance Groups + description: This API returns list of Governance Groups + parameters: + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Note that for this API the maximum value for limit is 50. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 50 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 50 + default: 50 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: filters + schema: + type: string + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **id**: *eq, in, sw* + + **name**: *eq, sw, in* + + **memberships.identityId**: *eq, in* + example: name sw "Test" + required: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, created, modified, id, description** + example: 'name,-modified' + required: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of Governance Groups + content: + application/json: + schema: + type: array + items: + type: object + properties: + owner: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + - type: object + properties: + displayName: + readOnly: true + description: The display name of the identity + type: string + example: Support + emailAddress: + readOnly: true + description: The primary email address of the identity + type: string + example: support@sailpoint.com + description: Governance group owner. + id: + type: string + description: Governance group ID. + example: 2c91808568c529c60168cca6f90c1313 + readOnly: true + name: + type: string + description: Governance group name. + example: DB Access Governance Group + description: + type: string + description: Governance group description. + example: Description of the Governance Group + memberCount: + type: integer + format: int64 + example: 1641498673000 + readOnly: true + description: Number of members in the governance group. + connectionCount: + type: integer + format: int64 + example: 1641498673000 + description: Number of connections in the governance group. + readOnly: true + created: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + modified: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:workgroup:read' + post: + operationId: createWorkgroup + security: + - UserContextAuth: + - 'idn:workgroup:write' + tags: + - Governance Groups + summary: Create a new Governance Group. + description: This API creates a new Governance Group. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + owner: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + - type: object + properties: + displayName: + readOnly: true + description: The display name of the identity + type: string + example: Support + emailAddress: + readOnly: true + description: The primary email address of the identity + type: string + example: support@sailpoint.com + description: Governance group owner. + id: + type: string + description: Governance group ID. + example: 2c91808568c529c60168cca6f90c1313 + readOnly: true + name: + type: string + description: Governance group name. + example: DB Access Governance Group + description: + type: string + description: Governance group description. + example: Description of the Governance Group + memberCount: + type: integer + format: int64 + example: 1641498673000 + readOnly: true + description: Number of members in the governance group. + connectionCount: + type: integer + format: int64 + example: 1641498673000 + description: Number of connections in the governance group. + readOnly: true + created: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + modified: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + responses: + '200': + description: Governance Group object created. + content: + application/json: + schema: + type: object + properties: + owner: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + - type: object + properties: + displayName: + readOnly: true + description: The display name of the identity + type: string + example: Support + emailAddress: + readOnly: true + description: The primary email address of the identity + type: string + example: support@sailpoint.com + description: Governance group owner. + id: + type: string + description: Governance group ID. + example: 2c91808568c529c60168cca6f90c1313 + readOnly: true + name: + type: string + description: Governance group name. + example: DB Access Governance Group + description: + type: string + description: Governance group description. + example: Description of the Governance Group + memberCount: + type: integer + format: int64 + example: 1641498673000 + readOnly: true + description: Number of members in the governance group. + connectionCount: + type: integer + format: int64 + example: 1641498673000 + description: Number of connections in the governance group. + readOnly: true + created: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + modified: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/workgroups/{id}': + get: + operationId: getWorkgroup + tags: + - Governance Groups + summary: Get Governance Group by Id + description: This API returns a Governance Groups by its ID. + parameters: + - in: path + name: id + required: true + schema: + type: string + description: ID of the Governance Group + example: 2c9180837ca6693d017ca8d097500149 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: A Governance Group + content: + application/json: + schema: + type: object + properties: + owner: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + - type: object + properties: + displayName: + readOnly: true + description: The display name of the identity + type: string + example: Support + emailAddress: + readOnly: true + description: The primary email address of the identity + type: string + example: support@sailpoint.com + description: Governance group owner. + id: + type: string + description: Governance group ID. + example: 2c91808568c529c60168cca6f90c1313 + readOnly: true + name: + type: string + description: Governance group name. + example: DB Access Governance Group + description: + type: string + description: Governance group description. + example: Description of the Governance Group + memberCount: + type: integer + format: int64 + example: 1641498673000 + readOnly: true + description: Number of members in the governance group. + connectionCount: + type: integer + format: int64 + example: 1641498673000 + description: Number of connections in the governance group. + readOnly: true + created: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + modified: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:workgroup:read' + delete: + operationId: deleteWorkgroup + tags: + - Governance Groups + summary: Delete a Governance Group + description: This API deletes a Governance Group by its ID. + parameters: + - in: path + name: id + required: true + schema: + type: string + description: ID of the Governance Group + example: 2c9180837ca6693d017ca8d097500149 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:workgroup:write' + patch: + operationId: patchWorkgroup + tags: + - Governance Groups + summary: Patch a Governance Group + description: |- + This API updates an existing governance group by ID. + The following fields and objects are patchable: + * name + * description + * owner + + A token with API or ORG_ADMIN authority is required to call this API. + parameters: + - in: path + name: id + required: true + schema: + type: string + description: ID of the Governance Group + example: 2c9180837ca6693d017ca8d097500149 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + content: + application/json-patch+json: + schema: + type: array + items: + type: object + description: 'A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)' + required: + - op + - path + properties: + op: + type: string + description: The operation to be performed + enum: + - add + - remove + - replace + - move + - copy + - test + example: replace + path: + type: string + description: A string JSON Pointer representing the target path to an element to be affected by the operation + example: /description + value: + oneOf: + - type: string + example: New description + title: string + - type: boolean + example: true + title: boolean + - type: integer + example: 300 + title: integer + - type: object + title: object + example: + attributes: + name: philip + - type: array + title: array + items: + anyOf: + - type: string + - type: integer + - type: object + example: + - '001' + - '002' + - '003' + description: 'The value to be used for the operation, required for "add" and "replace" operations' + example: New description + examples: + Replace Description: + description: Replace description of a Governance Group. + value: + - op: replace + path: /description + value: Governance Group new description. + responses: + '200': + description: A Governance Group. + content: + application/json: + schema: + type: object + properties: + owner: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + - type: object + properties: + displayName: + readOnly: true + description: The display name of the identity + type: string + example: Support + emailAddress: + readOnly: true + description: The primary email address of the identity + type: string + example: support@sailpoint.com + description: Governance group owner. + id: + type: string + description: Governance group ID. + example: 2c91808568c529c60168cca6f90c1313 + readOnly: true + name: + type: string + description: Governance group name. + example: DB Access Governance Group + description: + type: string + description: Governance group description. + example: Description of the Governance Group + memberCount: + type: integer + format: int64 + example: 1641498673000 + readOnly: true + description: Number of members in the governance group. + connectionCount: + type: integer + format: int64 + example: 1641498673000 + description: Number of connections in the governance group. + readOnly: true + created: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + modified: + type: string + format: date-time + example: '2022-01-06T19:51:13Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:workgroup:write' + /workgroups/bulk-delete: + post: + operationId: deleteWorkgroupsInBulk + summary: Delete Governance Group(s) + tags: + - Governance Groups + description: |- + + This API initiates a bulk deletion of one or more Governance Groups. + + > If any of the indicated Governance Groups have one or more connections associated with it,then those Governance Groups will be added in **inUse** list of the response. Governance Group(s) marked as **inUse** can not be deleted. + + > If any of the indicated Governance Groups is not does not exists in Organization,then those Governance Groups will be added in **notFound** list of the response. Governance Groups marked as **notFound** will not be deleted. + + > If any of the indicated Governance Groups does not have any connections associated with it,then those Governance Groups will be added in **deleted** list of the response. A Governance Group marked as **deleted** will be deleted from current Organization. + + > If the request contains any **inUse** or **notFound** Governance Group IDs then it skips only these Governance Groups for deletion and deletes the rest of Governance Groups which have no connections associated with it. + + > **This API has limit number of Governance Groups can be deleted at one time. If the request contains more then 100 Governance Groups IDs to be deleted then the API will throw an exception.** + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + ids: + description: List of IDs of Governance Groups to be deleted. + type: array + items: + type: string + example: + - 567a697e-885b-495a-afc5-d55e1c23a302 + - c7b0f7b2-1e78-4063-b294-a555333dacd2 + example: + ids: + - 567a697e-885b-495a-afc5-d55e1c23a302 + - c7b0f7b2-1e78-4063-b294-a555333dacd2 + responses: + '207': + description: Governance Group bulk delete response. + content: + application/json: + schema: + description: Bulk remove Governance Groups Response. + type: array + items: + type: object + properties: + id: + description: Id of the Governance Group. + type: string + example: 464ae7bf791e49fdb74606a2e4a89635 + status: + type: string + description: | + + The HTTP response status code returned for an individual Governance Group that is requested for deletion during a bulk delete operation. + + > 204 - Governance Group deleted successfully. + + > 409 - Governance Group is in use,hence can not be deleted. + + > 404 - Governance Group not found. + example: 204 + description: + description: | + Human readable status description and containing additional context information about success or failures etc. + example: | + + > Governance Group deleted successfully. + + > Unable to delete Governance Group f80bba83-98c4-4ec2-81c8-373c00e9663b because it is in use. + + > Referenced Governance Group 2b711763-ed35-42a2-a80c-8f1ce0dc4a7f was not found. + type: string + required: + - id + - status + example: + - id: 464ae7bf791e49fdb74606a2e4a89635 + status: '204' + description: Governance Group deleted successfully. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:workgroup:write' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/workgroups/{workgroupId}/connections': + get: + operationId: listConnections + tags: + - Governance Groups + summary: List connections for Governance Group + description: This API returns list of connections associated with a Governance Group. + parameters: + - name: workgroupId + in: path + description: ID of the Governance Group. + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Note that for this API the maximum value for limit is 50. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 50 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 50 + default: 50 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, created, modified** + example: 'name,-modified' + required: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List all connections associated with a Governance Group. + content: + application/json: + schema: + type: array + items: + type: object + properties: + object: + description: Connected object to Governance Group + type: object + properties: + type: + description: Connection Object type + type: string + enum: + - ACCESS_PROFILE + - ROLE + - SOD_POLICY + - SOURCE + example: ACCESS_PROFILE + id: + type: string + description: ID of the object to which this reference applies + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable name of Connected object + example: Employee-database-read-write + description: + type: string + description: Description of the Connected object. + example: Collection of entitlements to read/write the employee database. + connectionType: + description: Connection Type. + type: string + enum: + - AccessRequestReviewer + - Owner + - ManagementWorkgroup + example: AccessRequestReviewer + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:workgroup:read' + '/workgroups/{workgroupId}/members': + get: + operationId: listWorkgroupMembers + tags: + - Governance Groups + summary: List Governance Group Members + description: This API returns list of members associated with a Governance Group. + parameters: + - name: workgroupId + in: path + description: ID of the Governance Group. + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: limit + description: |- + Note that for this API the maximum value for limit is 50. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 50 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 50 + default: 50 + - in: query + name: count + description: |- + If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. + + Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. + + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: true + schema: + type: boolean + default: false + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, created, modified** + example: 'name,-modified' + required: false + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List all members associated with a Governance Group. + content: + application/json: + schema: + type: array + items: + type: object + description: Identity of workgroup member. + properties: + type: + type: string + description: Workgroup member identity DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Workgroup member identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Workgroup member identity display name. + example: Michael Michaels + email: + type: string + description: Workgroup member identity email. + example: michael.michaels@sailpoint.com + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:workgroup:read' + '/workgroups/{workgroupId}/members/bulk-add': + post: + operationId: updateWorkgroupMembers + security: + - UserContextAuth: + - 'idn:workgroup:write' + tags: + - Governance Groups + summary: Add members to Governance Group + description: |- + This API adds one or more members to a Governance Group. A token with API, ORG_ADMIN authority is required to call this API. + + > **Following field of Identity is an optional field in the request.** + + > **name** + parameters: + - name: workgroupId + in: path + description: ID of the Governance Group. + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: List of identities to be added to a Governance Group members list. + required: true + content: + application/json: + schema: + description: List of identities to be added or removed to a Governance Group members list. + type: array + items: + type: object + description: Identity's basic details. + properties: + type: + type: string + description: Identity's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Identity's display name. + example: Michael Michaels + example: + - type: IDENTITY + id: 464ae7bf791e49fdb74606a2e4a89635 + name: Addie Smith + responses: + '207': + description: List of added and not added identities into Governance Group members list. + content: + application/json: + schema: + description: Bulk add Governance Group members Response. + type: array + items: + type: object + properties: + id: + description: Identifier of identity in bulk member add request. + type: string + example: 464ae7bf791e49fdb74606a2e4a89635 + status: + description: | + + The HTTP response status code returned for an individual member that is requested for addition during a bulk add operation. + + The HTTP response status code returned for an individual Governance Group is requested for deletion. + + + > 201 - Identity is added into Governance Group members list. + + > 409 - Identity is already member of Governance Group. + type: string + example: '201' + description: + description: | + Human readable status description and containing additional context information about success or failures etc. + type: string + example: | + + > Identity is added into Governance Group members list. + + > Unable to set Membership of Identity "3244d5f2d04447498520f54c6789ae33" to Governance Group "f80bba83-98c4-4ec2-81c8-373c00e9663b"; the relationship already exists. + required: + - id + - status + example: + - id: 464ae7bf791e49fdb74606a2e4a89635 + status: '201' + description: Identity added to Governance Group members list. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/workgroups/{workgroupId}/members/bulk-delete': + post: + operationId: deleteWorkgroupMembers + security: + - UserContextAuth: + - 'idn:workgroup:write' + tags: + - Governance Groups + summary: Remove members from Governance Group + description: |- + This API removes one or more members from a Governance Group. A token with API, ORG_ADMIN authority is required to call this API. + + > **Following field of Identity is an optional field in the request.** + + > **name** + parameters: + - name: workgroupId + in: path + description: ID of the Governance Group. + required: true + schema: + type: string + example: 2c91808a7813090a017814121919ecca + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: List of identities to be removed from a Governance Group members list. + required: true + content: + application/json: + schema: + description: List of identities to be added or removed to a Governance Group members list. + type: array + items: + type: object + description: Identity's basic details. + properties: + type: + type: string + description: Identity's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Identity ID. + example: 2c7180a46faadee4016fb4e018c20642 + name: + type: string + description: Identity's display name. + example: Michael Michaels + example: + - type: IDENTITY + id: 464ae7bf791e49fdb74606a2e4a89635 + name: Addie Smith + responses: + '207': + description: List of deleted and not deleted identities from Governance Group members list. + content: + application/json: + schema: + description: Bulk add Governance Group members Response. + type: array + items: + type: object + properties: + id: + description: Identifier of identity in bulk member add /remove request. + type: string + example: 464ae7bf791e49fdb74606a2e4a89635 + status: + description: | + + The HTTP response status code returned for an individual member that is requested for deletion during a bulk delete operation. + + > 204 - Identity is removed from Governance Group members list. + + > 404 - Identity is not member of Governance Group. + type: string + example: '204' + description: + description: | + Human readable status description and containing additional context information about success or failures etc. + type: string + example: | + + > Identity deleted from Governance Group members list. + + > Referenced Governance Group Member with Identity Id "bc3a744678534eb78a8002ee2085df64" was not found. + required: + - id + - status + example: + - id: 464ae7bf791e49fdb74606a2e4a89635 + status: '204' + description: Identity deleted from Governance Group members list. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /form-definitions: + get: + tags: + - Custom Forms + summary: Export form definitions by tenant. + description: No parameters required. + operationId: searchFormDefinitionsByTenant + parameters: + - name: offset + in: query + description: |- + Offset + + Integer specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). + The offset value is record-based, not page-based, and the index starts at 0. + schema: + type: integer + format: int64 + default: 0 + x-go-name: Offset + example: 250 + required: false + x-go-name: Offset + - name: limit + in: query + description: |- + Limit + + Integer specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). + If it is not specified, a default limit is used. + schema: + type: integer + format: int64 + maxLength: 250 + minLength: 0 + default: 250 + x-go-name: Limit + example: 250 + required: false + x-go-name: Limit + - name: filters + in: query + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *eq, gt, sw, in* + + **description**: *eq, gt, sw, in* + + **created**: *eq, gt, sw, in* + + **modified**: *eq, gt, sw, in* + schema: + type: string + x-go-name: Filters + example: name sw "my form" + required: false + x-go-name: Filters + - name: sorters + in: query + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, description, created, modified** + schema: + type: string + default: name + x-go-name: Sorters + example: name + required: false + x-go-name: Sorters + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns a list of form definitions by tenant + content: + application/json: + schema: + properties: + count: + description: Count number of results. + example: 1 + format: int64 + type: integer + results: + description: List of FormDefinitionResponse items. + items: + properties: + id: + description: Unique guid identifying the form definition. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: FormDefinitionID + name: + description: Name of the form definition. + example: My form + type: string + x-go-name: Name + description: + description: Form definition's description. + example: My form description + type: string + x-go-name: Description + owner: + properties: + type: + description: |- + FormOwnerType value. + IDENTITY FormOwnerTypeIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormOwnerTypeIdentity + x-go-name: Type + id: + description: Unique identifier of the form's owner. + example: 2c9180867624cbd7017642d8c8c81f67 + type: string + x-go-name: ID + name: + description: Name of the form's owner. + example: Grant Smith + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + usedBy: + description: 'List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.' + items: + properties: + type: + description: |- + FormUsedByType value. + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + MySailPoint FormUsedByType + enum: + - WORKFLOW + - SOURCE + - MySailPoint + example: WORKFLOW + type: string + x-go-enum-desc: |- + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + x-go-name: Type + id: + description: Unique identifier of the system using the form. + example: 61940a92-5484-42bc-bc10-b9982b218cdf + type: string + x-go-name: ID + name: + description: Name of the system using the form. + example: Access Request Form + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: UsedBy + formInput: + description: List of form inputs required to create a form-instance object. + items: + properties: + id: + description: Unique identifier for the form input. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + FormDefinitionInputType value. + STRING FormDefinitionInputTypeString + enum: + - STRING + example: STRING + type: string + x-go-enum-desc: STRING FormDefinitionInputTypeString + x-go-name: Type + label: + description: Name for the form input. + example: input1 + type: string + x-go-name: Label + description: + description: Form input's description. + example: 'A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic' + type: string + x-go-name: Description + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormInput + formElements: + description: List of nested form elements. + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formConditions: + description: Conditional logic that can dynamically modify the form as the recipient is interacting with it. + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + created: + description: Created is the date the form definition was created + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + modified: + description: Modified is the last date the form definition was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + type: object + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + post: + tags: + - Custom Forms + summary: Creates a form definition. + operationId: createFormDefinition + requestBody: + description: Body is the request payload to create form definition request + content: + application/json: + schema: + properties: + description: + description: Description is the form definition description + example: My form description + maxLength: 2000 + minLength: 0 + type: string + x-go-name: Description + formConditions: + description: FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + formElements: + description: FormElements is a list of nested form elements + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formInput: + description: FormInput is a list of form inputs that are required when creating a form-instance object + items: + properties: + id: + description: Unique identifier for the form input. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + FormDefinitionInputType value. + STRING FormDefinitionInputTypeString + enum: + - STRING + example: STRING + type: string + x-go-enum-desc: STRING FormDefinitionInputTypeString + x-go-name: Type + label: + description: Name for the form input. + example: input1 + type: string + x-go-name: Label + description: + description: Form input's description. + example: 'A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic' + type: string + x-go-name: Description + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormInput + name: + description: Name is the form definition name + example: My form + maxLength: 255 + type: string + x-go-name: Name + owner: + properties: + type: + description: |- + FormOwnerType value. + IDENTITY FormOwnerTypeIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormOwnerTypeIdentity + x-go-name: Type + id: + description: Unique identifier of the form's owner. + example: 2c9180867624cbd7017642d8c8c81f67 + type: string + x-go-name: ID + name: + description: Name of the form's owner. + example: Grant Smith + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + usedBy: + description: UsedBy is a list of objects where when any system uses a particular form it reaches out to the form service to record it is currently being used + items: + properties: + type: + description: |- + FormUsedByType value. + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + MySailPoint FormUsedByType + enum: + - WORKFLOW + - SOURCE + - MySailPoint + example: WORKFLOW + type: string + x-go-enum-desc: |- + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + x-go-name: Type + id: + description: Unique identifier of the system using the form. + example: 61940a92-5484-42bc-bc10-b9982b218cdf + type: string + x-go-name: ID + name: + description: Name of the system using the form. + example: Access Request Form + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: UsedBy + required: + - name + - owner + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + example: + name: my form + description: my form description + owner: + type: IDENTITY + id: 00000000-0000-0000-0000-000000000000 + required: false + responses: + '201': + description: Returns a new form definition + content: + application/json: + schema: + properties: + id: + description: Unique guid identifying the form definition. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: FormDefinitionID + name: + description: Name of the form definition. + example: My form + type: string + x-go-name: Name + description: + description: Form definition's description. + example: My form description + type: string + x-go-name: Description + owner: + properties: + type: + description: |- + FormOwnerType value. + IDENTITY FormOwnerTypeIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormOwnerTypeIdentity + x-go-name: Type + id: + description: Unique identifier of the form's owner. + example: 2c9180867624cbd7017642d8c8c81f67 + type: string + x-go-name: ID + name: + description: Name of the form's owner. + example: Grant Smith + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + usedBy: + description: 'List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.' + items: + properties: + type: + description: |- + FormUsedByType value. + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + MySailPoint FormUsedByType + enum: + - WORKFLOW + - SOURCE + - MySailPoint + example: WORKFLOW + type: string + x-go-enum-desc: |- + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + x-go-name: Type + id: + description: Unique identifier of the system using the form. + example: 61940a92-5484-42bc-bc10-b9982b218cdf + type: string + x-go-name: ID + name: + description: Name of the system using the form. + example: Access Request Form + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: UsedBy + formInput: + description: List of form inputs required to create a form-instance object. + items: + properties: + id: + description: Unique identifier for the form input. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + FormDefinitionInputType value. + STRING FormDefinitionInputTypeString + enum: + - STRING + example: STRING + type: string + x-go-enum-desc: STRING FormDefinitionInputTypeString + x-go-name: Type + label: + description: Name for the form input. + example: input1 + type: string + x-go-name: Label + description: + description: Form input's description. + example: 'A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic' + type: string + x-go-name: Description + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormInput + formElements: + description: List of nested form elements. + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formConditions: + description: Conditional logic that can dynamically modify the form as the recipient is interacting with it. + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + created: + description: Created is the date the form definition was created + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + modified: + description: Modified is the last date the form definition was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + x-codegen-request-body-name: Body + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/form-definitions/{formDefinitionID}': + get: + tags: + - Custom Forms + summary: Return a form definition. + description: 'Parameter `{formDefinitionID}` should match a form definition ID.' + operationId: getFormDefinitionByKey + parameters: + - name: formDefinitionID + in: path + description: Form definition ID + required: true + schema: + type: string + x-go-name: FormDefinitionID + example: 00000000-0000-0000-0000-000000000000 + x-go-name: FormDefinitionID + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns a form definition + content: + application/json: + schema: + properties: + id: + description: Unique guid identifying the form definition. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: FormDefinitionID + name: + description: Name of the form definition. + example: My form + type: string + x-go-name: Name + description: + description: Form definition's description. + example: My form description + type: string + x-go-name: Description + owner: + properties: + type: + description: |- + FormOwnerType value. + IDENTITY FormOwnerTypeIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormOwnerTypeIdentity + x-go-name: Type + id: + description: Unique identifier of the form's owner. + example: 2c9180867624cbd7017642d8c8c81f67 + type: string + x-go-name: ID + name: + description: Name of the form's owner. + example: Grant Smith + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + usedBy: + description: 'List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.' + items: + properties: + type: + description: |- + FormUsedByType value. + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + MySailPoint FormUsedByType + enum: + - WORKFLOW + - SOURCE + - MySailPoint + example: WORKFLOW + type: string + x-go-enum-desc: |- + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + x-go-name: Type + id: + description: Unique identifier of the system using the form. + example: 61940a92-5484-42bc-bc10-b9982b218cdf + type: string + x-go-name: ID + name: + description: Name of the system using the form. + example: Access Request Form + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: UsedBy + formInput: + description: List of form inputs required to create a form-instance object. + items: + properties: + id: + description: Unique identifier for the form input. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + FormDefinitionInputType value. + STRING FormDefinitionInputTypeString + enum: + - STRING + example: STRING + type: string + x-go-enum-desc: STRING FormDefinitionInputTypeString + x-go-name: Type + label: + description: Name for the form input. + example: input1 + type: string + x-go-name: Label + description: + description: Form input's description. + example: 'A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic' + type: string + x-go-name: Description + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormInput + formElements: + description: List of nested form elements. + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formConditions: + description: Conditional logic that can dynamically modify the form as the recipient is interacting with it. + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + created: + description: Created is the date the form definition was created + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + modified: + description: Modified is the last date the form definition was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + delete: + tags: + - Custom Forms + summary: Deletes a form definition. + description: 'Parameter `{formDefinitionID}` should match a form definition ID.' + operationId: deleteFormDefinition + parameters: + - name: formDefinitionID + in: path + description: Form definition ID + required: true + schema: + type: string + x-go-name: FormDefinitionID + example: 00000000-0000-0000-0000-000000000000 + x-go-name: FormDefinitionID + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '204': + description: Returns an empty body + content: + application/json: + schema: + title: Nil represents the predeclared value nil. + type: object + x-go-package: go/types + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + patch: + tags: + - Custom Forms + summary: Patch a form definition. + description: 'Parameter `{formDefinitionID}` should match a form definition ID.' + operationId: patchFormDefinition + parameters: + - name: formDefinitionID + in: path + description: Form definition ID + required: true + schema: + type: string + x-go-name: FormDefinitionID + example: 00000000-0000-0000-0000-000000000000 + x-go-name: FormDefinitionID + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: 'Body is the request payload to patch a form definition, check: https://jsonpatch.com' + content: + application/json: + schema: + title: Patch is an ordered collection of Operations. + description: Patch is an ordered collection of Operations. + type: array + example: + - op: replace + path: /description + value: a new description + items: + title: 'Operation is a single JSON-Patch step, such as a single ''add'' operation.' + type: object + additionalProperties: + type: object + properties: {} + x-go-package: github.com/evanphx/json-patch + x-go-package: github.com/evanphx/json-patch + example: + - op: replace + path: /description + value: test-description + required: false + responses: + '200': + description: Returns the form definition updated + content: + application/json: + schema: + properties: + id: + description: Unique guid identifying the form definition. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: FormDefinitionID + name: + description: Name of the form definition. + example: My form + type: string + x-go-name: Name + description: + description: Form definition's description. + example: My form description + type: string + x-go-name: Description + owner: + properties: + type: + description: |- + FormOwnerType value. + IDENTITY FormOwnerTypeIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormOwnerTypeIdentity + x-go-name: Type + id: + description: Unique identifier of the form's owner. + example: 2c9180867624cbd7017642d8c8c81f67 + type: string + x-go-name: ID + name: + description: Name of the form's owner. + example: Grant Smith + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + usedBy: + description: 'List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.' + items: + properties: + type: + description: |- + FormUsedByType value. + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + MySailPoint FormUsedByType + enum: + - WORKFLOW + - SOURCE + - MySailPoint + example: WORKFLOW + type: string + x-go-enum-desc: |- + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + x-go-name: Type + id: + description: Unique identifier of the system using the form. + example: 61940a92-5484-42bc-bc10-b9982b218cdf + type: string + x-go-name: ID + name: + description: Name of the system using the form. + example: Access Request Form + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: UsedBy + formInput: + description: List of form inputs required to create a form-instance object. + items: + properties: + id: + description: Unique identifier for the form input. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + FormDefinitionInputType value. + STRING FormDefinitionInputTypeString + enum: + - STRING + example: STRING + type: string + x-go-enum-desc: STRING FormDefinitionInputTypeString + x-go-name: Type + label: + description: Name for the form input. + example: input1 + type: string + x-go-name: Label + description: + description: Form input's description. + example: 'A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic' + type: string + x-go-name: Description + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormInput + formElements: + description: List of nested form elements. + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formConditions: + description: Conditional logic that can dynamically modify the form as the recipient is interacting with it. + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + created: + description: Created is the date the form definition was created + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + modified: + description: Modified is the last date the form definition was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + x-codegen-request-body-name: Body + '/form-definitions/{formDefinitionID}/data-source': + post: + tags: + - Custom Forms + summary: Preview form definition data source. + operationId: showPreviewDataSource + parameters: + - name: formDefinitionID + in: path + description: Form definition ID + required: true + schema: + type: string + x-go-name: FormDefinitionID + example: 00000000-0000-0000-0000-000000000000 + x-go-name: FormDefinitionID + - name: limit + in: query + description: |- + Limit + + Integer specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). + If it is not specified, a default limit is used. + schema: + type: integer + format: int64 + maxLength: 250 + minLength: 0 + default: 10 + x-go-name: Limit + example: 10 + required: false + x-go-name: Limit + - name: filters + in: query + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **value**: *eq, ne, in* + + Supported composite operators: *not* + + Only a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in ("ID01")` + schema: + type: string + x-go-name: Filters + example: value eq "ID01" + required: false + x-go-name: Filters + - name: query + in: query + description: 'String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a "starts with" filter against several fields.' + schema: + type: string + x-go-name: Query + example: ac + required: false + x-go-name: Query + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: Body is the request payload to create a form definition dynamic schema + content: + application/json: + schema: + properties: + dataSource: + properties: + config: + properties: + aggregationBucketField: + description: AggregationBucketField is the aggregation bucket field name + example: attributes.cloudStatus.exact + type: string + x-go-name: AggregationBucketField + indices: + description: Indices is a list of indices to use + example: + - identities + items: + enum: + - accessprofiles + - accountactivities + - entitlements + - identities + - events + - roles + - '*' + type: string + x-go-enum-desc: |- + accessprofiles SearchIndexAccessProfiles + accountactivities SearchIndexAccountActivities + entitlements SearchIndexEntitlements + identities SearchIndexIdentities + events SearchIndexEvents + roles SearchIndexRoles + * SearchIndexWildcard + type: array + x-go-name: Indices + objectType: + description: |- + ObjectType is a PreDefinedSelectOption value + IDENTITY PreDefinedSelectOptionIdentity + ACCESS_PROFILE PreDefinedSelectOptionAccessProfile + SOURCES PreDefinedSelectOptionSources + ROLE PreDefinedSelectOptionRole + ENTITLEMENT PreDefinedSelectOptionEntitlement + enum: + - IDENTITY + - ACCESS_PROFILE + - SOURCES + - ROLE + - ENTITLEMENT + example: IDENTITY + type: string + x-go-enum-desc: |- + IDENTITY PreDefinedSelectOptionIdentity + ACCESS_PROFILE PreDefinedSelectOptionAccessProfile + SOURCES PreDefinedSelectOptionSources + ROLE PreDefinedSelectOptionRole + ENTITLEMENT PreDefinedSelectOptionEntitlement + x-go-name: ObjectType + query: + description: Query is a text + example: '*' + type: string + x-go-name: Query + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + dataSourceType: + description: |- + DataSourceType is a FormElementDataSourceType value + STATIC FormElementDataSourceTypeStatic + INTERNAL FormElementDataSourceTypeInternal + SEARCH FormElementDataSourceTypeSearch + FORM_INPUT FormElementDataSourceTypeFormInput + enum: + - STATIC + - INTERNAL + - SEARCH + - FORM_INPUT + example: STATIC + type: string + x-go-enum-desc: |- + STATIC FormElementDataSourceTypeStatic + INTERNAL FormElementDataSourceTypeInternal + SEARCH FormElementDataSourceTypeSearch + FORM_INPUT FormElementDataSourceTypeFormInput + x-go-name: DataSourceType + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + required: false + responses: + '200': + description: Returns a preview of a form definition data source + content: + application/json: + schema: + description: 'PreviewDataSourceResponse is the response sent by /form-definitions/{formDefinitionID}/data-source endpoint' + properties: + results: + description: Results holds a list of FormElementDataSourceConfigOptions items + example: '{"results":[{"label":"Alfred 255e71dfc6e","subLabel":"Alfred.255e71dfc6e@testmail.identitysoon.com","value":"2c918084821847c5018227ced2e16676"},{"label":"Alize eba9d4cd27da","subLabel":"Alize.eba9d4cd27da@testmail.identitysoon.com","value":"2c918084821847c5018227ced2f1667c"},{"label":"Antonina 01f69c3ea","subLabel":"Antonina.01f69c3ea@testmail.identitysoon.com","value":"2c918084821847c5018227ced2f9667e"},{"label":"Ardella 21e78ce155","subLabel":"Ardella.21e78ce155@testmail.identitysoon.com","value":"2c918084821847c5018227ced2e6667a"},{"label":"Arnaldo d8582b6e17","subLabel":"Arnaldo.d8582b6e17@testmail.identitysoon.com","value":"2c918084821847c5018227ced3426686"},{"label":"Aurelia admin24828","subLabel":"Aurelia.admin24828@testmail.identitysoon.com","value":"2c918084821847c5018227ced2e16674"},{"label":"Barbara 72ca418fdd","subLabel":"Barbara.72ca418fdd@testmail.identitysoon.com","value":"2c918084821847c5018227ced2fb6680"},{"label":"Barbara ee1a2436ee","subLabel":"Barbara.ee1a2436ee@testmail.identitysoon.com","value":"2c918084821847c5018227ced2e56678"},{"label":"Baylee 652d72432f3","subLabel":"Baylee.652d72432f3@testmail.identitysoon.com","value":"2c91808582184782018227ced28b6aee"},{"label":"Brock e76b56ae4d49","subLabel":"Brock.e76b56ae4d49@testmail.identitysoon.com","value":"2c91808582184782018227ced28b6aef"}]}' + items: + type: object + properties: + label: + description: Label is the main label to display to the user when selecting this option + type: string + example: regression-test-access-request-07c55dd6-3056-430a-86b5-fccc395bb6c5 + x-go-name: Label + subLabel: + description: SubLabel is the sub label to display below the label in diminutive styling to help describe or identify this option + type: string + example: '' + x-go-name: SubLabel + value: + description: Value is the value to save as an entry when the user selects this option + type: string + example: e96674448eba4ca1ba04eee999a8f3cd + x-go-name: Value + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Results + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + /form-definitions/export: + get: + tags: + - Custom Forms + summary: List form definitions by tenant. + description: No parameters required. + operationId: exportFormDefinitionsByTenant + parameters: + - name: offset + in: query + description: |- + Offset + + Integer specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). + The offset value is record-based, not page-based, and the index starts at 0. + schema: + type: integer + format: int64 + default: 0 + x-go-name: Offset + example: 0 + required: false + x-go-name: Offset + - name: limit + in: query + description: |- + Limit + + Integer specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). + If it is not specified, a default limit is used. + schema: + type: integer + format: int64 + maxLength: 250 + minLength: 0 + default: 250 + x-go-name: Limit + example: 250 + required: false + x-go-name: Limit + - name: filters + in: query + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **name**: *eq, gt, sw, in* + + **description**: *eq, gt, sw, in* + + **created**: *eq, gt, sw, in* + + **modified**: *eq, gt, sw, in* + schema: + type: string + x-go-name: Filters + example: name sw "my form" + required: false + x-go-name: Filters + - name: sorters + in: query + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, description, created, modified** + schema: + type: string + default: name + x-go-name: Sorters + example: name + required: false + x-go-name: Sorters + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns a list of form definition objects by tenant used by SP-Config + content: + application/json: + schema: + type: array + items: + type: object + properties: + object: + properties: + id: + description: Unique guid identifying the form definition. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: FormDefinitionID + name: + description: Name of the form definition. + example: My form + type: string + x-go-name: Name + description: + description: Form definition's description. + example: My form description + type: string + x-go-name: Description + owner: + properties: + type: + description: |- + FormOwnerType value. + IDENTITY FormOwnerTypeIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormOwnerTypeIdentity + x-go-name: Type + id: + description: Unique identifier of the form's owner. + example: 2c9180867624cbd7017642d8c8c81f67 + type: string + x-go-name: ID + name: + description: Name of the form's owner. + example: Grant Smith + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + usedBy: + description: 'List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.' + items: + properties: + type: + description: |- + FormUsedByType value. + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + MySailPoint FormUsedByType + enum: + - WORKFLOW + - SOURCE + - MySailPoint + example: WORKFLOW + type: string + x-go-enum-desc: |- + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + x-go-name: Type + id: + description: Unique identifier of the system using the form. + example: 61940a92-5484-42bc-bc10-b9982b218cdf + type: string + x-go-name: ID + name: + description: Name of the system using the form. + example: Access Request Form + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: UsedBy + formInput: + description: List of form inputs required to create a form-instance object. + items: + properties: + id: + description: Unique identifier for the form input. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + FormDefinitionInputType value. + STRING FormDefinitionInputTypeString + enum: + - STRING + example: STRING + type: string + x-go-enum-desc: STRING FormDefinitionInputTypeString + x-go-name: Type + label: + description: Name for the form input. + example: input1 + type: string + x-go-name: Label + description: + description: Form input's description. + example: 'A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic' + type: string + x-go-name: Description + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormInput + formElements: + description: List of nested form elements. + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formConditions: + description: Conditional logic that can dynamically modify the form as the recipient is interacting with it. + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + created: + description: Created is the date the form definition was created + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + modified: + description: Modified is the last date the form definition was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + self: + type: string + x-go-name: Self + version: + type: integer + format: int8 + x-go-name: Version + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + /form-definitions/forms-action-dynamic-schema: + post: + tags: + - Custom Forms + summary: Generate JSON Schema dynamically. + operationId: createFormDefinitionDynamicSchema + requestBody: + description: Body is the request payload to create a form definition dynamic schema + content: + application/json: + schema: + properties: + attributes: + properties: + formDefinitionId: + description: FormDefinitionID is a unique guid identifying this form definition + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: FormDefinitionID + type: object + x-go-name: Attributes + description: + description: Description is the form definition dynamic schema description text + example: A description + type: string + x-go-name: Description + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: Type is the form definition dynamic schema type + example: action + type: string + x-go-name: Type + versionNumber: + description: VersionNumber is the form definition dynamic schema version number + example: 1 + format: int64 + type: integer + x-go-name: VersionNumber + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + example: + id: 'sp:forms' + attributes: + formDefinitionId: 00000000-0000-0000-0000-000000000000 + description: AnotherDescription + type: action + versionNumber: 1 + required: false + responses: + '200': + description: Returns a form elements dynamic schema + content: + application/json: + schema: + properties: + outputSchema: + additionalProperties: {} + description: OutputSchema holds a JSON schema generated dynamically + example: + outputSchema: + $schema: 'https://json-schema.org/draft/2020-12/schema' + additionalProperties: false + properties: + firstName: + title: First Name + type: string + fullName: + title: Full Name + type: string + lastName: + title: Last Name + type: string + startDate: + format: date-time + title: Start Date + type: string + type: object + type: object + x-go-name: OutputSchema + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + x-codegen-request-body-name: Body + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /form-definitions/import: + post: + tags: + - Custom Forms + summary: Import form definitions from export. + operationId: importFormDefinitions + requestBody: + description: Body is the request payload to import form definitions + content: + application/json: + schema: + type: array + items: + type: object + properties: + object: + properties: + id: + description: Unique guid identifying the form definition. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: FormDefinitionID + name: + description: Name of the form definition. + example: My form + type: string + x-go-name: Name + description: + description: Form definition's description. + example: My form description + type: string + x-go-name: Description + owner: + properties: + type: + description: |- + FormOwnerType value. + IDENTITY FormOwnerTypeIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormOwnerTypeIdentity + x-go-name: Type + id: + description: Unique identifier of the form's owner. + example: 2c9180867624cbd7017642d8c8c81f67 + type: string + x-go-name: ID + name: + description: Name of the form's owner. + example: Grant Smith + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + usedBy: + description: 'List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.' + items: + properties: + type: + description: |- + FormUsedByType value. + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + MySailPoint FormUsedByType + enum: + - WORKFLOW + - SOURCE + - MySailPoint + example: WORKFLOW + type: string + x-go-enum-desc: |- + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + x-go-name: Type + id: + description: Unique identifier of the system using the form. + example: 61940a92-5484-42bc-bc10-b9982b218cdf + type: string + x-go-name: ID + name: + description: Name of the system using the form. + example: Access Request Form + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: UsedBy + formInput: + description: List of form inputs required to create a form-instance object. + items: + properties: + id: + description: Unique identifier for the form input. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + FormDefinitionInputType value. + STRING FormDefinitionInputTypeString + enum: + - STRING + example: STRING + type: string + x-go-enum-desc: STRING FormDefinitionInputTypeString + x-go-name: Type + label: + description: Name for the form input. + example: input1 + type: string + x-go-name: Label + description: + description: Form input's description. + example: 'A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic' + type: string + x-go-name: Description + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormInput + formElements: + description: List of nested form elements. + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formConditions: + description: Conditional logic that can dynamically modify the form as the recipient is interacting with it. + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + created: + description: Created is the date the form definition was created + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + modified: + description: Modified is the last date the form definition was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + self: + type: string + x-go-name: Self + version: + type: integer + format: int8 + x-go-name: Version + example: + - version: 1 + self: + name: All fields not required + id: 05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa + type: FORM_DEFINITION + object: + id: 05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa + name: All fields not required + description: description + owner: + type: IDENTITY + id: 3447d8ec2602455ab6f1e8408a0f0150 + usedBy: + - type: WORKFLOW + id: 5008594c-dacc-4295-8fee-41df60477304 + - type: WORKFLOW + id: 97e75a75-c179-4fbc-a2da-b5fa4aaa8743 + formInput: + - type: STRING + label: input1 + description: 'A single dynamic scalar value (i.e. number, string, date, etc) that can be passed into the form for use in conditional logic' + formElements: + - id: '3069272797630701' + elementType: SECTION + config: + label: First Section + formElements: + - id: '3069272797630700' + elementType: TEXT + key: firstName + config: + label: First Name + - id: '3498415402897539' + elementType: TEXT + key: lastName + config: + label: Last Name + formConditions: + - ruleOperator: AND + rules: + - sourceType: INPUT + source: Department + operator: EQ + valueType: STRING + value: Sales + effects: + - effectType: HIDE + config: + element: '2614088730489570' + created: '2022-10-04T19:27:04.456Z' + modified: '2022-11-16T20:45:02.172Z' + required: false + responses: + '202': + description: Returns statuses of those form definition objects imported + content: + application/json: + schema: + type: object + properties: + errors: + type: array + items: + type: object + properties: + detail: + type: object + additionalProperties: + type: object + x-go-name: Detail + key: + type: string + x-go-name: Key + text: + type: string + x-go-name: Text + x-go-name: Errors + importedObjects: + type: array + items: + type: object + properties: + object: + properties: + id: + description: Unique guid identifying the form definition. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: FormDefinitionID + name: + description: Name of the form definition. + example: My form + type: string + x-go-name: Name + description: + description: Form definition's description. + example: My form description + type: string + x-go-name: Description + owner: + properties: + type: + description: |- + FormOwnerType value. + IDENTITY FormOwnerTypeIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormOwnerTypeIdentity + x-go-name: Type + id: + description: Unique identifier of the form's owner. + example: 2c9180867624cbd7017642d8c8c81f67 + type: string + x-go-name: ID + name: + description: Name of the form's owner. + example: Grant Smith + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + usedBy: + description: 'List of objects using the form definition. Whenever a system uses a form, the API reaches out to the form service to record that the system is currently using it.' + items: + properties: + type: + description: |- + FormUsedByType value. + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + MySailPoint FormUsedByType + enum: + - WORKFLOW + - SOURCE + - MySailPoint + example: WORKFLOW + type: string + x-go-enum-desc: |- + WORKFLOW FormUsedByTypeWorkflow + SOURCE FormUsedByTypeSource + x-go-name: Type + id: + description: Unique identifier of the system using the form. + example: 61940a92-5484-42bc-bc10-b9982b218cdf + type: string + x-go-name: ID + name: + description: Name of the system using the form. + example: Access Request Form + type: string + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: UsedBy + formInput: + description: List of form inputs required to create a form-instance object. + items: + properties: + id: + description: Unique identifier for the form input. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + FormDefinitionInputType value. + STRING FormDefinitionInputTypeString + enum: + - STRING + example: STRING + type: string + x-go-enum-desc: STRING FormDefinitionInputTypeString + x-go-name: Type + label: + description: Name for the form input. + example: input1 + type: string + x-go-name: Label + description: + description: Form input's description. + example: 'A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic' + type: string + x-go-name: Description + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormInput + formElements: + description: List of nested form elements. + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formConditions: + description: Conditional logic that can dynamically modify the form as the recipient is interacting with it. + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + created: + description: Created is the date the form definition was created + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + modified: + description: Modified is the last date the form definition was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + self: + type: string + x-go-name: Self + version: + type: integer + format: int8 + x-go-name: Version + x-go-name: ImportedObjects + infos: + type: array + items: + type: object + properties: + detail: + type: object + additionalProperties: + type: object + x-go-name: Detail + key: + type: string + x-go-name: Key + text: + type: string + x-go-name: Text + x-go-name: Infos + warnings: + type: array + items: + type: object + properties: + detail: + type: object + additionalProperties: + type: object + x-go-name: Detail + key: + type: string + x-go-name: Key + text: + type: string + x-go-name: Text + x-go-name: Warnings + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + x-codegen-request-body-name: Body + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/form-definitions/{formDefinitionID}/upload': + post: + tags: + - Custom Forms + summary: Upload new form definition file. + description: 'Parameter `{formDefinitionID}` should match a form definition ID.' + operationId: createFormDefinitionFileRequest + parameters: + - name: formDefinitionID + in: path + description: |- + FormDefinitionID + + String specifying FormDefinitionID + required: true + example: 00000000-0000-0000-0000-000000000000 + schema: + type: string + x-go-name: FormDefinitionID + x-go-name: FormDefinitionID + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + content: + multipart/form-data: + schema: + type: object + required: + - file + properties: + file: + type: string + description: File specifying the multipart + format: binary + x-go-name: File + encoding: + file: + contentType: 'image/png, image/jpeg' + required: true + responses: + '201': + description: Returns a new form definition file + content: + application/json: + schema: + type: object + properties: + created: + type: string + description: Created is the date the file was uploaded + example: 2023-07-12T20:14:57.744Z + x-go-name: Created + fileId: + type: string + description: fileId is a unique ULID that serves as an identifier for the form definition file + example: 01FHZXHK8PTP9FVK99Z66GXQTX.png + x-go-name: FileID + formDefinitionId: + type: string + description: FormDefinitionID is a unique guid identifying this form definition + example: 00000000-0000-0000-0000-000000000000 + x-go-name: FormDefinitionID + x-go-package: github.com/sailpoint/sp-forms/internal/rest/response + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '413': + description: An error with payload size too large + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '415': + description: An error with unsupported media type + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '503': + description: An external service is not available + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + x-codegen-request-body-name: Body + '/form-definitions/{formDefinitionID}/file/{fileID}': + get: + tags: + - Custom Forms + summary: Download definition file by fileId. + operationId: getFileFromS3 + parameters: + - name: formDefinitionID + in: path + description: |- + FormDefinitionID + + Form definition ID + required: true + example: 00000000-0000-0000-0000-000000000000 + schema: + type: string + x-go-name: FormDefinitionID + x-go-name: FormDefinitionID + - name: fileID + in: path + description: |- + FileID + + String specifying the hashed name of the uploaded file we are retrieving. + required: true + example: 00000031N0J7R2B57M8YG73J7M.png + schema: + type: string + x-go-name: FileID + x-go-name: FileID + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns a file that is referred to by fileID and associated with the formDefinitionID + content: + application/json: + schema: + type: string + format: binary + image/jpeg: + schema: + type: string + format: binary + image/png: + schema: + type: string + format: binary + application/octet-stream: + schema: + type: string + format: binary + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '503': + description: An external service is not available + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + x-codegen-request-body-name: Body + /form-instances: + get: + tags: + - Custom Forms + summary: List form instances by tenant. + description: No parameters required. + operationId: searchFormInstancesByTenant + responses: + '200': + description: Returns a list of form instances by tenant + content: + application/json: + schema: + type: object + properties: + count: + description: Count number of Results + type: integer + format: int64 + example: 1 + x-go-name: Count + results: + description: Results holds a list of FormInstanceResponse items + type: array + items: + properties: + created: + description: Created is the date the form instance was assigned + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + createdBy: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a form instance created by type enum value + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + enum: + - WORKFLOW_EXECUTION + - SOURCE + example: WORKFLOW_EXECUTION + type: string + x-go-enum-desc: |- + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + expire: + description: Expire is the maximum amount of time that a form can be in progress. After this time is reached then the form will be moved to a CANCELED state automatically. The user will no longer be able to complete the submission. When a form instance is expires an audit log will be generated for that record + example: '2023-08-12T20:14:57.74486Z' + type: string + x-go-name: Expire + formConditions: + description: FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + formData: + additionalProperties: {} + description: FormData is the data provided by the form on submit. The data is in a key -> value map + example: + department: Engineering + type: object + x-go-name: FormData + formDefinitionId: + description: FormDefinitionID is the id of the form definition that created this form + example: 49841cb8-00a5-4fbd-9888-8bbb28d48331 + type: string + x-go-name: FormDefinitionID + formElements: + description: 'FormElements is the configuration of the form, this would be a repeat of the fields from the form-config' + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formErrors: + description: FormErrors is an array of form validation errors from the last time the form instance was transitioned to the SUBMITTED state. If the form instance had validation errors then it would be moved to the IN PROGRESS state where the client can retrieve these errors + items: + properties: + key: + description: Key is the technical key + example: department + type: string + x-go-name: Key + messages: + description: Messages is a list of web.ErrorMessage items + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + type: array + x-go-name: Messages + value: + description: Value is the value associated with a Key + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormErrors + formInput: + additionalProperties: {} + nullable: true + description: FormInput is an object of form input labels to value + example: + input1: Sales + type: object + x-go-name: FormInput + id: + description: Unique guid identifying this form instance + example: 06a2d961-07fa-44d1-8d0a-2f6470e30fd2 + type: string + x-go-name: FormInstanceID + modified: + description: Modified is the last date the form instance was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + recipients: + description: Recipients references to the recipient of a form. The recipients are those who are responsible for filling out a form and completing it + items: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a FormInstanceRecipientType value + IDENTITY FormInstanceRecipientIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormInstanceRecipientIdentity + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Recipients + standAloneForm: + default: false + description: StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form + example: false + type: boolean + x-go-name: StandAloneForm + standAloneFormUrl: + description: StandAloneFormURL is the URL where this form may be completed by the designated recipients using the standalone form UI + example: 'https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000' + type: string + x-go-name: StandAloneFormURL + state: + description: |- + State the state of the form instance + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + enum: + - ASSIGNED + - IN_PROGRESS + - SUBMITTED + - COMPLETED + - CANCELLED + example: ASSIGNED + type: string + x-go-enum-desc: |- + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + x-go-name: State + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + x-go-name: Results + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + post: + tags: + - Custom Forms + summary: Creates a form instance. + operationId: createFormInstance + requestBody: + description: Body is the request payload to create a form instance + content: + application/json: + schema: + properties: + createdBy: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a form instance created by type enum value + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + enum: + - WORKFLOW_EXECUTION + - SOURCE + example: WORKFLOW_EXECUTION + type: string + x-go-enum-desc: |- + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + expire: + description: Expire is required + example: '2023-08-12T20:14:57.74486Z' + type: string + x-go-name: Expire + formDefinitionId: + description: FormDefinitionID is the id of the form definition that created this form + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: FormDefinitionID + formInput: + additionalProperties: true + description: FormInput is an object of form input labels to value + example: + input1: Sales + type: object + x-go-name: FormInput + recipients: + description: Recipients is required + items: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a FormInstanceRecipientType value + IDENTITY FormInstanceRecipientIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormInstanceRecipientIdentity + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Recipients + standAloneForm: + default: false + description: StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form + example: false + type: boolean + x-go-name: StandAloneForm + state: + description: |- + State is required, if not present initial state is FormInstanceStateAssigned + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + enum: + - ASSIGNED + - IN_PROGRESS + - SUBMITTED + - COMPLETED + - CANCELLED + example: ASSIGNED + type: string + x-go-enum-desc: |- + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + x-go-name: State + ttl: + description: |- + TTL an epoch timestamp in seconds, it most be in seconds or dynamodb will ignore it + SEE: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/time-to-live-ttl-before-you-start.html + example: 1571827560 + format: int64 + type: integer + x-go-name: TTL + required: + - expire + - recipients + - createdBy + - formDefinitionId + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + example: + expire: '2023-06-20T15:57:55.332882Z' + formDefinitionId: 00000000-0000-0000-0000-000000000000 + recipients: + - type: IDENTITY + id: an-identity-id + createdBy: + type: WORKFLOW_EXECUTION + id: a-workflow-execution-id + required: false + responses: + '201': + description: Returns a new form instance + content: + application/json: + schema: + properties: + created: + description: Created is the date the form instance was assigned + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + createdBy: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a form instance created by type enum value + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + enum: + - WORKFLOW_EXECUTION + - SOURCE + example: WORKFLOW_EXECUTION + type: string + x-go-enum-desc: |- + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + expire: + description: Expire is the maximum amount of time that a form can be in progress. After this time is reached then the form will be moved to a CANCELED state automatically. The user will no longer be able to complete the submission. When a form instance is expires an audit log will be generated for that record + example: '2023-08-12T20:14:57.74486Z' + type: string + x-go-name: Expire + formConditions: + description: FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + formData: + additionalProperties: {} + description: FormData is the data provided by the form on submit. The data is in a key -> value map + example: + department: Engineering + type: object + x-go-name: FormData + formDefinitionId: + description: FormDefinitionID is the id of the form definition that created this form + example: 49841cb8-00a5-4fbd-9888-8bbb28d48331 + type: string + x-go-name: FormDefinitionID + formElements: + description: 'FormElements is the configuration of the form, this would be a repeat of the fields from the form-config' + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formErrors: + description: FormErrors is an array of form validation errors from the last time the form instance was transitioned to the SUBMITTED state. If the form instance had validation errors then it would be moved to the IN PROGRESS state where the client can retrieve these errors + items: + properties: + key: + description: Key is the technical key + example: department + type: string + x-go-name: Key + messages: + description: Messages is a list of web.ErrorMessage items + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + type: array + x-go-name: Messages + value: + description: Value is the value associated with a Key + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormErrors + formInput: + additionalProperties: {} + nullable: true + description: FormInput is an object of form input labels to value + example: + input1: Sales + type: object + x-go-name: FormInput + id: + description: Unique guid identifying this form instance + example: 06a2d961-07fa-44d1-8d0a-2f6470e30fd2 + type: string + x-go-name: FormInstanceID + modified: + description: Modified is the last date the form instance was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + recipients: + description: Recipients references to the recipient of a form. The recipients are those who are responsible for filling out a form and completing it + items: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a FormInstanceRecipientType value + IDENTITY FormInstanceRecipientIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormInstanceRecipientIdentity + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Recipients + standAloneForm: + default: false + description: StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form + example: false + type: boolean + x-go-name: StandAloneForm + standAloneFormUrl: + description: StandAloneFormURL is the URL where this form may be completed by the designated recipients using the standalone form UI + example: 'https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000' + type: string + x-go-name: StandAloneFormURL + state: + description: |- + State the state of the form instance + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + enum: + - ASSIGNED + - IN_PROGRESS + - SUBMITTED + - COMPLETED + - CANCELLED + example: ASSIGNED + type: string + x-go-enum-desc: |- + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + x-go-name: State + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + x-codegen-request-body-name: Body + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/form-instances/{formInstanceID}': + get: + tags: + - Custom Forms + summary: Returns a form instance. + description: 'Parameter `{formInstanceID}` should match a form instance ID.' + operationId: getFormInstanceByKey + parameters: + - name: formInstanceID + in: path + description: Form instance ID + required: true + schema: + type: string + x-go-name: FormInstanceID + example: 00000000-0000-0000-0000-000000000000 + x-go-name: FormInstanceID + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns a form instance by its key + content: + application/json: + schema: + properties: + created: + description: Created is the date the form instance was assigned + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + createdBy: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a form instance created by type enum value + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + enum: + - WORKFLOW_EXECUTION + - SOURCE + example: WORKFLOW_EXECUTION + type: string + x-go-enum-desc: |- + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + expire: + description: Expire is the maximum amount of time that a form can be in progress. After this time is reached then the form will be moved to a CANCELED state automatically. The user will no longer be able to complete the submission. When a form instance is expires an audit log will be generated for that record + example: '2023-08-12T20:14:57.74486Z' + type: string + x-go-name: Expire + formConditions: + description: FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + formData: + additionalProperties: {} + description: FormData is the data provided by the form on submit. The data is in a key -> value map + example: + department: Engineering + type: object + x-go-name: FormData + formDefinitionId: + description: FormDefinitionID is the id of the form definition that created this form + example: 49841cb8-00a5-4fbd-9888-8bbb28d48331 + type: string + x-go-name: FormDefinitionID + formElements: + description: 'FormElements is the configuration of the form, this would be a repeat of the fields from the form-config' + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formErrors: + description: FormErrors is an array of form validation errors from the last time the form instance was transitioned to the SUBMITTED state. If the form instance had validation errors then it would be moved to the IN PROGRESS state where the client can retrieve these errors + items: + properties: + key: + description: Key is the technical key + example: department + type: string + x-go-name: Key + messages: + description: Messages is a list of web.ErrorMessage items + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + type: array + x-go-name: Messages + value: + description: Value is the value associated with a Key + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormErrors + formInput: + additionalProperties: {} + nullable: true + description: FormInput is an object of form input labels to value + example: + input1: Sales + type: object + x-go-name: FormInput + id: + description: Unique guid identifying this form instance + example: 06a2d961-07fa-44d1-8d0a-2f6470e30fd2 + type: string + x-go-name: FormInstanceID + modified: + description: Modified is the last date the form instance was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + recipients: + description: Recipients references to the recipient of a form. The recipients are those who are responsible for filling out a form and completing it + items: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a FormInstanceRecipientType value + IDENTITY FormInstanceRecipientIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormInstanceRecipientIdentity + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Recipients + standAloneForm: + default: false + description: StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form + example: false + type: boolean + x-go-name: StandAloneForm + standAloneFormUrl: + description: StandAloneFormURL is the URL where this form may be completed by the designated recipients using the standalone form UI + example: 'https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000' + type: string + x-go-name: StandAloneFormURL + state: + description: |- + State the state of the form instance + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + enum: + - ASSIGNED + - IN_PROGRESS + - SUBMITTED + - COMPLETED + - CANCELLED + example: ASSIGNED + type: string + x-go-enum-desc: |- + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + x-go-name: State + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: [] + patch: + tags: + - Custom Forms + summary: Patch a form instance. + description: 'Parameter `{formInstanceID}` should match a form instance ID.' + operationId: patchFormInstance + parameters: + - name: formInstanceID + in: path + description: Form instance ID + required: true + schema: + type: string + x-go-name: FormInstanceID + example: 00000000-0000-0000-0000-000000000000 + x-go-name: FormInstanceID + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: 'Body is the request payload to patch a form instance, check: https://jsonpatch.com' + content: + application/json: + schema: + title: Patch is an ordered collection of Operations. + description: Patch is an ordered collection of Operations. + type: array + example: + - op: replace + path: /description + value: a new description + items: + title: 'Operation is a single JSON-Patch step, such as a single ''add'' operation.' + type: object + additionalProperties: + type: object + properties: {} + x-go-package: github.com/evanphx/json-patch + x-go-package: github.com/evanphx/json-patch + example: + - op: replace + path: /state + value: SUBMITTED + - op: replace + path: /formData + value: + a-key-1: a-value-1 + a-key-2: true + a-key-3: 1 + required: false + responses: + '200': + description: Returns the form instance updated + content: + application/json: + schema: + properties: + created: + description: Created is the date the form instance was assigned + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Created + createdBy: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a form instance created by type enum value + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + enum: + - WORKFLOW_EXECUTION + - SOURCE + example: WORKFLOW_EXECUTION + type: string + x-go-enum-desc: |- + WORKFLOW_EXECUTION FormInstanceCreatedByTypeWorkflowExecution + SOURCE FormInstanceCreatedByTypeSource + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + expire: + description: Expire is the maximum amount of time that a form can be in progress. After this time is reached then the form will be moved to a CANCELED state automatically. The user will no longer be able to complete the submission. When a form instance is expires an audit log will be generated for that record + example: '2023-08-12T20:14:57.74486Z' + type: string + x-go-name: Expire + formConditions: + description: FormConditions is the conditional logic that modify the form dynamically modify the form as the recipient is interacting out the form + items: + description: Represent a form conditional. + properties: + ruleOperator: + description: |- + ConditionRuleLogicalOperatorType value. + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + enum: + - AND + - OR + example: AND + type: string + x-go-enum-desc: |- + AND ConditionRuleLogicalOperatorTypeAnd + OR ConditionRuleLogicalOperatorTypeOr + x-go-name: RuleOperator + rules: + description: List of rules. + items: + properties: + sourceType: + description: |- + Defines the type of object being selected. It will be either a reference to a form input (by input name) or a form element (by technical key). + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + enum: + - INPUT + - ELEMENT + example: ELEMENT + type: string + x-go-enum-desc: |- + INPUT ConditionRuleSourceTypeInput + ELEMENT ConditionRuleSourceTypeElement + x-go-name: SourceType + source: + description: |- + Source - if the sourceType is ConditionRuleSourceTypeInput, the source type is the name of the form input to accept. However, if the sourceType is ConditionRuleSourceTypeElement, + the source is the name of a technical key of an element to retrieve its value. + example: department + type: string + x-go-name: Source + operator: + description: |- + ConditionRuleComparisonOperatorType value. + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + enum: + - EQ + - NE + - CO + - NOT_CO + - IN + - NOT_IN + - EM + - NOT_EM + - SW + - NOT_SW + - EW + - NOT_EW + example: EQ + type: string + x-go-enum-desc: |- + EQ ConditionRuleComparisonOperatorTypeEquals This comparison operator compares the source and target for equality. + NE ConditionRuleComparisonOperatorTypeNotEquals This comparison operator compares the source and target for inequality. + CO ConditionRuleComparisonOperatorTypeContains This comparison operator searches the source to see whether it contains the value. + NOT_CO ConditionRuleComparisonOperatorTypeNotContains + IN ConditionRuleComparisonOperatorTypeIncludes This comparison operator searches the source if it equals any of the values. + NOT_IN ConditionRuleComparisonOperatorTypeNotIncludes + EM ConditionRuleComparisonOperatorTypeEmpty + NOT_EM ConditionRuleComparisonOperatorTypeNotEmpty + SW ConditionRuleComparisonOperatorTypeStartsWith Checks whether a string starts with another substring of the same string. This operator is case-sensitive. + NOT_SW ConditionRuleComparisonOperatorTypeNotStartsWith + EW ConditionRuleComparisonOperatorTypeEndsWith Checks whether a string ends with another substring of the same string. This operator is case-sensitive. + NOT_EW ConditionRuleComparisonOperatorTypeNotEndsWith + x-go-name: Operator + valueType: + description: |- + ConditionRuleValueType type. + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + enum: + - STRING + - STRING_LIST + - INPUT + - ELEMENT + - LIST + - BOOLEAN + example: STRING + type: string + x-go-enum-desc: |- + STRING ConditionRuleValueTypeString This value is a static string. + STRING_LIST ConditionRuleValueTypeStringList This value is an array of string values. + INPUT ConditionRuleValueTypeInput This value is a reference to a form input. + ELEMENT ConditionRuleValueTypeElement This value is a reference to a form element (by technical key). + LIST ConditionRuleValueTypeList + BOOLEAN ConditionRuleValueTypeBoolean + x-go-name: ValueType + value: + description: Based on the ValueType. + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Rules + effects: + description: List of effects. + items: + description: Effect produced by a condition. + properties: + effectType: + description: |- + Type of effect to perform when the conditions are evaluated for this logic block. + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + enum: + - HIDE + - SHOW + - DISABLE + - ENABLE + - REQUIRE + - OPTIONAL + - SUBMIT_MESSAGE + - SUBMIT_NOTIFICATION + - SET_DEFAULT_VALUE + example: HIDE + type: string + x-go-enum-desc: |- + HIDE ConditionEffectTypeHide Disables validations. + SHOW ConditionEffectTypeShow Enables validations. + DISABLE ConditionEffectTypeDisable Disables validations. + ENABLE ConditionEffectTypeEnable Enables validations. + REQUIRE ConditionEffectTypeRequire + OPTIONAL ConditionEffectTypeOptional + SUBMIT_MESSAGE ConditionEffectTypeSubmitMessage + SUBMIT_NOTIFICATION ConditionEffectTypeSubmitNotification + SET_DEFAULT_VALUE ConditionEffectTypeSetDefaultValue This value is ignored on purpose. + x-go-name: EffectType + config: + description: Arbitrary map containing a configuration based on the EffectType. + type: object + properties: + defaultValueLabel: + type: string + description: Effect type's label. + example: Access to Remove + element: + type: string + description: Element's identifier. + example: 8110662963316867 + x-go-name: Config + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Effects + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormConditions + formData: + additionalProperties: {} + description: FormData is the data provided by the form on submit. The data is in a key -> value map + example: + department: Engineering + type: object + x-go-name: FormData + formDefinitionId: + description: FormDefinitionID is the id of the form definition that created this form + example: 49841cb8-00a5-4fbd-9888-8bbb28d48331 + type: string + x-go-name: FormDefinitionID + formElements: + description: 'FormElements is the configuration of the form, this would be a repeat of the fields from the form-config' + items: + properties: + id: + description: Form element identifier. + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + elementType: + description: |- + FormElementType value. + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMN_SET FormElementTypeColumns + IMAGE FormElementTypeImage + DESCRIPTION FormElementTypeDescription + enum: + - TEXT + - TOGGLE + - TEXTAREA + - HIDDEN + - PHONE + - EMAIL + - SELECT + - DATE + - SECTION + - COLUMN_SET + - IMAGE + - DESCRIPTION + example: TEXT + type: string + x-go-name: ElementType + config: + additionalProperties: {} + description: Config object. + example: + label: Department + type: object + x-go-name: Config + x-go-enum-desc: |- + TEXT FormElementTypeText + TOGGLE FormElementTypeToggle + TEXTAREA FormElementTypeTextArea + HIDDEN FormElementTypeHidden + PHONE FormElementTypePhone + EMAIL FormElementTypeEmail + SELECT FormElementTypeSelect + DATE FormElementTypeDate + SECTION FormElementTypeSection + COLUMNS FormElementTypeColumns + key: + description: Technical key. + example: department + type: string + x-go-name: Key + validations: + nullable: true + type: array + items: + description: Set of FormElementValidation items. + example: + - validationType: REQUIRED + type: object + properties: + validationType: + type: string + enum: + - REQUIRED + - MIN_LENGTH + - MAX_LENGTH + - REGEX + - DATE + - MAX_DATE + - MIN_DATE + - LESS_THAN_DATE + - PHONE + - EMAIL + - DATA_SOURCE + - TEXTAREA + x-go-package: github.com/sailpoint/sp-forms/domain + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormElements + formErrors: + description: FormErrors is an array of form validation errors from the last time the form instance was transitioned to the SUBMITTED state. If the form instance had validation errors then it would be moved to the IN PROGRESS state where the client can retrieve these errors + items: + properties: + key: + description: Key is the technical key + example: department + type: string + x-go-name: Key + messages: + description: Messages is a list of web.ErrorMessage items + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + type: array + x-go-name: Messages + value: + description: Value is the value associated with a Key + example: Engineering + x-go-name: Value + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: FormErrors + formInput: + additionalProperties: {} + nullable: true + description: FormInput is an object of form input labels to value + example: + input1: Sales + type: object + x-go-name: FormInput + id: + description: Unique guid identifying this form instance + example: 06a2d961-07fa-44d1-8d0a-2f6470e30fd2 + type: string + x-go-name: FormInstanceID + modified: + description: Modified is the last date the form instance was modified + example: '2023-07-12T20:14:57.74486Z' + format: date-time + type: string + x-go-name: Modified + recipients: + description: Recipients references to the recipient of a form. The recipients are those who are responsible for filling out a form and completing it + items: + properties: + id: + description: ID is a unique identifier + example: 00000000-0000-0000-0000-000000000000 + type: string + x-go-name: ID + type: + description: |- + Type is a FormInstanceRecipientType value + IDENTITY FormInstanceRecipientIdentity + enum: + - IDENTITY + example: IDENTITY + type: string + x-go-enum-desc: IDENTITY FormInstanceRecipientIdentity + x-go-name: Type + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Recipients + standAloneForm: + default: false + description: StandAloneForm is a boolean flag to indicate if this form should be available for users to complete via the standalone form UI or should this only be available to be completed by as an embedded form + example: false + type: boolean + x-go-name: StandAloneForm + standAloneFormUrl: + description: StandAloneFormURL is the URL where this form may be completed by the designated recipients using the standalone form UI + example: 'https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000' + type: string + x-go-name: StandAloneFormURL + state: + description: |- + State the state of the form instance + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + enum: + - ASSIGNED + - IN_PROGRESS + - SUBMITTED + - COMPLETED + - CANCELLED + example: ASSIGNED + type: string + x-go-enum-desc: |- + ASSIGNED FormInstanceStateAssigned + IN_PROGRESS FormInstanceStateInProgress + SUBMITTED FormInstanceStateSubmitted + COMPLETED FormInstanceStateCompleted + CANCELLED FormInstanceStateCancelled + x-go-name: State + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '409': + description: An error with the request property conflicts with stored + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: [] + x-codegen-request-body-name: Body + '/form-instances/{formInstanceID}/data-source/{formElementID}': + get: + tags: + - Custom Forms + summary: Retrieves dynamic data by element. + description: |- + Parameter `{formInstanceID}` should match a form instance ID. + Parameter `{formElementID}` should match a form element ID at the data source configuration. + operationId: searchFormElementDataByElementID + parameters: + - name: formInstanceID + in: path + description: Form instance ID + required: true + schema: + type: string + x-go-name: FormInstanceID + example: 00000000-0000-0000-0000-000000000000 + x-go-name: FormInstanceID + - name: formElementID + in: path + description: Form element ID + required: true + schema: + type: string + x-go-name: FormElementID + example: 1 + x-go-name: FormElementID + - name: limit + in: query + description: |- + Limit + + Integer specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). + If it is not specified, a default limit is used. + schema: + type: integer + format: int64 + maxLength: 250 + minLength: 0 + default: 250 + x-go-name: Limit + example: 250 + required: false + x-go-name: Limit + - name: filters + in: query + description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **value**: *eq, ne, in* + + Supported composite operators: *not* + + Only a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in ("ID01")` + schema: + type: string + x-go-name: Filters + example: value eq "ID01" + required: false + x-go-name: Filters + - name: query + in: query + description: 'String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a "starts with" filter against several fields.' + schema: + type: string + x-go-name: Query + example: support + required: false + x-go-name: Query + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Retrieves dynamic data to aid in correctly completing a valid form by form element ID from data source configuration + content: + application/json: + schema: + properties: + results: + description: Results holds a list of FormElementDataSourceConfigOptions items + example: '{"results":[{"label":"Alfred 255e71dfc6e","subLabel":"Alfred.255e71dfc6e@testmail.identitysoon.com","value":"2c918084821847c5018227ced2e16676"},{"label":"Alize eba9d4cd27da","subLabel":"Alize.eba9d4cd27da@testmail.identitysoon.com","value":"2c918084821847c5018227ced2f1667c"},{"label":"Antonina 01f69c3ea","subLabel":"Antonina.01f69c3ea@testmail.identitysoon.com","value":"2c918084821847c5018227ced2f9667e"},{"label":"Ardella 21e78ce155","subLabel":"Ardella.21e78ce155@testmail.identitysoon.com","value":"2c918084821847c5018227ced2e6667a"},{"label":"Arnaldo d8582b6e17","subLabel":"Arnaldo.d8582b6e17@testmail.identitysoon.com","value":"2c918084821847c5018227ced3426686"},{"label":"Aurelia admin24828","subLabel":"Aurelia.admin24828@testmail.identitysoon.com","value":"2c918084821847c5018227ced2e16674"},{"label":"Barbara 72ca418fdd","subLabel":"Barbara.72ca418fdd@testmail.identitysoon.com","value":"2c918084821847c5018227ced2fb6680"},{"label":"Barbara ee1a2436ee","subLabel":"Barbara.ee1a2436ee@testmail.identitysoon.com","value":"2c918084821847c5018227ced2e56678"},{"label":"Baylee 652d72432f3","subLabel":"Baylee.652d72432f3@testmail.identitysoon.com","value":"2c91808582184782018227ced28b6aee"},{"label":"Brock e76b56ae4d49","subLabel":"Brock.e76b56ae4d49@testmail.identitysoon.com","value":"2c91808582184782018227ced28b6aef"}]}' + items: + type: object + properties: + label: + description: Label is the main label to display to the user when selecting this option + type: string + example: regression-test-access-request-07c55dd6-3056-430a-86b5-fccc395bb6c5 + x-go-name: Label + subLabel: + description: SubLabel is the sub label to display below the label in diminutive styling to help describe or identify this option + type: string + example: '' + x-go-name: SubLabel + value: + description: Value is the value to save as an entry when the user selects this option + type: string + example: e96674448eba4ca1ba04eee999a8f3cd + x-go-name: Value + x-go-package: github.com/sailpoint/sp-forms/domain + type: array + x-go-name: Results + type: object + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: [] + '/form-instances/{formInstanceID}/file/{fileID}': + get: + tags: + - Custom Forms + summary: Download instance file by fileId. + operationId: getFormInstanceFile + parameters: + - name: formInstanceID + in: path + description: |- + FormInstanceID + + Form instance ID + required: true + example: 00000000-0000-0000-0000-000000000000 + schema: + type: string + x-go-name: FormInstanceID + x-go-name: FormInstanceID + - name: fileID + in: path + description: |- + FileID + + String specifying the hashed name of the uploaded file we are retrieving. + required: true + example: 00000031N0J7R2B57M8YG73J7M.png + schema: + type: string + x-go-name: FileID + x-go-name: FileID + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Returns a file that is referred to by fileID and associated with the formInstanceID + content: + application/json: + schema: + type: string + format: binary + image/jpeg: + schema: + type: string + format: binary + image/png: + schema: + type: string + format: binary + application/octet-stream: + schema: + type: string + format: binary + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '404': + description: An error with the item not found + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '503': + description: An external service is not available + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/jpeg: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + image/png: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + application/octet-stream: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + x-codegen-request-body-name: Body + /form-definitions/predefined-select-options: + get: + tags: + - Custom Forms + summary: List predefined select options. + description: No parameters required. + operationId: searchPreDefinedSelectOptions + responses: + '200': + description: Returns a list of available predefined select options + content: + application/json: + schema: + type: object + properties: + results: + description: Results holds a list of PreDefinedSelectOption items + type: array + items: + type: string + description: PreDefinedSelectOption pre-defined select options + example: IDENTITY + x-go-package: github.com/sailpoint/sp-forms/domain + x-go-name: Results + x-go-package: github.com/sailpoint/sp-forms/domain + '400': + description: An error with the request occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '401': + description: An error with the authorization occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '403': + description: An error with the user permissions occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + '429': + description: Too many requests + content: + application/json: + schema: + title: Error is the standard API error response type. + type: object + properties: + detailCode: + description: DetailCode is the text of the status code returned + example: Internal Server Error + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + trackingId: + description: TrackingID is the request tracking unique identifier + example: 9cd03ef80e6a425eb6b11bdbb057cdb4 + type: string + x-go-name: TrackingID + x-go-package: github.com/sailpoint/atlas-go/atlas/web + '500': + description: An internal server error occurred + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + x-go-name: DetailCode + messages: + type: array + items: + title: ErrorMessage is the standard API error response message type. + type: object + properties: + locale: + description: Locale is the current Locale + example: en-US + type: string + x-go-name: Locale + localeOrigin: + description: LocaleOrigin holds possible values of how the locale was selected + example: DEFAULT + type: string + x-go-name: LocaleOrigin + text: + description: Text is the actual text of the error message + example: This is an error + type: string + x-go-name: Text + x-go-package: github.com/sailpoint/atlas-go/atlas/web + x-go-name: Messages + statusCode: + type: integer + format: int64 + x-go-name: StatusCode + trackingId: + type: string + x-go-name: TrackingID + security: + - UserContextAuth: + - 'sp:forms:manage' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + '/access-request-identity-metrics/{identityId}/requested-objects/{requestedObjectId}/type/{type}': + get: + tags: + - Access Request Identity Metrics + summary: Return access request identity metrics + description: Use this API to return information access metrics. + operationId: getAccessRequestIdentityMetrics + parameters: + - name: identityId + in: path + description: Manager's identity ID. + required: true + schema: + type: string + example: 7025c863-c270-4ba6-beea-edf3cb091573 + - name: requestedObjectId + in: path + description: Requested access item's ID. + required: true + schema: + type: string + example: 2db501be-f0fb-4cc5-a695-334133c52891 + - name: type + in: path + description: Requested access item's type. + required: true + schema: + type: string + items: + type: object + properties: + id: + type: string + description: ID of the access item to retrieve the recommendation for. + example: 2c938083633d259901633d2623ec0375 + type: + type: string + example: ENTITLEMENT + description: Access item's type. + enum: + - ENTITLEMENT + - ACCESS_PROFILE + - ROLE + example: ENTITLEMENT + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + security: + - UserContextAuth: + - 'idn:access-request-approvals:read' + responses: + '200': + description: Summary of the resource access and source activity for the direct reports of the provided manager. + content: + application/json: + schema: + type: object + items: + type: object + properties: + identitiesWithAccess: + type: integer + format: int64 + nullable: true + description: A count of the provided manager's direct reports that have already been granted the access item in question. + example: 8 + identitiesWithActivity: + type: integer + format: int64 + nullable: true + description: A count of the provided manager's direct reports that have activity within the associated source. + example: 5 + totalIdentities: + type: integer + format: int64 + nullable: true + description: Total number of identities who share a manager with the identity requesting access. + example: 10 + squadAvailable: + type: boolean + default: false + description: True if the manager's ID can be found. False if the manager's ID cannot be found. + example: true + validActivityObject: + type: boolean + default: false + description: 'True if the requested access item is associated with a single Activity Data Insights connector source. False if the requested access item type is a role. If it''s a role, it matches to multiple sources, so a single relevant source can''t be determined for activity metrics.' + example: true + activitySourceConfigured: + type: boolean + default: false + description: True if the Activity Data Insights connector is configured for the source associated with the requested access item. False if the matching Activity Data Insights connector is not configured. + example: true + requestedObjectActive: + type: boolean + default: false + description: True if the requested access item exists and is available. False if the requested access item is either missing or deleted. + example: true + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/icons/{objectType}/{objectId}': + put: + operationId: setIcon + tags: + - Icons + summary: Update an icon + description: This API endpoint updates an icon by object type and object id. A token with ORG_ADMIN authority is required to call this API. + parameters: + - in: path + name: objectType + schema: + type: string + required: true + description: 'Object type. Available options [''application'']' + example: application + - in: path + name: objectId + schema: + type: string + required: true + description: Object id. + example: a291e870-48c3-4953-b656-fb5ce2a93169 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + required: true + content: + multipart/form-data: + schema: + type: object + required: + - image + properties: + image: + type: string + format: binary + description: 'file with icon. Allowed mime-types [''image/png'', ''image/jpeg'']' + example: \x00\x00\x00\x02 + security: + - UserContextAuth: + - 'idn:icons:manage' + responses: + '200': + description: Icon updated + content: + application/json: + schema: + type: object + properties: + icon: + type: string + description: url to file with icon + example: '' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + operationId: deleteIcon + tags: + - Icons + summary: Delete an icon + description: This API endpoint delete an icon by object type and object id. A token with ORG_ADMIN authority is required to call this API. + parameters: + - in: path + name: objectType + schema: + type: string + required: true + description: 'Object type. Available options [''application'']' + example: application + - in: path + name: objectId + schema: + type: string + required: true + description: Object id. + example: a291e870-48c3-4953-b656-fb5ce2a93169 + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + security: + - UserContextAuth: + - 'idn:icons:manage' + responses: + '204': + description: No content - indicates the request was successful but there is no content to be returned in the response. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + '/suggested-entitlement-description-batches/{batchId}/stats': + get: + tags: + - Suggested Entitlement Description + operationId: getSedBatchStats + summary: Submit Sed Batch Stats Request + description: |- + Submit Sed Batch Stats Request. + Submits batchId in the path param (e.g. {batchId}/stats). API responses with stats of the batchId. + parameters: + - name: batchId + in: path + description: Batch Id + schema: + type: string + format: uuid + example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb + required: true + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: Stats of Sed batch. + content: + application/json: + schema: + description: Sed Batch Stats + type: object + properties: + batchComplete: + description: batch complete + type: boolean + example: true + default: false + batchId: + description: batch Id + format: uuid + type: string + example: 016629d1-1d25-463f-97f3-c6686846650 + discoveredCount: + description: discovered count + format: int64 + type: integer + example: 100 + discoveryComplete: + description: discovery complete + type: boolean + example: true + default: false + processedCount: + description: processed count + format: int64 + example: 100 + type: integer + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:sed:read' + /suggested-entitlement-description-batches: + get: + tags: + - Suggested Entitlement Description + operationId: getSedBatches + summary: List Sed Batch Request + description: |- + List Sed Batches. + API responses with Sed Batch Status + responses: + '200': + description: Status of batch + content: + application/json: + schema: + description: Sed Batch Status + type: object + properties: + status: + description: status of batch + type: string + example: OK + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:sed:read' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + post: + tags: + - Suggested Entitlement Description + operationId: submitSedBatchRequest + summary: Submit Sed Batch Request + description: |- + Submit Sed Batch Request. + Request body has a list of entitlement Ids that user wants to have description generated by LLM. API responses with batchId that groups Ids together + requestBody: + description: Sed Batch Request + content: + application/json-patch+json: + schema: + description: Sed Batch Request + type: object + properties: + entitlements: + description: list of entitlement ids + items: + type: string + example: 016629d1-1d25-463f-97f3-c6686846650 + type: array + responses: + '200': + description: Sed Batch Response + content: + application/json: + schema: + description: Sed Batch Response + type: object + properties: + batchId: + description: BatchId that groups all the ids together + format: uuid + type: string + example: 016629d1-1d25-463f-97f3-c6686846650 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:sed:write' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /suggested-entitlement-description-approvals: + post: + tags: + - Suggested Entitlement Description + summary: Submit Bulk Approval Request + description: |- + Submit Bulk Approval Request for SED. + Request body takes list of SED Ids. API responses with list of SED Approval Status + operationId: submitSedApproval + requestBody: + description: Sed Approval + content: + application/json-patch+json: + schema: + items: + description: Sed Approval Request Body + type: object + properties: + items: + description: List of SED id's + items: + format: uuid + type: string + type: array + example: 016629d1-1d25-463f-97f3-c6686846650 + type: array + required: true + responses: + '200': + description: List of SED Approval Status + content: + application/json: + schema: + items: + description: SED Approval Status + type: object + properties: + failedReason: + description: failed reason will be display if status is failed + type: string + example: invalid status + id: + description: Sed id + format: uuid + type: string + example: 016629d1-1d25-463f-97f3-c6686846650 + status: + description: SUCCESS | FAILED + example: SUCCESS + type: string + type: array + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:sed:write' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /suggested-entitlement-description-assignments: + post: + tags: + - Suggested Entitlement Description + operationId: submitSedAssignment + summary: Submit Sed Assignment Request + description: |- + Submit Assignment Request. + Request body has an assignee, and list of SED Ids that are assigned to that assignee API responses with batchId that groups all approval requests together + requestBody: + description: Sed Assignment Request + content: + application/json-patch+json: + schema: + description: Sed Assignment + type: object + properties: + assignee: + description: Sed Assignee + type: object + properties: + type: + description: |- + Type of assignment + When value is PERSONA, the value MUST be SOURCE_OWNER or ENTITLEMENT_OWNER + IDENTITY SED_ASSIGNEE_IDENTITY_TYPE + GROUP SED_ASSIGNEE_GROUP_TYPE + SOURCE_OWNER SED_ASSIGNEE_SOURCE_OWNER_TYPE + ENTITLEMENT_OWNER SED_ASSIGNEE_ENTITLEMENT_OWNER_TYPE + enum: + - IDENTITY + - GROUP + - SOURCE_OWNER + - ENTITLEMENT_OWNER + type: string + example: SOURCE_OWNER + value: + description: |- + Identity or Group identifier + Empty when using source/entitlement owner personas + type: string + example: 016629d1-1d25-463f-97f3-c6686846650 + required: + - type + items: + description: List of SED id's + items: + format: uuid + type: string + example: 016629d1-1d25-463f-97f3-c6686846650 + type: array + required: true + responses: + '202': + description: Sed Assignment Response + content: + application/json: + schema: + description: Sed Assignment Response + type: object + properties: + batchId: + description: BatchId that groups all the ids together + format: uuid + type: string + example: 016629d1-1d25-463f-97f3-c6686846650 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:sed:write' + parameters: + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + /suggested-entitlement-descriptions: + get: + tags: + - Suggested Entitlement Description + operationId: listSeds + summary: List Suggested Entitlement Description + description: List of Suggested Entitlement Description + parameters: + - description: |- + Integer specifying the maximum number of records to return in a single API call. + The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used. + schema: + format: int64 + type: integer + in: query + name: limit + example: limit=0 + - description: |- + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + Filtering is supported for the following fields and operators: + + **batchId**: *eq* + + **status**: *eq, ne, in* + + **displayName**: *eq, co* + in: query + name: filters + example: displayName co "Read and Write" + schema: + type: string + - description: |- + If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. + The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). + Since requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used. + in: query + name: count + example: count=true + schema: + type: boolean + - description: |- + If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. + This parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array. + in: query + name: count-only + example: count-only=true + schema: + type: boolean + - description: |- + By default, the ListSeds API will only return items that you have requested to be generated. + This option will allow you to see all items that have been requested + in: query + name: requested-by-anyone + example: requested-by-anyone=true + schema: + type: boolean + - description: Will limit records to items that are in "suggested" or "approved" status + in: query + name: show-pending-status-only + example: show-pending-status-only=true + schema: + type: boolean + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + responses: + '200': + description: List of Suggested Entitlement Details + content: + application/json: + schema: + items: + description: Suggested Entitlement Description + type: object + properties: + Name: + type: string + description: name of the entitlement + example: BatchInvoiceProcessing + approved_by: + type: string + description: entitlement approved by + example: 2c918086-76de-afbf-0176-f6d28f65565a + approved_type: + type: string + description: entitlement approved type + example: admin + approved_when: + format: date-time + type: string + example: 2024-03-22T16:32:16.308Z + description: entitlement approved then + attribute: + type: string + description: entitlement attribute + example: Role + description: + type: string + description: description of entitlement + example: This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable procedures. + displayName: + type: string + description: entitlement display name + example: AWS-Cloud-Billing + id: + format: uuid + type: string + description: sed id + example: ead281ee-12a9-40ac-9534-36b5d7d65d53 + sourceId: + type: string + description: entitlement source id + example: 103f567b93ee49b991c40f9412f87643 + sourceName: + type: string + description: entitlement source name + example: IDN Salesforce + status: + type: string + description: entitlement status + example: suggested + suggestedDescription: + type: string + description: llm suggested entitlement description + example: This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable + type: + type: string + description: entitlement type + example: group + value: + type: string + description: entitlement value + example: group + type: array + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:sed:read' + patch: + tags: + - Suggested Entitlement Description + operationId: patchSed + summary: Patch Suggested Entitlement Description + description: Patch Suggested Entitlement Description + parameters: + - description: id is sed id + in: path + name: id + example: ebab396f-0af1-4050-89b7-dafc63ec70e7 + required: true + schema: + type: string + format: uuid + - name: X-SailPoint-Experimental + in: header + description: Use this header to enable this experimental API. + example: true + schema: + type: string + default: true + required: true + requestBody: + description: Sed Patch Request + content: + application/json-patch+json: + schema: + items: + description: Patch for Suggested Entitlement Description + type: object + properties: + op: + description: desired operation + type: string + example: replace + path: + description: field to be patched + type: string + example: status + value: + description: value to replace with + example: approved + type: array + required: true + responses: + '200': + description: detail of patched sed + content: + application/json: + schema: + description: Suggested Entitlement Description + type: object + properties: + Name: + type: string + description: name of the entitlement + example: BatchInvoiceProcessing + approved_by: + type: string + description: entitlement approved by + example: 2c918086-76de-afbf-0176-f6d28f65565a + approved_type: + type: string + description: entitlement approved type + example: admin + approved_when: + format: date-time + type: string + example: 2024-03-22T16:32:16.308Z + description: entitlement approved then + attribute: + type: string + description: entitlement attribute + example: Role + description: + type: string + description: description of entitlement + example: This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable procedures. + displayName: + type: string + description: entitlement display name + example: AWS-Cloud-Billing + id: + format: uuid + type: string + description: sed id + example: ead281ee-12a9-40ac-9534-36b5d7d65d53 + sourceId: + type: string + description: entitlement source id + example: 103f567b93ee49b991c40f9412f87643 + sourceName: + type: string + description: entitlement source name + example: IDN Salesforce + status: + type: string + description: entitlement status + example: suggested + suggestedDescription: + type: string + description: llm suggested entitlement description + example: This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable + type: + type: string + description: entitlement type + example: group + value: + type: string + description: entitlement value + example: group + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + security: + - UserContextAuth: + - 'idn:sed:write' + /discovered-applications: + get: + operationId: getDiscoveredApplications + tags: + - Application Discovery + summary: Retrieve discovered applications for tenant + description: | + Fetches a list of applications that have been identified within the environment. This includes details such as application names, discovery dates, potential correlated saas_vendors and related suggested connectors. + security: + - UserContextAuth: + - 'idn:application-discovery:read' + parameters: + - in: query + name: limit + description: |- + Max number of results to return. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 250 + schema: + type: integer + format: int32 + minimum: 0 + maximum: 250 + default: 250 + - in: query + name: offset + description: |- + Offset into the full result set. Usually specified with *limit* to paginate through the results. + See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. + required: false + example: 0 + schema: + type: integer + format: int32 + minimum: 0 + default: 0 + - in: query + name: filter + schema: + type: string + description: | + Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) + + + Filtering is supported for the following fields and operators: + + **name**: *eq, sw, co* + + **description**: *eq, sw, co* + example: name eq "Okta" and description co "Okta" + required: false + style: form + - in: query + name: sorters + schema: + type: string + format: comma-separated + description: |- + Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) + + Sorting is supported for the following fields: **name, description, discoveredAt, discoverySource** + example: name + responses: + '200': + description: Successfully retrieved list of discovered applications. + content: + application/json: + schema: + type: array + items: + type: array + description: An array of discovered applications for a given tenant + example: + - id: app-123 + name: ExampleApp + discoverySource: CSV + discoveredVendor: ExampleVendor + description: An application for managing examples. + recommendedConnectors: + - ConnectorA + - ConnectorB + discoveredTimestamp: '2023-01-01T12:00:00Z' + items: + type: object + properties: + id: + type: string + format: uuid + description: Unique identifier for the discovered application. + example: 2d9180835d2e5168015d32f890ca1581 + name: + type: string + description: Name of the discovered application. + example: ExampleApp + discoverySource: + type: string + description: Source from which the application was discovered. + example: CSV + discoveredVendor: + type: string + description: The vendor associated with the discovered application. + example: ExampleVendor + description: + type: string + description: A brief description of the discovered application. + example: An application for managing examples. + recommendedConnectors: + type: array + items: + type: string + description: List of recommended connectors for the application. + example: + - ConnectorA + - ConnectorB + discoveredTimestamp: + type: string + format: date-time + description: 'The timestamp when the application was discovered, in ISO 8601 format.' + example: '2023-01-01T12:00:00Z' + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /manual-discover-applications-template: + get: + summary: CSV template download for discovery + tags: + - Application Discovery + description: | + This endpoint allows the user to download an example CSV file with two columns `application_name` and `description`. The CSV file contains a single row with the values 'Example Application' and 'Example Description'. + + The downloaded template is specifically designed for use with the `/manual-discover-applications` endpoint. + security: + - UserContextAuth: + - 'idn:application-discovery:read' + operationId: getManualDiscoverApplicationsCsvTemplate + responses: + '200': + description: A CSV file download was successful. + content: + text/csv: + schema: + type: object + properties: + application_name: + type: string + description: Name of the application. + example: Example Application + description: + type: string + description: Description of the application. + example: Example Description + example: | + application_name,description + Example Application,Example Description + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /manual-discover-applications: + post: + summary: CSV Upload to discover applications + tags: + - Application Discovery + description: |- + This endpoint supports uploading a CSV file with application data for manual correlation to specific IDN connectors. + If a suitable IDN connector is unavailable, the system will recommend generic connectors instead. + security: + - UserContextAuth: + - 'idn:application-discovery:write' + operationId: sendManualDiscoverApplicationsCsvTemplate + requestBody: + content: + multipart/form-data: + schema: + type: object + properties: + file: + type: string + format: binary + description: The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered. + example: |- + application_name,description + "Sample App","This is a sample description for Sample App." + "Another App","Description for Another App." + required: + - file + responses: + '200': + description: The CSV has been successfully processed. + '400': + description: | + Bad request - There was an error with the CSV format or validation failed (e.g., `application_name` missing). Error message should be provided in response. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + /vendor-connector-mappings: + get: + security: + - UserContextAuth: + - 'idn:application-discovery:read' + operationId: getVendorConnectorMappings + tags: + - Application Discovery + summary: List vendor connector mappings + description: | + Retrieves a list of mappings between SaaS vendors and IDN connectors, detailing the connections established for correlation. + responses: + '200': + description: Successfully retrieved list. + content: + application/json: + schema: + type: array + items: + type: object + properties: + id: + type: string + description: The unique identifier for the vendor-connector mapping. + example: 78733556-9ea3-4f59-bf69-e5cd92b011b4 + vendor: + type: string + description: The name of the vendor. + example: Example vendor + connector: + type: string + description: The name of the connector. + example: Example connector + createdAt: + type: string + format: date-time + description: The creation timestamp of the mapping. + example: '2024-03-13T12:56:19.391294Z' + createdBy: + type: string + description: The identifier of the user who created the mapping. + example: admin + updatedAt: + type: object + nullable: true + properties: + Time: + type: string + format: date-time + description: 'The timestamp when the mapping was last updated, represented in ISO 8601 format.' + example: '2024-03-14T12:56:19.391294Z' + Valid: + type: boolean + description: A flag indicating if the 'Time' field is set and valid. + default: false + example: true + description: An object representing the nullable timestamp of the last update. + updatedBy: + type: object + nullable: true + properties: + String: + type: string + description: 'The identifier of the user who last updated the mapping, if available.' + example: user-67891 + Valid: + type: boolean + description: A flag indicating if the 'String' field is set and valid. + default: false + example: true + description: An object representing the nullable identifier of the user who last updated the mapping. + deletedAt: + type: object + nullable: true + properties: + Time: + type: string + format: date-time + description: 'The timestamp when the mapping was deleted, represented in ISO 8601 format, if applicable.' + example: '0001-01-01T00:00:00Z' + Valid: + type: boolean + description: 'A flag indicating if the ''Time'' field is set and valid, i.e., if the mapping has been deleted.' + default: false + example: false + description: An object representing the nullable timestamp of when the mapping was deleted. + deletedBy: + type: object + nullable: true + properties: + String: + type: string + description: 'The identifier of the user who deleted the mapping, if applicable.' + example: '' + Valid: + type: boolean + description: 'A flag indicating if the ''String'' field is set and valid, i.e., if the mapping has been deleted.' + default: false + example: false + description: An object representing the nullable identifier of the user who deleted the mapping. + example: + - id: 78733556-9ea3-4f59-bf69-e5cd92b011b4 + vendor: Example Vendor + connector: Example Connector + createdAt: '2024-03-13T12:56:19.391294Z' + createdBy: admin + updatedAt: + Time: '2024-03-14T12:56:19.391294Z' + Valid: true + updatedBy: + String: user-67891 + Valid: true + deletedAt: + Time: '0001-01-01T00:00:00Z' + Valid: false + deletedBy: + String: '' + Valid: false + - id: 78733556-9ea3-4f59-bf69-e5cd92b011b5 + vendor: Another Corporation + connector: Another Connector + createdAt: '2024-04-13T11:46:19.391294Z' + createdBy: admin + updatedAt: + Time: '0001-01-01T00:00:00Z' + Valid: false + updatedBy: + String: '' + Valid: false + deletedAt: + Time: '0001-01-01T00:00:00Z' + Valid: false + deletedBy: + String: '' + Valid: false + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '405': + description: 'Method Not Allowed - indicates that the server knows the request method, but the target resource doesn''t support this method.' + content: + application/json: + schema: + type: object + properties: + errorName: + description: A message describing the error + example: NotSupportedException + errorMessage: + description: Description of the error + example: Cannot consume content type + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + post: + security: + - UserContextAuth: + - 'idn:application-discovery:write' + operationId: createVendorConnectorMapping + tags: + - Vendor Connector Mappings + summary: Create a vendor connector mapping + description: | + Creates a new mapping between a SaaS vendor and an IDN connector to establish correlation paths. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The unique identifier for the vendor-connector mapping. + example: 78733556-9ea3-4f59-bf69-e5cd92b011b4 + vendor: + type: string + description: The name of the vendor. + example: Example vendor + connector: + type: string + description: The name of the connector. + example: Example connector + createdAt: + type: string + format: date-time + description: The creation timestamp of the mapping. + example: '2024-03-13T12:56:19.391294Z' + createdBy: + type: string + description: The identifier of the user who created the mapping. + example: admin + updatedAt: + type: object + nullable: true + properties: + Time: + type: string + format: date-time + description: 'The timestamp when the mapping was last updated, represented in ISO 8601 format.' + example: '2024-03-14T12:56:19.391294Z' + Valid: + type: boolean + description: A flag indicating if the 'Time' field is set and valid. + default: false + example: true + description: An object representing the nullable timestamp of the last update. + updatedBy: + type: object + nullable: true + properties: + String: + type: string + description: 'The identifier of the user who last updated the mapping, if available.' + example: user-67891 + Valid: + type: boolean + description: A flag indicating if the 'String' field is set and valid. + default: false + example: true + description: An object representing the nullable identifier of the user who last updated the mapping. + deletedAt: + type: object + nullable: true + properties: + Time: + type: string + format: date-time + description: 'The timestamp when the mapping was deleted, represented in ISO 8601 format, if applicable.' + example: '0001-01-01T00:00:00Z' + Valid: + type: boolean + description: 'A flag indicating if the ''Time'' field is set and valid, i.e., if the mapping has been deleted.' + default: false + example: false + description: An object representing the nullable timestamp of when the mapping was deleted. + deletedBy: + type: object + nullable: true + properties: + String: + type: string + description: 'The identifier of the user who deleted the mapping, if applicable.' + example: '' + Valid: + type: boolean + description: 'A flag indicating if the ''String'' field is set and valid, i.e., if the mapping has been deleted.' + default: false + example: false + description: An object representing the nullable identifier of the user who deleted the mapping. + responses: + '200': + description: Successfully created a new vendor connector mapping. + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The unique identifier for the vendor-connector mapping. + example: 78733556-9ea3-4f59-bf69-e5cd92b011b4 + vendor: + type: string + description: The name of the vendor. + example: Example vendor + connector: + type: string + description: The name of the connector. + example: Example connector + createdAt: + type: string + format: date-time + description: The creation timestamp of the mapping. + example: '2024-03-13T12:56:19.391294Z' + createdBy: + type: string + description: The identifier of the user who created the mapping. + example: admin + updatedAt: + type: object + nullable: true + properties: + Time: + type: string + format: date-time + description: 'The timestamp when the mapping was last updated, represented in ISO 8601 format.' + example: '2024-03-14T12:56:19.391294Z' + Valid: + type: boolean + description: A flag indicating if the 'Time' field is set and valid. + default: false + example: true + description: An object representing the nullable timestamp of the last update. + updatedBy: + type: object + nullable: true + properties: + String: + type: string + description: 'The identifier of the user who last updated the mapping, if available.' + example: user-67891 + Valid: + type: boolean + description: A flag indicating if the 'String' field is set and valid. + default: false + example: true + description: An object representing the nullable identifier of the user who last updated the mapping. + deletedAt: + type: object + nullable: true + properties: + Time: + type: string + format: date-time + description: 'The timestamp when the mapping was deleted, represented in ISO 8601 format, if applicable.' + example: '0001-01-01T00:00:00Z' + Valid: + type: boolean + description: 'A flag indicating if the ''Time'' field is set and valid, i.e., if the mapping has been deleted.' + default: false + example: false + description: An object representing the nullable timestamp of when the mapping was deleted. + deletedBy: + type: object + nullable: true + properties: + String: + type: string + description: 'The identifier of the user who deleted the mapping, if applicable.' + example: '' + Valid: + type: boolean + description: 'A flag indicating if the ''String'' field is set and valid, i.e., if the mapping has been deleted.' + default: false + example: false + description: An object representing the nullable identifier of the user who deleted the mapping. + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '405': + description: 'Method Not Allowed - indicates that the server knows the request method, but the target resource doesn''t support this method.' + content: + application/json: + schema: + type: object + properties: + errorName: + description: A message describing the error + example: NotSupportedException + errorMessage: + description: Description of the error + example: Cannot consume content type + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. + delete: + security: + - UserContextAuth: + - 'idn:application-discovery:write' + operationId: deleteVendorConnectorMapping + tags: + - Vendor Connector Mappings + summary: Delete a vendor connector mapping + description: | + Soft deletes a mapping between a SaaS vendor and an IDN connector, removing the established correlation. + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + id: + type: string + description: The unique identifier for the vendor-connector mapping. + example: 78733556-9ea3-4f59-bf69-e5cd92b011b4 + vendor: + type: string + description: The name of the vendor. + example: Example vendor + connector: + type: string + description: The name of the connector. + example: Example connector + createdAt: + type: string + format: date-time + description: The creation timestamp of the mapping. + example: '2024-03-13T12:56:19.391294Z' + createdBy: + type: string + description: The identifier of the user who created the mapping. + example: admin + updatedAt: + type: object + nullable: true + properties: + Time: + type: string + format: date-time + description: 'The timestamp when the mapping was last updated, represented in ISO 8601 format.' + example: '2024-03-14T12:56:19.391294Z' + Valid: + type: boolean + description: A flag indicating if the 'Time' field is set and valid. + default: false + example: true + description: An object representing the nullable timestamp of the last update. + updatedBy: + type: object + nullable: true + properties: + String: + type: string + description: 'The identifier of the user who last updated the mapping, if available.' + example: user-67891 + Valid: + type: boolean + description: A flag indicating if the 'String' field is set and valid. + default: false + example: true + description: An object representing the nullable identifier of the user who last updated the mapping. + deletedAt: + type: object + nullable: true + properties: + Time: + type: string + format: date-time + description: 'The timestamp when the mapping was deleted, represented in ISO 8601 format, if applicable.' + example: '0001-01-01T00:00:00Z' + Valid: + type: boolean + description: 'A flag indicating if the ''Time'' field is set and valid, i.e., if the mapping has been deleted.' + default: false + example: false + description: An object representing the nullable timestamp of when the mapping was deleted. + deletedBy: + type: object + nullable: true + properties: + String: + type: string + description: 'The identifier of the user who deleted the mapping, if applicable.' + example: '' + Valid: + type: boolean + description: 'A flag indicating if the ''String'' field is set and valid, i.e., if the mapping has been deleted.' + default: false + example: false + description: An object representing the nullable identifier of the user who deleted the mapping. + responses: + '200': + description: Successfully deleted the specified vendor connector mapping. + content: + application/json: + schema: + type: object + properties: + count: + type: integer + description: The number of vendor connector mappings successfully deleted. + example: 1 + '400': + description: Client Error - Returned if the request body is invalid. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + '401': + description: 'Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.' + content: + application/json: + schema: + type: object + properties: + error: + description: A message describing the error + example: 'JWT validation failed: JWT is expired' + '403': + description: 'Forbidden - Returned if the user you are running as, doesn''t have access to this end-point.' + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '403': + summary: An example of a 403 response object + value: + detailCode: 403 Forbidden + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server understood the request but refuses to authorize it. + '404': + description: Not Found - returned if the request URL refers to a resource or object that does not exist + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '404': + summary: An example of a 404 response object + value: + detailCode: 404 Not found + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: The server did not find a current representation for the target resource. + '429': + description: Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. + content: + application/json: + schema: + type: object + properties: + message: + description: A message describing the error + example: ' Rate Limit Exceeded ' + '500': + description: Internal Server Error - Returned if there is an unexpected error. + content: + application/json: + schema: + type: object + properties: + detailCode: + type: string + description: Fine-grained error code providing more detail of the error. + example: 400.1 Bad Request Content + trackingId: + type: string + description: Unique tracking id for the error. + example: e7eab60924f64aa284175b9fa3309599 + messages: + type: array + description: Generic localized reason for error + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + causes: + type: array + description: Plain-text descriptive reasons to provide additional detail to the text provided in the messages field + items: + type: object + properties: + locale: + type: string + description: 'The locale for the message text, a BCP 47 language tag.' + example: en-US + nullable: true + localeOrigin: + type: string + enum: + - DEFAULT + - REQUEST + - null + description: 'An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.' + example: DEFAULT + nullable: true + text: + type: string + description: Actual text of the error message in the indicated locale. + example: The request was syntactically correct but its content is semantically invalid. + examples: + '500': + summary: An example of a 500 response object + value: + detailCode: 500.0 Internal Fault + trackingId: b21b1f7ce4da4d639f2c62a57171b427 + messages: + - locale: en-US + localeOrigin: DEFAULT + text: An internal fault occurred. +security: + - UserContextAuth: [] +components: + securitySchemes: + UserContextAuth: + type: oauth2 + description: | + OAuth2 Bearer token (JWT) generated using either a Personal Access token or through the Authorization Code flow. + See [Identity Security Cloud REST API Authentication](https://developer.sailpoint.com/docs/api/authentication/) for more information. + - Directions for generating a [personal access token](https://developer.sailpoint.com/docs/api/authentication/#personal-access-tokens) + - Directions using [client credentials flow](https://developer.sailpoint.com/docs/api/authentication/#client-credentials-grant-flow) + - Directions for using [authorization code flow](https://developer.sailpoint.com/docs/api/authentication/#authorization-code-grant-flow) + + Which authentication method should I choose? See the [guide](https://developer.sailpoint.com/docs/api/authentication/#which-oauth-20-grant-flow-should-i-use). + + Learn more about how to find your `tokenUrl` and `authorizationUrl` [in the docs](https://developer.sailpoint.com/docs/api/authentication/#find-your-tenants-oauth-details). + flows: + clientCredentials: + tokenUrl: 'https://tenant.api.identitynow.com/oauth/token' + scopes: + 'sp:scopes:default': default scope + 'sp:scopes:all': access to all scopes + authorizationCode: + authorizationUrl: 'https://tenant.login.sailpoint.com/oauth/authorize' + tokenUrl: 'https://tenant.api.identitynow.com/oauth/token' + scopes: + 'sp:scopes:default': default scope + 'sp:scopes:all': access to all scopes + ApplicationOnlyAuth: + type: oauth2 + description: | + OAuth2 Bearer token (JWT) generated using client credentials flow. + See [Identity Security Cloud REST API Authentication](https://developer.sailpoint.com/docs/api/authentication/) for more information. + - Directions using [client credentials flow](https://developer.sailpoint.com/docs/api/authentication/#client-credentials-grant-flow) + + Which authentication method should I choose? See the [guide](https://developer.sailpoint.com/docs/api/authentication/#which-oauth-20-grant-flow-should-i-use). + + Learn more about how to find your `tokenUrl` and `authorizationUrl` [in the docs](https://developer.sailpoint.com/docs/api/authentication/#find-your-tenants-oauth-details). + flows: + clientCredentials: + tokenUrl: 'https://tenant.api.identitynow.com/oauth/token' + scopes: + 'sp:scopes:default': default scope + schemas: + AccessRequest: + type: object + properties: + requestedFor: + description: 'A list of Identity IDs for whom the Access is requested. If it''s a Revoke request, there can only be one Identity ID.' + type: array + items: + type: string + example: 2c918084660f45d6016617daa9210584 + requestType: + type: string + enum: + - GRANT_ACCESS + - REVOKE_ACCESS + - null + description: Access request type. Defaults to GRANT_ACCESS. REVOKE_ACCESS type can only have a single Identity ID in the requestedFor field. + example: GRANT_ACCESS + nullable: true + requestedItems: + type: array + items: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: The type of the item being requested. + example: ACCESS_PROFILE + id: + type: string + description: 'ID of Role, Access Profile or Entitlement being requested.' + example: 2c9180835d2e5168015d32f890ca1581 + comment: + type: string + description: | + Comment provided by requester. + * Comment is required when the request is of type Revoke Access. + example: Requesting access profile for John Doe + clientMetadata: + type: object + additionalProperties: + type: string + example: + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + requestedAppName: test-app + example: + requestedAppName: test-app + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. + removeDate: + type: string + description: | + The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. + * Specify a date in the future. + * The current SLA for the deprovisioning is 24 hours. + * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. + format: date-time + example: '2020-07-11T21:23:15.000Z' + required: + - id + - type + minItems: 1 + maxItems: 25 + clientMetadata: + type: object + additionalProperties: + type: string + example: + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + requestedAppName: test-app + example: + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + requestedAppName: test-app + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. + required: + - requestedFor + - requestedItems + AccessRequestItem: + type: object + properties: + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: The type of the item being requested. + example: ACCESS_PROFILE + id: + type: string + description: 'ID of Role, Access Profile or Entitlement being requested.' + example: 2c9180835d2e5168015d32f890ca1581 + comment: + type: string + description: | + Comment provided by requester. + * Comment is required when the request is of type Revoke Access. + example: Requesting access profile for John Doe + clientMetadata: + type: object + additionalProperties: + type: string + example: + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + requestedAppName: test-app + example: + requestedAppName: test-app + requestedAppId: 2c91808f7892918f0178b78da4a305a1 + description: Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. + removeDate: + type: string + description: | + The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. + * Specify a date in the future. + * The current SLA for the deprovisioning is 24 hours. + * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. + format: date-time + example: '2020-07-11T21:23:15.000Z' + required: + - id + - type + AccessProfileDocument: + description: 'More complete representation of an access profile. ' + allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + description: Access profile's ID. + example: 2c9180825a6c1adc015a71c9023f0818 + name: + type: string + description: Access profile's name. + example: Cloud Eng + _type: + description: |- + Access profile's document type. + This enum represents the currently supported document types. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: accessprofile + source: + type: object + description: Access profile's source. + properties: + id: + type: string + description: Source's ID. + example: ff8081815757d4fb0157588f3d9d008f + name: + type: string + description: Source's name. + example: Employees + entitlements: + type: array + description: Entitlements the access profile has access to. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + AccessProfileSummary: + description: This is a summary representation of an access profile. + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + revocable: + type: boolean + example: true + AccessReviewReassignment: + type: object + properties: + reassign: + type: array + items: + type: object + properties: + id: + type: string + description: The ID of item or identity being reassigned. + example: ef38f94347e94562b5bb8424a56397d8 + type: + type: string + description: The type of item or identity being reassigned. + enum: + - TARGET_SUMMARY + - ITEM + - IDENTITY_SUMMARY + example: ITEM + required: + - id + - type + reassignTo: + type: string + description: The ID of the identity to which the certification is reassigned + example: ef38f94347e94562b5bb8424a56397d8 + reason: + type: string + description: The reason comment for why the reassign was made + example: reassigned for some reason + required: + - reassign + - reassignTo + - reason + Account: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - sourceId + - sourceName + - attributes + - authoritative + - disabled + - locked + - nativeIdentity + - systemAccount + - uncorrelated + - manuallyCorrelated + - hasEntitlements + properties: + sourceId: + type: string + example: 2c9180835d2e5168015d32f890ca1581 + description: The unique ID of the source this account belongs to + sourceName: + type: string + example: Employees + description: The display name of the source this account belongs to + identityId: + type: string + example: 2c9180835d2e5168015d32f890ca1581 + description: The unique ID of the identity this account is correlated to + cloudLifecycleState: + type: string + nullable: true + example: active + description: The lifecycle state of the identity this account is correlated to + identityState: + type: string + nullable: true + example: ACTIVE + description: The identity state of the identity this account is correlated to + connectionType: + type: string + nullable: true + example: direct + description: The connection type of the source this account is from + type: + type: string + nullable: true + example: NON_HUMAN + description: The type of the account + attributes: + type: object + nullable: true + additionalProperties: true + description: The account attributes that are aggregated + example: + firstName: SailPoint + lastName: Support + displayName: SailPoint Support + authoritative: + type: boolean + description: Indicates if this account is from an authoritative source + example: false + description: + type: string + description: A description of the account + nullable: true + example: null + disabled: + type: boolean + description: Indicates if the account is currently disabled + example: false + locked: + type: boolean + description: Indicates if the account is currently locked + example: false + nativeIdentity: + type: string + description: The unique ID of the account generated by the source system + example: '552775' + systemAccount: + type: boolean + example: false + description: 'If true, this is a user account within IdentityNow. If false, this is an account from a source system.' + uncorrelated: + type: boolean + description: Indicates if this account is not correlated to an identity + example: false + uuid: + type: string + description: The unique ID of the account as determined by the account schema + example: slpt.support + nullable: true + manuallyCorrelated: + type: boolean + description: Indicates if the account has been manually correlated to an identity + example: false + hasEntitlements: + type: boolean + description: Indicates if the account has entitlements + example: true + identity: + description: The identity this account is correlated to + example: + id: 2c918084660f45d6016617daa9210584 + type: IDENTITY + name: Adam Kennedy + type: object + properties: + type: + description: DTO type + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + sourceOwner: + type: object + nullable: true + description: The owner of this object. + properties: + type: + type: string + enum: + - IDENTITY + example: IDENTITY + description: Type of owner object. + id: + type: string + description: Identity id + example: 4c5c8534e99445de98eef6c75e25eb01 + name: + type: string + description: Human-readable display name of the owner. + example: John Cavender + features: + type: string + description: A string list containing the owning source's features + example: ENABLE + nullable: true + origin: + type: string + nullable: true + enum: + - AGGREGATED + - PROVISIONED + - null + description: The origin of the account either aggregated or provisioned + example: AGGREGATED + ownerIdentity: + description: 'The identity who owns this account, typically used for non-human accounts' + type: object + nullable: true + properties: + type: + description: The type of object being referenced + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: ID of the identity + example: 2c918084660f45d6016617daa9210584 + name: + type: string + description: Human-readable display name of the identity + example: Adam Kennedy + ownerGroup: + description: 'The governance group who owns this account, typically used for non-human accounts' + type: object + nullable: true + properties: + type: + description: The type of object being referenced + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: ID of the governance group + example: 8d3e0094e99445de98eef6c75e25jc04 + name: + type: string + description: Human-readable display name of the governance group + example: GovGroup AX17Z + AccountActivity: + type: object + properties: + id: + type: string + description: Id of the account activity + example: 2c9180835d2e5168015d32f890ca1581 + name: + type: string + description: The name of the activity + example: 2c9180835d2e5168015d32f890ca1581 + created: + description: When the activity was first created + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + modified: + description: When the activity was last modified + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + nullable: true + completed: + description: When the activity was completed + type: string + format: date-time + nullable: true + example: '2018-10-19T13:49:37.385Z' + completionStatus: + allOf: + - nullable: true + type: string + description: The status after completion. + enum: + - SUCCESS + - FAILURE + - INCOMPLETE + - PENDING + - null + example: SUCCESS + - nullable: true + type: + nullable: true + type: string + example: appRequest + description: | + The type of action the activity performed. Please see the following list of types. This list may grow over time. + + - CloudAutomated + - IdentityAttributeUpdate + - appRequest + - LifecycleStateChange + - AccountStateUpdate + - AccountAttributeUpdate + - CloudPasswordRequest + - Attribute Synchronization Refresh + - Certification + - Identity Refresh + - Lifecycle Change Refresh + + + [Learn more here](https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data). + requesterIdentitySummary: + type: object + nullable: true + properties: + id: + type: string + description: ID of this identity summary + example: ff80818155fe8c080155fe8d925b0316 + name: + type: string + description: Human-readable display name of identity + example: SailPoint Services + identityId: + type: string + description: ID of the identity that this summary represents + example: c15b9f5cca5a4e9599eaa0e64fa921bd + completed: + type: boolean + description: Indicates if all access items for this summary have been decided on + example: true + default: false + targetIdentitySummary: + type: object + nullable: true + properties: + id: + type: string + description: ID of this identity summary + example: ff80818155fe8c080155fe8d925b0316 + name: + type: string + description: Human-readable display name of identity + example: SailPoint Services + identityId: + type: string + description: ID of the identity that this summary represents + example: c15b9f5cca5a4e9599eaa0e64fa921bd + completed: + type: boolean + description: Indicates if all access items for this summary have been decided on + example: true + default: false + errors: + nullable: true + description: 'A list of error messages, if any, that were encountered.' + type: array + items: + type: string + example: + - 'sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds.' + warnings: + nullable: true + description: 'A list of warning messages, if any, that were encountered.' + type: array + items: + type: string + example: + - 'Some warning, another warning' + items: + nullable: true + type: array + description: Individual actions performed as part of this account activity + items: + type: object + properties: + id: + type: string + description: Item id + example: 48c545831b264409a81befcabb0e3c5a + name: + type: string + description: Human-readable display name of item + example: 48c545831b264409a81befcabb0e3c5a + requested: + type: string + format: date-time + description: Date and time item was requested + example: '2017-07-11T18:45:37.098Z' + approvalStatus: + allOf: + - type: string + nullable: true + enum: + - FINISHED + - REJECTED + - RETURNED + - EXPIRED + - PENDING + - CANCELED + - null + example: PENDING + description: The state of an approval status + - nullable: true + provisioningStatus: + type: string + enum: + - PENDING + - FINISHED + - UNVERIFIABLE + - COMMITED + - FAILED + - RETRY + description: Provisioning state of an account activity item + example: PENDING + requesterComment: + type: object + nullable: true + properties: + commenterId: + type: string + description: Id of the identity making the comment + example: 2c918084660f45d6016617daa9210584 + commenterName: + type: string + description: Human-readable display name of the identity making the comment + example: Adam Kennedy + body: + type: string + description: Content of the comment + example: Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat. + date: + type: string + format: date-time + description: Date and time comment was made + example: '2017-07-11T18:45:37.098Z' + reviewerIdentitySummary: + type: object + nullable: true + properties: + id: + type: string + description: ID of this identity summary + example: ff80818155fe8c080155fe8d925b0316 + name: + type: string + description: Human-readable display name of identity + example: SailPoint Services + identityId: + type: string + description: ID of the identity that this summary represents + example: c15b9f5cca5a4e9599eaa0e64fa921bd + completed: + type: boolean + description: Indicates if all access items for this summary have been decided on + example: true + default: false + reviewerComment: + type: object + nullable: true + properties: + commenterId: + type: string + description: Id of the identity making the comment + example: 2c918084660f45d6016617daa9210584 + commenterName: + type: string + description: Human-readable display name of the identity making the comment + example: Adam Kennedy + body: + type: string + description: Content of the comment + example: Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat. + date: + type: string + format: date-time + description: Date and time comment was made + example: '2017-07-11T18:45:37.098Z' + operation: + allOf: + - type: string + enum: + - ADD + - CREATE + - MODIFY + - DELETE + - DISABLE + - ENABLE + - UNLOCK + - LOCK + - REMOVE + - SET + - null + description: Represents an operation in an account activity item + example: ADD + - nullable: true + attribute: + type: string + description: Attribute to which account activity applies + nullable: true + example: detectedRoles + value: + type: string + description: Value of attribute + nullable: true + example: 'Treasury Analyst [AccessProfile-1529010191212]' + nativeIdentity: + nullable: true + type: string + description: Native identity in the target system to which the account activity applies + example: Sandie.Camero + sourceId: + type: string + description: Id of Source to which account activity applies + example: 2c91808363ef85290164000587130c0c + accountRequestInfo: + type: object + nullable: true + properties: + requestedObjectId: + type: string + description: Id of requested object + example: 2c91808563ef85690164001c31140c0c + requestedObjectName: + type: string + description: Human-readable name of requested object + example: Treasury Analyst + requestedObjectType: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: 'The currently supported requestable object types. ' + example: ACCESS_PROFILE + description: 'If an account activity item is associated with an access request, captures details of that request.' + clientMetadata: + nullable: true + type: object + additionalProperties: + type: string + description: 'Arbitrary key-value pairs, if any were included in the corresponding access request item' + example: + customKey1: custom value 1 + customKey2: custom value 2 + removeDate: + nullable: true + type: string + description: The date the role or access profile or entitlement is no longer assigned to the specified identity. + format: date-time + example: '2020-07-11T00:00:00Z' + executionStatus: + type: string + description: The current state of execution. + enum: + - EXECUTING + - VERIFYING + - TERMINATED + - COMPLETED + example: COMPLETED + clientMetadata: + nullable: true + type: object + additionalProperties: + type: string + description: 'Arbitrary key-value pairs, if any were included in the corresponding access request' + example: + customKey1: custom value 1 + customKey2: custom value 2 + AccountActivitySearchedItem: + description: AccountActivity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + action: + type: string + description: Type of action performed in the activity. + externalDocs: + description: Learn more about account activity action types + url: 'https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data' + example: Identity Refresh. + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + stage: + type: string + description: Activity's current stage. + example: Completed + origin: + type: string + description: Activity's origin. + nullable: true + example: null + status: + type: string + description: Activity's current status. + example: Complete + requester: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + recipient: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + trackingNumber: + type: string + description: Account activity's tracking number. + example: 61aad0c9e8134eca89e76a35e0cabe3f + errors: + type: array + description: Errors provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + warnings: + type: array + description: Warnings provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + approvals: + type: array + description: Approvals performed on an item during activity. + items: + type: object + properties: + comments: + type: array + items: + type: object + properties: + comment: + type: string + description: The comment text + example: This request was autoapproved by our automated ETS subscriber. + commenter: + type: string + description: The name of the commenter + example: Automated AR Approval + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + created: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + modified: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: string + description: The result of the approval + example: Finished + type: + type: string + nullable: true + example: null + originalRequests: + type: array + description: Original actions that triggered all individual source actions related to the account action. + items: + type: object + properties: + accountId: + type: string + description: Account ID. + example: 'CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + attributeRequests: + type: array + description: Attribute changes requested for account. + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + description: Operation used. + example: add + source: + description: Account's source. + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + expansionItems: + type: array + description: Controls that translated the attribute requests into actual provisioning actions on the source. + items: + type: object + properties: + accountId: + type: string + description: The ID of the account + example: 2c91808981f58ea601821c3e93482e6f + cause: + type: string + example: Role + name: + type: string + description: The name of the item + example: smartsheet-role + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + accountRequests: + type: array + description: Account data for each individual source action triggered by the original requests. + items: + type: object + properties: + accountId: + type: string + description: Unique ID of the account + example: John.Doe + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + example: Modify + description: The operation that was performed + provisioningTarget: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: object + properties: + errors: + type: array + items: + type: string + example: |- + [ConnectorError] [ + { + "code": "unrecognized_keys", + "keys": [ + "groups" + ], + "path": [], + "message": "Unrecognized key(s) in object: 'groups'" + } + ] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e) + status: + type: string + description: The status of the account request + example: failed + ticketId: + type: string + nullable: true + example: null + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + sources: + type: string + description: Sources involved in the account activity. + example: 'smartsheet-test, airtable-v4, IdentityNow' + AccountAttributes: + type: object + required: + - attributes + properties: + attributes: + description: The schema attribute values for the account + type: object + additionalProperties: true + example: + city: Austin + displayName: John Doe + userName: jdoe + sAMAccountName: jDoe + mail: john.doe@sailpoint.com + AccountsAsyncResult: + description: Accounts async response containing details on started async process + required: + - id + type: object + properties: + id: + description: id of the task + type: string + example: 2c91808474683da6017468693c260195 + AccountToggleRequest: + description: Request used for account enable/disable + type: object + properties: + externalVerificationId: + description: 'If set, an external process validates that the user wants to proceed with this request.' + type: string + example: 3f9180835d2e5168015d32f890ca1581 + forceProvisioning: + description: 'If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated. Providing ''true'' for an unlocked account will add and process ''Unlock'' operation by the workflow.' + type: boolean + example: false + AccountUnlockRequest: + description: Request used for account unlock + type: object + properties: + externalVerificationId: + description: 'If set, an external process validates that the user wants to proceed with this request.' + type: string + example: 3f9180835d2e5168015d32f890ca1581 + unlockIDNAccount: + description: 'If set, the IDN account is unlocked after the workflow completes.' + type: boolean + example: false + forceProvisioning: + description: 'If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated.' + type: boolean + example: false + ApprovalItems: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + Campaign: + type: object + required: + - id + - name + - type + - campaignType + - description + - correlatedStatus + - mandatoryCommentRequirement + properties: + id: + type: string + description: The unique ID of the campaign. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the campaign. + example: Campaign Name + type: + type: string + enum: + - CAMPAIGN + description: The type of object that is being referenced. + example: CAMPAIGN + campaignType: + type: string + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + description: The type of the campaign. + example: MANAGER + description: + type: string + description: The description of the campaign set by the admin who created it. + nullable: true + example: A description of the campaign + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + Certification: + type: object + properties: + id: + example: 2c9180835d2e5168015d32f890ca1581 + type: string + description: id of the certification + name: + example: 'Source Owner Access Review for Employees [source]' + type: string + description: name of the certification + campaign: + type: object + required: + - id + - name + - type + - campaignType + - description + - correlatedStatus + - mandatoryCommentRequirement + properties: + id: + type: string + description: The unique ID of the campaign. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the campaign. + example: Campaign Name + type: + type: string + enum: + - CAMPAIGN + description: The type of object that is being referenced. + example: CAMPAIGN + campaignType: + type: string + enum: + - MANAGER + - SOURCE_OWNER + - SEARCH + description: The type of the campaign. + example: MANAGER + description: + type: string + description: The description of the campaign set by the admin who created it. + nullable: true + example: A description of the campaign + correlatedStatus: + description: The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). + enum: + - CORRELATED + - UNCORRELATED + example: CORRELATED + mandatoryCommentRequirement: + type: string + description: 'Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.' + enum: + - ALL_DECISIONS + - REVOKE_ONLY_DECISIONS + - NO_DECISIONS + example: NO_DECISIONS + completed: + type: boolean + description: Have all decisions been made? + example: true + identitiesCompleted: + type: integer + description: The number of identities for whom all decisions have been made and are complete. + example: 5 + format: int32 + identitiesTotal: + type: integer + description: 'The total number of identities in the Certification, both complete and incomplete.' + example: 10 + format: int32 + created: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: created date + modified: + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: modified date + decisionsMade: + type: integer + description: The number of approve/revoke/acknowledge decisions that have been made. + example: 20 + format: int32 + decisionsTotal: + type: integer + description: The total number of approve/revoke/acknowledge decisions. + example: 40 + format: int32 + due: + type: string + format: date-time + description: The due date of the certification. + example: '2018-10-19T13:49:37.385Z' + signed: + type: string + format: date-time + nullable: true + description: The date the reviewer signed off on the Certification. + example: '2018-10-19T13:49:37.385Z' + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + reassignment: + type: object + nullable: true + properties: + from: + type: object + properties: + id: + type: string + description: The id of the certification. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the certification. + example: Certification Name + type: + type: string + enum: + - CERTIFICATION + example: CERTIFICATION + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + comment: + type: string + description: The comment entered when the Certification was reassigned + example: Reassigned for a reason + hasErrors: + description: Identifies if the certification has an error + type: boolean + example: false + errorMessage: + description: Description of the certification error + nullable: true + type: string + example: The certification has an error + phase: + type: string + description: | + The current phase of the campaign. + * `STAGED`: The campaign is waiting to be activated. + * `ACTIVE`: The campaign is active. + * `SIGNED`: The reviewer has signed off on the campaign, and it is considered complete. + enum: + - STAGED + - ACTIVE + - SIGNED + example: ACTIVE + CertificationReference: + type: object + properties: + id: + type: string + description: The id of the certification. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the certification. + example: Certification Name + type: + type: string + enum: + - CERTIFICATION + example: CERTIFICATION + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + EntitlementDocument: + description: Entitlement + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + displayName: + type: string + description: Entitlement's display name. + example: Admin + source: + type: object + description: Entitlement's source. + properties: + id: + type: string + description: ID of entitlement's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of entitlement's source. + example: ODS-HR-Employees + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + requestable: + type: boolean + description: Indicates whether the entitlement is requestable. + default: false + example: false + cloudGoverned: + type: boolean + description: Indicates whether the entitlement is cloud governed. + default: false + example: false + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + identityCount: + type: integer + description: Number of identities who have access to the entitlement. + format: int32 + example: 3 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + EntitlementSummary: + description: EntitlementReference + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + privileged: + type: boolean + example: false + attribute: + type: string + example: memberOf + value: + type: string + example: 'CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + standalone: + type: boolean + example: false + Event: + description: Event + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + action: + type: string + description: Name of the event as it's displayed in audit reports. + example: update + type: + type: string + description: 'Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.' + example: SYSTEM_CONFIG + actor: + type: string + description: Name of the actor that generated the event. + example: System + target: + type: string + description: 'Name of the target, or recipient, of the event.' + example: Carol.Adams + stack: + type: string + description: The event's stack. + example: tpe + trackingNumber: + type: string + description: ID of the group of events. + example: 63f891e0735f4cc8bf1968144a1e7440 + ipAddress: + type: string + description: Target system's IP address. + example: 52.52.97.85 + details: + type: string + description: ID of event's details. + example: 73b65dfbed1842548c207432a18c84b0 + attributes: + type: object + description: Attributes involved in the event. + additionalProperties: true + example: + pod: stg03-useast1 + org: acme + sourceName: SailPoint + objects: + type: array + description: Objects the event is happening to. + items: + type: string + example: AUTHENTICATION + operation: + type: string + description: 'Operation, or action, performed during the event.' + example: REQUEST + status: + type: string + description: 'Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.' + example: PASSED + technicalName: + type: string + description: Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'. + example: AUTHENTICATION_REQUEST_PASSED + IdentityDocument: + description: Identity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + displayName: + type: string + example: Carol.Adams + description: Identity's display name. + firstName: + type: string + description: Identity's first name. + example: Carol + lastName: + type: string + description: Identity's last name. + example: Adams + email: + type: string + description: Identity's primary email address. + example: Carol.Adams@sailpointdemo.com + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + phone: + type: string + description: Identity's phone number. + example: +1 440-527-3672 + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + inactive: + type: boolean + description: Indicates whether the identity is inactive. + default: false + example: false + protected: + type: boolean + description: Indicates whether the identity is protected. + default: false + example: false + status: + type: string + description: Identity's status in SailPoint. + example: UNREGISTERED + employeeNumber: + type: string + description: Identity's employee number. + example: 1a2a3d4e + manager: + type: object + description: Identity's manager. + nullable: true + properties: + id: + type: string + description: ID of identity's manager. + example: 2c9180867dfe694b017e208e27c05799 + name: + type: string + description: Name of identity's manager. + example: Amanda.Ross + displayName: + type: string + description: Display name of identity's manager. + example: Amanda.Ross + isManager: + type: boolean + description: Indicates whether the identity is a manager of other identities. + example: false + identityProfile: + type: object + description: Identity's identity profile. + properties: + id: + type: string + description: Identity profile's ID. + example: 3bc8ad26b8664945866b31339d1ff7d2 + name: + type: string + description: Identity profile's name. + example: HR Employees + source: + type: object + description: Identity's source. + properties: + id: + type: string + description: ID of identity's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of identity's source. + example: ODS-HR-Employees + attributes: + type: object + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + country: US + firstname: Carol + cloudStatus: UNREGISTERED + processingState: + type: string + description: Identity's processing state. + nullable: true + example: null + processingDetails: + description: Identity's processing details. + nullable: true + type: object + properties: + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + stage: + type: string + example: In Process + retryCount: + type: integer + example: 0 + format: int32 + stackTrace: + type: string + example: + message: + type: string + example: + accounts: + type: array + description: List of accounts associated with the identity. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + accountId: + type: string + description: Account ID. + example: John.Doe + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + disabled: + type: boolean + description: Indicates whether the account is disabled. + default: false + example: false + locked: + type: boolean + description: Indicates whether the account is locked. + default: false + example: false + privileged: + type: boolean + description: Indicates whether the account is privileged. + default: false + example: false + manuallyCorrelated: + type: boolean + description: Indicates whether the account has been manually correlated to an identity. + default: false + example: false + passwordLastSet: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + entitlementAttributes: + type: object + nullable: true + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + moderator: true + admin: true + trust_level: '4' + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + accountCount: + type: integer + description: Number of accounts associated with the identity. + format: int32 + example: 3 + apps: + type: array + description: List of applications the identity has access to. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + account: + type: object + properties: + id: + type: string + description: The SailPoint generated unique ID + example: 2c9180837dfe6949017e21f3d8cd6d49 + accountId: + type: string + description: The account ID generated by the source + example: 'CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + appCount: + type: integer + format: int32 + description: Number of applications the identity has access to. + example: 2 + access: + type: array + description: List of access items assigned to the identity. + items: + discriminator: + propertyName: type + mapping: + ACCESS_PROFILE: ../access/AccessProfileSummary.yaml + ENTITLEMENT: ../access/AccessProfileEntitlement.yaml + ROLE: ../access/AccessProfileRole.yaml + oneOf: + - description: This is a summary representation of an access profile. + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + revocable: + type: boolean + example: true + - description: EntitlementReference + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + privileged: + type: boolean + example: false + attribute: + type: string + example: memberOf + value: + type: string + example: 'CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + standalone: + type: boolean + example: false + - description: Role + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + disabled: + type: boolean + revocable: + type: boolean + accessCount: + type: integer + format: int32 + description: Number of access items assigned to the identity. + example: 5 + entitlementCount: + type: integer + format: int32 + description: Number of entitlements assigned to the identity. + example: 10 + roleCount: + type: integer + format: int32 + description: Number of roles assigned to the identity. + example: 1 + accessProfileCount: + type: integer + format: int32 + description: Number of access profiles assigned to the identity. + example: 1 + owns: + type: array + description: Access items the identity owns. + items: + type: object + properties: + sources: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + entitlements: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + roles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + apps: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + governanceGroups: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + fallbackApprover: + type: boolean + example: false + ownsCount: + type: integer + format: int32 + description: Number of access items the identity owns. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + IdentityProfile: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + required: + - authoritativeSource + properties: + description: + type: string + description: The description of the Identity Profile. + example: My custom flat file profile + nullable: true + owner: + type: object + description: The owner of the Identity Profile. + nullable: true + properties: + type: + type: string + enum: + - IDENTITY + description: Type of the object to which this reference applies + example: IDENTITY + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: William Wilson + priority: + type: integer + format: int64 + description: The priority for an Identity Profile. + example: 10 + authoritativeSource: + type: object + properties: + type: + type: string + enum: + - SOURCE + description: Type of the object to which this reference applies + example: SOURCE + id: + type: string + description: ID of the object to which this reference applies + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable display name of the object to which this reference applies + example: HR Active Directory + identityRefreshRequired: + type: boolean + default: false + description: True if a identity refresh is needed. Typically triggered when a change on the source has been made. + example: true + identityCount: + type: integer + description: The number of identities that belong to the Identity Profile. + format: int32 + example: 8 + identityAttributeConfig: + type: object + description: Defines all the identity attribute mapping configurations. This defines how to generate or collect data for each identity attributes in identity refresh process. + properties: + enabled: + description: The backend will only promote values if the profile/mapping is enabled. + type: boolean + default: false + example: true + attributeTransforms: + type: array + items: + type: object + description: Defines a transformation definition for an identity attribute. + properties: + identityAttributeName: + type: string + description: Name of the identity attribute. + example: email + transformDefinition: + description: The seaspray transformation definition. + type: object + properties: + type: + type: string + description: The type of the transform definition. + example: accountAttribute + attributes: + type: object + additionalProperties: + anyOf: + - type: string + - type: object + description: Arbitrary key-value pairs to store any metadata for the object + example: + attributeName: e-mail + sourceName: MySource + sourceId: 2c9180877a826e68017a8c0b03da1a53 + identityExceptionReportReference: + type: object + nullable: true + properties: + taskResultId: + type: string + format: uuid + description: The id of the task result. + example: 2b838de9-db9b-abcf-e646-d4f274ad4238 + reportName: + type: string + example: My annual report + description: The name of the report. + hasTimeBasedAttr: + description: Indicates the value of requiresPeriodicRefresh attribute for the Identity Profile. + type: boolean + default: false + example: true + IdentityReferenceWithNameAndEmail: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + ProvisioningConfig: + type: object + description: Specification of a Service Desk integration provisioning configuration. + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + ProvisioningPolicy: + type: object + required: + - name + properties: + name: + type: string + description: the provisioning policy name + example: example provisioning policy for inactive identities + description: + type: string + description: the description of the provisioning policy + example: this provisioning policy creates access based on an identity going inactive + usageType: + type: string + nullable: false + enum: + - CREATE + - UPDATE + - ENABLE + - DISABLE + - DELETE + - ASSIGN + - UNASSIGN + - CREATE_GROUP + - UPDATE_GROUP + - DELETE_GROUP + - REGISTER + - CREATE_IDENTITY + - UPDATE_IDENTITY + - EDIT_GROUP + - UNLOCK + - CHANGE_PASSWORD + example: CREATE + description: |- + The type of provisioning policy usage. + In IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. + These are the common usage types: + CREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. + UPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source. + ENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. + DISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. + You can use these four usage types for all your provisioning policy needs. + fields: + type: array + items: + type: object + properties: + name: + type: string + description: The name of the attribute. + example: userName + transform: + type: object + description: The transform to apply to the field + example: + type: rule + attributes: + name: Create Unique LDAP Attribute + default: {} + attributes: + type: object + description: Attributes required for the transform + example: + template: '${firstname}.${lastname}${uniqueCounter}' + cloudMaxUniqueChecks: '50' + cloudMaxSize: '20' + cloudRequired: 'true' + isRequired: + type: boolean + readOnly: true + description: Flag indicating whether or not the attribute is required. + default: false + example: false + type: + type: string + description: The type of the attribute. + example: string + isMultiValued: + type: boolean + description: Flag indicating whether or not the attribute is multi-valued. + default: false + example: false + QueuedCheckConfigDetails: + description: Configuration of maximum number days and interval for checking Service Desk integration queue status + required: + - provisioningStatusCheckIntervalMinutes + - provisioningMaxStatusCheckDays + type: object + properties: + provisioningStatusCheckIntervalMinutes: + description: interval in minutes between status checks + type: string + example: '30' + provisioningMaxStatusCheckDays: + description: maximum number of days to check + type: string + example: '2' + Reassignment: + type: object + nullable: true + properties: + from: + type: object + properties: + id: + type: string + description: The id of the certification. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the certification. + example: Certification Name + type: + type: string + enum: + - CERTIFICATION + example: CERTIFICATION + reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + comment: + type: string + description: The comment entered when the Certification was reassigned + example: Reassigned for a reason + ReassignmentReference: + type: object + properties: + id: + type: string + description: The ID of item or identity being reassigned. + example: ef38f94347e94562b5bb8424a56397d8 + type: + type: string + description: The type of item or identity being reassigned. + enum: + - TARGET_SUMMARY + - ITEM + - IDENTITY_SUMMARY + example: ITEM + required: + - id + - type + RemediationItems: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + RequestableObject: + type: object + properties: + id: + type: string + description: Id of the requestable object itself + example: 2c9180835d2e5168015d32f890ca1581 + name: + type: string + description: Human-readable display name of the requestable object + example: Applied Research Access + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: The time when the requestable object was created + modified: + nullable: true + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: The time when the requestable object was last modified + description: + type: string + description: Description of the requestable object. + example: 'Access to research information, lab results, and schematics.' + nullable: true + type: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: 'The currently supported requestable object types. ' + example: ACCESS_PROFILE + requestStatus: + allOf: + - type: string + enum: + - AVAILABLE + - PENDING + - ASSIGNED + - null + description: 'Status indicating the ability of an access request for the object to be made by or on behalf of the identity specified by *identity-id*. *AVAILABLE* indicates the object is available to request. *PENDING* indicates the object is unavailable because the identity has a pending request in flight. *ASSIGNED* indicates the object is unavailable because the identity already has the indicated role or access profile. If *identity-id* is not specified (allowed only for admin users), then status will be *AVAILABLE* for all results.' + example: AVAILABLE + - nullable: true + identityRequestId: + type: string + description: 'If *requestStatus* is *PENDING*, indicates the id of the associated account activity.' + nullable: true + example: null + ownerRef: + type: object + nullable: true + properties: + type: + type: string + description: The type can only be IDENTITY. This is read-only. + example: IDENTITY + id: + type: string + description: Identity ID. + example: 5168015d32f890ca15812c9180835d2e + name: + type: string + description: Identity's human-readable display name. This is read-only. + example: Alison Ferguso + email: + type: string + description: Identity's email address. This is read-only. + example: alison.ferguso@identitysoon.com + requestCommentsRequired: + type: boolean + description: Whether the requester must provide comments when requesting the object. + example: false + RequestableObjectType: + type: string + enum: + - ACCESS_PROFILE + - ROLE + - ENTITLEMENT + description: 'The currently supported requestable object types. ' + example: ACCESS_PROFILE + RequestableObjectRequestStatus: + type: string + enum: + - AVAILABLE + - PENDING + - ASSIGNED + - null + description: 'Status indicating the ability of an access request for the object to be made by or on behalf of the identity specified by *identity-id*. *AVAILABLE* indicates the object is available to request. *PENDING* indicates the object is unavailable because the identity has a pending request in flight. *ASSIGNED* indicates the object is unavailable because the identity already has the indicated role or access profile. If *identity-id* is not specified (allowed only for admin users), then status will be *AVAILABLE* for all results.' + example: AVAILABLE + Reviewer: + type: object + properties: + id: + type: string + description: The id of the reviewer. + example: ef38f94347e94562b5bb8424a56397d8 + name: + type: string + description: The name of the reviewer. + example: Reviewer Name + email: + type: string + description: The email of the reviewing identity. + example: reviewer@test.com + type: + type: string + enum: + - IDENTITY + description: The type of the reviewing identity. + example: IDENTITY + created: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The created date of the reviewing identity. + modified: + nullable: true + example: '2018-06-25T20:22:28.104Z' + format: date-time + type: string + description: The modified date of the reviewing identity. + RoleDocument: + description: Role + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + properties: + accessProfiles: + type: array + description: Access profiles included with the role. + items: + type: object + properties: + id: + type: string + example: 2c91809c6faade77016fb4f0b63407ae + description: Access profile's unique ID. + name: + type: string + example: Admin Access + description: Access profile's display name. + accessProfileCount: + type: integer + description: Number of access profiles included with the role. + format: int32 + example: 1 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + entitlements: + type: array + description: Entitlements included with the role. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements included with the role. + format: int32 + example: 3 + RoleSummary: + description: Role + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + disabled: + type: boolean + revocable: + type: boolean + SearchDocument: + discriminator: + propertyName: _type + mapping: + accessprofile: ../model/access/profile/AccessProfileDocument.yaml + accountactivity: ../model/account/activity/AccountActivityDocument.yaml + entitlement: ../model/entitlement/EntitlementDocument.yaml + event: ../model/event/EventDocument.yaml + identity: ../model/identity/IdentityDocument.yaml + role: ../model/role/RoleDocument.yaml + oneOf: + - description: 'More complete representation of an access profile. ' + allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + description: Access profile's ID. + example: 2c9180825a6c1adc015a71c9023f0818 + name: + type: string + description: Access profile's name. + example: Cloud Eng + _type: + description: |- + Access profile's document type. + This enum represents the currently supported document types. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: accessprofile + source: + type: object + description: Access profile's source. + properties: + id: + type: string + description: Source's ID. + example: ff8081815757d4fb0157588f3d9d008f + name: + type: string + description: Source's name. + example: Employees + entitlements: + type: array + description: Entitlements the access profile has access to. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: AccountActivity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + action: + type: string + description: Type of action performed in the activity. + externalDocs: + description: Learn more about account activity action types + url: 'https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data' + example: Identity Refresh. + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + stage: + type: string + description: Activity's current stage. + example: Completed + origin: + type: string + description: Activity's origin. + nullable: true + example: null + status: + type: string + description: Activity's current status. + example: Complete + requester: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + recipient: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + trackingNumber: + type: string + description: Account activity's tracking number. + example: 61aad0c9e8134eca89e76a35e0cabe3f + errors: + type: array + description: Errors provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + warnings: + type: array + description: Warnings provided by the source while completing account actions. + items: + type: string + nullable: true + example: null + approvals: + type: array + description: Approvals performed on an item during activity. + items: + type: object + properties: + comments: + type: array + items: + type: object + properties: + comment: + type: string + description: The comment text + example: This request was autoapproved by our automated ETS subscriber. + commenter: + type: string + description: The name of the commenter + example: Automated AR Approval + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + created: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + modified: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: string + description: The result of the approval + example: Finished + type: + type: string + nullable: true + example: null + originalRequests: + type: array + description: Original actions that triggered all individual source actions related to the account action. + items: + type: object + properties: + accountId: + type: string + description: Account ID. + example: 'CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com' + attributeRequests: + type: array + description: Attribute changes requested for account. + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + description: Operation used. + example: add + source: + description: Account's source. + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + expansionItems: + type: array + description: Controls that translated the attribute requests into actual provisioning actions on the source. + items: + type: object + properties: + accountId: + type: string + description: The ID of the account + example: 2c91808981f58ea601821c3e93482e6f + cause: + type: string + example: Role + name: + type: string + description: The name of the item + example: smartsheet-role + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + accountRequests: + type: array + description: Account data for each individual source action triggered by the original requests. + items: + type: object + properties: + accountId: + type: string + description: Unique ID of the account + example: John.Doe + attributeRequests: + type: array + items: + type: object + properties: + name: + type: string + description: Attribute name. + example: groups + op: + type: string + description: Operation to perform on attribute. + example: Add + value: + type: string + description: Value of attribute. + example: '3203537556531076' + op: + type: string + example: Modify + description: The operation that was performed + provisioningTarget: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + result: + type: object + properties: + errors: + type: array + items: + type: string + example: |- + [ConnectorError] [ + { + "code": "unrecognized_keys", + "keys": [ + "groups" + ], + "path": [], + "message": "Unrecognized key(s) in object: 'groups'" + } + ] (requestId: 5e9d6df5-9b1b-47d9-9bf1-dc3a2893299e) + status: + type: string + description: The status of the account request + example: failed + ticketId: + type: string + nullable: true + example: null + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + sources: + type: string + description: Sources involved in the account activity. + example: 'smartsheet-test, airtable-v4, IdentityNow' + - description: Entitlement + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + displayName: + type: string + description: Entitlement's display name. + example: Admin + source: + type: object + description: Entitlement's source. + properties: + id: + type: string + description: ID of entitlement's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of entitlement's source. + example: ODS-HR-Employees + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + requestable: + type: boolean + description: Indicates whether the entitlement is requestable. + default: false + example: false + cloudGoverned: + type: boolean + description: Indicates whether the entitlement is cloud governed. + default: false + example: false + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + identityCount: + type: integer + description: Number of identities who have access to the entitlement. + format: int32 + example: 3 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: Event + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - type: object + properties: + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + action: + type: string + description: Name of the event as it's displayed in audit reports. + example: update + type: + type: string + description: 'Event type. Refer to [Event Types](https://documentation.sailpoint.com/saas/help/search/index.html#event-types) for a list of event types and their meanings.' + example: SYSTEM_CONFIG + actor: + type: string + description: Name of the actor that generated the event. + example: System + target: + type: string + description: 'Name of the target, or recipient, of the event.' + example: Carol.Adams + stack: + type: string + description: The event's stack. + example: tpe + trackingNumber: + type: string + description: ID of the group of events. + example: 63f891e0735f4cc8bf1968144a1e7440 + ipAddress: + type: string + description: Target system's IP address. + example: 52.52.97.85 + details: + type: string + description: ID of event's details. + example: 73b65dfbed1842548c207432a18c84b0 + attributes: + type: object + description: Attributes involved in the event. + additionalProperties: true + example: + pod: stg03-useast1 + org: acme + sourceName: SailPoint + objects: + type: array + description: Objects the event is happening to. + items: + type: string + example: AUTHENTICATION + operation: + type: string + description: 'Operation, or action, performed during the event.' + example: REQUEST + status: + type: string + description: 'Event status. Refer to [Event Statuses](https://documentation.sailpoint.com/saas/help/search/index.html#event-statuses) for a list of event statuses and their meanings.' + example: PASSED + technicalName: + type: string + description: Event's normalized name. This normalized name always follows the pattern of 'objects_operation_status'. + example: AUTHENTICATION_REQUEST_PASSED + - description: Identity + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + displayName: + type: string + example: Carol.Adams + description: Identity's display name. + firstName: + type: string + description: Identity's first name. + example: Carol + lastName: + type: string + description: Identity's last name. + example: Adams + email: + type: string + description: Identity's primary email address. + example: Carol.Adams@sailpointdemo.com + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + phone: + type: string + description: Identity's phone number. + example: +1 440-527-3672 + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + inactive: + type: boolean + description: Indicates whether the identity is inactive. + default: false + example: false + protected: + type: boolean + description: Indicates whether the identity is protected. + default: false + example: false + status: + type: string + description: Identity's status in SailPoint. + example: UNREGISTERED + employeeNumber: + type: string + description: Identity's employee number. + example: 1a2a3d4e + manager: + type: object + description: Identity's manager. + nullable: true + properties: + id: + type: string + description: ID of identity's manager. + example: 2c9180867dfe694b017e208e27c05799 + name: + type: string + description: Name of identity's manager. + example: Amanda.Ross + displayName: + type: string + description: Display name of identity's manager. + example: Amanda.Ross + isManager: + type: boolean + description: Indicates whether the identity is a manager of other identities. + example: false + identityProfile: + type: object + description: Identity's identity profile. + properties: + id: + type: string + description: Identity profile's ID. + example: 3bc8ad26b8664945866b31339d1ff7d2 + name: + type: string + description: Identity profile's name. + example: HR Employees + source: + type: object + description: Identity's source. + properties: + id: + type: string + description: ID of identity's source. + example: 2c91808b6e9e6fb8016eec1a2b6f7b5f + name: + type: string + description: Display name of identity's source. + example: ODS-HR-Employees + attributes: + type: object + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + country: US + firstname: Carol + cloudStatus: UNREGISTERED + processingState: + type: string + description: Identity's processing state. + nullable: true + example: null + processingDetails: + description: Identity's processing details. + nullable: true + type: object + properties: + date: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + stage: + type: string + example: In Process + retryCount: + type: integer + example: 0 + format: int32 + stackTrace: + type: string + example: + message: + type: string + example: + accounts: + type: array + description: List of accounts associated with the identity. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + accountId: + type: string + description: Account ID. + example: John.Doe + source: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + type: + type: string + example: Delimited File + description: Type of source returned. + disabled: + type: boolean + description: Indicates whether the account is disabled. + default: false + example: false + locked: + type: boolean + description: Indicates whether the account is locked. + default: false + example: false + privileged: + type: boolean + description: Indicates whether the account is privileged. + default: false + example: false + manuallyCorrelated: + type: boolean + description: Indicates whether the account has been manually correlated to an identity. + default: false + example: false + passwordLastSet: + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + entitlementAttributes: + type: object + nullable: true + description: Map or dictionary of key/value pairs. + additionalProperties: true + example: + moderator: true + admin: true + trust_level: '4' + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + accountCount: + type: integer + description: Number of accounts associated with the identity. + format: int32 + example: 3 + apps: + type: array + description: List of applications the identity has access to. + items: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + account: + type: object + properties: + id: + type: string + description: The SailPoint generated unique ID + example: 2c9180837dfe6949017e21f3d8cd6d49 + accountId: + type: string + description: The account ID generated by the source + example: 'CN=Carol Adams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + appCount: + type: integer + format: int32 + description: Number of applications the identity has access to. + example: 2 + access: + type: array + description: List of access items assigned to the identity. + items: + discriminator: + propertyName: type + mapping: + ACCESS_PROFILE: ../access/AccessProfileSummary.yaml + ENTITLEMENT: ../access/AccessProfileEntitlement.yaml + ROLE: ../access/AccessProfileRole.yaml + oneOf: + - description: This is a summary representation of an access profile. + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + revocable: + type: boolean + example: true + - description: EntitlementReference + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + source: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + privileged: + type: boolean + example: false + attribute: + type: string + example: memberOf + value: + type: string + example: 'CN=Buyer,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com' + standalone: + type: boolean + example: false + - description: Role + allOf: + - allOf: + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + - type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + description: + type: string + nullable: true + example: null + - type: object + properties: + owner: + allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + displayName: + type: string + example: John Q. Doe + disabled: + type: boolean + revocable: + type: boolean + accessCount: + type: integer + format: int32 + description: Number of access items assigned to the identity. + example: 5 + entitlementCount: + type: integer + format: int32 + description: Number of entitlements assigned to the identity. + example: 10 + roleCount: + type: integer + format: int32 + description: Number of roles assigned to the identity. + example: 1 + accessProfileCount: + type: integer + format: int32 + description: Number of access profiles assigned to the identity. + example: 1 + owns: + type: array + description: Access items the identity owns. + items: + type: object + properties: + sources: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + entitlements: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + accessProfiles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + roles: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + apps: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + governanceGroups: + type: array + items: + type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + fallbackApprover: + type: boolean + example: false + ownsCount: + type: integer + format: int32 + description: Number of access items the identity owns. + example: 5 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + - description: Role + allOf: + - type: object + required: + - id + - name + - _type + properties: + id: + type: string + example: 2c91808375d8e80a0175e1f88a575222 + name: + type: string + example: john.doe + _type: + description: |- + Enum representing the currently supported document types. + + Additional values may be added in the future without notice. + type: string + enum: + - accessprofile + - accountactivity + - account + - aggregation + - entitlement + - event + - identity + - role + example: identity + - allOf: + - type: object + properties: + id: + type: string + example: 2c91808568c529c60168cca6f90c1313 + description: The unique ID of the referenced object. + name: + type: string + example: John Doe + description: The human readable name of the referenced object. + - type: object + properties: + description: + type: string + description: Access item's description. + example: The admin role + created: + type: string + description: ISO-8601 date-time referring to the time when the object was created. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + type: string + description: ISO-8601 date-time referring to the time when the object was last modified. + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + synced: + type: string + description: |- + ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. + This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. + There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. + nullable: true + format: date-time + example: '2018-06-25T20:22:33.104Z' + enabled: + type: boolean + description: Indicates whether the access item is currently enabled. + default: false + example: true + requestable: + type: boolean + description: Indicates whether the access item can be requested. + default: true + example: true + requestCommentsRequired: + type: boolean + description: Indicates whether comments are required for requests to access the item. + default: false + example: false + owner: + type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's display name. + example: Support + email: + type: string + description: Owner's email. + example: cloud-support@sailpoint.com + - type: object + properties: + accessProfiles: + type: array + description: Access profiles included with the role. + items: + type: object + properties: + id: + type: string + example: 2c91809c6faade77016fb4f0b63407ae + description: Access profile's unique ID. + name: + type: string + example: Admin Access + description: Access profile's display name. + accessProfileCount: + type: integer + description: Number of access profiles included with the role. + format: int32 + example: 1 + tags: + type: array + description: Tags that have been applied to the object. + items: + type: string + example: + - TAG_1 + - TAG_2 + segments: + type: array + description: Segments with the role. + items: + type: object + properties: + id: + type: string + example: b009b6e3-b56d-41d9-8735-cb532ea0b017 + description: Segment's unique ID. + name: + type: string + example: Test Segment + description: Segment's display name. + segmentCount: + type: integer + description: Number of segments with the role. + format: int32 + example: 1 + entitlements: + type: array + description: Entitlements included with the role. + items: + type: object + properties: + hasPermissions: + type: boolean + description: Indicates whether the entitlement has permissions. + default: false + example: false + description: + type: string + description: Entitlement's description. + example: Cloud engineering + attribute: + type: string + description: Entitlement attribute's name. + example: memberOf + value: + type: string + description: Entitlement's value. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + schema: + type: string + description: Entitlement's schema. + example: group + privileged: + type: boolean + description: Indicates whether the entitlement is privileged. + default: false + example: false + id: + type: string + description: Entitlement's ID. + example: 2c918084575812550157589064f33b89 + name: + type: string + description: Entitlement's name. + example: 'CN=Cloud Engineering,DC=sailpoint,DC=COM' + entitlementCount: + type: integer + description: Number of entitlements included with the role. + format: int32 + example: 3 + SavedSearch: + type: object + allOf: + - type: object + properties: + id: + description: | + The saved search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + owner: + description: | + The owner of the saved search. + type: object + properties: + type: + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + - ACCESS_PROFILE + - ACCESS_REQUEST_APPROVAL + - ACCOUNT + - APPLICATION + - CAMPAIGN + - CAMPAIGN_FILTER + - CERTIFICATION + - CLUSTER + - CONNECTOR_SCHEMA + - ENTITLEMENT + - GOVERNANCE_GROUP + - IDENTITY + - IDENTITY_PROFILE + - IDENTITY_REQUEST + - LIFECYCLE_STATE + - PASSWORD_POLICY + - ROLE + - RULE + - SOD_POLICY + - SOURCE + - TAG + - TAG_CATEGORY + - TASK_RESULT + - REPORT_RESULT + - SOD_VIOLATION + - ACCOUNT_ACTIVITY + - WORKGROUP + description: An enumeration of the types of DTOs supported within the IdentityNow infrastructure. + example: IDENTITY + id: + description: | + The id of the object. + type: string + example: 2c91808568c529c60168cca6f90c1313 + required: + - type + - id + ownerId: + type: string + description: The ID of the identity that owns this saved search. + example: 2c91808568c529c60168cca6f90c1313 + public: + type: boolean + description: Whether this saved search is visible to anyone but the owner. This field will always be false as there is no way to set a saved search as public at this time. + default: false + example: false + - type: object + properties: + name: + description: | + The name of the saved search. + type: string + example: Disabled accounts + description: + description: | + The description of the saved search. + type: string + nullable: true + example: Disabled accounts + - type: object + properties: + created: + description: | + The date the saved search was initially created. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + modified: + description: | + The last date the saved search was modified. + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + indices: + description: | + The names of the Elasticsearch indices in which to search. + type: array + items: + description: |- + Enum representing the currently supported indices. + Additional values may be added in the future without notice. + type: string + enum: + - accessprofiles + - accountactivities + - entitlements + - events + - identities + - roles + - '*' + example: identities + example: + - identities + columns: + description: | + The columns to be returned (specifies the order in which they will be presented) for each document type. + + The currently supported document types are: _accessprofile_, _accountactivity_, _account_, _aggregation_, _entitlement_, _event_, _identity_, and _role_. + type: object + additionalProperties: + type: array + items: + type: object + properties: + field: + description: | + The name of the field. + type: string + example: email + header: + description: | + The value of the header. + type: string + example: Work Email + required: + - field + example: + identity: + - field: displayName + header: Display Name + - field: e-mail + header: Work Email + query: + description: | + The search query using Elasticsearch [Query String Query](https://www.elastic.co/guide/en/elasticsearch/reference/5.2/query-dsl-query-string-query.html#query-string) syntax from the Query DSL. + type: string + example: '@accounts(disabled:true)' + fields: + description: | + The fields to be searched against in a multi-field query. + type: array + nullable: true + items: + type: string + example: + - disabled + orderBy: + description: | + Sort by index. This takes precedence over the `sort` property. + type: object + additionalProperties: + type: array + items: + type: string + nullable: true + example: + identity: + - lastName + - firstName + role: + - name + sort: + description: | + The fields to be used to sort the search results. + type: array + items: + type: string + example: + - displayName + nullable: true + filters: + nullable: true + allOf: + - type: object + description: The filters to be applied for each filtered field name. + example: + attributes.cloudAuthoritativeSource: + type: EXISTS + exclude: true + accessCount: + type: RANGE + range: + lower: + value: '3' + created: + type: RANGE + range: + lower: + value: '2019-12-01' + inclusive: true + upper: + value: '2020-01-01' + source.name: + type: TERMS + terms: + - HR Employees + - Corporate Active Directory + exclude: true + protected: + type: TERMS + terms: + - 'true' + - type: object + properties: + type: + description: |- + Enum representing the currently supported filter types. + Additional values may be added in the future without notice. + type: string + enum: + - EXISTS + - RANGE + - TERMS + example: RANGE + range: + type: object + description: The range of values to be filtered. + properties: + lower: + description: The lower bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + upper: + description: The upper bound of the range. + type: object + required: + - value + properties: + value: + description: The value of the range's endpoint. + type: string + example: '1' + inclusive: + description: Indicates if the endpoint is included in the range. + type: boolean + default: false + example: false + terms: + description: The terms to be filtered. + type: array + items: + type: string + example: account_count + exclude: + description: Indicates if the filter excludes results. + type: boolean + default: false + example: false + required: + - indices + - query + Schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + ScheduledSearch: + type: object + allOf: + - type: object + properties: + id: + description: The scheduled search ID. + type: string + example: 0de46054-fe90-434a-b84e-c6b3359d0c64 + readOnly: true + owner: + description: The owner of the scheduled search + readOnly: true + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + ownerId: + description: | + The ID of the scheduled search owner. + + Please use the `id` in the `owner` object instead. + type: string + example: 2c9180867624cbd7017642d8c8c81f67 + readOnly: true + deprecated: true + - type: object + properties: + name: + description: | + The name of the scheduled search. + type: string + example: Daily disabled accounts + nullable: true + description: + description: | + The description of the scheduled search. + type: string + nullable: true + example: Daily disabled accounts + - type: object + properties: + savedSearchId: + description: The ID of the saved search that will be executed. + type: string + example: 554f1511-f0a1-4744-ab14-599514d3e57c + created: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The date the scheduled search was initially created. + readOnly: true + modified: + allOf: + - type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: A date-time in ISO-8601 format + description: The last date the scheduled search was modified. + readOnly: true + schedule: + type: object + description: The schedule information. + properties: + type: + description: | + Enum representing the currently supported schedule types. + + Additional values may be added in the future without notice. + type: string + enum: + - DAILY + - WEEKLY + - MONTHLY + - CALENDAR + - ANNUALLY + example: WEEKLY + months: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The months to execute the search. This only applies to schedules with a type of `ANNUALLY`. + example: + type: LIST + values: + - '3' + - '6' + - '9' + - '12' + nullable: true + days: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: | + The days to execute the search. + + If `type` is `WEEKLY`, the values will be `MON`, `TUE`, `WED`, `THU`, `FRI`, `SAT`, and `SUN`. + + If `type` is `MONTHLY` or `ANNUALLY`, the values will be a number in double quotes, like `"1"`, `"10"`, or `"28"`. Optionally, the value `"L"` can be used to refer to the last day of the month. + example: + type: LIST + values: + - MON + - WED + - FRI + nullable: true + hours: + allOf: + - type: object + properties: + type: + description: | + Enum representing the currently supported selector types. + + LIST - the *values* array contains one or more distinct values. + + RANGE - the *values* array contains two values: the start and end of the range, inclusive. + + Additional values may be added in the future without notice. + type: string + enum: + - LIST + - RANGE + example: LIST + values: + description: | + The selected values. + type: array + items: + type: string + example: + - MON + - WED + interval: + nullable: true + description: | + The selected interval for RANGE selectors. + type: integer + format: int32 + example: 3 + required: + - type + - values + - description: The hours selected. + example: + type: RANGE + values: + - '9' + - '18' + interval: 3 + expiration: + description: 'The schedule expiration date. Latest possible expiration date is ''2038-01-19T03:14:07+0000''' + type: string + nullable: true + format: date-time + example: '2018-06-25T20:22:28.104Z' + timeZoneId: + description: 'The canonical TZ identifier the schedule will run in (ex. America/New_York). If no timezone is specified, the org''s default timezone is used.' + nullable: true + type: string + example: America/Chicago + required: + - type + - hours + recipients: + description: A list of identities that should receive the scheduled search report via email. + type: array + items: + type: object + properties: + type: + type: string + description: The type of object being referenced + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: The ID of the referenced object + example: 2c9180867624cbd7017642d8c8c81f67 + required: + - type + - id + enabled: + description: | + Indicates if the scheduled search is enabled. + type: boolean + default: false + example: false + emailEmptyResults: + description: | + Indicates if email generation should occur when search returns no results. + type: boolean + default: false + example: false + displayQueryDetails: + description: | + Indicates if the generated email should include the query and search results preview (which could include PII). + type: boolean + default: false + example: false + required: + - savedSearchId + - schedule + - recipients + required: + - id + - owner + - ownerId + ServiceDeskIntegrationDto: + allOf: + - type: object + description: Service Desk integration's specification. + required: + - name + - description + - type + - attributes + properties: + id: + type: string + description: Unique identifier for the Service Desk integration + example: 62945a496ef440189b1f03e3623411c8 + name: + description: Service Desk integration's name. The name must be unique. + type: string + example: Service Desk Integration Name + created: + type: string + format: date-time + description: The date and time the Service Desk integration was created + example: '2024-01-17T18:45:25.994Z' + modified: + type: string + format: date-time + description: The date and time the Service Desk integration was last modified + example: '2024-02-18T18:45:25.994Z' + description: + description: Service Desk integration's description. + type: string + example: A very nice Service Desk integration + type: + description: | + Service Desk integration types: + + - ServiceNowSDIM + - ServiceNow + type: string + default: ServiceNowSDIM + example: ServiceNowSDIM + ownerRef: + allOf: + - type: object + description: Owner's identity. + properties: + type: + type: string + description: Owner's DTO type. + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner's identity ID. + example: 2c9180a46faadee4016fb4e018c20639 + name: + type: string + description: Owner's name. + example: Support + clusterRef: + allOf: + - type: object + description: Source cluster. + properties: + type: + type: string + description: Source cluster DTO type. + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Source cluster ID. + example: 2c9180847a7fccdd017aa5896f9f4f6f + name: + type: string + description: Source cluster display name. + example: Training VA + cluster: + description: 'Cluster ID for the Service Desk integration (replaced by clusterRef, retained for backward compatibility).' + type: string + example: xyzzy999 + deprecated: true + nullable: true + managedSources: + description: 'Source IDs for the Service Desk integration (replaced by provisioningConfig.managedSResourceRefs, but retained here for backward compatibility).' + type: array + items: + type: string + deprecated: true + example: + - 2c9180835d191a86015d28455b4a2329 + - 2c5680835d191a85765d28455b4a9823 + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + attributes: + description: Service Desk integration's attributes. Validation constraints enforced by the implementation. + type: object + additionalProperties: true + example: + property: value + key: value + beforeProvisioningRule: + allOf: + - type: object + description: Before Provisioning Rule. + properties: + type: + type: string + description: Before Provisioning Rule DTO type. + enum: + - RULE + example: RULE + id: + type: string + description: Before Provisioning Rule ID. + example: 048eb3d55c5a4758bd07dccb87741c78 + name: + type: string + description: Rule display name. + example: Before Provisioning Airtable Rule + ServiceDeskIntegrationTemplateDto: + allOf: + - type: object + required: + - name + properties: + id: + description: System-generated unique ID of the Object + type: string + example: id12345 + readOnly: true + name: + description: Name of the Object + type: string + example: aName + created: + description: Creation date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + modified: + description: Last modification date of the Object + type: string + example: '2015-05-28T14:07:17Z' + format: date-time + readOnly: true + - type: object + description: 'This is the model for a Service Desk integration template, used to create and edit Service Desk Integrations.' + required: + - type + - attributes + - provisioningConfig + properties: + type: + description: The 'type' property specifies the type of the Service Desk integration template. + type: string + example: Web Service SDIM + default: Web Service SDIM + attributes: + description: The 'attributes' property value is a map of attributes available for integrations using this Service Desk integration template. + type: object + additionalProperties: true + example: + property: value + key: value + provisioningConfig: + description: The 'provisioningConfig' property specifies the configuration used to provision integrations using the template. + type: object + properties: + universalManager: + description: 'Specifies whether this configuration is used to manage provisioning requests for all sources from the org. If true, no managedResourceRefs are allowed.' + type: boolean + readOnly: true + default: false + example: true + managedResourceRefs: + description: References to sources for the Service Desk integration template. May only be specified if universalManager is false. + type: array + items: + allOf: + - type: object + description: Source for Service Desk integration template. + properties: + type: + type: string + description: DTO type of source for service desk integration template. + enum: + - SOURCE + example: SOURCE + id: + type: string + description: ID of source for service desk integration template. + example: 2c9180835d191a86015d28455b4b232a + name: + type: string + description: Human-readable name of source for service desk integration template. + example: HR Active Directory + example: + - type: SOURCE + id: 2c9180855d191c59015d291ceb051111 + name: My Source 1 + - type: SOURCE + id: 2c9180855d191c59015d291ceb052222 + name: My Source 2 + planInitializerScript: + description: This is a reference to a plan initializer script. + type: object + nullable: true + properties: + source: + description: This is a Rule that allows provisioning instruction changes. + type: string + example: | + \r\n\r\n\r\n Before Provisioning Rule which changes disables and enables to a modify.\r\n + noProvisioningRequests: + description: Name of an attribute that when true disables the saving of ProvisioningRequest objects whenever plans are sent through this integration. + type: boolean + default: false + example: true + provisioningRequestExpiration: + description: 'When saving pending requests is enabled, this defines the number of hours the request is allowed to live before it is considered expired and no longer affects plan compilation.' + type: integer + format: int32 + example: 7 + ServiceDeskIntegrationTemplateType: + description: This represents a Service Desk Integration template type. + required: + - type + - scriptName + type: object + properties: + name: + description: This is the name of the type. + example: aName + type: string + type: + description: This is the type value for the type. + example: aType + type: string + scriptName: + description: This is the scriptName attribute value for the type. + example: aScriptName + type: string + Source: + type: object + properties: + id: + type: string + readOnly: true + description: Source ID. + example: 2c91808568c529c60168cca6f90c1324 + name: + type: string + description: Source's human-readable name. + example: My Source + description: + type: string + description: Source's human-readable description. + example: This is the corporate directory. + owner: + description: Reference to identity object who owns the source. + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - IDENTITY + example: IDENTITY + id: + type: string + description: Owner identity's ID. + example: 2c91808568c529c60168cca6f90c1313 + name: + type: string + description: Owner identity's human-readable display name. + example: MyName + cluster: + description: Reference to the source's associated cluster. + type: object + nullable: true + required: + - name + - id + - type + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CLUSTER + example: CLUSTER + id: + type: string + description: Cluster ID. + example: 2c9180866166b5b0016167c32ef31a66 + name: + type: string + description: Cluster's human-readable display name. + example: Corporate Cluster + accountCorrelationConfig: + description: Reference to account correlation config object. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - ACCOUNT_CORRELATION_CONFIG + example: ACCOUNT_CORRELATION_CONFIG + id: + type: string + description: Account correlation config ID. + example: 2c9180855d191c59015d28583727245a + name: + type: string + description: Account correlation config's human-readable display name. + example: 'Directory [source-62867] Account Correlation' + accountCorrelationRule: + description: Reference to a rule that can do COMPLEX correlation. Only use this rule when you can't use accountCorrelationConfig. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + managerCorrelationMapping: + allOf: + - type: object + properties: + accountAttributeName: + type: string + description: Name of the attribute to use for manager correlation. The value found on the account attribute will be used to lookup the manager's identity. + example: manager + identityAttributeName: + type: string + description: Name of the identity attribute to search when trying to find a manager using the value from the accountAttribute. + example: manager + - nullable: true + description: | + Filter object used during manager correlation to match incoming manager values to an existing manager's + account/identity. + managerCorrelationRule: + description: Reference to the ManagerCorrelationRule. Only use this rule when a simple filter isn't sufficient. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + beforeProvisioningRule: + description: 'Rule that runs on the CCG and allows for customization of provisioning plans before the API calls the connector. ' + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - RULE + example: RULE + id: + type: string + description: Rule ID. + example: 2c918085708c274401708c2a8a760001 + name: + type: string + description: Rule's human-readable display name. + example: Example Rule + schemas: + type: array + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - CONNECTOR_SCHEMA + example: CONNECTOR_SCHEMA + id: + type: string + description: Schema ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Schema's human-readable display name. + example: MySchema + description: List of references to schema objects. + example: + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232a + name: account + - type: CONNECTOR_SCHEMA + id: 2c9180835d191a86015d28455b4b232b + name: group + passwordPolicies: + type: array + nullable: true + items: + type: object + properties: + type: + description: Type of object being referenced. + type: string + enum: + - PASSWORD_POLICY + example: PASSWORD_POLICY + id: + type: string + description: Policy ID. + example: 2c91808568c529c60168cca6f90c1777 + name: + type: string + description: Policy's human-readable display name. + example: My Password Policy + description: List of references to the associated PasswordPolicy objects. + example: + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb053980 + name: Corporate Password Policy + - type: PASSWORD_POLICY + id: 2c9180855d191c59015d291ceb057777 + name: Vendor Password Policy + features: + type: array + items: + type: string + enum: + - AUTHENTICATE + - COMPOSITE + - DIRECT_PERMISSIONS + - DISCOVER_SCHEMA + - ENABLE + - MANAGER_LOOKUP + - NO_RANDOM_ACCESS + - PROXY + - SEARCH + - TEMPLATE + - UNLOCK + - UNSTRUCTURED_TARGETS + - SHAREPOINT_TARGET + - PROVISIONING + - GROUP_PROVISIONING + - SYNC_PROVISIONING + - PASSWORD + - CURRENT_PASSWORD + - ACCOUNT_ONLY_REQUEST + - ADDITIONAL_ACCOUNT_REQUEST + - NO_AGGREGATION + - GROUPS_HAVE_MEMBERS + - NO_PERMISSIONS_PROVISIONING + - NO_GROUP_PERMISSIONS_PROVISIONING + - NO_UNSTRUCTURED_TARGETS_PROVISIONING + - NO_DIRECT_PERMISSIONS_PROVISIONING + - PREFER_UUID + - ARM_SECURITY_EXTRACT + - ARM_UTILIZATION_EXTRACT + - ARM_CHANGELOG_EXTRACT + - USES_UUID + example: AUTHENTICATE + description: |- + Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. + * AUTHENTICATE: The source supports pass-through authentication. + * COMPOSITE: The source supports composite source creation. + * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. + * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. + * ENABLE The source supports reading if an account is enabled or disabled. + * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. + * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. + * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. + * SEARCH + * TEMPLATE + * UNLOCK: The source supports reading if an account is locked or unlocked. + * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. + * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. + * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. + * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. + * SYNC_PROVISIONING: The source can provision accounts synchronously. + * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. + * CURRENT_PASSWORD: Some source types support verification of the current password + * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. + * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. + * NO_AGGREGATION: A source that does not support aggregation. + * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. + * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. + * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. + * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. + * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. + * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. + * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM + * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM + * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM + example: + - PROVISIONING + - NO_PERMISSIONS_PROVISIONING + - GROUPS_HAVE_MEMBERS + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a delimited file source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + connector: + type: string + description: Connector script name. + example: active-directory + connectorClass: + type: string + description: Fully qualified name of the Java class that implements the connector interface. + example: sailpoint.connector.LDAPConnector + connectorAttributes: + type: object + description: Connector specific configuration. This configuration will differ from type to type. + example: + healthCheckTimeout: 30 + authSearchAttributes: + - cn + - uid + - mail + deleteThreshold: + type: integer + format: int32 + description: Number from 0 to 100 that specifies when to skip the delete phase. + example: 10 + authoritative: + type: boolean + description: 'When this is true, it indicates that the source is referenced by an identity profile.' + default: false + example: false + managementWorkgroup: + description: Reference to management workgroup for the source. + type: object + nullable: true + properties: + type: + description: Type of object being referenced. + type: string + enum: + - GOVERNANCE_GROUP + example: GOVERNANCE_GROUP + id: + type: string + description: Management workgroup ID. + example: 2c91808568c529c60168cca6f90c2222 + name: + type: string + description: Management workgroup's human-readable display name. + example: My Management Workgroup + healthy: + type: boolean + description: 'When this is true, it indicates that the source is healthy.' + default: false + example: true + status: + type: string + enum: + - SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: 'Status identifier that gives specific information about why a source is or isn''t healthy. ' + example: SOURCE_STATE_HEALTHY + since: + type: string + description: Timestamp that shows when a source health check was last performed. + example: 2021-09-28T15:48:29.380Z + connectorId: + type: string + description: Connector ID + example: active-directory + connectorName: + type: string + description: Name of the connector that was chosen during source creation. + example: Active Directory + connectionType: + type: string + description: Type of connection (direct or file). + example: file + connectorImplementationId: + type: string + description: Connector implementation ID. + example: delimited-file + created: + type: string + description: Date-time when the source was created + format: date-time + example: 2022-02-08T14:50:03.827Z + modified: + type: string + description: Date-time when the source was last modified. + format: date-time + example: 2024-01-23T18:08:50.897Z + credentialProviderEnabled: + type: boolean + description: 'If this is true, it enables a credential provider for the source. If credentialProvider is turned on, then the source can use credential provider(s) to fetch credentials.' + default: false + example: false + category: + type: string + nullable: true + default: null + description: 'Source category (e.g. null, CredentialProvider).' + example: CredentialProvider + required: + - name + - owner + - connector + SourceHealthDto: + type: object + description: Dto for source health data + properties: + id: + type: string + readOnly: true + description: the id of the Source + example: 2c91808568c529c60168cca6f90c1324 + type: + type: string + description: 'Specifies the type of system being managed e.g. Active Directory, Workday, etc.. If you are creating a Delimited File source, you must set the `provisionasCsv` query parameter to `true`. ' + example: OpenLDAP - Direct + name: + type: string + description: the name of the source + example: Source1234 + org: + type: string + description: source's org + example: denali-cjh + isAuthoritative: + type: boolean + example: false + description: Is the source authoritative + isCluster: + type: boolean + example: false + description: Is the source in a cluster + hostname: + type: string + example: megapod-useast1-secret-hostname.sailpoint.com + description: source's hostname + pod: + type: string + description: source's pod + example: megapod-useast1 + iqServiceVersion: + type: string + description: The version of the iqService + example: iqVersion123 + status: + type: string + enum: + - SOURCE_STATE_ERROR_CLUSTER + - SOURCE_STATE_ERROR_SOURCE + - SOURCE_STATE_ERROR_VA + - SOURCE_STATE_FAILURE_CLUSTER + - SOURCE_STATE_FAILURE_SOURCE + - SOURCE_STATE_HEALTHY + - SOURCE_STATE_UNCHECKED_CLUSTER + - SOURCE_STATE_UNCHECKED_CLUSTER_NO_SOURCES + - SOURCE_STATE_UNCHECKED_SOURCE + - SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS + description: connection test result + example: SOURCE_STATE_UNCHECKED_SOURCE + Transform: + type: object + description: The representation of an internally- or customer-defined transform. + required: + - name + - type + - attributes + properties: + name: + type: string + description: Unique name of this transform + example: Timestamp To Date + minLength: 1 + maxLength: 50 + type: + type: string + description: The type of transform operation + enum: + - accountAttribute + - base64Decode + - base64Encode + - concat + - conditional + - dateCompare + - dateFormat + - dateMath + - decomposeDiacriticalMarks + - e164phone + - firstValid + - rule + - identityAttribute + - indexOf + - iso3166 + - lastIndexOf + - leftPad + - lookup + - lower + - normalizeNames + - randomAlphaNumeric + - randomNumeric + - reference + - replaceAll + - replace + - rightPad + - split + - static + - substring + - trim + - upper + - usernameGenerator + - uuid + - displayName + - rfc5646 + example: dateFormat + externalDocs: + description: Transform Operations + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations' + attributes: + nullable: true + description: Meta-data about the transform. Values in this list are specific to the type of transform to be executed. + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Decode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: base64Encode + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: concat + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of items to join together + example: + - John + - ' ' + - Smith + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: conditional + type: object + required: + - expression + - positiveCondition + - negativeCondition + properties: + expression: + type: string + description: |- + A comparison statement that follows the structure of `ValueA eq ValueB` where `ValueA` and `ValueB` are static strings or outputs of other transforms. + + The `eq` operator is the only valid comparison + example: ValueA eq ValueB + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: 'false' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateCompare + type: object + required: + - firstDate + - secondDate + - operator + - positiveCondition + - negativeCondition + properties: + firstDate: + description: This is the first date to consider (The date that would be on the left hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + secondDate: + description: This is the second date to consider (The date that would be on the right hand side of the comparison operation). + oneOf: + - title: accountAttribute + type: object + required: + - sourceName + - attributeName + properties: + sourceName: + type: string + description: A reference to the source to search for the account + example: Workday + attributeName: + type: string + description: 'The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema.' + example: DEPARTMENT + accountSortAttribute: + type: string + description: The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries + example: created + default: created + accountSortDescending: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order)' + example: false + default: false + accountReturnFirstLink: + type: boolean + description: 'The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false' + example: false + default: false + accountFilter: + type: string + description: |- + This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. + Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements + example: '!(nativeIdentity.startsWith("*DELETED*"))' + accountPropertyFilter: + type: string + description: |- + This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. + + All account attributes are available for filtering as this operation is performed in memory. + example: '(groups.containsAll({''Admin''}) || location == ''Austin'')' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + operator: + type: string + description: | + This is the comparison to perform. + | Operation | Description | + | --------- | ------- | + | LT | Strictly less than: firstDate < secondDate | + | LTE | Less than or equal to: firstDate <= secondDate | + | GT | Strictly greater than: firstDate > secondDate | + | GTE | Greater than or equal to: firstDate >= secondDate | + enum: + - LT + - LTE + - GT + - GTE + example: LT + positiveCondition: + type: string + description: The output of the transform if the expression evalutes to true + example: 'true' + negativeCondition: + type: string + description: The output of the transform if the expression evalutes to false + example: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateFormat + type: object + properties: + inputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data is coming in as. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + outputFormat: + description: |- + A string value indicating either the explicit SimpleDateFormat or the built-in named format that the data should be formatted into. + + *If no inputFormat is provided, the transform assumes that it is in ISO8601 format* + oneOf: + - title: Named Construct + type: string + description: | + | Construct | Date Time Pattern | Description | + | --------- | ----------------- | ----------- | + | ISO8601 | `yyyy-MM-dd'T'HH:mm:ss.SSSX` | The ISO8601 standard. | + | LDAP | `yyyyMMddHHmmss.Z` | The LDAP standard. | + | PEOPLE_SOFT | `MM/dd/yyyy` | The date format People Soft uses. | + | EPOCH_TIME_JAVA | # ms from midnight, January 1st, 1970 | The incoming date value as elapsed time in milliseconds from midnight, January 1st, 1970. | + | EPOCH_TIME_WIN32| # intervals of 100ns from midnight, January 1st, 1601 | The incoming date value as elapsed time in 100-nanosecond intervals from midnight, January 1st, 1601. | + enum: + - ISO8601 + - LDAP + - PEOPLE_SOFT + - EPOCH_TIME_JAVA + - EPOCH_TIME_WIN32 + example: PEOPLE_SOFT + - title: Java Simple Date Format + type: string + description: | + There are a variety of date time patterns you can express using SimpleDateFormat. The following table lists examples of different date time patterns expressed in the SimpleDateFormat and how they display. Refer to the SimpleDateFormat syntax page for more information. + + >NOTE: The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone. + (This table is from the SimpleDateFormat page.) + + | Date Time Pattern | Result | + | ----------------- | ------ | + | `yyyy.MM.dd G 'at' HH:mm:ss z` | `2001.07.04 AD at 12:08:56 PDT` | + | `EEE, MMM d, ''yy` | Wed, Jul 4, '01 | + | `h:mm a` | 12:08 PM | + | `hh 'o''clock' a, zzzz` | 12 o'clock PM, Pacific Daylight Time | + | `K:mm a, z` | 0:08 PM, PDT | + | `yyyyy.MMMMM.dd GGG hh:mm aaa` | 02001.July.04 AD 12:08 PM | + | `EEE, d MMM yyyy HH:mm:ss Z` | Wed, 4 Jul 2001 12:08:56 -0700 | + | `yyMMddHHmmssZ` | 010704120856-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSZ` | 2001-07-04T12:08:56.235-0700 | + | `yyyy-MM-dd'T'HH:mm:ss.SSSXXX` | 2001-07-04T12:08:56.235-07:00 | + | `YYYY-'W'ww-u` | 2001-W27-3 | + example: mm/dd/yyyy + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: dateMath + type: object + required: + - expression + properties: + expression: + type: string + description: | + A string value of the date and time components to operation on, along with the math operations to execute. + externalDocs: + description: Date Math Expressions + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/date-math#transform-structure' + example: now+1w + roundUp: + type: boolean + description: | + A boolean value to indicate whether the transform should round up or down when a rounding `/` operation is defined in the expression. + + + If not provided, the transform will default to `false` + + + `true` indicates the transform should round up (i.e., truncate the fractional date/time component indicated and then add one unit of that component) + + + `false` indicates the transform should round down (i.e., truncate the fractional date/time component indicated) + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: decomposeDiacriticalMarks + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: e164phone + type: object + properties: + defaultRegion: + type: string + description: | + This is an optional attribute that can be used to define the region of the phone number to format into. + + + If defaultRegion is not provided, it will take US as the default country. + + + The format of the country code should be in [ISO 3166-1 alpha-2 format](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) + example: US + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: firstValid + type: object + required: + - values + properties: + values: + type: array + items: + type: object + description: An array of attributes to evaluate for existence. + example: + - attributes: + sourceName: Active Directory + attributeName: sAMAccountName + type: accountAttribute + - attributes: + sourceName: Okta + attributeName: login + type: accountAttribute + - attributes: + sourceName: HR Source + attributeName: employeeID + type: accountAttribute + ignoreErrors: + type: boolean + description: a true or false value representing to move on to the next option if an error (like an Null Pointer Exception) were to occur. + example: false + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: rule + oneOf: + - type: object + required: + - name + properties: + name: + type: string + description: This is the name of the Transform rule that needs to be invoked by the transform + example: Transform Calculation Rule + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - type: object + required: + - name + - operation + - includeNumbers + - includeSpecialChars + - length + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `generateRandomString` + example: generateRandomString + includeNumbers: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include numbers + example: true + includeSpecialChars: + type: boolean + description: This must be either "true" or "false" to indicate whether the generator logic should include special characters + example: true + length: + type: string + description: | + This specifies how long the randomly generated string needs to be + + + >NOTE Due to identity attribute data constraints, the maximum allowable value is 450 characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - type: object + required: + - name + - operation + - uid + properties: + name: + type: string + description: This must always be set to "Cloud Services Deployment Utility" + example: Cloud Services Deployment Utility + operation: + type: string + description: The operation to perform `getReferenceIdentityAttribute` + example: getReferenceIdentityAttribute + uid: + type: string + description: | + This is the SailPoint User Name (uid) value of the identity whose attribute is desired + + As a convenience feature, you can use the `manager` keyword to dynamically look up the user's manager and then get that manager's identity attribute. + example: 2c91808570313110017040b06f344ec9 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + - title: identityAttribute + type: object + required: + - name + properties: + name: + type: string + description: The system (camel-cased) name of the identity attribute to bring in + example: email + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: indexOf + type: object + required: + - substring + properties: + substring: + type: string + description: 'A substring to search for, searches the entire calling string, and returns the index of the first occurrence of the specified substring.' + example: admin_ + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: iso3166 + type: object + properties: + format: + type: string + description: | + An optional value to denote which ISO 3166 format to return. Valid values are: + + + `alpha2` - Two-character country code (e.g., "US"); this is the default value if no format is supplied + + + `alpha3` - Three-character country code (e.g., "USA") + + + `numeric` - The numeric country code (e.g., "840") + example: alpha2 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: leftPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lookup + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: | + This is a JSON object of key-value pairs. The key is the string that will attempt to be matched to the input, and the value is the output string that should be returned if the key is matched + + + >**Note** the use of the optional default key value here; if none of the three countries in the above example match the input string, the transform will return "Unknown Region" for the attribute that is mapped to this transform. + example: + USA: Americas + FRA: EMEA + AUS: APAC + default: Unknown Region + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: lower + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: nameNormalizer + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomAlphaNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: randomNumeric + type: object + properties: + length: + type: string + description: | + This is an integer value specifying the size/number of characters the random string must contain + + + * This value must be a positive number and cannot be blank + + + * If no length is provided, the transform will default to a value of `32` + + + * Due to identity attribute data constraints, the maximum allowable value is `450` characters + example: '10' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: reference + type: object + required: + - id + properties: + id: + type: string + description: This ID specifies the name of the pre-existing transform which you want to use within your current transform + example: Existing Transform + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replaceAll + type: object + required: + - table + properties: + table: + type: object + additionalProperties: true + description: 'An attribute of key-value pairs. Each pair identifies the pattern to search for as its key, and the replacement string as its value.' + example: + '-': ' ' + '"': '''' + ñ: 'n' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: replace + type: object + required: + - regex + - replacement + properties: + regex: + type: string + description: This can be a string or a regex pattern in which you want to replace. + example: '[^a-zA-Z]' + externalDocs: + description: Regex Builder + url: 'https://regex101.com/' + replacement: + type: string + description: This is the replacement string that should be substituded wherever the string or pattern is found. + example: ' ' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: rightPad + type: object + required: + - length + properties: + length: + type: string + description: An integer value for the desired length of the final output string + example: '4' + padding: + type: string + description: | + A string value representing the character that the incoming data should be padded with to get to the desired length + + + If not provided, the transform will default to a single space (" ") character for padding + example: '0' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: split + type: object + required: + - delimiter + - index + properties: + delimiter: + type: string + description: 'This can be either a single character or a regex expression, and is used by the transform to identify the break point between two substrings in the incoming data' + example: ',' + index: + type: string + description: 'An integer value for the desired array element after the incoming data has been split into a list; the array is a 0-based object, so the first array element would be index 0, the second element would be index 1, etc.' + example: '5' + throws: + type: boolean + description: | + A boolean (true/false) value which indicates whether an exception should be thrown and returned as an output when an index is out of bounds with the resultant array (i.e., the provided index value is larger than the size of the array) + + + `true` - The transform should return "IndexOutOfBoundsException" + + + `false` - The transform should return null + + + If not provided, the transform will default to false and return a null + example: true + default: false + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: static + type: object + required: + - values + properties: + values: + type: string + description: 'This must evaluate to a JSON string, either through a fixed value or through conditional logic using the Apache Velocity Template Language.' + example: string$variable + externalDocs: + description: Static Transform Documentation + url: 'https://developer.sailpoint.com/idn/docs/transforms/operations/static' + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + - title: substring + type: object + required: + - begin + properties: + begin: + type: integer + description: | + The index of the first character to include in the returned substring. + + + If `begin` is set to -1, the transform will begin at character 0 of the input data + example: 1 + format: int32 + beginOffset: + type: integer + description: | + This integer value is the number of characters to add to the begin attribute when returning a substring. + + This attribute is only used if begin is not -1. + example: 3 + format: int32 + end: + type: integer + description: | + The index of the first character to exclude from the returned substring. + + If end is -1 or not provided at all, the substring transform will return everything up to the end of the input string. + example: 6 + format: int32 + endOffset: + type: integer + description: | + This integer value is the number of characters to add to the end attribute when returning a substring. + + This attribute is only used if end is provided and is not -1. + example: 1 + format: int32 + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: trim + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: upper + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + input: + type: object + description: 'This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI.' + additionalProperties: true + example: + type: accountAttribute + attributes: + attributeName: first_name + sourceName: Source + - title: uuid + type: object + properties: + requiresPeriodicRefresh: + type: boolean + description: A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process + example: false + default: false + WorkItems: + type: object + properties: + id: + type: string + description: ID of the work item + example: 2c9180835d2e5168015d32f890ca1581 + requesterId: + type: string + description: ID of the requester + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + requesterDisplayName: + type: string + description: The displayname of the requester + example: John Smith + nullable: true + ownerId: + type: string + description: The ID of the owner + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + ownerName: + type: string + description: The name of the owner + example: Jason Smith + created: + type: string + format: date-time + example: '2017-07-11T18:45:37.098Z' + description: Time when the work item was created + modified: + type: string + format: date-time + example: '2018-06-25T20:22:28.104Z' + description: Time when the work item was last updated + nullable: true + description: + type: string + description: The description of the work item + example: Create account on source 'AD' + state: + type: string + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + example: Finished + description: The state of a work item + type: + type: string + enum: + - Generic + - Certification + - Remediation + - Delegation + - Approval + - ViolationReview + - Form + - PolicyVioloation + - Challenge + - ImpactAnalysis + - Signoff + - Event + - ManualAction + - Test + example: Generic + description: The type of the work item + remediationItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The ID of the certification + example: 2c9180835d2e5168015d32f890ca1581 + targetId: + type: string + description: The ID of the certification target + example: 2c9180835d2e5168015d32f890ca1581 + targetName: + type: string + description: The name of the certification target + example: john.smith + targetDisplayName: + type: string + description: The display name of the certification target + example: emailAddress + applicationName: + type: string + description: The name of the application/source + example: Active Directory + attributeName: + type: string + description: The name of the attribute being certified + example: phoneNumber + attributeOperation: + type: string + description: The operation of the certification on the attribute + example: update + attributeValue: + type: string + description: The value of the attribute being certified + example: 512-555-1212 + nativeIdentity: + type: string + description: The native identity of the target + example: jason.smith2 + description: A list of remediation items + approvalItems: + type: array + nullable: true + items: + type: object + properties: + id: + type: string + description: The approval item's ID + example: 2c9180835d2e5168015d32f890ca1581 + account: + type: string + description: The account referenced by the approval item + example: john.smith + nullable: true + application: + type: string + description: The name of the application/source + example: Active Directory + name: + type: string + description: The attribute's name + example: emailAddress + nullable: true + operation: + type: string + description: The attribute's operation + example: update + value: + type: string + description: The attribute's value + example: a@b.com + nullable: true + state: + allOf: + - type: string + nullable: true + enum: + - Finished + - Rejected + - Returned + - Expired + - Pending + - Canceled + - null + example: Pending + description: The state of a work item + - nullable: true + description: A list of items that need to be approved + name: + type: string + description: The work item name + example: Account Create + nullable: true + completed: + type: string + format: date-time + example: '2018-10-19T13:49:37.385Z' + description: The time at which the work item completed + nullable: true + numItems: + type: integer + format: int32 + description: The number of items in the work item + example: 19 + nullable: true + form: + allOf: + - type: object + properties: + id: + type: string + description: ID of the form + example: 2c9180835d2e5168015d32f890ca1581 + nullable: true + name: + type: string + description: Name of the form + example: AccountSelection Form + nullable: true + title: + type: string + description: The form title + example: Account Selection for John.Doe + subtitle: + type: string + description: The form subtitle. + example: Please select from the following + targetUser: + type: string + description: The name of the user that should be shown this form + example: Jane.Doe + sections: + type: array + items: + type: object + allOf: + - type: object + properties: + name: + type: string + description: Name of the FormItem + example: Field1 + - type: object + properties: + label: + type: string + description: Label of the section + example: Section 1 + formItems: + type: array + items: + type: object + description: List of FormItems. FormItems can be SectionDetails and/or FieldDetails + example: [] + description: Sections of the form + - nullable: true + errors: + type: array + items: + type: string + example: + - The work item ID that was specified was not found. + description: An array of errors that ocurred during the work item + WorkItemsCount: + type: object + properties: + count: + type: integer + description: The count of work items + example: 29 + WorkItemsSummary: + type: object + properties: + open: + type: integer + description: The count of open work items + example: 29 + completed: + type: integer + description: The count of completed work items + example: 1 + total: + type: integer + description: The count of total work items + example: 30 + AccountUsage: + type: object + properties: + date: + type: string + format: date + description: The first day of the month for which activity is aggregated. + example: '2023-04-21' + count: + type: integer + format: int64 + description: The number of days within the month that the account was active in a source. + example: 10 + SourceUsage: + type: object + properties: + date: + type: string + format: date + description: The first day of the month for which activity is aggregated. + example: '2023-04-21' + count: + type: number + format: float + description: 'The average number of days that accounts were active within this source, for the month.' + example: 10.45 + SourceUsageStatus: + type: object + properties: + status: + type: string + description: |- + Source Usage Status. Acceptable values are: + - COMPLETE + - This status means that an activity data source has been setup and usage insights are available for the source. + - INCOMPLETE + - This status means that an activity data source has not been setup and usage insights are not available for the source. + example: COMPLETE + enum: + - COMPLETE + - INCOMPLETE + BrandingItem: + type: object + properties: + name: + type: string + description: name of branding item + example: default + productName: + type: string + description: product name + example: product name + nullable: true + actionButtonColor: + type: string + description: hex value of color for action button + example: 0074D9 + nullable: true + activeLinkColor: + type: string + description: hex value of color for link + example: 011E69 + nullable: true + navigationColor: + type: string + description: hex value of color for navigation bar + example: 011E69 + nullable: true + emailFromAddress: + type: string + description: email from address + example: no-reply@sailpoint.com + nullable: true + standardLogoURL: + type: string + description: url to standard logo + example: '' + nullable: true + loginInformationalMessage: + type: string + description: login information message + example: '' + nullable: true + BrandingItemCreate: + type: object + required: + - name + - productName + properties: + name: + type: string + description: name of branding item + example: custom-branding-item + productName: + type: string + description: product name + example: product name + nullable: true + actionButtonColor: + type: string + description: hex value of color for action button + example: 0074D9 + activeLinkColor: + type: string + description: hex value of color for link + example: 011E69 + navigationColor: + type: string + description: hex value of color for navigation bar + example: 011E69 + emailFromAddress: + type: string + description: email from address + example: no-reply@sailpoint.com + loginInformationalMessage: + type: string + description: login information message + example: '' + fileStandard: + type: string + format: binary + description: png file with logo + example: \x00\x00\x00\x02 diff --git a/postman-script/update-by-folder-ts/index.ts b/postman-script/update-by-folder-ts/index.ts index 55769795..e8f675db 100644 --- a/postman-script/update-by-folder-ts/index.ts +++ b/postman-script/update-by-folder-ts/index.ts @@ -19,7 +19,9 @@ const postmanCollections = { betaPublic: '23226990-3b87172a-cd55-40a2-9ace-1560a1158a4e', betaLocation: '../../postman/collections/sailpoint-api-beta.json', nermPublic: '23226990-20d718e3-b9b3-43ad-850c-637b00864ae2', - nermLocation: '../../postman/collections/sailpoint-api-nerm.json' + nermLocation: '../../postman/collections/sailpoint-api-nerm.json', + v2024Public: '23226990-ed8adb96-7931-4c78-970d-d87da8aa05bd', + v2024Location: '../../postman/collections/sailpoint-api-v2024.json', } diff --git a/postman-script/update-by-folder-ts/package.json b/postman-script/update-by-folder-ts/package.json index 5fe20919..1cf50c74 100644 --- a/postman-script/update-by-folder-ts/package.json +++ b/postman-script/update-by-folder-ts/package.json @@ -7,6 +7,7 @@ "build": "tsc", "start": "tsc && node dist/index.js", "v3": "tsc && node dist/index.js v3", + "v2024": "tsc && node dist/index.js v2024", "beta": "tsc && node dist/index.js beta", "nerm": "tsc && node dist/index.js nerm" }, diff --git a/postman/collections/sailpoint-api-v2024.json b/postman/collections/sailpoint-api-v2024.json new file mode 100644 index 00000000..266ad19d --- /dev/null +++ b/postman/collections/sailpoint-api-v2024.json @@ -0,0 +1,300822 @@ +{ + "item": [ + { + "name": "Access Model Metadata", + "description": "Use this API to create and manage metadata attributes for your Access Model.\nAccess Model Metadata allows you to add contextual information to your ISC Access Model items using pre-defined metadata for risk, regulations, privacy levels, etc., or by creating your own metadata attributes to reflect the unique needs of your organization. This release of the API includes support for entitlement metadata. Support for role and access profile metadata will be introduced in a subsequent release.\n\nCommon usages for Access Model metadata include:\n\n- Organizing and categorizing access items to make it easier for your users to search for and find the access rights they want to request, certify, or manage.\n\n- Providing richer information about access that is being acted on to allow stakeholders to make better decisions when approving, certifying, or managing access rights.\n\n- Identifying access that may requires additional approval requirements or be subject to more frequent review.\n", + "item": [ + { + "id": "72a8a574-b54f-422e-9f67-9403f361f743", + "name": "List Access Model Metadata Attributes", + "request": { + "name": "List Access Model Metadata Attributes", + "description": { + "content": "Get a list of Access Model Metadata Attributes", + "type": "text/plain" + }, + "url": { + "path": [ + "access-model-metadata", + "attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq*\n\n**type**: *eq*\n\n**status**: *eq*\n\n**objectTypes**: *eq*\n\nSupported composite operators: *and*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Privacy\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "77cb2e3b-8f60-4b85-8af2-86714426048c", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq*\n\n**type**: *eq*\n\n**status**: *eq*\n\n**objectTypes**: *eq*\n\nSupported composite operators: *and*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Privacy\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"key\": \"iscPrivacy\",\n \"name\": \"Privacy\",\n \"multiselect\": false,\n \"status\": \"active\",\n \"type\": \"governance\",\n \"objectTypes\": [\n \"entitlement\"\n ],\n \"description\": \"Specifies the level of privacy associated with an access item.\",\n \"values\": [\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n },\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n }\n ]\n },\n {\n \"key\": \"iscPrivacy\",\n \"name\": \"Privacy\",\n \"multiselect\": false,\n \"status\": \"active\",\n \"type\": \"governance\",\n \"objectTypes\": [\n \"entitlement\"\n ],\n \"description\": \"Specifies the level of privacy associated with an access item.\",\n \"values\": [\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n },\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "52d3fabb-3df9-4107-bc9d-7dd208560420", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq*\n\n**type**: *eq*\n\n**status**: *eq*\n\n**objectTypes**: *eq*\n\nSupported composite operators: *and*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Privacy\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3419cc35-6053-458b-8418-f69942dd3e8f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq*\n\n**type**: *eq*\n\n**status**: *eq*\n\n**objectTypes**: *eq*\n\nSupported composite operators: *and*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Privacy\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b2d0d5b-9160-4f0e-9a79-9fd8a738d17a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq*\n\n**type**: *eq*\n\n**status**: *eq*\n\n**objectTypes**: *eq*\n\nSupported composite operators: *and*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Privacy\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f2f386e3-3675-4aad-aabe-d6e57c771b92", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq*\n\n**type**: *eq*\n\n**status**: *eq*\n\n**objectTypes**: *eq*\n\nSupported composite operators: *and*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Privacy\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "801c53e2-2fe8-4134-80ef-df2d5eddbea6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq*\n\n**type**: *eq*\n\n**status**: *eq*\n\n**objectTypes**: *eq*\n\nSupported composite operators: *and*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Privacy\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5a6603b5-d3b1-447a-8923-2d4c4466c482", + "name": "Get Access Model Metadata Attribute", + "request": { + "name": "Get Access Model Metadata Attribute", + "description": { + "content": "Get single Access Model Metadata Attribute", + "type": "text/plain" + }, + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "iscPrivacy", + "key": "key", + "disabled": true, + "description": { + "content": "(Required) Technical name of the Attribute.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c2c1844a-4609-4dd0-9042-2260231a6c3a", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"key\": \"iscPrivacy\",\n \"name\": \"Privacy\",\n \"multiselect\": false,\n \"status\": \"active\",\n \"type\": \"governance\",\n \"objectTypes\": [\n \"entitlement\"\n ],\n \"description\": \"Specifies the level of privacy associated with an access item.\",\n \"values\": [\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n },\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a995a2b-bdfc-40cd-bc54-950414acaac1", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d005b5e-6448-4f3e-8cf2-a954f3ba6ba3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "98c0eab5-0bdd-45df-9fc9-d81f43cdce70", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a443652d-269f-4058-8a5e-1eee4b2c8b46", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a70a9cd-d440-4422-b488-1026bbe62456", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8cf461c0-60e5-464c-9e3f-8a039c67c11c", + "name": "List Access Model Metadata Values", + "request": { + "name": "List Access Model Metadata Values", + "description": { + "content": "Get a list of Access Model Metadata Attribute Values", + "type": "text/plain" + }, + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "iscPrivacy", + "key": "key", + "disabled": true, + "description": { + "content": "(Required) Technical name of the Attribute.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "928a9381-8af2-46fb-bae9-793070f5777c", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n },\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5fc56ae2-93cf-4e1a-b9f9-ad96a7ea99dc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d1a5cfb0-c641-4615-84a1-e043e9dc4c5f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40489a06-35dc-4548-9f10-4314352ae8ba", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c6342aa7-d60f-472d-b97f-824b4f328fa0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "705bba32-9e4c-4239-9f21-74019b3c1a94", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a6c16b43-34af-4a7b-a5ce-c9eca729d5bf", + "name": "Get Access Model Metadata Value", + "request": { + "name": "Get Access Model Metadata Value", + "description": { + "content": "Get single Access Model Metadata Attribute Value", + "type": "text/plain" + }, + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values", + ":value" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "iscPrivacy", + "key": "key", + "disabled": true, + "description": { + "content": "(Required) Technical name of the Attribute.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "public", + "key": "value", + "disabled": true, + "description": { + "content": "(Required) Technical name of the Attribute value.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "88375f79-8993-4aeb-b72d-60aaf4f4f3c0", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values", + ":value" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e0f7bf1a-5df6-49ce-b5f0-efdc10ba2ff7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values", + ":value" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f3054bf-8a22-46c9-a46d-567027fd6607", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values", + ":value" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f83e105-7603-4ca2-a2d0-6c8a98b59c6c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values", + ":value" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5d3ff89-eb98-4e53-9934-6b7e0111e7d3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values", + ":value" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "31b5873c-80d0-458b-80a1-330c79681d4e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-model-metadata", + "attributes", + ":key", + "values", + ":value" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Access Profiles", + "description": "Use this API to implement and customize access profile functionality. \nWith this functionality in place, administrators can create access profiles and configure them for use throughout Identity Security Cloud, enabling users to get the access they need quickly and securely.\n\nAccess profiles group entitlements, which represent access rights on sources. \n\nFor example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization.\n\nAn administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement.\n\nWhen users only need Active Directory employee access, they can request access to the 'Employees' entitlement.\n\nWhen users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile.\n\nAccess profiles are the most important units of access in Identity Security Cloud. Identity Security Cloud uses access profiles in many features, including the following:\n\n- Provisioning: When you use the Provisioning Service, lifecycle states and roles both grant access to users in the form of access profiles.\n\n- Certifications: You can approve or revoke access profiles in certification campaigns, just like entitlements. \n\n- Access Requests: You can assign access profiles to applications, and when a user requests access to the app associated with an access profile and someone approves the request, access is granted to both the application and its associated access profile.\n\n- Roles: You can group one or more access profiles into a role to quickly assign access items based on an identity's role. \n\nIn Identity Security Cloud, administrators can use the Access drop-down menu and select Access Profiles to view, configure, and delete existing access profiles, as well as create new ones. \nAdministrators can enable and disable an access profile, and they can also make the following configurations: \n\n- Manage Entitlements: Manage the profile's access by adding and removing entitlements. \n\n- Access Requests: Configure access profiles to be requestable and establish an approval process for any requests that the access profile be granted or revoked. \nDo not configure an access profile to be requestable without first establishing a secure access request approval process for the access profile.\n\n- Multiple Account Options: Define the logic Identity Security Cloud uses to provision access to an identity with multiple accounts on the source. \n\nRefer to [Managing Access Profiles](https://documentation.sailpoint.com/saas/help/access/access-profiles.html) for more information about access profiles.\n", + "item": [ + { + "id": "6b37c211-1561-437d-9ab5-d08adf806c46", + "name": "List Access Profiles", + "request": { + "name": "List Access Profiles", + "description": { + "content": "Use this API to get a list of access profiles.\nA token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n>**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank. ", + "type": "text/plain" + }, + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID.\n\nA 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*\n\n**source.id**: *eq, in*\n\nComposite operators supported: *and, or*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"SailPoint Support\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "0fec0d15-eb69-46cf-82d1-d1614d87c7ee", + "name": "List of access profiles.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID.\n\nA 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*\n\n**source.id**: *eq, in*\n\nComposite operators supported: *and, or*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"SailPoint Support\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n },\n {\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d4ae30be-ffea-40cc-af44-4112413ee172", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID.\n\nA 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*\n\n**source.id**: *eq, in*\n\nComposite operators supported: *and, or*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"SailPoint Support\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75b010a5-8b5c-4fb1-b06e-ae2cea0965ae", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID.\n\nA 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*\n\n**source.id**: *eq, in*\n\nComposite operators supported: *and, or*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"SailPoint Support\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3a2e4de4-4516-48de-805f-a17825171f1e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID.\n\nA 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*\n\n**source.id**: *eq, in*\n\nComposite operators supported: *and, or*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"SailPoint Support\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ceaadbf0-4d08-48a6-9e6e-1431c5b49390", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID.\n\nA 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*\n\n**source.id**: *eq, in*\n\nComposite operators supported: *and, or*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"SailPoint Support\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cf630a21-c8cb-4ec9-9ecc-a78cf6f7c2d4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID.\n\nA 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "8c190e6787aa4ed9a90bd9d5344523fb" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*\n\n**source.id**: *eq, in*\n\nComposite operators supported: *and, or*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"SailPoint Support\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "df31373f-ea51-4837-af34-296935682416", + "name": "Create Access Profile", + "request": { + "name": "Create Access Profile", + "description": { + "content": "Use this API to create an access profile.\nA token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a token with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile's Source.\nThe maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles. However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "60b6889b-079f-499a-99bb-1ddfd833b6c2", + "name": "Access profile created.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55448680-4929-4576-bf15-8e17f0d71cb7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "61711734-2b7e-4917-b1f5-d50c7bfdd7e0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "50c416c0-647e-41c3-9bb8-23eacb72af28", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "27274bdc-e1b9-4588-9b16-441d1d2a54d0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cff1c50f-70e9-40e3-b4ea-806bbc939d17", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "84448c66-26a5-4b9b-8404-2c923c41cbb4", + "name": "Get an Access Profile", + "request": { + "name": "Get an Access Profile", + "description": { + "content": "This API returns an Access Profile by its ID.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180837ca6693d017ca8d097500149", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Access Profile", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e3c85f7c-3302-43ae-946a-e34b84cb7ea4", + "name": "An AccessProfile", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f68a7468-ee47-4b90-bd18-0192e52a39d8", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "41dff3f6-13a8-4a2a-af1c-abc852409004", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f9078988-fb72-4966-a1fc-83e3a8e41dd6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "66e78b34-91f1-453c-b9af-7cff196f195e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1049e4c5-714c-4659-89f8-cee23066d980", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "03ff9bbc-b5fd-4ec8-bfc4-82f6fcb1f59b", + "name": "Patch a specified Access Profile", + "request": { + "name": "Patch a specified Access Profile", + "description": { + "content": "This API updates an existing Access Profile. The following fields are patchable:\n\n**name**\n\n**description**\n\n**enabled**\n\n**owner**\n\n**requestable**\n\n**accessRequestConfig**\n\n**revokeRequestConfig**\n\n**segments**\n\n**entitlements**\n\n**provisioningCriteria**\n\n**source** (must be updated with entitlements belonging to new source in the same API call)\n\nIf you need to change the `source` of the access profile, you can do so only if you update the `entitlements` in the same API call. The new entitlements can only come from the target source that you want to change to. Look for the example \"Replace Source\" in the examples dropdown.\n\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a SOURCE_SUBADMIN may only use this API to patch Access Profiles which are associated with Sources they are able to administer.\n> The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles, however, any new access profiles as well as any updates to existing descriptions will be limited to 2000 characters.\n\n> You can only add or replace **entitlements** that exist on the source that the access profile is attached to. You can use the **list entitlements** endpoint with the **filters** query parameter to get a list of available entitlements on the access profile's source.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Access Profile to patch", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "29fc7410-8ddd-43a7-870e-53fe94e9cca6", + "name": "Add Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "78e08c48-e9c0-4714-b039-741bead71890", + "name": "Insert Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements/0\",\n \"value\": {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40169057-d4aa-43e1-8b3e-a3f20ea2f930", + "name": "Replace Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "10feaaab-92d0-4e21-99ed-441ec0a3f722", + "name": "Remove Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/entitlements/0\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c9476bbd-cbe5-4cd0-95ae-8994ed4fbc4a", + "name": "Replace Source", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/source\",\n \"value\": {\n \"id\": \"2c9180887671ff8c01767b4671fb7d5e\",\n \"type\": \"SOURCE\",\n \"name\": \"Employees\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180877677453d01767b4b08f63386\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"DevRel\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"name\": \"Employee-database-read-write\",\n \"source\": {\n \"id\": \"2c91809773dee3610173fdb0b6061ef4\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-SOURCE\"\n },\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"enabled\": true,\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"provisioningCriteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"CONTAINS\",\n \"value\": \"useast\"\n },\n {\n \"attribute\": \"manager\",\n \"operation\": \"CONTAINS\",\n \"value\": \"Scott.Clark\"\n }\n ]\n },\n {\n \"operation\": \"AND\",\n \"children\": [\n {\n \"attribute\": \"dn\",\n \"operation\": \"EQUALS\",\n \"value\": \"Gibson\"\n },\n {\n \"attribute\": \"telephoneNumber\",\n \"operation\": \"CONTAINS\",\n \"value\": \"512\"\n }\n ]\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "de082a03-3865-4bd5-aa98-8c7a13a56432", + "name": "Add Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c2f60ddf-a14d-4c3e-af96-06e966b0bc57", + "name": "Insert Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements/0\",\n \"value\": {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0fbee8c3-8e17-4306-89e0-86500b2c5674", + "name": "Replace Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e13c0d9-b783-46a9-8783-f0cd029068f9", + "name": "Remove Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/entitlements/0\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3d8ced5-8b7c-437a-88c9-34a8db4698cb", + "name": "Replace Source", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/source\",\n \"value\": {\n \"id\": \"2c9180887671ff8c01767b4671fb7d5e\",\n \"type\": \"SOURCE\",\n \"name\": \"Employees\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180877677453d01767b4b08f63386\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"DevRel\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ecb9fe31-79e4-44f5-86fb-789c4cde1363", + "name": "Add Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "723fd068-82a9-4ff3-9353-a11e6ee0f74c", + "name": "Insert Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements/0\",\n \"value\": {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a26f6e0e-b279-473a-96d0-5d553285e5bf", + "name": "Replace Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ee6067c6-6b7b-44b9-9805-a21b2d52ba2b", + "name": "Remove Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/entitlements/0\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1664c63-a632-4878-97cb-fd092121563e", + "name": "Replace Source", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/source\",\n \"value\": {\n \"id\": \"2c9180887671ff8c01767b4671fb7d5e\",\n \"type\": \"SOURCE\",\n \"name\": \"Employees\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180877677453d01767b4b08f63386\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"DevRel\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1203ad06-7a16-4fc5-8087-976cbaba7f40", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d1880432-9a20-4906-ad56-8382cdf11b37", + "name": "Insert Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements/0\",\n \"value\": {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1bce48bc-1b38-4681-a642-8e75b7f18741", + "name": "Replace Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "80865377-7cac-4b9f-8cb6-7e47416efb62", + "name": "Remove Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/entitlements/0\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9c6c109-cd7a-4871-9a80-0388cc71b6f9", + "name": "Replace Source", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/source\",\n \"value\": {\n \"id\": \"2c9180887671ff8c01767b4671fb7d5e\",\n \"type\": \"SOURCE\",\n \"name\": \"Employees\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180877677453d01767b4b08f63386\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"DevRel\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "956926ad-459f-4c87-895a-4b8bee668997", + "name": "Add Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fc422ed4-8fb2-4f02-bd29-0d41eaca5dc2", + "name": "Insert Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements/0\",\n \"value\": {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "364bfac8-fbfc-44e9-8a21-3e2c92417cb0", + "name": "Replace Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57f96888-9c28-4075-b0f4-c3d48f039b91", + "name": "Remove Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/entitlements/0\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "34f6f4ec-194e-4c87-a815-f8c7d84c8f88", + "name": "Replace Source", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/source\",\n \"value\": {\n \"id\": \"2c9180887671ff8c01767b4671fb7d5e\",\n \"type\": \"SOURCE\",\n \"name\": \"Employees\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180877677453d01767b4b08f63386\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"DevRel\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "de498c95-c664-4eba-916d-4f7b0705489e", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "61d943d6-fec5-417f-a3cd-1a799dadd373", + "name": "Insert Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/entitlements/0\",\n \"value\": {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9e280c79-9128-4b06-8b28-126121dbe89b", + "name": "Replace Entitlements", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180857725c14301772a93bb77242d\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"AD User Group\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc9d2bfc-5034-49d8-9d0a-8060a72d441d", + "name": "Remove Entitlement", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/entitlements/0\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1dbedc45-d121-42e7-8276-efe4014eebad", + "name": "Replace Source", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/source\",\n \"value\": {\n \"id\": \"2c9180887671ff8c01767b4671fb7d5e\",\n \"type\": \"SOURCE\",\n \"name\": \"Employees\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/entitlements\",\n \"value\": [\n {\n \"id\": \"2c9180877677453d01767b4b08f63386\",\n \"type\": \"ENTITLEMENT\",\n \"name\": \"DevRel\"\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "97ec902c-1677-4850-8e5b-9dd0d1082eb9", + "name": "Delete the specified Access Profile", + "request": { + "name": "Delete the specified Access Profile", + "description": { + "content": "This API deletes an existing Access Profile.\n\nThe Access Profile must not be in use, for example, Access Profile can not be deleted if they belong to an Application, Life Cycle State or a Role. If it is, a 400 error is returned.\n\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to invoke this API. In addition, a SOURCE_SUBADMIN token must be able to administer the Source associated with the Access Profile.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Access Profile to delete", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "ec674a05-6a26-4054-8773-d4d05dc2fbbc", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "d7686313-8b4c-4cb2-9a1f-646c87b3ae23", + "name": "Returned when an access profile cannot be deleted as it's being used.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.2.1.0 Object in use by another\",\n \"trackingId\": \"c9c1033c55b84ebc9e93e926dcf8b8b3\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The \\\"testAccessProfile\\\" access profile can't be deleted because it's in use.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "943d7390-0266-4c49-a6f2-b324908deb63", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1b6a38b6-7425-4b39-b173-edd5bbbca8f8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "182fd825-7a70-41a1-affb-0a6f1e7632d4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ff670f6e-e798-45b8-811a-89f5851aa121", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ae9d023c-67e3-4f53-8669-55de23ab4815", + "name": "Delete Access Profile(s)", + "request": { + "name": "Delete Access Profile(s)", + "description": { + "content": "This endpoint initiates a bulk deletion of one or more access profiles.\nWhen the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information. \nThis endpoint can only bulk delete up to a limit of 50 access profiles per request. \nBy default, if any of the indicated access profiles are in use, no deletions will be performed and the **inUse** field of the response indicates the usages that must be removed first. If the request field **bestEffortOnly** is **true**, however, usages are reported in the **inUse** response field but all other indicated access profiles will be deleted.\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this endpoint. In addition, a SOURCE_SUBADMIN can only use this endpoint to delete access profiles associated with sources they're able to administer.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"bestEffortOnly\": true,\n \"accessProfileIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "6efa5629-62af-4036-aca0-da70b024158b", + "name": "Returned only if **bestEffortOnly** is **false**, and one or more Access Profiles are in use.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"bestEffortOnly\": true,\n \"accessProfileIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"pending\": [],\n \"inUse\": [\n {\n \"accessProfileId\": \"2c91808876438ba801766e129f151816\",\n \"usages\": [\n {\n \"type\": \"Role\",\n \"id\": \"2c9180887643764201766e9f6e121518\"\n }\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "acc5cd4c-1864-4b8d-807b-3f6bc9063e11", + "name": "Returned if at least one deletion will be performed.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"bestEffortOnly\": true,\n \"accessProfileIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"taskId\": \"2c91808a7813090a01781412a1119a20\",\n \"pending\": [\n \"2c91808a7813090a017813fe1919ecca\"\n ],\n \"inUse\": [\n {\n \"accessProfileId\": \"2c91808876438ba801766e129f151816\",\n \"usages\": [\n {\n \"type\": \"Role\",\n \"id\": \"2c9180887643764201766e9f6e121518\"\n }\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d2ff49d5-1513-45ea-bf17-678a36f6541a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"bestEffortOnly\": true,\n \"accessProfileIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "30044a81-0a06-448e-be55-86fa58f494d4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"bestEffortOnly\": true,\n \"accessProfileIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "89f0e43e-2e0e-4ad4-a376-98a68dea0ad2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"bestEffortOnly\": true,\n \"accessProfileIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75d1c0ce-eae2-462a-a259-139eeb9deb08", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"bestEffortOnly\": true,\n \"accessProfileIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e686af6-0a34-4a9f-ade1-e02bb493d19f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"bestEffortOnly\": true,\n \"accessProfileIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "351b20bc-73f9-4202-85e6-88272e144603", + "name": "List Access Profile's Entitlements", + "request": { + "name": "List Access Profile's Entitlements", + "description": { + "content": "Use this API to get a list of an access profile's entitlements. \nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a token with SOURCE_SUBADMIN authority must have access to the source associated with the specified access profile.\n>**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank. ", + "type": "text/plain" + }, + "url": { + "path": [ + "access-profiles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the access profile containing the entitlements.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2ff106a3-0e57-414f-8991-74cac5fdb03f", + "name": "List of entitlements.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c91808874ff91550175097daaec161c\",\n \"name\": \"LauncherTest2\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"sourceSchemaObjectType\": \"group\",\n \"description\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"privileged\": true,\n \"cloudGoverned\": true,\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2020-10-08T18:33:52.029Z\",\n \"source\": {\n \"id\": \"2c9180827ca885d7017ca8ce28a000eb\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-Source\"\n },\n \"attributes\": {\n \"fieldName\": \"fieldValue\"\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"directPermissions\": [\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n },\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n }\n ]\n },\n {\n \"id\": \"2c91808874ff91550175097daaec161c\",\n \"name\": \"LauncherTest2\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"sourceSchemaObjectType\": \"group\",\n \"description\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"privileged\": true,\n \"cloudGoverned\": true,\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2020-10-08T18:33:52.029Z\",\n \"source\": {\n \"id\": \"2c9180827ca885d7017ca8ce28a000eb\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-Source\"\n },\n \"attributes\": {\n \"fieldName\": \"fieldValue\"\n },\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"directPermissions\": [\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n },\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5048f39-5336-47b5-b4c5-45e8851ee07f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1d6eadba-0833-4380-97d6-561875bf2486", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b7fa173b-8af8-4938-b8d7-aa2cd81ce4bf", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "da3b2892-d333-4e80-b7a6-ee6a34369ed1", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "77996ddb-1bc9-4e7c-ba7a-e95d099b0bfb", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*\n\nFiltering is not supported for access profiles and entitlements that have the '+' symbol in their names. ", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "79f54e28-022e-4c82-9493-2b300325dccf", + "name": "Update Access Profile(s) requestable field.", + "request": { + "name": "Update Access Profile(s) requestable field.", + "description": { + "content": "This API initiates a bulk update of field requestable for one or more Access Profiles.\n\n> If any of the indicated Access Profiles is exists in Organization,then those Access Profiles will be added in **updated**\n list of the response.Requestable field of these Access Profiles marked as **true** or **false**.\n\n> If any of the indicated Access Profiles is not does not exists in Organization,then those Access Profiles will be added in **notFound** list of the response. Access Profiles marked as **notFound** will not be updated.\n> A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a SOURCE_SUBADMIN may only use this API to update Access Profiles which are associated with Sources they are able to administer.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-profiles", + "bulk-update-requestable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"464ae7bf-791e-49fd-b746-06a2e4a89635\",\n \"requestable\": false\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "099ed6f6-4d8f-401a-b428-880a50447178", + "name": "List of updated and not updated Access Profiles.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-update-requestable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"464ae7bf-791e-49fd-b746-06a2e4a89635\",\n \"requestable\": false\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Multi-Status (WebDAV) (RFC 4918)", + "code": 207, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"464ae7bf-791e-49fd-b746-06a2e4a89635\",\n \"status\": \"201\",\n \"requestable\": false,\n \"description\": \"Access Profile updated successfully.\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5ef9e7c-e488-40e3-ab37-c1a2a358fd7c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-update-requestable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"464ae7bf-791e-49fd-b746-06a2e4a89635\",\n \"requestable\": false\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a3d3bd87-4bd4-4202-8420-bb783a80e0a6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-update-requestable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"464ae7bf-791e-49fd-b746-06a2e4a89635\",\n \"requestable\": false\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3cdc93f3-ef2c-4aac-a29f-7c0cb620c970", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-update-requestable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"464ae7bf-791e-49fd-b746-06a2e4a89635\",\n \"requestable\": false\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4075faee-7201-415e-a00c-d89b5253085c", + "name": "Precondition Failed - Returned in response if API/Feature not enabled for an organization.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-update-requestable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"464ae7bf-791e-49fd-b746-06a2e4a89635\",\n \"requestable\": false\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Precondition Failed", + "code": 412, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" API/Feature not enabled for your organization.\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fbb1de52-bed2-4df9-af32-3423d1a956c3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-update-requestable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"464ae7bf-791e-49fd-b746-06a2e4a89635\",\n \"requestable\": false\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "30aba3f1-394f-4127-a081-c25c7d6535af", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-profiles", + "bulk-update-requestable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"464ae7bf-791e-49fd-b746-06a2e4a89635\",\n \"requestable\": false\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Access Request Approvals", + "description": "Use this API to implement and customize access request approval functionality. \nWith this functionality in place, administrators can delegate qualified users to review users' requests for access or managers' requests to revoke team members' access to applications, entitlements, or roles. \nThis enables more qualified users to review access requests and the others to spend their time on other tasks. \n\nIn Identity Security Cloud, users can request access to applications, entitlements, and roles, and managers can request that team members' access be revoked. \nFor applications and entitlements, administrators can set access profiles to require approval from the access profile owner, the application owner, the source owner, the requesting user's manager, or a governance group for access to be granted or revoked. \nFor roles, administrators can also set roles to allow access requests and require approval from the role owner, the requesting user's manager, or a governance group for access to be granted or revoked. \nIf the administrator designates a governance group as the required approver, any governance group member can approve the requests.\n \nWhen a user submits an access request, Identity Security Cloud sends the first required approver in the queue an email notification, based on the access request configuration's approval and reminder escalation configuration.\n\nIn Approvals in Identity Security Cloud, required approvers can view pending access requests under the Requested tab and approve or deny them, or the approvers can reassign the requests to different reviewers for approval. \nIf the required approver approves the request and is the only reviewer required, Identity Security Cloud grants or revokes access, based on the request. \nIf multiple reviewers are required, Identity Security Cloud sends the request to the next reviewer in the queue, based on the access request configuration's approval reminder and escalation configuration. \nThe required approver can then view any completed access requests under the Reviewed tab. \n\nRefer to [Access Requests](https://documentation.sailpoint.com/saas/help/requests/index.html) for more information about access request approvals.\n", + "item": [ + { + "id": "63500f47-d7c0-4334-aae5-f761185528f2", + "name": "Pending Access Request Approvals List", + "request": { + "name": "Pending Access Request Approvals List", + "description": { + "content": "This endpoint returns a list of pending approvals. See \"owner-id\" query parameter below for authorization info.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-approvals", + "pending" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only pending approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**requestedFor.id**: *eq, in*\n\n**modified**: *gt, lt, ge, le, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c6c2667e-5f32-432e-a92d-ad981f2a440a", + "name": "List of Pending Approvals.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "pending" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only pending approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**requestedFor.id**: *eq, in*\n\n**modified**: *gt, lt, ge, le, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"id12345\",\n \"name\": \"aName\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-07-25T20:22:28.104Z\",\n \"requestCreated\": \"2017-07-11T18:45:35.098Z\",\n \"requestType\": \"GRANT_ACCESS\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20648\",\n \"name\": \"William Wilson\"\n },\n \"requestedFor\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c4180a46faadee4016fb4e018c20626\",\n \"name\": \"Robert Robinson\"\n }\n ],\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"requestedObject\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Applied Research Access\",\n \"description\": \"Access to research information, lab results, and schematics\",\n \"type\": \"ROLE\"\n },\n \"requesterComment\": {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n \"previousReviewersComments\": [\n {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n }\n ],\n \"forwardHistory\": [\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ],\n \"commentRequiredWhenRejected\": true,\n \"actionInProcess\": \"APPROVED\",\n \"removeDate\": \"2020-07-11T00:00:00Z\",\n \"removeDateUpdateRequested\": true,\n \"currentRemoveDate\": \"2020-07-11T00:00:00Z\",\n \"sodViolationContext\": {\n \"state\": \"SUCCESS\",\n \"uuid\": \"f73d16e9-a038-46c5-b217-1246e15fdbdd\",\n \"violationCheckResult\": {\n \"message\": {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"violationContexts\": [\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n },\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n }\n ],\n \"violatedPolicies\": [\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n }\n ]\n }\n }\n },\n {\n \"id\": \"id12345\",\n \"name\": \"aName\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-07-25T20:22:28.104Z\",\n \"requestCreated\": \"2017-07-11T18:45:35.098Z\",\n \"requestType\": \"GRANT_ACCESS\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20648\",\n \"name\": \"William Wilson\"\n },\n \"requestedFor\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c4180a46faadee4016fb4e018c20626\",\n \"name\": \"Robert Robinson\"\n }\n ],\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"requestedObject\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Applied Research Access\",\n \"description\": \"Access to research information, lab results, and schematics\",\n \"type\": \"ROLE\"\n },\n \"requesterComment\": {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n \"previousReviewersComments\": [\n {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n }\n ],\n \"forwardHistory\": [\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ],\n \"commentRequiredWhenRejected\": true,\n \"actionInProcess\": \"APPROVED\",\n \"removeDate\": \"2020-07-11T00:00:00Z\",\n \"removeDateUpdateRequested\": true,\n \"currentRemoveDate\": \"2020-07-11T00:00:00Z\",\n \"sodViolationContext\": {\n \"state\": \"SUCCESS\",\n \"uuid\": \"f73d16e9-a038-46c5-b217-1246e15fdbdd\",\n \"violationCheckResult\": {\n \"message\": {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"violationContexts\": [\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n },\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n }\n ],\n \"violatedPolicies\": [\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n }\n ]\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "585d15e8-b7db-4a28-8003-5ab82a97f479", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "pending" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only pending approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**requestedFor.id**: *eq, in*\n\n**modified**: *gt, lt, ge, le, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "82d2feef-83b3-4d7d-8f6e-43d5bb328a3e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "pending" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only pending approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**requestedFor.id**: *eq, in*\n\n**modified**: *gt, lt, ge, le, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e7a01a68-e107-41ad-abcb-d9167f3b7c72", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "pending" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only pending approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**requestedFor.id**: *eq, in*\n\n**modified**: *gt, lt, ge, le, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "185edcaf-63bc-4507-aa0a-d13431edc07d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "pending" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only pending approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**requestedFor.id**: *eq, in*\n\n**modified**: *gt, lt, ge, le, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "66ce17c2-3cf1-47e5-a569-da51d29dc94f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "pending" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only pending approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**requestedFor.id**: *eq, in*\n\n**modified**: *gt, lt, ge, le, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "dce4db41-0062-4219-9500-79ca5b1361d4", + "name": "Completed Access Request Approvals List", + "request": { + "name": "Completed Access Request Approvals List", + "description": { + "content": "This endpoint returns list of completed approvals. See *owner-id* query parameter below for authorization info.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-approvals", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only completed approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "babe15fd-35ae-4e00-81d9-7fcb4b3d91b1", + "name": "List of Completed Approvals.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only completed approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"id12345\",\n \"name\": \"aName\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-07-25T20:22:28.104Z\",\n \"requestCreated\": \"2017-07-11T18:45:35.098Z\",\n \"requestType\": \"GRANT_ACCESS\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20648\",\n \"name\": \"William Wilson\"\n },\n \"requestedFor\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"reviewedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"requestedObject\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Applied Research Access\",\n \"description\": \"Access to research information, lab results, and schematics\",\n \"type\": \"ROLE\"\n },\n \"requesterComment\": {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n \"reviewerComment\": {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n \"previousReviewersComments\": [\n {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n }\n ],\n \"forwardHistory\": [\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ],\n \"commentRequiredWhenRejected\": true,\n \"state\": \"APPROVED\",\n \"removeDate\": \"2020-07-11T00:00:00Z\",\n \"removeDateUpdateRequested\": true,\n \"currentRemoveDate\": \"2020-07-11T00:00:00Z\",\n \"sodViolationContext\": {\n \"state\": \"SUCCESS\",\n \"uuid\": \"f73d16e9-a038-46c5-b217-1246e15fdbdd\",\n \"violationCheckResult\": {\n \"message\": {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"violationContexts\": [\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n },\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n }\n ],\n \"violatedPolicies\": [\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n }\n ]\n }\n },\n \"preApprovalTriggerResult\": {\n \"comment\": \"This request was autoapproved by our automated ETS subscriber\",\n \"decision\": \"APPROVED\",\n \"reviewer\": \"Automated AR Approval\",\n \"date\": \"2022-06-07T19:18:40.748Z\"\n },\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n }\n },\n {\n \"id\": \"id12345\",\n \"name\": \"aName\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-07-25T20:22:28.104Z\",\n \"requestCreated\": \"2017-07-11T18:45:35.098Z\",\n \"requestType\": \"GRANT_ACCESS\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20648\",\n \"name\": \"William Wilson\"\n },\n \"requestedFor\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"reviewedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"requestedObject\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Applied Research Access\",\n \"description\": \"Access to research information, lab results, and schematics\",\n \"type\": \"ROLE\"\n },\n \"requesterComment\": {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n \"reviewerComment\": {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n \"previousReviewersComments\": [\n {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n }\n ],\n \"forwardHistory\": [\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ],\n \"commentRequiredWhenRejected\": true,\n \"state\": \"APPROVED\",\n \"removeDate\": \"2020-07-11T00:00:00Z\",\n \"removeDateUpdateRequested\": true,\n \"currentRemoveDate\": \"2020-07-11T00:00:00Z\",\n \"sodViolationContext\": {\n \"state\": \"SUCCESS\",\n \"uuid\": \"f73d16e9-a038-46c5-b217-1246e15fdbdd\",\n \"violationCheckResult\": {\n \"message\": {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"violationContexts\": [\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n },\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n }\n ],\n \"violatedPolicies\": [\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n }\n ]\n }\n },\n \"preApprovalTriggerResult\": {\n \"comment\": \"This request was autoapproved by our automated ETS subscriber\",\n \"decision\": \"APPROVED\",\n \"reviewer\": \"Automated AR Approval\",\n \"date\": \"2022-06-07T19:18:40.748Z\"\n },\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc6cd9eb-724d-443d-8953-3df8aa269189", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only completed approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "76ab85d0-13b3-4253-b031-924c197e77a6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only completed approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70696400-df43-4f99-aa50-d21c7f52adb7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only completed approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3481f354-a4c4-4dd4-be2f-7d7701ba28c9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only completed approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0c38793f-e65f-4e99-9667-dc07e385b3dc", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only completed approvals for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN users can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non-ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"2c91808568c529c60168cca6f90c1313\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8f6dc604-0f62-44a6-bdd1-58a33de59bac", + "name": "Approve Access Request Approval", + "request": { + "name": "Approve Access Request Approval", + "description": { + "content": "Use this endpoint to approve an access request approval. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808b7294bea301729568c68c002e", + "key": "approvalId", + "disabled": true, + "description": { + "content": "(Required) Approval ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d039b03b-1bce-4657-8f91-5d23def22bdf", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "de574b6c-b21b-4456-901b-b6e384dc057d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bedc061f-72a2-477e-af8c-6e55e4f5264c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f268a323-44e2-4a0b-a50e-4961e3f55b90", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cb11c2a6-30e4-4ed4-bce3-8db523e18a4e", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d6e4b431-e03a-4f25-99ee-6ce2e9f8968e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b41daa41-af97-4413-8dda-0ab6751f45c8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "cf4051e6-8e3a-4b4f-888e-6210b1fda511", + "name": "Reject Access Request Approval", + "request": { + "name": "Reject Access Request Approval", + "description": { + "content": "Use this API to reject an access request approval. Only the owner of the approval and admin users are allowed to perform this action.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808b7294bea301729568c68c002e", + "key": "approvalId", + "disabled": true, + "description": { + "content": "(Required) Approval ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "15c91848-b754-4628-a537-c950baacc14e", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f85898d-e6b2-486a-8879-285de92a97b0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af28f146-1a23-4148-b726-10df90cc2929", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3fc44780-d2bd-4def-9bdb-71598c9308d3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "577476d3-f4a5-4731-8766-2447e01172fa", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c570866b-1877-4086-80be-c76c2dc77686", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9e9d8a1e-4cb4-4701-adab-183c66b3185f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "74a0ea12-29cd-4b70-b881-46500dec9ff6", + "name": "Forward Access Request Approval", + "request": { + "name": "Forward Access Request Approval", + "description": { + "content": "Use this API to forward an access request approval to a new owner. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808b7294bea301729568c68c002e", + "key": "approvalId", + "disabled": true, + "description": { + "content": "(Required) Approval ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newOwnerId\": \"2c91808568c529c60168cca6f90c1314\",\n \"comment\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "37e4104c-098c-4019-b2ca-3b9a6e1ea3d1", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newOwnerId\": \"2c91808568c529c60168cca6f90c1314\",\n \"comment\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2557f498-1163-4569-b7d1-c1483639067d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newOwnerId\": \"2c91808568c529c60168cca6f90c1314\",\n \"comment\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df5eb287-3638-4237-8b39-f9e95088512c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newOwnerId\": \"2c91808568c529c60168cca6f90c1314\",\n \"comment\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e448d08f-2dd7-46d6-93e0-007129bd62b8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newOwnerId\": \"2c91808568c529c60168cca6f90c1314\",\n \"comment\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "da34f931-01a4-4d47-ac8a-35f0663beccd", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newOwnerId\": \"2c91808568c529c60168cca6f90c1314\",\n \"comment\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d90f6d1d-5476-44ad-873b-a89f281729da", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newOwnerId\": \"2c91808568c529c60168cca6f90c1314\",\n \"comment\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "adcb94d6-7240-4e19-8e50-255418fe8e01", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + ":approvalId", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newOwnerId\": \"2c91808568c529c60168cca6f90c1314\",\n \"comment\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "67989754-59aa-44fb-99c3-f5ca3584a7ab", + "name": "Get Access Requests Approvals Number", + "request": { + "name": "Get Access Requests Approvals Number", + "description": { + "content": "Use this API to return the number of pending, approved and rejected access requests approvals. See the \"owner-id\" query parameter for authorization information. info.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-approvals", + "approval-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN user can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.", + "type": "text/plain" + }, + "key": "from-date", + "value": "from-date=2020-03-19T19:59:11Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b24d790e-c856-486f-9e22-673efd57dc39", + "name": "Number of pending, approved, rejected access request approvals.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "approval-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN user can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.", + "type": "text/plain" + }, + "key": "from-date", + "value": "from-date=2020-03-19T19:59:11Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"pending\": 0,\n \"approved\": 0,\n \"rejected\": 0\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "208b93d9-de9f-4212-b973-35dc3a4dab3c", + "name": "Client Error - Returned if the query parameter is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "approval-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN user can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.", + "type": "text/plain" + }, + "key": "from-date", + "value": "from-date=2020-03-19T19:59:11Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc6ff0d4-d6e7-41de-8a69-ef109f4ad096", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "approval-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN user can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.", + "type": "text/plain" + }, + "key": "from-date", + "value": "from-date=2020-03-19T19:59:11Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17ff2eb1-f2c9-45f2-a771-b6df1e0af7dd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "approval-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN user can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.", + "type": "text/plain" + }, + "key": "from-date", + "value": "from-date=2020-03-19T19:59:11Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8bb3b148-4394-438e-9609-3631b6876bb5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "approval-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN user can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.", + "type": "text/plain" + }, + "key": "from-date", + "value": "from-date=2020-03-19T19:59:11Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "309d1cb7-1520-48f0-90d6-6027d65162d3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-approvals", + "approval-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity.\n * ORG_ADMIN users can call this with any identity ID value.\n * ORG_ADMIN user can also fetch all the approvals in the org, when\nowner-id is not used.\n * Non ORG_ADMIN users can only specify *me* or pass their own\nidentity ID value.", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.", + "type": "text/plain" + }, + "key": "from-date", + "value": "from-date=2020-03-19T19:59:11Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Access Request Identity Metrics", + "description": "Use this API to implement access request identity metrics functionality.\nWith this functionality in place, access request reviewers can see relevant details about the requested access item and associated source activity. \nThis allows reviewers to see how many of the identities who share a manager with the access requester have this same type of access and how many of them have had activity in the related source. \nThis additional context about whether the access has been granted before and how often it has been used can help those approving access requests make more informed decisions.\n", + "item": [ + { + "id": "5293aa5d-2dca-45a5-9dcd-061feb76739b", + "name": "Return access request identity metrics", + "request": { + "name": "Return access request identity metrics", + "description": { + "content": "Use this API to return information access metrics.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-identity-metrics", + ":identityId", + "requested-objects", + ":requestedObjectId", + "type", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "7025c863-c270-4ba6-beea-edf3cb091573", + "key": "identityId", + "disabled": true, + "description": { + "content": "(Required) Manager's identity ID.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2db501be-f0fb-4cc5-a695-334133c52891", + "key": "requestedObjectId", + "disabled": true, + "description": { + "content": "(Required) Requested access item's ID.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ENTITLEMENT", + "key": "type", + "disabled": true, + "description": { + "content": "(Required) Requested access item's type.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ba93390c-ab71-4002-a253-d27e29de6d49", + "name": "Summary of the resource access and source activity for the direct reports of the provided manager.", + "originalRequest": { + "url": { + "path": [ + "access-request-identity-metrics", + ":identityId", + "requested-objects", + ":requestedObjectId", + "type", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70b79ec2-4312-44a4-8106-69a36a545476", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-identity-metrics", + ":identityId", + "requested-objects", + ":requestedObjectId", + "type", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2e695a64-dc06-4edc-a086-e1ffaa73ba07", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-identity-metrics", + ":identityId", + "requested-objects", + ":requestedObjectId", + "type", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e90232a-a14e-4b68-bc2d-d916b1489ec0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-identity-metrics", + ":identityId", + "requested-objects", + ":requestedObjectId", + "type", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba70e921-ba0c-4fa1-bbea-957c0b5105a3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-identity-metrics", + ":identityId", + "requested-objects", + ":requestedObjectId", + "type", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7bf4cc77-291c-487b-a235-07e733bc54b8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-identity-metrics", + ":identityId", + "requested-objects", + ":requestedObjectId", + "type", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Access Requests", + "description": "Use this API to implement and customize access request functionality. \nWith this functionality in place, users can request access to applications, entitlements, or roles, and managers can request that team members' access be revoked.\nThis allows users to get access to the tools they need quickly and securely, and it allows managers to take away access to those tools. \n\nIdentity Security Cloud's Access Request service allows end users to request access that requires approval before it can be granted to users and enables qualified users to review those requests and approve or deny them.\n\nIn the Request Center in Identity Security Cloud, users can view available applications, roles, and entitlements and request access to them. \nIf the requested tools requires approval, the requests appear as 'Pending' under the My Requests tab until the required approver approves, rejects, or cancels them. \n\nUsers can use My Requests to track and/or cancel the requests.\n\nIn My Team on the Identity Security Cloud Home, managers can submit requests to revoke their team members' access. \nThey can use the My Requests tab under Request Center to track and/or cancel the requests.\n\nRefer to [Requesting Access](https://documentation.sailpoint.com/saas/user-help/requests/requesting_access.html) for more information about access requests.\n", + "item": [ + { + "id": "38db3b78-95f4-4366-9071-279b3857b332", + "name": "Submit Access Request", + "request": { + "name": "Submit Access Request", + "description": { + "content": "Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.\n\nAccess requests are processed asynchronously by ISC. A successful response from this endpoint means that the request\nhas been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn't return an error\nif you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.\n\nIt's best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can\nbe accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also\nuse the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting\nan access request to ensure that you aren't requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request. \nThese ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.\n\nThere are two types of access request:\n\n__GRANT_ACCESS__\n* Can be requested for multiple identities in a single request.\n* Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. \n* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.\n* Roles, access profiles and entitlements can be requested.\n* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.\n \n__REVOKE_ACCESS__\n* Can only be requested for a single identity at a time.\n* You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. \n* Does not support self request. Only manager can request to revoke access for their directly managed employees.\n* If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements.\n* Roles, access profiles, and entitlements can be requested for revocation.\n* Revoke requests for entitlements are limited to 1 entitlement per access request currently.\n* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone. \n* Allows a manager to request to revoke access for direct employees. A token with ORG_ADMIN authority can also request to revoke access from anyone.\n\nA token with API authority cannot be used to call this endpoint. \n", + "type": "text/plain" + }, + "url": { + "path": [ + "access-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requestedFor\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210584\"\n ],\n \"requestedItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\",\n \"comment\": \"Requesting access profile for John Doe\",\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"removeDate\": \"2020-07-11T21:23:15.000Z\"\n }\n ],\n \"requestType\": \"GRANT_ACCESS\",\n \"clientMetadata\": {\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\",\n \"requestedAppName\": \"test-app\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "c9e8af5c-52d0-4e09-a68c-ef511bb8a208", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "access-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requestedFor\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210584\"\n ],\n \"requestedItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\",\n \"comment\": \"Requesting access profile for John Doe\",\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"removeDate\": \"2020-07-11T21:23:15.000Z\"\n }\n ],\n \"requestType\": \"GRANT_ACCESS\",\n \"clientMetadata\": {\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\",\n \"requestedAppName\": \"test-app\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1bcf5987-78e9-4c12-aff8-69d4fd0f0969", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requestedFor\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210584\"\n ],\n \"requestedItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\",\n \"comment\": \"Requesting access profile for John Doe\",\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"removeDate\": \"2020-07-11T21:23:15.000Z\"\n }\n ],\n \"requestType\": \"GRANT_ACCESS\",\n \"clientMetadata\": {\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\",\n \"requestedAppName\": \"test-app\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7069cdd2-c2d2-4f01-b8ee-b3beedc15fd2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requestedFor\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210584\"\n ],\n \"requestedItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\",\n \"comment\": \"Requesting access profile for John Doe\",\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"removeDate\": \"2020-07-11T21:23:15.000Z\"\n }\n ],\n \"requestType\": \"GRANT_ACCESS\",\n \"clientMetadata\": {\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\",\n \"requestedAppName\": \"test-app\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3d634b7c-3999-48c8-ac4c-5747acb1774d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requestedFor\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210584\"\n ],\n \"requestedItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\",\n \"comment\": \"Requesting access profile for John Doe\",\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"removeDate\": \"2020-07-11T21:23:15.000Z\"\n }\n ],\n \"requestType\": \"GRANT_ACCESS\",\n \"clientMetadata\": {\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\",\n \"requestedAppName\": \"test-app\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be18e5b7-519c-42fc-8aac-d09337844d33", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requestedFor\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210584\"\n ],\n \"requestedItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\",\n \"comment\": \"Requesting access profile for John Doe\",\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"removeDate\": \"2020-07-11T21:23:15.000Z\"\n }\n ],\n \"requestType\": \"GRANT_ACCESS\",\n \"clientMetadata\": {\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\",\n \"requestedAppName\": \"test-app\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5ae49d0-3c5c-495a-a326-6eafc13c43d5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requestedFor\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210584\"\n ],\n \"requestedItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\",\n \"comment\": \"Requesting access profile for John Doe\",\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"removeDate\": \"2020-07-11T21:23:15.000Z\"\n }\n ],\n \"requestType\": \"GRANT_ACCESS\",\n \"clientMetadata\": {\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\",\n \"requestedAppName\": \"test-app\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3f8b3c51-4288-4ab8-82da-dbaae8aa3b51", + "name": "Cancel Access Request", + "request": { + "name": "Cancel Access Request", + "description": { + "content": "This API endpoint cancels a pending access request. An access request can be cancelled only if it has not passed the approval step.\nAny token with ORG_ADMIN authority or token of the user who originally requested the access request is required to cancel it.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-requests", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountActivityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"comment\": \"I requested this role by mistake.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "0ef5f097-1d99-447c-9f10-3deb1491983b", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountActivityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"comment\": \"I requested this role by mistake.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd064ca2-098c-4efd-9af4-92a7709c27b5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountActivityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"comment\": \"I requested this role by mistake.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "963bfcab-e3e1-4495-a1f2-9e74f50f4819", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountActivityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"comment\": \"I requested this role by mistake.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fc406de6-f649-4df4-bb93-9b46ce1e32bc", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountActivityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"comment\": \"I requested this role by mistake.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6c7da02b-4d21-41a7-9a71-cb928df02541", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountActivityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"comment\": \"I requested this role by mistake.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b641abf7-277e-45cd-adc8-510aee4d4aa8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountActivityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"comment\": \"I requested this role by mistake.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3cad566-8f02-4f37-b078-578aed833de8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountActivityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"comment\": \"I requested this role by mistake.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7352e855-efe6-4b31-96d5-2671cadb9979", + "name": "Get Access Request Configuration", + "request": { + "name": "Get Access Request Configuration", + "description": { + "content": "This endpoint returns the current access-request configuration.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b345ae0a-a9f9-4bb2-a00a-9434f916b850", + "name": "Access Request Configuration Details.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"approvalsMustBeExternal\": true,\n \"autoApprovalEnabled\": true,\n \"requestOnBehalfOfConfig\": {\n \"allowRequestOnBehalfOfAnyoneByAnyone\": true,\n \"allowRequestOnBehalfOfEmployeeByManager\": true\n },\n \"approvalReminderAndEscalationConfig\": {\n \"daysUntilEscalation\": 0,\n \"daysBetweenReminders\": 0,\n \"maxReminders\": 1,\n \"fallbackApproverRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n },\n \"entitlementRequestConfig\": {\n \"allowEntitlementRequest\": true,\n \"requestCommentsRequired\": false,\n \"deniedCommentsRequired\": false,\n \"grantRequestApprovalSchemes\": \"entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af2e2af0-0fa3-4d08-be6d-fb479dd431aa", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2cd20710-50b7-4b1b-89e5-0a95171373b8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "668ad5f1-c49c-40f5-ba93-04be07f6bb08", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "664fea4d-e3a3-489b-8334-ad44401d2c5f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70b85fe9-d41a-4bc3-80d9-a37afaef0453", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "575963e1-5c3d-46bb-a960-3dc09197291b", + "name": "Update Access Request Configuration", + "request": { + "name": "Update Access Request Configuration", + "description": { + "content": "This endpoint replaces the current access-request configuration.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"approvalsMustBeExternal\": true,\n \"autoApprovalEnabled\": true,\n \"requestOnBehalfOfConfig\": {\n \"allowRequestOnBehalfOfAnyoneByAnyone\": true,\n \"allowRequestOnBehalfOfEmployeeByManager\": true\n },\n \"approvalReminderAndEscalationConfig\": {\n \"daysUntilEscalation\": 0,\n \"daysBetweenReminders\": 0,\n \"maxReminders\": 1,\n \"fallbackApproverRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n },\n \"entitlementRequestConfig\": {\n \"allowEntitlementRequest\": true,\n \"requestCommentsRequired\": false,\n \"deniedCommentsRequired\": false,\n \"grantRequestApprovalSchemes\": \"entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "c681d741-9b2f-45ad-ad86-335a6b04f381", + "name": "Access Request Configuration Details.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"approvalsMustBeExternal\": true,\n \"autoApprovalEnabled\": true,\n \"requestOnBehalfOfConfig\": {\n \"allowRequestOnBehalfOfAnyoneByAnyone\": true,\n \"allowRequestOnBehalfOfEmployeeByManager\": true\n },\n \"approvalReminderAndEscalationConfig\": {\n \"daysUntilEscalation\": 0,\n \"daysBetweenReminders\": 0,\n \"maxReminders\": 1,\n \"fallbackApproverRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n },\n \"entitlementRequestConfig\": {\n \"allowEntitlementRequest\": true,\n \"requestCommentsRequired\": false,\n \"deniedCommentsRequired\": false,\n \"grantRequestApprovalSchemes\": \"entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"approvalsMustBeExternal\": true,\n \"autoApprovalEnabled\": true,\n \"requestOnBehalfOfConfig\": {\n \"allowRequestOnBehalfOfAnyoneByAnyone\": true,\n \"allowRequestOnBehalfOfEmployeeByManager\": true\n },\n \"approvalReminderAndEscalationConfig\": {\n \"daysUntilEscalation\": 0,\n \"daysBetweenReminders\": 0,\n \"maxReminders\": 1,\n \"fallbackApproverRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n },\n \"entitlementRequestConfig\": {\n \"allowEntitlementRequest\": true,\n \"requestCommentsRequired\": false,\n \"deniedCommentsRequired\": false,\n \"grantRequestApprovalSchemes\": \"entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d0ee5b8-6bc7-42dc-8a5f-6ef0ca6bfd9e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"approvalsMustBeExternal\": true,\n \"autoApprovalEnabled\": true,\n \"requestOnBehalfOfConfig\": {\n \"allowRequestOnBehalfOfAnyoneByAnyone\": true,\n \"allowRequestOnBehalfOfEmployeeByManager\": true\n },\n \"approvalReminderAndEscalationConfig\": {\n \"daysUntilEscalation\": 0,\n \"daysBetweenReminders\": 0,\n \"maxReminders\": 1,\n \"fallbackApproverRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n },\n \"entitlementRequestConfig\": {\n \"allowEntitlementRequest\": true,\n \"requestCommentsRequired\": false,\n \"deniedCommentsRequired\": false,\n \"grantRequestApprovalSchemes\": \"entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9f102692-f5c2-440e-a930-bb95d333dc05", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"approvalsMustBeExternal\": true,\n \"autoApprovalEnabled\": true,\n \"requestOnBehalfOfConfig\": {\n \"allowRequestOnBehalfOfAnyoneByAnyone\": true,\n \"allowRequestOnBehalfOfEmployeeByManager\": true\n },\n \"approvalReminderAndEscalationConfig\": {\n \"daysUntilEscalation\": 0,\n \"daysBetweenReminders\": 0,\n \"maxReminders\": 1,\n \"fallbackApproverRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n },\n \"entitlementRequestConfig\": {\n \"allowEntitlementRequest\": true,\n \"requestCommentsRequired\": false,\n \"deniedCommentsRequired\": false,\n \"grantRequestApprovalSchemes\": \"entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe19f0cd-010e-407a-ba6f-a7189203be97", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"approvalsMustBeExternal\": true,\n \"autoApprovalEnabled\": true,\n \"requestOnBehalfOfConfig\": {\n \"allowRequestOnBehalfOfAnyoneByAnyone\": true,\n \"allowRequestOnBehalfOfEmployeeByManager\": true\n },\n \"approvalReminderAndEscalationConfig\": {\n \"daysUntilEscalation\": 0,\n \"daysBetweenReminders\": 0,\n \"maxReminders\": 1,\n \"fallbackApproverRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n },\n \"entitlementRequestConfig\": {\n \"allowEntitlementRequest\": true,\n \"requestCommentsRequired\": false,\n \"deniedCommentsRequired\": false,\n \"grantRequestApprovalSchemes\": \"entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a4f42c5-8a7a-4559-a1f7-7aa2de459bc7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"approvalsMustBeExternal\": true,\n \"autoApprovalEnabled\": true,\n \"requestOnBehalfOfConfig\": {\n \"allowRequestOnBehalfOfAnyoneByAnyone\": true,\n \"allowRequestOnBehalfOfEmployeeByManager\": true\n },\n \"approvalReminderAndEscalationConfig\": {\n \"daysUntilEscalation\": 0,\n \"daysBetweenReminders\": 0,\n \"maxReminders\": 1,\n \"fallbackApproverRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n },\n \"entitlementRequestConfig\": {\n \"allowEntitlementRequest\": true,\n \"requestCommentsRequired\": false,\n \"deniedCommentsRequired\": false,\n \"grantRequestApprovalSchemes\": \"entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6aa1a579-7985-4a96-ac51-d3e9d82b87a5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"approvalsMustBeExternal\": true,\n \"autoApprovalEnabled\": true,\n \"requestOnBehalfOfConfig\": {\n \"allowRequestOnBehalfOfAnyoneByAnyone\": true,\n \"allowRequestOnBehalfOfEmployeeByManager\": true\n },\n \"approvalReminderAndEscalationConfig\": {\n \"daysUntilEscalation\": 0,\n \"daysBetweenReminders\": 0,\n \"maxReminders\": 1,\n \"fallbackApproverRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n },\n \"entitlementRequestConfig\": {\n \"allowEntitlementRequest\": true,\n \"requestCommentsRequired\": false,\n \"deniedCommentsRequired\": false,\n \"grantRequestApprovalSchemes\": \"entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "fc2e8c6e-3f11-44b2-a667-fa629e690c25", + "name": "Access Request Status", + "request": { + "name": "Access Request Status", + "description": { + "content": "Use this API to return a list of access request statuses based on the specified query parameters.\nIf an access request was made for access that an identity already has, the API ignores the access request. These ignored requests do not display in the list of access request statuses.\nAny token with any authority can request their own status. A token with ORG_ADMIN authority is required to call this API to get a list of statuses for other users.", + "type": "text/plain" + }, + "url": { + "path": [ + "access-request-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the identity twho made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "assigned-to", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.", + "type": "text/plain" + }, + "key": "count", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "100" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.", + "type": "text/plain" + }, + "key": "offset", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "accountActivityItemId eq \"2c918086771c86df0177401efcdf54c0\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified, accountActivityItemId, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7d5308fb-977e-4632-b8bd-9f6d830a658d", + "name": "List of requested item statuses.", + "originalRequest": { + "url": { + "path": [ + "access-request-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the identity twho made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "assigned-to", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.", + "type": "text/plain" + }, + "key": "count", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "100" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.", + "type": "text/plain" + }, + "key": "offset", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "accountActivityItemId eq \"2c918086771c86df0177401efcdf54c0\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified, accountActivityItemId, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"AccessProfile1\",\n \"type\": \"ACCESS_PROFILE\",\n \"cancelledRequestDetails\": {\n \"comment\": \"This request must be cancelled.\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"modified\": \"2019-12-20T09:17:12.192Z\"\n },\n \"errorMessages\": [\n [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n ],\n \"state\": \"EXECUTING\",\n \"approvalDetails\": [\n {\n \"forwarded\": false,\n \"originalOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"currentOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"status\": \"PENDING\",\n \"scheme\": \"MANAGER\",\n \"errorMessages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"comment\": \"I approve this request\",\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n },\n {\n \"forwarded\": false,\n \"originalOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"currentOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"status\": \"PENDING\",\n \"scheme\": \"MANAGER\",\n \"errorMessages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"comment\": \"I approve this request\",\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n }\n ],\n \"manualWorkItemDetails\": [\n {\n \"forwarded\": true,\n \"originalOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"currentOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"status\": \"PENDING\",\n \"forwardHistory\": [\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ]\n },\n {\n \"forwarded\": true,\n \"originalOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"currentOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"status\": \"PENDING\",\n \"forwardHistory\": [\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ]\n }\n ],\n \"accountActivityItemId\": \"2c9180926cbfbddd016cbfc7c3b10010\",\n \"requestType\": \"GRANT_ACCESS\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20648\",\n \"name\": \"William Wilson\"\n },\n \"requestedFor\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"requesterComment\": {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n \"sodViolationContext\": {\n \"state\": \"SUCCESS\",\n \"uuid\": \"f73d16e9-a038-46c5-b217-1246e15fdbdd\",\n \"violationCheckResult\": {\n \"message\": {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"violationContexts\": [\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n },\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n }\n ],\n \"violatedPolicies\": [\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n }\n ]\n }\n },\n \"provisioningDetails\": {\n \"orderedSubPhaseReferences\": \"manualWorkItemDetails\"\n },\n \"preApprovalTriggerDetails\": {\n \"comment\": \"Access is Approved\",\n \"reviewer\": \"John Doe\",\n \"decision\": \"APPROVED\"\n },\n \"accessRequestPhases\": [\n {\n \"started\": \"2020-07-11T00:00:00Z\",\n \"finished\": \"2020-07-12T00:00:00Z\",\n \"name\": \"APPROVAL_PHASE\",\n \"state\": \"COMPLETED\",\n \"result\": \"SUCCESSFUL\",\n \"phaseReference\": \"approvalDetails\"\n },\n {\n \"started\": \"2020-07-11T00:00:00Z\",\n \"finished\": \"2020-07-12T00:00:00Z\",\n \"name\": \"APPROVAL_PHASE\",\n \"state\": \"COMPLETED\",\n \"result\": \"SUCCESSFUL\",\n \"phaseReference\": \"approvalDetails\"\n }\n ],\n \"description\": \"This is the Engineering role that engineers are granted.\",\n \"removeDate\": \"2019-10-23T00:00:00.000Z\",\n \"cancelable\": true,\n \"accessRequestId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"clientMetadata\": {\n \"key1\": \"value1\",\n \"key2\": \"value2\"\n }\n },\n {\n \"name\": \"AccessProfile1\",\n \"type\": \"ACCESS_PROFILE\",\n \"cancelledRequestDetails\": {\n \"comment\": \"This request must be cancelled.\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"modified\": \"2019-12-20T09:17:12.192Z\"\n },\n \"errorMessages\": [\n [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n ],\n \"state\": \"EXECUTING\",\n \"approvalDetails\": [\n {\n \"forwarded\": false,\n \"originalOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"currentOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"status\": \"PENDING\",\n \"scheme\": \"MANAGER\",\n \"errorMessages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"comment\": \"I approve this request\",\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n },\n {\n \"forwarded\": false,\n \"originalOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"currentOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"status\": \"PENDING\",\n \"scheme\": \"MANAGER\",\n \"errorMessages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"comment\": \"I approve this request\",\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n }\n ],\n \"manualWorkItemDetails\": [\n {\n \"forwarded\": true,\n \"originalOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"currentOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"status\": \"PENDING\",\n \"forwardHistory\": [\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ]\n },\n {\n \"forwarded\": true,\n \"originalOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"currentOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c3780a46faadee4016fb4e018c20652\",\n \"name\": \"Allen Albertson\"\n },\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"status\": \"PENDING\",\n \"forwardHistory\": [\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"oldApproverName\": \"Frank Mir\",\n \"newApproverName\": \"Al Volta\",\n \"comment\": \"Forwarding from Frank to Al\",\n \"modified\": \"2019-08-23T18:52:57.398Z\",\n \"forwarderName\": \"William Wilson\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ]\n }\n ],\n \"accountActivityItemId\": \"2c9180926cbfbddd016cbfc7c3b10010\",\n \"requestType\": \"GRANT_ACCESS\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20648\",\n \"name\": \"William Wilson\"\n },\n \"requestedFor\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"requesterComment\": {\n \"comment\": \"This is a comment.\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"author\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180847e25f377017e2ae8cae4650b\",\n \"name\": \"john.doe\"\n }\n },\n \"sodViolationContext\": {\n \"state\": \"SUCCESS\",\n \"uuid\": \"f73d16e9-a038-46c5-b217-1246e15fdbdd\",\n \"violationCheckResult\": {\n \"message\": {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n \"clientMetadata\": {\n \"requestedAppName\": \"test-app\",\n \"requestedAppId\": \"2c91808f7892918f0178b78da4a305a1\"\n },\n \"violationContexts\": [\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n },\n {\n \"policy\": {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n },\n {\n \"existing\": true,\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918085771e9d3301773b3cb66f6398\",\n \"name\": \"My HR Entitlement\"\n }\n ]\n }\n }\n }\n ],\n \"violatedPolicies\": [\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n {\n \"type\": \"SOD_POLICY\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n }\n ]\n }\n },\n \"provisioningDetails\": {\n \"orderedSubPhaseReferences\": \"manualWorkItemDetails\"\n },\n \"preApprovalTriggerDetails\": {\n \"comment\": \"Access is Approved\",\n \"reviewer\": \"John Doe\",\n \"decision\": \"APPROVED\"\n },\n \"accessRequestPhases\": [\n {\n \"started\": \"2020-07-11T00:00:00Z\",\n \"finished\": \"2020-07-12T00:00:00Z\",\n \"name\": \"APPROVAL_PHASE\",\n \"state\": \"COMPLETED\",\n \"result\": \"SUCCESSFUL\",\n \"phaseReference\": \"approvalDetails\"\n },\n {\n \"started\": \"2020-07-11T00:00:00Z\",\n \"finished\": \"2020-07-12T00:00:00Z\",\n \"name\": \"APPROVAL_PHASE\",\n \"state\": \"COMPLETED\",\n \"result\": \"SUCCESSFUL\",\n \"phaseReference\": \"approvalDetails\"\n }\n ],\n \"description\": \"This is the Engineering role that engineers are granted.\",\n \"removeDate\": \"2019-10-23T00:00:00.000Z\",\n \"cancelable\": true,\n \"accessRequestId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"clientMetadata\": {\n \"key1\": \"value1\",\n \"key2\": \"value2\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64c5feec-b825-4516-bc1b-b7deea0e3845", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-request-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the identity twho made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "assigned-to", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.", + "type": "text/plain" + }, + "key": "count", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "100" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.", + "type": "text/plain" + }, + "key": "offset", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "accountActivityItemId eq \"2c918086771c86df0177401efcdf54c0\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified, accountActivityItemId, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9ff951b4-946f-4808-ad5f-287000862114", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-request-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the identity twho made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "assigned-to", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.", + "type": "text/plain" + }, + "key": "count", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "100" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.", + "type": "text/plain" + }, + "key": "offset", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "accountActivityItemId eq \"2c918086771c86df0177401efcdf54c0\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified, accountActivityItemId, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f88d2931-8e91-402d-8ccf-364b531776da", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-request-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the identity twho made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "assigned-to", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.", + "type": "text/plain" + }, + "key": "count", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "100" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.", + "type": "text/plain" + }, + "key": "offset", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "accountActivityItemId eq \"2c918086771c86df0177401efcdf54c0\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified, accountActivityItemId, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec767617-466a-49f5-acf7-add8c6bc6f83", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-request-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the identity twho made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "assigned-to", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.", + "type": "text/plain" + }, + "key": "count", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "100" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.", + "type": "text/plain" + }, + "key": "offset", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "accountActivityItemId eq \"2c918086771c86df0177401efcdf54c0\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified, accountActivityItemId, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5d010b9-47c3-439e-9c56-bcfff4856eda", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-request-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the identity twho made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "assigned-to", + "value": "2c9180877b2b6ea4017b2c545f971429" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.", + "type": "text/plain" + }, + "key": "count", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "100" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.", + "type": "text/plain" + }, + "key": "offset", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "accountActivityItemId eq \"2c918086771c86df0177401efcdf54c0\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified, accountActivityItemId, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b0b27977-c657-454e-a0ab-90898c0e4a4a", + "name": "Close Access Request", + "request": { + "name": "Close Access Request", + "description": { + "content": "This endpoint closes access requests that are stuck in a pending state. It can be used throughout a request's lifecycle even after the approval state, unlike the [Cancel Access Request endpoint](https://developer.sailpoint.com/idn/api/v3/cancel-access-request/). A token with ORG_ADMIN authority is required.\n\nTo find pending access requests with the UI, navigate to Search and use this query: status: Pending AND \"Access Request\". Use the Column Chooser to select 'Tracking Number', and use the 'Download' button to export a CSV containing the tracking numbers.\n\nTo find pending access requests with the API, use the [List Account Activities endpoint](https://developer.sailpoint.com/idn/api/v3/list-account-activities/).\n\nInput the IDs from either source.\n\nTo track the status of endpoint requests, navigate to Search and use this query: name:\"Close Identity Requests\". Search will include \"Close Identity Requests Started\" audits when requests are initiated and \"Close Identity Requests Completed\" audits when requests are completed. The completion audit will list the identity request IDs that finished in error.\n\nThis API triggers the [Provisioning Completed event trigger](https://developer.sailpoint.com/idn/docs/event-triggers/triggers/provisioning-completed/) for each access request that is closed.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "access-requests", + "close" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestIds\": [\n \"2c90ad2a70ace7d50170acf22ca90010\"\n ],\n \"executionStatus\": \"Terminated\",\n \"completionStatus\": \"Failure\",\n \"message\": \"The IdentityNow Administrator manually closed this request.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d96e70f7-6b6d-4164-91a8-dae4b1ba6403", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "close" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestIds\": [\n \"2c90ad2a70ace7d50170acf22ca90010\"\n ],\n \"executionStatus\": \"Terminated\",\n \"completionStatus\": \"Failure\",\n \"message\": \"The IdentityNow Administrator manually closed this request.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5c888771-5e23-4269-8e15-5bd3be762247", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "close" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestIds\": [\n \"2c90ad2a70ace7d50170acf22ca90010\"\n ],\n \"executionStatus\": \"Terminated\",\n \"completionStatus\": \"Failure\",\n \"message\": \"The IdentityNow Administrator manually closed this request.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c7fb0c42-64ba-4fcc-8e25-a879b081c6c5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "close" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestIds\": [\n \"2c90ad2a70ace7d50170acf22ca90010\"\n ],\n \"executionStatus\": \"Terminated\",\n \"completionStatus\": \"Failure\",\n \"message\": \"The IdentityNow Administrator manually closed this request.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd9687bd-f0ae-4405-ada5-4b4c1322ed21", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "close" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestIds\": [\n \"2c90ad2a70ace7d50170acf22ca90010\"\n ],\n \"executionStatus\": \"Terminated\",\n \"completionStatus\": \"Failure\",\n \"message\": \"The IdentityNow Administrator manually closed this request.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5f77e65e-783b-472b-a5de-9aa9d7cffe98", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "close" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestIds\": [\n \"2c90ad2a70ace7d50170acf22ca90010\"\n ],\n \"executionStatus\": \"Terminated\",\n \"completionStatus\": \"Failure\",\n \"message\": \"The IdentityNow Administrator manually closed this request.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9e035c52-a49f-4a88-a49a-0c60f44897cb", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "access-requests", + "close" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestIds\": [\n \"2c90ad2a70ace7d50170acf22ca90010\"\n ],\n \"executionStatus\": \"Terminated\",\n \"completionStatus\": \"Failure\",\n \"message\": \"The IdentityNow Administrator manually closed this request.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Account Activities", + "description": "Use this API to implement account activity tracking functionality.\nWith this functionality in place, users can track source account activity in Identity Security Cloud, which greatly improves traceability in the system. \n\nAn account activity refers to a log of each action performed on a source account. This is useful for auditing the changes performed on an account throughout its life. \nIn Identity Security Cloud's Search, users can search for account activities and select the activity's row to get an overview of the activity's account action and view its progress, its involved sources, and its most basic metadata, such as the identity requesting the option and the recipient. \n\nAccount activity includes most actions Identity Security Cloud completes on source accounts. Users can search in Identity Security Cloud for the following account action types: \n\n- Access Request: These include any access requests the source account is involved in. \n\n- Account Attribute Updates: These include updates to a single attribute on an account on a source. \n\n- Account State Update: These include locking or unlocking actions on an account on a source. \n\n- Certification: These include actions removing an entitlement from an account on a source as a result of the entitlement's revocation during a certification.\n\n- Cloud Automated `Lifecyclestate`: These include automated lifecycle state changes that result in a source account's correlated identity being assigned to a different lifecycle state. \nIdentity Security Cloud replaces the `Lifecyclestate` variable with the name of the lifecycle state it has moved the account's identity to. \n\n- Identity Attribute Update: These include updates to a source account's correlated identity attributes as the result of a provisioning action. \nWhen you update an identity attribute that also updates an identity's lifecycle state, the cloud automated `Lifecyclestate` event also displays.\nAccount Activity does not include attribute updates that occur as a result of aggregation.\n\n- Identity Refresh: These include correlated identity refreshes that occur for an account on a source whenever the account's correlated identity profile gets a new role or updates. \nThese also include refreshes that occur whenever Identity Security Cloud assigns an application to the account's correlated identity based on the application's being assigned to All Users From Source or Specific Users From Source. \n\n- Lifecycle State Refresh: These include the actions that took place when a lifecycle state changed. This event only occurs after a cloud automated `Lifecyclestate` change or a lifecycle state change. \n\n- Lifecycle State Change: These include the account activities that result from an identity's manual assignment to a null lifecycle state.\n\n- Password Change: These include password changes on sources.\n\nRefer to [Account Activity](https://documentation.sailpoint.com/saas/help/search/index.html#account-activity) for more information about account activities.\n", + "item": [ + { + "id": "d964aa77-ef61-4f0c-8a5c-c6b238cca923", + "name": "List Account Activities", + "request": { + "name": "List Account Activities", + "description": { + "content": "This gets a collection of account activities that satisfy the given query parameters.", + "type": "text/plain" + }, + "url": { + "path": [ + "account-activities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**type**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**created**: *gt, lt, ge, le, eq, in, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"Identity Refresh\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7b8f452e-5512-4fb9-9ab4-fb1d3249cd74", + "name": "List of account activities", + "originalRequest": { + "url": { + "path": [ + "account-activities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**type**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**created**: *gt, lt, ge, le, eq, in, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"Identity Refresh\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"2c9180835d2e5168015d32f890ca1581\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"completionStatus\": \"SUCCESS\",\n \"type\": \"appRequest\",\n \"requesterIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"targetIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"errors\": [\n \"sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds.\"\n ],\n \"warnings\": [\n \"Some warning, another warning\"\n ],\n \"items\": [\n {\n \"id\": \"48c545831b264409a81befcabb0e3c5a\",\n \"name\": \"48c545831b264409a81befcabb0e3c5a\",\n \"requested\": \"2017-07-11T18:45:37.098Z\",\n \"approvalStatus\": \"PENDING\",\n \"provisioningStatus\": \"PENDING\",\n \"requesterComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"reviewerIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"reviewerComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"operation\": \"ADD\",\n \"attribute\": \"detectedRoles\",\n \"value\": \"Treasury Analyst [AccessProfile-1529010191212]\",\n \"nativeIdentity\": \"Sandie.Camero\",\n \"sourceId\": \"2c91808363ef85290164000587130c0c\",\n \"accountRequestInfo\": {\n \"requestedObjectId\": \"2c91808563ef85690164001c31140c0c\",\n \"requestedObjectName\": \"Treasury Analyst\",\n \"requestedObjectType\": \"ACCESS_PROFILE\"\n },\n \"clientMetadata\": {\n \"customKey1\": \"custom value 1\",\n \"customKey2\": \"custom value 2\"\n },\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n },\n {\n \"id\": \"48c545831b264409a81befcabb0e3c5a\",\n \"name\": \"48c545831b264409a81befcabb0e3c5a\",\n \"requested\": \"2017-07-11T18:45:37.098Z\",\n \"approvalStatus\": \"PENDING\",\n \"provisioningStatus\": \"PENDING\",\n \"requesterComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"reviewerIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"reviewerComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"operation\": \"ADD\",\n \"attribute\": \"detectedRoles\",\n \"value\": \"Treasury Analyst [AccessProfile-1529010191212]\",\n \"nativeIdentity\": \"Sandie.Camero\",\n \"sourceId\": \"2c91808363ef85290164000587130c0c\",\n \"accountRequestInfo\": {\n \"requestedObjectId\": \"2c91808563ef85690164001c31140c0c\",\n \"requestedObjectName\": \"Treasury Analyst\",\n \"requestedObjectType\": \"ACCESS_PROFILE\"\n },\n \"clientMetadata\": {\n \"customKey1\": \"custom value 1\",\n \"customKey2\": \"custom value 2\"\n },\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n }\n ],\n \"executionStatus\": \"COMPLETED\",\n \"clientMetadata\": {\n \"customKey1\": \"custom value 1\",\n \"customKey2\": \"custom value 2\"\n }\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"2c9180835d2e5168015d32f890ca1581\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"completionStatus\": \"SUCCESS\",\n \"type\": \"appRequest\",\n \"requesterIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"targetIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"errors\": [\n \"sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds.\"\n ],\n \"warnings\": [\n \"Some warning, another warning\"\n ],\n \"items\": [\n {\n \"id\": \"48c545831b264409a81befcabb0e3c5a\",\n \"name\": \"48c545831b264409a81befcabb0e3c5a\",\n \"requested\": \"2017-07-11T18:45:37.098Z\",\n \"approvalStatus\": \"PENDING\",\n \"provisioningStatus\": \"PENDING\",\n \"requesterComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"reviewerIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"reviewerComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"operation\": \"ADD\",\n \"attribute\": \"detectedRoles\",\n \"value\": \"Treasury Analyst [AccessProfile-1529010191212]\",\n \"nativeIdentity\": \"Sandie.Camero\",\n \"sourceId\": \"2c91808363ef85290164000587130c0c\",\n \"accountRequestInfo\": {\n \"requestedObjectId\": \"2c91808563ef85690164001c31140c0c\",\n \"requestedObjectName\": \"Treasury Analyst\",\n \"requestedObjectType\": \"ACCESS_PROFILE\"\n },\n \"clientMetadata\": {\n \"customKey1\": \"custom value 1\",\n \"customKey2\": \"custom value 2\"\n },\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n },\n {\n \"id\": \"48c545831b264409a81befcabb0e3c5a\",\n \"name\": \"48c545831b264409a81befcabb0e3c5a\",\n \"requested\": \"2017-07-11T18:45:37.098Z\",\n \"approvalStatus\": \"PENDING\",\n \"provisioningStatus\": \"PENDING\",\n \"requesterComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"reviewerIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"reviewerComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"operation\": \"ADD\",\n \"attribute\": \"detectedRoles\",\n \"value\": \"Treasury Analyst [AccessProfile-1529010191212]\",\n \"nativeIdentity\": \"Sandie.Camero\",\n \"sourceId\": \"2c91808363ef85290164000587130c0c\",\n \"accountRequestInfo\": {\n \"requestedObjectId\": \"2c91808563ef85690164001c31140c0c\",\n \"requestedObjectName\": \"Treasury Analyst\",\n \"requestedObjectType\": \"ACCESS_PROFILE\"\n },\n \"clientMetadata\": {\n \"customKey1\": \"custom value 1\",\n \"customKey2\": \"custom value 2\"\n },\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n }\n ],\n \"executionStatus\": \"COMPLETED\",\n \"clientMetadata\": {\n \"customKey1\": \"custom value 1\",\n \"customKey2\": \"custom value 2\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a1ffc34a-fadc-4edd-893b-5c15e194f7d0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "account-activities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**type**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**created**: *gt, lt, ge, le, eq, in, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"Identity Refresh\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ccbb564e-355c-4889-a32c-674bb6d39d2e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "account-activities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**type**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**created**: *gt, lt, ge, le, eq, in, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"Identity Refresh\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0ee122ef-2952-406e-a3de-3f39f10f9dd5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "account-activities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**type**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**created**: *gt, lt, ge, le, eq, in, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"Identity Refresh\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce6beb23-6fc9-4594-bbcb-c5d08a3782a5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "account-activities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**type**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**created**: *gt, lt, ge, le, eq, in, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"Identity Refresh\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2db6495c-d538-477f-bf8c-8049a8d420c9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "account-activities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.", + "type": "text/plain" + }, + "key": "requested-by", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.", + "type": "text/plain" + }, + "key": "regarding-identity", + "value": "2c91808568c529c60168cca6f90c1313" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**type**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**created**: *gt, lt, ge, le, eq, in, ne, isnull, sw*\n\n**modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"Identity Refresh\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5f8e3779-4a8e-4606-b140-2bc098fe6110", + "name": "Get an Account Activity", + "request": { + "name": "Get an Account Activity", + "description": { + "content": "This gets a single account activity by its id.", + "type": "text/plain" + }, + "url": { + "path": [ + "account-activities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The account activity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "9d16150d-7739-4dee-a6ec-4c1a04612b31", + "name": "An account activity object", + "originalRequest": { + "url": { + "path": [ + "account-activities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"2c9180835d2e5168015d32f890ca1581\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"completionStatus\": \"SUCCESS\",\n \"type\": \"appRequest\",\n \"requesterIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"targetIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"errors\": [\n \"sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds.\"\n ],\n \"warnings\": [\n \"Some warning, another warning\"\n ],\n \"items\": [\n {\n \"id\": \"48c545831b264409a81befcabb0e3c5a\",\n \"name\": \"48c545831b264409a81befcabb0e3c5a\",\n \"requested\": \"2017-07-11T18:45:37.098Z\",\n \"approvalStatus\": \"PENDING\",\n \"provisioningStatus\": \"PENDING\",\n \"requesterComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"reviewerIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"reviewerComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"operation\": \"ADD\",\n \"attribute\": \"detectedRoles\",\n \"value\": \"Treasury Analyst [AccessProfile-1529010191212]\",\n \"nativeIdentity\": \"Sandie.Camero\",\n \"sourceId\": \"2c91808363ef85290164000587130c0c\",\n \"accountRequestInfo\": {\n \"requestedObjectId\": \"2c91808563ef85690164001c31140c0c\",\n \"requestedObjectName\": \"Treasury Analyst\",\n \"requestedObjectType\": \"ACCESS_PROFILE\"\n },\n \"clientMetadata\": {\n \"customKey1\": \"custom value 1\",\n \"customKey2\": \"custom value 2\"\n },\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n },\n {\n \"id\": \"48c545831b264409a81befcabb0e3c5a\",\n \"name\": \"48c545831b264409a81befcabb0e3c5a\",\n \"requested\": \"2017-07-11T18:45:37.098Z\",\n \"approvalStatus\": \"PENDING\",\n \"provisioningStatus\": \"PENDING\",\n \"requesterComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"reviewerIdentitySummary\": {\n \"id\": \"ff80818155fe8c080155fe8d925b0316\",\n \"name\": \"SailPoint Services\",\n \"identityId\": \"c15b9f5cca5a4e9599eaa0e64fa921bd\",\n \"completed\": true\n },\n \"reviewerComment\": {\n \"commenterId\": \"2c918084660f45d6016617daa9210584\",\n \"commenterName\": \"Adam Kennedy\",\n \"body\": \"Et quam massa maximus vivamus nisi ut urna tincidunt metus elementum erat.\",\n \"date\": \"2017-07-11T18:45:37.098Z\"\n },\n \"operation\": \"ADD\",\n \"attribute\": \"detectedRoles\",\n \"value\": \"Treasury Analyst [AccessProfile-1529010191212]\",\n \"nativeIdentity\": \"Sandie.Camero\",\n \"sourceId\": \"2c91808363ef85290164000587130c0c\",\n \"accountRequestInfo\": {\n \"requestedObjectId\": \"2c91808563ef85690164001c31140c0c\",\n \"requestedObjectName\": \"Treasury Analyst\",\n \"requestedObjectType\": \"ACCESS_PROFILE\"\n },\n \"clientMetadata\": {\n \"customKey1\": \"custom value 1\",\n \"customKey2\": \"custom value 2\"\n },\n \"removeDate\": \"2020-07-11T00:00:00Z\"\n }\n ],\n \"executionStatus\": \"COMPLETED\",\n \"clientMetadata\": {\n \"customKey1\": \"custom value 1\",\n \"customKey2\": \"custom value 2\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2b379f11-9dc6-447e-a9b0-caedbcaea6d4", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "account-activities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "12a22ec0-9dd6-4c25-a0ce-47ac77d09915", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "account-activities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57ec5a13-dc09-4ce5-aba5-0157db36e4aa", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "account-activities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75a2a906-3f6f-4fc2-a07b-ae909506b9e9", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "account-activities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7141ad3e-0344-4bb5-8e34-cedffb20edd4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "account-activities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "750ec256-0296-4c52-8a56-d0e1b3d40bfe", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "account-activities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Account Aggregations", + "description": "Use this API to implement account aggregation progress tracking functionality.\nWith this functionality in place, administrators can view in-progress account aggregations, their statuses, and their relevant details.\n\nAn account aggregation refers to the process Identity Security Cloud uses to gather and load account data from a source into Identity Security Cloud.\n\nWhenever Identity Security Cloud is in the process of aggregating a source, it adds an entry to the Aggregation Activity Log, along with its relevant details.\nTo view aggregation activity, administrators can select the Connections drop-down menu, select Sources, and select the relevant source, select its Import Data tab, and select Account Aggregation.\nIn Account Aggregation, administrators can view the account aggregations' statuses and details in the Account Activity Log.\n\nRefer to [Loading Account Data](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html) for more information about account aggregations.\n", + "item": [ + { + "id": "0ccb37e8-b8d8-4c12-8734-9a1e6fb02db0", + "name": "In-progress Account Aggregation status", + "request": { + "name": "In-progress Account Aggregation status", + "description": { + "content": "This API returns the status of an *in-progress* account aggregation, along with the total number of **NEW**, **CHANGED** and **DELETED** accounts found since the previous aggregation, and the number of those accounts that have been processed so far.\n\nAccounts that have not changed since the previous aggregation are not included in **totalAccounts** and **processedAccounts** counts returned by this API. This is distinct from **Accounts Scanned** shown in the Aggregation UI, which indicates total accounts scanned regardless of whether they changed or not.\n\nSince this endpoint reports on the status of an *in-progress* account aggregation, totalAccounts and processedAccounts may change between calls to this endpoint.\n\n*Only available up to an hour after the aggregation completes. May respond with *404 Not Found* after that.*\n\nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN or DASHBOARD authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "account-aggregations", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808477a6b0c60177a81146b8110b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The account aggregation id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2b8246fa-33cd-4f37-ace9-a343267384eb", + "name": "An account aggregation status object", + "originalRequest": { + "url": { + "path": [ + "account-aggregations", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"start\": \"2021-01-31T14:30:05.104Z\",\n \"status\": \"ACCOUNTS_COLLECTED\",\n \"totalAccounts\": 520,\n \"processedAccounts\": 150\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a6dd4e2-66b2-489c-be07-db57b857238e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "account-aggregations", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ac7c3680-024f-4586-a0f5-5495632a9772", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "account-aggregations", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "08556dd6-5bf6-4969-b795-0d90d94669d3", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "account-aggregations", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "014f9ff0-d78a-472c-9489-94c4036b1b3c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "account-aggregations", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "29fdc55d-e741-4d54-b7af-127481205d60", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "account-aggregations", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Account Usages", + "description": "Use this API to implement account usage insight functionality.\nWith this functionality in place, administrators can gather information and insights about how their tenants' source accounts are being used.\nThis allows organizations to get the information they need to start optimizing and securing source account usage.\n", + "item": [ + { + "id": "15bd56e2-3e52-4fa0-b1d3-d170d1508965", + "name": "Returns account usage insights", + "request": { + "name": "Returns account usage insights", + "description": { + "content": "This API returns a summary of account usage insights for past 12 months.", + "type": "text/plain" + }, + "url": { + "path": [ + "account-usages", + ":accountId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "accountId", + "disabled": true, + "description": { + "content": "(Required) ID of IDN account", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "86b10204-46a5-4e4e-9bb6-0adab9f62167", + "name": "Summary of account usage insights for past 12 months.", + "originalRequest": { + "url": { + "path": [ + "account-usages", + ":accountId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"date\": \"2023-04-21\",\n \"count\": 10\n },\n {\n \"date\": \"2023-04-21\",\n \"count\": 10\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5dcf4ca8-7c0e-4c11-bdc8-8de77831252e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "account-usages", + ":accountId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e366cee3-87ff-415c-9a7a-ed924f990458", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "account-usages", + ":accountId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "23c2f360-20a7-4263-92bb-153885466546", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "account-usages", + ":accountId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0f5705ce-7e7d-4bb9-8051-18ba21b9681c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "account-usages", + ":accountId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d880aba-d847-4505-943a-3a7d96b798bf", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "account-usages", + ":accountId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Accounts", + "description": "Use this API to implement and customize account functionality.\nWith this functionality in place, administrators can manage users' access across sources in Identity Security Cloud. \n\nIn Identity Security Cloud, an account refers to a user's account on a supported source.\nThis typically includes a unique identifier for the user, a unique password, a set of permissions associated with the source and a set of attributes. Identity Security Cloud loads accounts through the creation of sources in Identity Security Cloud.\n\nAdministrators can correlate users' identities with the users' accounts on the different sources they use. \nThis allows Identity Security Cloud to govern the access of identities and all their correlated accounts securely and cohesively. \n\nTo view the accounts on a source and their correlated identities, administrators can use the Connections drop-down menu, select Sources, select the relevant source, and select its Account tab. \n\nTo view and edit source account statuses for an identity in Identity Security Cloud, administrators can use the Identities drop-down menu, select Identity List, select the relevant identity, and select its Accounts tab. \nAdministrators can toggle an account's Actions to aggregate the account, enable/disable it, unlock it, or remove it from the identity. \n\nAccounts can have the following statuses: \n\n- Enabled: The account is enabled. The user can access it.\n\n- Disabled: The account is disabled, and the user cannot access it, but the identity is not disabled in Identity Security Cloud. This can occur when an administrator disables the account or when the user's lifecycle state changes. \n\n- Locked: The account is locked. This may occur when someone has entered an incorrect password for the account too many times.\n\n- Pending: The account is currently updating. This status typically lasts seconds. \n\nAdministrators can select the source account to view its attributes, entitlements, and the last time the account's password was changed.\n\nRefer to [Managing User Accounts](https://documentation.sailpoint.com/saas/help/common/users/user_access.html#managing-user-accounts) for more information about accounts.\n", + "item": [ + { + "id": "b3d0b444-eaa0-4d90-b4cb-2de89373b3d7", + "name": "Accounts List", + "request": { + "name": "Accounts List", + "description": { + "content": "This returns a list of accounts. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**identityId**: *eq, in, sw*\n\n**name**: *eq, in, sw*\n\n**nativeIdentity**: *eq, in, sw*\n\n**sourceId**: *eq, in, sw*\n\n**uncorrelated**: *eq*\n\n**entitlements**: *eq*\n\n**origin**: *eq, in*\n\n**manuallyCorrelated**: *eq*\n\n**identity.name**: *eq, in, sw*\n\n**identity.correlated**: *eq*\n\n**identity.identityState**: *eq, in*\n\n**source.displayableName**: *eq, in*\n\n**source.authoritative**: *eq*\n\n**source.connectionType**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180858082150f0180893dbaf44201\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fe141148-230f-446e-97db-182a9cdcf411", + "name": "List of account objects", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**identityId**: *eq, in, sw*\n\n**name**: *eq, in, sw*\n\n**nativeIdentity**: *eq, in, sw*\n\n**sourceId**: *eq, in, sw*\n\n**uncorrelated**: *eq*\n\n**entitlements**: *eq*\n\n**origin**: *eq, in*\n\n**manuallyCorrelated**: *eq*\n\n**identity.name**: *eq, in, sw*\n\n**identity.correlated**: *eq*\n\n**identity.identityState**: *eq, in*\n\n**source.displayableName**: *eq, in*\n\n**source.authoritative**: *eq*\n\n**source.connectionType**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180858082150f0180893dbaf44201\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"attributes\": {\n \"firstName\": \"SailPoint\",\n \"lastName\": \"Support\",\n \"displayName\": \"SailPoint Support\"\n },\n \"authoritative\": false,\n \"disabled\": false,\n \"hasEntitlements\": true,\n \"locked\": false,\n \"manuallyCorrelated\": false,\n \"name\": \"aName\",\n \"nativeIdentity\": \"552775\",\n \"sourceId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"sourceName\": \"Employees\",\n \"systemAccount\": false,\n \"uncorrelated\": false,\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"identityId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"cloudLifecycleState\": \"active\",\n \"identityState\": \"ACTIVE\",\n \"connectionType\": \"direct\",\n \"type\": \"NON_HUMAN\",\n \"description\": null,\n \"uuid\": \"slpt.support\",\n \"identity\": {\n \"type\": \"IDENTITY\",\n \"name\": \"Adam Kennedy\"\n },\n \"sourceOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"4c5c8534e99445de98eef6c75e25eb01\",\n \"name\": \"John Cavender\"\n },\n \"features\": \"ENABLE\",\n \"origin\": \"AGGREGATED\",\n \"ownerIdentity\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918084660f45d6016617daa9210584\",\n \"name\": \"Adam Kennedy\"\n },\n \"ownerGroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"8d3e0094e99445de98eef6c75e25jc04\",\n \"name\": \"GovGroup AX17Z\"\n }\n },\n {\n \"attributes\": {\n \"firstName\": \"SailPoint\",\n \"lastName\": \"Support\",\n \"displayName\": \"SailPoint Support\"\n },\n \"authoritative\": false,\n \"disabled\": false,\n \"hasEntitlements\": true,\n \"locked\": false,\n \"manuallyCorrelated\": false,\n \"name\": \"aName\",\n \"nativeIdentity\": \"552775\",\n \"sourceId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"sourceName\": \"Employees\",\n \"systemAccount\": false,\n \"uncorrelated\": false,\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"identityId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"cloudLifecycleState\": \"active\",\n \"identityState\": \"ACTIVE\",\n \"connectionType\": \"direct\",\n \"type\": \"NON_HUMAN\",\n \"description\": null,\n \"uuid\": \"slpt.support\",\n \"identity\": {\n \"type\": \"IDENTITY\",\n \"name\": \"Adam Kennedy\"\n },\n \"sourceOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"4c5c8534e99445de98eef6c75e25eb01\",\n \"name\": \"John Cavender\"\n },\n \"features\": \"ENABLE\",\n \"origin\": \"AGGREGATED\",\n \"ownerIdentity\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918084660f45d6016617daa9210584\",\n \"name\": \"Adam Kennedy\"\n },\n \"ownerGroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"8d3e0094e99445de98eef6c75e25jc04\",\n \"name\": \"GovGroup AX17Z\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2c861402-e309-4652-a2b0-264245307538", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**identityId**: *eq, in, sw*\n\n**name**: *eq, in, sw*\n\n**nativeIdentity**: *eq, in, sw*\n\n**sourceId**: *eq, in, sw*\n\n**uncorrelated**: *eq*\n\n**entitlements**: *eq*\n\n**origin**: *eq, in*\n\n**manuallyCorrelated**: *eq*\n\n**identity.name**: *eq, in, sw*\n\n**identity.correlated**: *eq*\n\n**identity.identityState**: *eq, in*\n\n**source.displayableName**: *eq, in*\n\n**source.authoritative**: *eq*\n\n**source.connectionType**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180858082150f0180893dbaf44201\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "33d88648-deff-406f-ab91-0bdd787fdf35", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**identityId**: *eq, in, sw*\n\n**name**: *eq, in, sw*\n\n**nativeIdentity**: *eq, in, sw*\n\n**sourceId**: *eq, in, sw*\n\n**uncorrelated**: *eq*\n\n**entitlements**: *eq*\n\n**origin**: *eq, in*\n\n**manuallyCorrelated**: *eq*\n\n**identity.name**: *eq, in, sw*\n\n**identity.correlated**: *eq*\n\n**identity.identityState**: *eq, in*\n\n**source.displayableName**: *eq, in*\n\n**source.authoritative**: *eq*\n\n**source.connectionType**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180858082150f0180893dbaf44201\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a004c4f-0383-4eec-afed-c11b6c9eb95c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**identityId**: *eq, in, sw*\n\n**name**: *eq, in, sw*\n\n**nativeIdentity**: *eq, in, sw*\n\n**sourceId**: *eq, in, sw*\n\n**uncorrelated**: *eq*\n\n**entitlements**: *eq*\n\n**origin**: *eq, in*\n\n**manuallyCorrelated**: *eq*\n\n**identity.name**: *eq, in, sw*\n\n**identity.correlated**: *eq*\n\n**identity.identityState**: *eq, in*\n\n**source.displayableName**: *eq, in*\n\n**source.authoritative**: *eq*\n\n**source.connectionType**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180858082150f0180893dbaf44201\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "06c48a7a-d8a8-43d3-9dce-713311767ff9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**identityId**: *eq, in, sw*\n\n**name**: *eq, in, sw*\n\n**nativeIdentity**: *eq, in, sw*\n\n**sourceId**: *eq, in, sw*\n\n**uncorrelated**: *eq*\n\n**entitlements**: *eq*\n\n**origin**: *eq, in*\n\n**manuallyCorrelated**: *eq*\n\n**identity.name**: *eq, in, sw*\n\n**identity.correlated**: *eq*\n\n**identity.identityState**: *eq, in*\n\n**source.displayableName**: *eq, in*\n\n**source.authoritative**: *eq*\n\n**source.connectionType**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180858082150f0180893dbaf44201\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0901d461-56a4-4eeb-8719-aecec6b0ef9b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**identityId**: *eq, in, sw*\n\n**name**: *eq, in, sw*\n\n**nativeIdentity**: *eq, in, sw*\n\n**sourceId**: *eq, in, sw*\n\n**uncorrelated**: *eq*\n\n**entitlements**: *eq*\n\n**origin**: *eq, in*\n\n**manuallyCorrelated**: *eq*\n\n**identity.name**: *eq, in, sw*\n\n**identity.correlated**: *eq*\n\n**identity.identityState**: *eq, in*\n\n**source.displayableName**: *eq, in*\n\n**source.authoritative**: *eq*\n\n**source.connectionType**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180858082150f0180893dbaf44201\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "05568a97-f4e1-4fdc-a8dd-e4021a07e1d9", + "name": "Create Account", + "request": { + "name": "Create Account", + "description": { + "content": "This API submits an account creation task and returns the task ID. \nYou must include the `sourceId` where the account will be created in the `attributes` object.\nThis endpoint creates an account on the source record in your ISC tenant. This is useful for Flat File (`DelimitedFile`) type sources because it allows you to aggregate new accounts without needing to import a new CSV file every time. \nHowever, if you use this endpoint to create an account for a Direct Connection type source, you must ensure that the account also exists on the target source. The endpoint doesn't actually provision the account on the target source, which means that if the account doesn't also exist on the target source, an aggregation between the source and your tenant will remove it from your tenant. \nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"sourceId\": \"34bfcbe116c9407464af37acbaf7a4dc\",\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "905bb609-0711-4cb7-b07b-82f316e4e0a6", + "name": "Async task details", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"sourceId\": \"34bfcbe116c9407464af37acbaf7a4dc\",\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808474683da6017468693c260195\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8e2cc4f-7762-4a98-8850-ba2e50fb685f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"sourceId\": \"34bfcbe116c9407464af37acbaf7a4dc\",\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b4837090-4a7c-41da-9889-7067576be3e6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"sourceId\": \"34bfcbe116c9407464af37acbaf7a4dc\",\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a5cb465-4142-4f6c-abb3-b4327d8f92c4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"sourceId\": \"34bfcbe116c9407464af37acbaf7a4dc\",\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a1211daf-c0ec-4f57-b9b9-aa3eeadc3e94", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"sourceId\": \"34bfcbe116c9407464af37acbaf7a4dc\",\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e9b13b51-033f-4c80-8ab0-7f2be2a0c26f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"sourceId\": \"34bfcbe116c9407464af37acbaf7a4dc\",\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a98f9858-c1dc-461b-aa09-2c8796c3a756", + "name": "Account Details", + "request": { + "name": "Account Details", + "description": { + "content": "Use this API to return the details for a single account by its ID. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Account ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2aa3414b-4739-4c89-a3fe-44d6af9229b3", + "name": "Account object.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"attributes\": {\n \"firstName\": \"SailPoint\",\n \"lastName\": \"Support\",\n \"displayName\": \"SailPoint Support\"\n },\n \"authoritative\": false,\n \"disabled\": false,\n \"hasEntitlements\": true,\n \"locked\": false,\n \"manuallyCorrelated\": false,\n \"name\": \"aName\",\n \"nativeIdentity\": \"552775\",\n \"sourceId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"sourceName\": \"Employees\",\n \"systemAccount\": false,\n \"uncorrelated\": false,\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"identityId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"cloudLifecycleState\": \"active\",\n \"identityState\": \"ACTIVE\",\n \"connectionType\": \"direct\",\n \"type\": \"NON_HUMAN\",\n \"description\": null,\n \"uuid\": \"slpt.support\",\n \"identity\": {\n \"type\": \"IDENTITY\",\n \"name\": \"Adam Kennedy\"\n },\n \"sourceOwner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"4c5c8534e99445de98eef6c75e25eb01\",\n \"name\": \"John Cavender\"\n },\n \"features\": \"ENABLE\",\n \"origin\": \"AGGREGATED\",\n \"ownerIdentity\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918084660f45d6016617daa9210584\",\n \"name\": \"Adam Kennedy\"\n },\n \"ownerGroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"8d3e0094e99445de98eef6c75e25jc04\",\n \"name\": \"GovGroup AX17Z\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f50a4d72-5abd-4210-a64b-9a14b553bd0c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "50ac8945-b56e-4a50-80d4-a37ba1d929a5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b52f86c-e5df-482a-af65-c1bf754df2ab", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "848f9be3-aa04-4b36-8b9b-97efb5ecec8c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57a0b23f-ce28-4e45-a599-c991d159e4af", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2b1e61e7-c66b-4d42-b65f-d64e3e8b1dd7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "417f38aa-c129-418a-be68-cc747e4d659a", + "name": "Update Account", + "request": { + "name": "Update Account", + "description": { + "content": "Use this API to update account details. \nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n\nThis API supports updating an account's correlation by modifying the `identityId` and `manuallyCorrelated` fields. \nTo reassign an account from one identity to another, replace the current `identityId` with a new value. \nIf the account you're assigning was provisioned by Identity Security Cloud (ISC), it's possible for ISC to create a new account \nfor the previous identity as soon as the account is moved. If the account you're assigning is authoritative, \nthis causes the previous identity to become uncorrelated and can even result in its deletion.\nAll accounts that are reassigned will be set to `manuallyCorrelated: true` unless you specify otherwise.\n\n>**Note:** The `attributes` field can only be modified for flat file accounts. \n", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Account ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/identityId\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3b406dcf-31d3-4cbc-8434-0263d48d3370", + "name": "Uncorrelate account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/identityId\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "32ba1d63-36e1-46b2-b794-db2e9ed78518", + "name": "Reassign account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/identityId\",\n \"value\": \"2c9180857725c14301772a93bb77242d\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "68b6175e-6291-40eb-9cb2-1b34e5edd54c", + "name": "Add account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a970ef3a-d705-45fe-9af5-a9e262d0aeaa", + "name": "Replace account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "459ed78e-180e-4bf4-805c-8c9653b21219", + "name": "Remove account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/attributes/familyName\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0cf7d546-c0e7-4763-905c-2e905e2d8b1d", + "name": "Uncorrelate account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/identityId\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "784bd3ff-1f83-40c4-b588-f2c7b9142ebb", + "name": "Reassign account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/identityId\",\n \"value\": \"2c9180857725c14301772a93bb77242d\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "145dcfcd-1602-4392-8b20-cd9e5343f71e", + "name": "Add account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "25377052-220f-4cdf-805a-201978d76146", + "name": "Replace account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "48e733c6-a9e9-4a2f-b9ec-2216f32d1b13", + "name": "Remove account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/attributes/familyName\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d923d314-24fb-4266-afdb-8058698f2a04", + "name": "Uncorrelate account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/identityId\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c87ffd55-8684-4e47-a62c-435d3ea136f4", + "name": "Reassign account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/identityId\",\n \"value\": \"2c9180857725c14301772a93bb77242d\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "43147e1d-7e51-4d9f-8fb3-cef2dfd362e5", + "name": "Add account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d80866c2-eb6a-49d6-bd1b-a770ba88620d", + "name": "Replace account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e1ceff23-49b8-4888-b3db-9ceaff6db49d", + "name": "Remove account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/attributes/familyName\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3885be50-093f-457b-b234-29e941b91b31", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/identityId\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cd88fa38-5dfe-44c5-8c16-62ef65e1005c", + "name": "Reassign account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/identityId\",\n \"value\": \"2c9180857725c14301772a93bb77242d\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "10cc7510-40f2-41a7-b7e8-57c588c789c5", + "name": "Add account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "655f5ff1-4a20-4576-887e-824105e4b9cc", + "name": "Replace account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c7d7968d-438c-4e07-8adf-4a7ef037188d", + "name": "Remove account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/attributes/familyName\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ebd6ade-4f17-4801-a6aa-e5f488df53e4", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/identityId\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "38ea94a7-3372-4d0e-8cc0-18b9d921637f", + "name": "Reassign account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/identityId\",\n \"value\": \"2c9180857725c14301772a93bb77242d\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5478dd68-bf16-4a5c-a5af-0361d8f35670", + "name": "Add account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3369f587-09f1-4aad-8a8d-ebef9d6bf8e1", + "name": "Replace account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "23ca5752-60d0-4707-af10-1f9747f65f5f", + "name": "Remove account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/attributes/familyName\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c449db74-5d8c-4367-95e7-f6731b76c542", + "name": "Uncorrelate account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/identityId\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d4673be4-afc6-45df-adc7-7d5b6ae0f417", + "name": "Reassign account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/identityId\",\n \"value\": \"2c9180857725c14301772a93bb77242d\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9522f30a-85a1-4b23-ba99-48a4e92e7739", + "name": "Add account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4ac39095-7ff1-44b3-9ce5-f6bea07769d6", + "name": "Replace account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1d8a96e8-8634-4420-a075-d77029f4b4f5", + "name": "Remove account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/attributes/familyName\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "692a8500-46f2-45fe-8a79-c29797e418b2", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/identityId\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70b67ab2-27aa-4cf7-805e-536390dabf10", + "name": "Reassign account", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/identityId\",\n \"value\": \"2c9180857725c14301772a93bb77242d\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e48306b0-4219-4031-93ce-7e9d6d1175fc", + "name": "Add account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a1657b37-ca9a-41a4-9e53-de64250d0d90", + "name": "Replace account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/attributes/familyName\",\n \"value\": \"Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9b35be2-68da-4ea0-bce2-74cc0821b715", + "name": "Remove account attribute", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/attributes/familyName\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "32b72bca-b342-431e-bffa-90d5b82a7fba", + "name": "Update Account", + "request": { + "name": "Update Account", + "description": { + "content": "Use this API to update an account with a PUT request. \n\nThis endpoint submits an account update task and returns the task ID. \n\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n\n>**Note: You can only use this PUT endpoint to update accounts from flat file sources.**\n", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Account ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "c5a6b2bc-cd0e-4809-a8f2-b00a4d38c4ae", + "name": "Async task details.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808474683da6017468693c260195\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "894a803f-1cdc-474b-ae72-d7b27117d273", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "560187fe-1e53-4896-9fef-288e52a40a23", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "878387b5-d2ed-4fc1-b8b6-f730eeac54b1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d0970803-2dc1-408b-8a5c-060af481f1b4", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9877409a-d0fc-474b-9a9e-b664f4003f2c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ef0bb0e3-910d-48fd-9758-2f187a7eb00b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": {\n \"city\": \"Austin\",\n \"displayName\": \"John Doe\",\n \"userName\": \"jdoe\",\n \"sAMAccountName\": \"jDoe\",\n \"mail\": \"john.doe@sailpoint.com\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6bc430bb-9c17-477a-801d-ee8fbbb27a55", + "name": "Delete Account", + "request": { + "name": "Delete Account", + "description": { + "content": "Use this API to delete an account. \nThis endpoint submits an account delete task and returns the task ID. \nThis endpoint only deletes the account from IdentityNow, not the source itself, which can result in the account's returning with the next aggregation between the source and IdentityNow. To avoid this scenario, it is recommended that you [disable accounts](https://developer.sailpoint.com/idn/api/v3/disable-account) rather than delete them. This will also allow you to reenable the accounts in the future. \nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n>**NOTE: You can only delete accounts from sources of the \"DelimitedFile\" type.**", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Account ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "04434f07-5d3a-4256-902d-a380ddc44be6", + "name": "Async task details.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808474683da6017468693c260195\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "62476292-c24d-49b9-8f82-3bbb71ec47f2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "702dba78-9c4a-4331-89a3-7fac670bbde1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "97b771b8-b141-4b32-a88b-06c4b3e5aead", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7c6645ed-6c7f-4046-923b-03ea411614ec", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "15c44266-fa2a-4ae5-893f-05925a9a1440", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8306ed47-c3ce-4602-9afc-421dfe512839", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5f8aa0e0-9a5a-4d97-98d8-49d2f11a327a", + "name": "Account Entitlements", + "request": { + "name": "Account Entitlements", + "description": { + "content": "This API returns entitlements of the account. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The account id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "526cccb3-39ff-473c-84e6-245d873b1a94", + "name": "An array of account entitlements", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"attribute\": \"authorizationType\",\n \"value\": \"CN=Users,dc=sailpoint,dc=com\",\n \"description\": \"Active Directory DC\",\n \"attributes\": {\n \"GroupType\": \"Security\",\n \"sAMAccountName\": \"Buyer\"\n },\n \"sourceSchemaObjectType\": \"group\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n }\n },\n {\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"attribute\": \"authorizationType\",\n \"value\": \"CN=Users,dc=sailpoint,dc=com\",\n \"description\": \"Active Directory DC\",\n \"attributes\": {\n \"GroupType\": \"Security\",\n \"sAMAccountName\": \"Buyer\"\n },\n \"sourceSchemaObjectType\": \"group\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0c96596c-1838-4b3b-807a-b11c7361a681", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b2fe8e6c-2bfc-461e-8f4d-b57933f6e85c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e05abbb3-1c71-4bf5-b472-79dbaf6c135c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ea85df46-fc9e-4c97-a6ba-165081c484ef", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec9af313-b042-4b19-9631-7f1f2d894331", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b50f73a3-af79-476b-8d32-7456a1b7e534", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d5d8c573-101c-4ea5-8135-c80f81c57257", + "name": "Reload Account", + "request": { + "name": "Reload Account", + "description": { + "content": "This API asynchronously reloads the account directly from the connector and performs a one-time aggregation process. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id", + "reload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The account id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "af22f1df-6139-4c33-ba6a-225a842c0231", + "name": "Async task details", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "reload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808474683da6017468693c260195\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8ff0c45-44e1-41aa-9703-e1f1170fffac", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "reload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d0e19ab8-8d19-4e10-9740-2cdd357924e8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "reload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2cdab40a-7212-493a-9581-af1bebc73e39", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "reload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb38f480-6914-4703-a8ec-43a5c270a90b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "reload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cf4b8a85-af17-4c07-a86c-f5ed1a1ae5ca", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "reload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a3730144-c35a-4398-97d6-67741703784f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "reload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "113f5222-d89e-40fb-8920-f1c091363c65", + "name": "Enable Account", + "request": { + "name": "Enable Account", + "description": { + "content": "This API submits a task to enable account and returns the task ID. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The account id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "87647461-5d08-43f9-871e-6731163aad5f", + "name": "Async task details", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808474683da6017468693c260195\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e78cfca4-10aa-4204-b40d-30f286ea829e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "19f9250c-09ab-41a4-95af-765b60c5857d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f667cc3-4eb1-43de-ade3-fe4f826a6ded", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a71516f3-9d41-4888-9d30-3d0948124639", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "19c727bc-03c9-49a6-a75d-aedb860ca78d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8c6a0b2-16d3-4c99-b3e7-950ded50290b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "83bfbb05-8257-41e9-a841-f478c539619c", + "name": "Disable Account", + "request": { + "name": "Disable Account", + "description": { + "content": "This API submits a task to disable the account and returns the task ID. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The account id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "948881a0-675a-48f2-8c66-b1cee5b482ea", + "name": "Async task details", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808474683da6017468693c260195\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb7364a2-e446-442d-9265-9f578c50e9fa", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e69d4a3e-3d20-467b-8ca1-c115d3409e35", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a43613a-c7d9-48da-9194-8105aef6f32f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a6eecc33-4ee1-4d83-b998-d30648c9fd32", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "824f0767-7369-44d5-a4be-c4086873271b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3fc35796-74fd-47cd-9294-04bb83b101d2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "23c19aee-474c-40b6-b03f-e8b8895bd215", + "name": "Unlock Account", + "request": { + "name": "Unlock Account", + "description": { + "content": "This API submits a task to unlock an account and returns the task ID. \nTo use this endpoint to unlock an account that has the `forceProvisioning` option set to true, the `idn:accounts-provisioning:manage` scope is required. \nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id", + "unlock" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The account ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"unlockIDNAccount\": false,\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "9ca6a9d9-febd-478f-93dd-55b8ece07260", + "name": "Async task details", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "unlock" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"unlockIDNAccount\": false,\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808474683da6017468693c260195\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "611e3967-e851-40f9-9b25-59f5c34e1fe9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "unlock" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"unlockIDNAccount\": false,\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "02acbbc8-5ff1-4fdc-bcb9-c76ab6c7fb8a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "unlock" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"unlockIDNAccount\": false,\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2de4ec08-48ff-4b13-b517-c86bbe8ba968", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "unlock" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"unlockIDNAccount\": false,\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ad9a3da-4e96-46a6-bc3f-a3464c5a1c10", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "unlock" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"unlockIDNAccount\": false,\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "432cc579-0c0b-46b2-83dc-394b4d91c623", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "unlock" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"unlockIDNAccount\": false,\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e951431-bdd3-4066-949b-c57028bc0763", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "unlock" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"externalVerificationId\": \"3f9180835d2e5168015d32f890ca1581\",\n \"unlockIDNAccount\": false,\n \"forceProvisioning\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b02e6e16-face-4fce-95f2-bf2c9e41220b", + "name": "Remove Account", + "request": { + "name": "Remove Account", + "description": { + "content": "Use this endpoint to remove accounts from the system without provisioning changes to the source. Accounts that are removed could be re-created during the next aggregation.\n\nThis endpoint is good for:\n* Removing accounts that no longer exist on the source.\n* Removing accounts that won't be aggregated following updates to the source configuration.\n* Forcing accounts to be re-created following the next aggregation to re-run account processing, support testing, etc.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + ":id", + "remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c350d6aa4f104c61b062cb632421ad10", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The account id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "d62f8a09-3992-48ac-98c0-8afde3ec41da", + "name": "Accepted. Returns task result details of removal request.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"TASK_RESULT\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": null\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "32d6a09a-c04c-4974-909e-a11cca778351", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a46c060b-e600-42bf-84a8-c3fd1d37233f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dad00b21-2939-4c80-abd5-02bda249c980", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f285662b-90a3-4566-b804-76a388934e4d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7707857-5140-4748-9aab-a24969abe288", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + ":id", + "remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "89311e5d-f696-46f2-ad94-59ba47a42552", + "name": "Enable IDN Account for Identity", + "request": { + "name": "Enable IDN Account for Identity", + "description": { + "content": "This API submits a task to enable IDN account for a single identity.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities-accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808384203c2d018437e631158309", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "8d4e43ea-cd00-421e-9096-35cfbbaaafc5", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b487deac-5753-4907-ae6c-1a14a7c1dfc2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "546fdfdb-4149-47d4-89a5-7ce60ca0fc3f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ea179e96-d3bc-456d-a158-3e5558250836", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "00c12fbd-411f-4173-b69e-7b7b72a0fd7a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70236846-30ef-48f2-b347-a558ee90a22d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0879168c-b708-4b79-8f42-83742660d161", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "13f4b33d-f49d-4ff9-b347-162d6514f0fc", + "name": "Disable IDN Account for Identity", + "request": { + "name": "Disable IDN Account for Identity", + "description": { + "content": "This API submits a task to disable IDN account for a single identity.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities-accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808384203c2d018437e631158309", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "e345e767-06fd-4b83-8abb-934e9180d3f7", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8bee63d4-c341-4e03-9d5d-ca941d99fce8", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "42ce2a84-33d9-4311-9223-4f2afe74b849", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "26f9649f-addb-489f-920d-bc4400e97b62", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af0c3b1e-9472-4faf-9ff6-3de3d843d2a8", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ddcb812b-6c61-4200-be4d-1bf50e57015b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0ed68c85-2cfd-4329-abd6-0d59aff0e6ff", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + ":id", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3edef0b4-295d-4622-8d6c-de4075fbd565", + "name": "Enable IDN Accounts for Identities", + "request": { + "name": "Enable IDN Accounts for Identities", + "description": { + "content": "This API submits tasks to enable IDN account for each identity provided in the request body.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities-accounts", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "75efcc67-d356-45b6-ad57-defaed3b55a0", + "name": "Bulk response details.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Multi-Status (WebDAV) (RFC 4918)", + "code": 207, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180858082150f0180893dbaf553fe\",\n \"statusCode\": 404,\n \"message\": \"Referenced identity \\\"2c9180858082150f0180893dbaf553fe\\\" was not found.\"\n },\n {\n \"id\": \"2c91808384203c2d018437e631158308\",\n \"statusCode\": 202,\n \"message\": null\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "72d805ae-c81c-457a-95ee-a0b0a947641c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2aeb8db8-91d8-4e97-957b-23bae3c40cf1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70c0e564-d0ae-4231-b9a4-dbf93fb5105b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "961f2fa0-4db3-4925-ba6f-8823bd8a76b1", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5f9f333-07a7-45ac-9e82-3615d5d3ea67", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "enable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b5df325c-3487-437e-b61c-4edf6a24357b", + "name": "Disable IDN Accounts for Identities", + "request": { + "name": "Disable IDN Accounts for Identities", + "description": { + "content": "This API submits tasks to disable IDN account for each identity provided in the request body.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities-accounts", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "1d402d80-a0b6-45ca-9302-2efdc2e7452c", + "name": "Bulk response details.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Multi-Status (WebDAV) (RFC 4918)", + "code": 207, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180858082150f0180893dbaf553fe\",\n \"statusCode\": 404,\n \"message\": \"Referenced identity \\\"2c9180858082150f0180893dbaf553fe\\\" was not found.\"\n },\n {\n \"id\": \"2c91808384203c2d018437e631158308\",\n \"statusCode\": 202,\n \"message\": null\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a22b7b62-6298-462d-9d83-a6b212593e69", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "29ba5c5d-6472-40ad-872b-bfbcff4756a1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a0a6d8b8-beae-421e-913a-c51a4658b979", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "65d6df17-bd84-493f-98a0-5b3390a2e704", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7c879f81-caa7-4666-b749-eb9b0e3112af", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities-accounts", + "disable" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"2c91808384203c2d018437e631158308\",\n \"2c9180858082150f0180893dbaf553fe\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Approvals", + "description": "", + "item": [ + { + "id": "2d8d7715-f3b3-4631-81de-6fd063e5a0f0", + "name": "Get Approvals", + "request": { + "name": "Get Approvals", + "description": { + "content": "Retrieve a list of approvals, which can be filtered by requester ID, status, or reference type. \"Mine\" query parameter can be used and it will return all approvals for the current approver. This endpoint is for generic approvals, different than the access-request-approval endpoint and does not include access-request-approvals. \nAbsence of all query parameters will will default to mine=true.", + "type": "text/plain" + }, + "url": { + "path": [ + "generic-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for the current caller", + "type": "text/plain" + }, + "key": "mine", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for a given requester ID", + "type": "text/plain" + }, + "key": "requesterId", + "value": "17e633e7d57e481569df76323169deb6a" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq*\n\n**referenceType**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "filters=status eq PENDING" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "cb7c4930-7f0a-4403-89f3-275f60b09fd6", + "name": "List of Approvals", + "originalRequest": { + "url": { + "path": [ + "generic-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for the current caller", + "type": "text/plain" + }, + "key": "mine", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for a given requester ID", + "type": "text/plain" + }, + "key": "requesterId", + "value": "17e633e7d57e481569df76323169deb6a" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq*\n\n**referenceType**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "filters=status eq PENDING" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"approvalId\": \"38453251-6be2-5f8f-df93-5ce19e295837\",\n \"approvers\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"createdDate\": \"2023-04-12T23:20:50.520Z\",\n \"type\": \"ENTITLEMENT_DESCRIPTIONS\",\n \"name\": [\n {\n \"value\": \"Audit DB Access\",\n \"locale\": \"en_US\"\n },\n {\n \"value\": \"Audit DB Access\",\n \"locale\": \"en_US\"\n }\n ],\n \"batchRequest\": {\n \"batchId\": \"38453251-6be2-5f8f-df93-5ce19e295837\",\n \"batchSize\": 100\n },\n \"description\": [\n {\n \"value\": \"This access allows viewing and editing of workflow resource\",\n \"locale\": \"en_US\"\n },\n {\n \"value\": \"This access allows viewing and editing of workflow resource\",\n \"locale\": \"en_US\"\n }\n ],\n \"priority\": \"HIGH\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comments\": [\n {\n \"author\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n {\n \"author\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n }\n ],\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"completedDate\": \"2023-04-12T23:20:50.520Z\",\n \"approvalCriteria\": \"SINGLE\",\n \"status\": \"PENDING\",\n \"additionalAttributes\": \"{ \\\"llm_description\\\": \\\"generated description\\\" }\",\n \"referenceData\": [\n {\n \"id\": \"64012350-8fd9-4f6c-a170-1fe123683899\",\n \"type\": \"AccessRequestId\"\n },\n {\n \"id\": \"64012350-8fd9-4f6c-a170-1fe123683899\",\n \"type\": \"AccessRequestId\"\n }\n ]\n },\n {\n \"approvalId\": \"38453251-6be2-5f8f-df93-5ce19e295837\",\n \"approvers\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"createdDate\": \"2023-04-12T23:20:50.520Z\",\n \"type\": \"ENTITLEMENT_DESCRIPTIONS\",\n \"name\": [\n {\n \"value\": \"Audit DB Access\",\n \"locale\": \"en_US\"\n },\n {\n \"value\": \"Audit DB Access\",\n \"locale\": \"en_US\"\n }\n ],\n \"batchRequest\": {\n \"batchId\": \"38453251-6be2-5f8f-df93-5ce19e295837\",\n \"batchSize\": 100\n },\n \"description\": [\n {\n \"value\": \"This access allows viewing and editing of workflow resource\",\n \"locale\": \"en_US\"\n },\n {\n \"value\": \"This access allows viewing and editing of workflow resource\",\n \"locale\": \"en_US\"\n }\n ],\n \"priority\": \"HIGH\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comments\": [\n {\n \"author\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n {\n \"author\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n }\n ],\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"completedDate\": \"2023-04-12T23:20:50.520Z\",\n \"approvalCriteria\": \"SINGLE\",\n \"status\": \"PENDING\",\n \"additionalAttributes\": \"{ \\\"llm_description\\\": \\\"generated description\\\" }\",\n \"referenceData\": [\n {\n \"id\": \"64012350-8fd9-4f6c-a170-1fe123683899\",\n \"type\": \"AccessRequestId\"\n },\n {\n \"id\": \"64012350-8fd9-4f6c-a170-1fe123683899\",\n \"type\": \"AccessRequestId\"\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "903fe6ab-f148-4b95-a4c8-470a05447fd0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for the current caller", + "type": "text/plain" + }, + "key": "mine", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for a given requester ID", + "type": "text/plain" + }, + "key": "requesterId", + "value": "17e633e7d57e481569df76323169deb6a" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq*\n\n**referenceType**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "filters=status eq PENDING" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "12316a0c-1980-4b7c-aca5-e33778f51dce", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for the current caller", + "type": "text/plain" + }, + "key": "mine", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for a given requester ID", + "type": "text/plain" + }, + "key": "requesterId", + "value": "17e633e7d57e481569df76323169deb6a" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq*\n\n**referenceType**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "filters=status eq PENDING" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8986fcc0-8f4d-4b60-bbdf-bc8c1ebf3c70", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for the current caller", + "type": "text/plain" + }, + "key": "mine", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for a given requester ID", + "type": "text/plain" + }, + "key": "requesterId", + "value": "17e633e7d57e481569df76323169deb6a" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq*\n\n**referenceType**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "filters=status eq PENDING" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "46bac969-0617-4ab6-bb5b-1db069f46a41", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for the current caller", + "type": "text/plain" + }, + "key": "mine", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for a given requester ID", + "type": "text/plain" + }, + "key": "requesterId", + "value": "17e633e7d57e481569df76323169deb6a" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq*\n\n**referenceType**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "filters=status eq PENDING" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "81140658-a680-4893-8cdc-834d16742f12", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for the current caller", + "type": "text/plain" + }, + "key": "mine", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Returns the list of approvals for a given requester ID", + "type": "text/plain" + }, + "key": "requesterId", + "value": "17e633e7d57e481569df76323169deb6a" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq*\n\n**referenceType**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "filters=status eq PENDING" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1a0263ac-b0f0-4949-8187-cb540bd48840", + "name": "Get an approval", + "request": { + "name": "Get an approval", + "description": { + "content": "Retrieve a single approval for a given approval ID. This endpoint is for generic approvals, different than the access-request-approval endpoint and does not include access-request-approvals.", + "type": "text/plain" + }, + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "38453251-6be2-5f8f-df93-5ce19e295837", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the approval that is to be returned", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "187e5398-b047-46a3-976a-3bf074ef32d3", + "name": "Approval object", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"approvalId\": \"38453251-6be2-5f8f-df93-5ce19e295837\",\n \"approvers\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"createdDate\": \"2023-04-12T23:20:50.520Z\",\n \"type\": \"ENTITLEMENT_DESCRIPTIONS\",\n \"name\": [\n {\n \"value\": \"Audit DB Access\",\n \"locale\": \"en_US\"\n },\n {\n \"value\": \"Audit DB Access\",\n \"locale\": \"en_US\"\n }\n ],\n \"batchRequest\": {\n \"batchId\": \"38453251-6be2-5f8f-df93-5ce19e295837\",\n \"batchSize\": 100\n },\n \"description\": [\n {\n \"value\": \"This access allows viewing and editing of workflow resource\",\n \"locale\": \"en_US\"\n },\n {\n \"value\": \"This access allows viewing and editing of workflow resource\",\n \"locale\": \"en_US\"\n }\n ],\n \"priority\": \"HIGH\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comments\": [\n {\n \"author\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n {\n \"author\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n }\n ],\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"completedDate\": \"2023-04-12T23:20:50.520Z\",\n \"approvalCriteria\": \"SINGLE\",\n \"status\": \"PENDING\",\n \"additionalAttributes\": \"{ \\\"llm_description\\\": \\\"generated description\\\" }\",\n \"referenceData\": [\n {\n \"id\": \"64012350-8fd9-4f6c-a170-1fe123683899\",\n \"type\": \"AccessRequestId\"\n },\n {\n \"id\": \"64012350-8fd9-4f6c-a170-1fe123683899\",\n \"type\": \"AccessRequestId\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4d48104-d663-4786-80da-c5843dc39226", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2c5edb57-7f3a-4cd3-9de1-ff04365ba625", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d136961f-0713-48a2-bd0c-fc398b5a25aa", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "802b2274-6010-4abe-80ee-efe236b1ae06", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75b9c6e5-dbbc-433d-ba65-2c3dcf32a0aa", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "fb9bbe6e-5437-4ac3-ac38-4ce05ddbb1c9", + "name": "Change an approval", + "request": { + "name": "Change an approval", + "description": { + "content": "Change the values of a given approval", + "type": "text/plain" + }, + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"comments\": {\n \"author\": \"85d173e7d57e496569df763231d6deb6a\",\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"reassignFrom\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"reassignTo\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"additionalAttributes\": {\n \"any\": \"any\",\n \"additional\": \"attributes\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "53d0c5d4-986f-4966-a30d-0c344dfa3d7b", + "name": "Approval object", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"comments\": {\n \"author\": \"85d173e7d57e496569df763231d6deb6a\",\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"reassignFrom\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"reassignTo\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"additionalAttributes\": {\n \"any\": \"any\",\n \"additional\": \"attributes\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"approvalId\": \"38453251-6be2-5f8f-df93-5ce19e295837\",\n \"approvers\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"createdDate\": \"2023-04-12T23:20:50.520Z\",\n \"type\": \"ENTITLEMENT_DESCRIPTIONS\",\n \"name\": [\n {\n \"value\": \"Audit DB Access\",\n \"locale\": \"en_US\"\n },\n {\n \"value\": \"Audit DB Access\",\n \"locale\": \"en_US\"\n }\n ],\n \"batchRequest\": {\n \"batchId\": \"38453251-6be2-5f8f-df93-5ce19e295837\",\n \"batchSize\": 100\n },\n \"description\": [\n {\n \"value\": \"This access allows viewing and editing of workflow resource\",\n \"locale\": \"en_US\"\n },\n {\n \"value\": \"This access allows viewing and editing of workflow resource\",\n \"locale\": \"en_US\"\n }\n ],\n \"priority\": \"HIGH\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comments\": [\n {\n \"author\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n {\n \"author\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n }\n ],\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"completedDate\": \"2023-04-12T23:20:50.520Z\",\n \"approvalCriteria\": \"SINGLE\",\n \"status\": \"PENDING\",\n \"additionalAttributes\": \"{ \\\"llm_description\\\": \\\"generated description\\\" }\",\n \"referenceData\": [\n {\n \"id\": \"64012350-8fd9-4f6c-a170-1fe123683899\",\n \"type\": \"AccessRequestId\"\n },\n {\n \"id\": \"64012350-8fd9-4f6c-a170-1fe123683899\",\n \"type\": \"AccessRequestId\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "517d2d09-3b81-4174-a1b9-8a961aef58fc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"comments\": {\n \"author\": \"85d173e7d57e496569df763231d6deb6a\",\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"reassignFrom\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"reassignTo\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"additionalAttributes\": {\n \"any\": \"any\",\n \"additional\": \"attributes\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1010678a-99ee-4762-b9ba-9ed1c5b16fa8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"comments\": {\n \"author\": \"85d173e7d57e496569df763231d6deb6a\",\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"reassignFrom\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"reassignTo\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"additionalAttributes\": {\n \"any\": \"any\",\n \"additional\": \"attributes\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb7647ee-fd68-4717-a9bd-eaeeed56143b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"comments\": {\n \"author\": \"85d173e7d57e496569df763231d6deb6a\",\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"reassignFrom\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"reassignTo\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"additionalAttributes\": {\n \"any\": \"any\",\n \"additional\": \"attributes\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c5258a0-830b-4faa-b376-70e0478224d5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"comments\": {\n \"author\": \"85d173e7d57e496569df763231d6deb6a\",\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"reassignFrom\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"reassignTo\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"additionalAttributes\": {\n \"any\": \"any\",\n \"additional\": \"attributes\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d35efe4-1d02-49c8-8ab3-133f4e75bb38", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "generic-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "{\n \"comments\": {\n \"author\": \"85d173e7d57e496569df763231d6deb6a\",\n \"comment\": \"Looks good\",\n \"createdDate\": \"2023-04-12T23:20:50.520Z\"\n },\n \"approvedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"rejectedBy\": [\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n }\n ],\n \"reassignFrom\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"reassignTo\": {\n \"id\": \"85d173e7d57e496569df763231d6deb6a\",\n \"type\": \"IDENTITY\",\n \"name\": \"John Doe\"\n },\n \"additionalAttributes\": {\n \"any\": \"any\",\n \"additional\": \"attributes\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Auth Profile", + "description": "Auth Profile - Represents authentication configuration for an Identity Profile. This object gets created when an Identity Profile is created.\n\nAPIs can be used to retrieve and update Auth Profiles.\n", + "item": [ + { + "id": "b2cef899-f8f4-4d2e-8a65-f05ea0b7f49d", + "name": "Get list of Auth Profiles.", + "request": { + "name": "Get list of Auth Profiles.", + "description": { + "content": "This API returns a list of auth profiles.", + "type": "text/plain" + }, + "url": { + "path": [ + "auth-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "838a61f8-32c4-4715-8674-22a763fc3bc4", + "name": "List of Auth Profiles", + "originalRequest": { + "url": { + "path": [ + "auth-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"tenant\": \"test-tenant\",\n \"id\": \"2c91808458ae7a4f0158b1bbf8af0628\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fb576272-ac75-4b81-8ab5-3129c7d6efaa", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "123d1449-2f18-4c56-bbcc-1d30b3d15e60", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "642a7d4a-5c82-4225-a6e3-ae820fa3fca4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2410f8e3-037b-4ce7-8757-75e4236e188c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7f51a94-06fc-4596-8809-f9fe9ba01f87", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "485594f6-2d02-4461-a811-2098c66e188d", + "name": "Get Auth Profile.", + "request": { + "name": "Get Auth Profile.", + "description": { + "content": "This API returns auth profile information.", + "type": "text/plain" + }, + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "294508c5-93d0-46d9-be47-d47db7f4fff2", + "name": "Auth Profile", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"EndToEnd-Profile\",\n \"offNetwork\": true,\n \"untrustedGeography\": true,\n \"applicationId\": \"2c91808458ae7a4f0158b1bbf8af0628\",\n \"applicationName\": \"EndToEnd-Source\",\n \"type\": \"PTA\",\n \"strongAuthLogin\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d8344c6e-8fdd-4888-a315-f7ca05e31703", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e0ab793-7611-4559-a43b-7b275a98493f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14a5ca39-4dbf-4a80-94c5-39abee0196e4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "156a6056-b14b-4fd2-8bea-4b321c6a5499", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3de0b391-2b41-45b0-af50-f44c52469032", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0bc0c825-38d1-4535-9de9-5196fcc35f9b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d9a6ab40-fc63-4799-b303-e16297968f56", + "name": "Patch a specified Auth Profile", + "request": { + "name": "Patch a specified Auth Profile", + "description": { + "content": "This API updates an existing Auth Profile. The following fields are patchable:\n**offNetwork**, **untrustedGeography**, **applicationId**, **applicationName**, **type**", + "type": "text/plain" + }, + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Auth Profile to patch.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7a6d9e3a-d3e1-4062-91af-50a2c6163ef5", + "name": "Responds with the Auth Profile as updated.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"EndToEnd-Profile\",\n \"offNetwork\": true,\n \"untrustedGeography\": true,\n \"applicationId\": \"2c91808458ae7a4f0158b1bbf8af0628\",\n \"applicationName\": \"EndToEnd-Source\",\n \"type\": \"PTA\",\n \"strongAuthLogin\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a49a357-a744-46e1-8bcf-7860730a52cd", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b98ebea7-7490-44d0-aa9d-4b814969d262", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6ef79256-b1be-4126-bb5c-5fae5c881591", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d2ed3f6-67be-4afa-8fd0-37fd33811b42", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d804ce1-a182-45ce-871b-f7fac3cc735f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "auth-profiles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Auth Users", + "description": "Use this API to implement user authentication system functionality. \nWith this functionality in place, users can get a user's authentication system details, including their capabilities, and modify those capabilities. \nThe user's capabilities refer to their access to different systems, or authorization, within the tenant, like access to certifications (CERT_ADMIN) or reports (REPORT_ADMIN). \nThese capabilities also determine a user's access to the different APIs. \nThis API provides users with a way to determine a user's access and make quick and easy changes to that access. \n", + "item": [ + { + "id": "92b45913-b479-4a15-b157-0db3c8445a45", + "name": "Auth User Details", + "request": { + "name": "Auth User Details", + "description": { + "content": "Return the specified user's authentication system details.", + "type": "text/plain" + }, + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Identity ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "dfda2578-35eb-4d03-aafe-166912f6ddc2", + "name": "The specified user's authentication system details.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"tenant\": \"test-tenant\",\n \"id\": \"2c91808458ae7a4f0158b1bbf8af0628\",\n \"uid\": \"will.smith\",\n \"profile\": \"2c91808458ae7a4f0158b1bbf8af0756\",\n \"identificationNumber\": \"19-5588452\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"workPhone\": \"5555555555\",\n \"personalEmail\": \"william.smith@example.com\",\n \"firstname\": \"Will\",\n \"lastname\": \"Smith\",\n \"displayName\": \"Will Smith\",\n \"alias\": \"will.smith\",\n \"lastPasswordChangeDate\": \"2021-03-08T22:37:33.901Z\",\n \"lastLoginTimestamp\": 1656327185832,\n \"currentLoginTimestamp\": 1656327185832,\n \"capabilities\": [\n \"ORG_ADMIN\",\n \"ORG_ADMIN\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a45dedbc-8305-4cc7-965d-1f575ae03133", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1c5409d9-f8bc-41f4-8566-f43ebd097e42", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "819fd84e-8411-4916-bd05-f5898518ed6a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bfcf7eb1-bbaa-4a51-a0f5-e552a16285b5", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4c30ebaf-d462-4d29-b193-b8bc24423e57", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd943589-4964-4110-8dcd-d681f7bb1781", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "30a96f56-5a04-4ae0-ad71-f16c759f73ac", + "name": "Auth User Update", + "request": { + "name": "Auth User Update", + "description": { + "content": "Use a PATCH request to update an existing user in the authentication system.\nUse this endpoint to modify these fields: \n * `capabilities`\n\nA '400.1.1 Illegal update attempt' detail code indicates that you attempted to PATCH a field that is not allowed.", + "type": "text/plain" + }, + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Identity ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/capabilities\",\n \"value\": [\n \"ORG_ADMIN\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "cc32c91a-f42f-467c-8288-5b683d09f1a3", + "name": "Auth user updated.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/capabilities\",\n \"value\": [\n \"ORG_ADMIN\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"tenant\": \"test-tenant\",\n \"id\": \"2c91808458ae7a4f0158b1bbf8af0628\",\n \"uid\": \"will.smith\",\n \"profile\": \"2c91808458ae7a4f0158b1bbf8af0756\",\n \"identificationNumber\": \"19-5588452\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"workPhone\": \"5555555555\",\n \"personalEmail\": \"william.smith@example.com\",\n \"firstname\": \"Will\",\n \"lastname\": \"Smith\",\n \"displayName\": \"Will Smith\",\n \"alias\": \"will.smith\",\n \"lastPasswordChangeDate\": \"2021-03-08T22:37:33.901Z\",\n \"lastLoginTimestamp\": 1656327185832,\n \"currentLoginTimestamp\": 1656327185832,\n \"capabilities\": [\n \"ORG_ADMIN\",\n \"ORG_ADMIN\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e7e43e9-c2c5-4ef2-ab26-4bc1b6a1a59a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/capabilities\",\n \"value\": [\n \"ORG_ADMIN\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eec4c8a6-945a-4e33-ab7a-226051aef949", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/capabilities\",\n \"value\": [\n \"ORG_ADMIN\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f20fe3a3-1333-4428-b072-4f6adfad0897", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/capabilities\",\n \"value\": [\n \"ORG_ADMIN\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "79280b42-16f7-4809-81b2-827d8c88dc9b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/capabilities\",\n \"value\": [\n \"ORG_ADMIN\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "42806f9c-7f88-4e0a-926c-84e40445817b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/capabilities\",\n \"value\": [\n \"ORG_ADMIN\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e8c4ac08-e025-46e4-af79-60e8abe25d32", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "auth-users", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/capabilities\",\n \"value\": [\n \"ORG_ADMIN\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Branding", + "description": "Use this API to implement and customize branding functionality. \nWith this functionality in place, administrators can get and manage existing branding items, and they can also create new branding items and configure them for use throughout Identity Security Cloud. \nThe Branding APIs provide administrators with a way to customize branding items. \nThis customization includes details like their colors, logos, and other information. \nRefer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) for more information about certifications.\n", + "item": [ + { + "id": "37c9f0ca-ca0e-47b7-8165-aa64ae503f19", + "name": "List of branding items", + "request": { + "name": "List of branding items", + "description": { + "content": "This API endpoint returns a list of branding items.\n\nA token with API, ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "39c218ef-393d-463f-9909-7a498f561bce", + "name": "A list of branding items.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"default\",\n \"productName\": \"product name\",\n \"actionButtonColor\": \"0074D9\",\n \"activeLinkColor\": \"pariatur\",\n \"navigationColor\": \"eiusmod anim \",\n \"emailFromAddress\": \"no-reply@sailpoint.com\",\n \"standardLogoURL\": \"\",\n \"loginInformationalMessage\": \"\"\n },\n {\n \"name\": \"default\",\n \"productName\": \"product name\",\n \"actionButtonColor\": \"0074D9\",\n \"activeLinkColor\": \"fugiat ea\",\n \"navigationColor\": \"ut\",\n \"emailFromAddress\": \"no-reply@sailpoint.com\",\n \"standardLogoURL\": \"\",\n \"loginInformationalMessage\": \"\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "abb387a8-1d8d-4a60-910b-2ec469c188dc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "501377d0-b376-4232-869b-cfa422f6ef05", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "679f368b-2660-4198-8657-ca3c1ed206ab", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e11dd67-3e18-44b4-a72e-5de9c7cc3d30", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a50e1256-517d-4c51-a17d-b7fbe5ed8464", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5340998b-511a-41c9-ac72-034cbc7a1bf0", + "name": "Create a branding item", + "request": { + "name": "Create a branding item", + "description": { + "content": "This API endpoint creates a branding item.\nA token with API, ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "b5632694-5b15-47d2-8b52-5a58481ef5b4", + "name": "Branding item created", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"default\",\n \"productName\": \"product name\",\n \"actionButtonColor\": \"0074D9\",\n \"activeLinkColor\": \"in aute\",\n \"navigationColor\": \"Ut et consectetur a\",\n \"emailFromAddress\": \"no-reply@sailpoint.com\",\n \"standardLogoURL\": \"\",\n \"loginInformationalMessage\": \"\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f3b49ee1-6148-4d42-b596-3a7a3c05d47c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "39e983b1-8c9c-4738-8330-fb847f38f13b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dbdded8f-b587-4033-a929-bf8defdbfed5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a67a586-4c94-407b-9712-d1bf48f34035", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "828b1b71-0aeb-4fe2-b484-047a737deb0e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "brandings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7d96c3bc-faf1-4f1f-b158-4bccb50a4dca", + "name": "Get a branding item", + "request": { + "name": "Get a branding item", + "description": { + "content": "This API endpoint retrieves information for an existing branding item by name.\nA token with API, ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "default", + "key": "name", + "disabled": true, + "description": { + "content": "(Required) The name of the branding item to be retrieved", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7c50e32c-b7e4-4b04-9c5e-a5f9a60b921f", + "name": "A branding item object", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"default\",\n \"productName\": \"product name\",\n \"actionButtonColor\": \"0074D9\",\n \"activeLinkColor\": \"in aute\",\n \"navigationColor\": \"Ut et consectetur a\",\n \"emailFromAddress\": \"no-reply@sailpoint.com\",\n \"standardLogoURL\": \"\",\n \"loginInformationalMessage\": \"\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b49cefc0-cdd2-47a2-bcc9-24470b137e0d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dbf4c510-3280-436e-b399-7a5c783cca78", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59df2185-b934-4d2a-9331-3d13e4f88280", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2896fd87-b6ff-41fe-9a52-24fd73d9b377", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "341ab4c0-999b-478f-a6ac-d23ed3d1de2e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47bce5e8-5836-482a-92ff-7d3c09db5259", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "16cbe126-cbc3-4ce3-9b8f-900b59048e7a", + "name": "Update a branding item", + "request": { + "name": "Update a branding item", + "description": { + "content": "This API endpoint updates information for an existing branding item.\nA token with API, ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "default", + "key": "name", + "disabled": true, + "description": { + "content": "(Required) The name of the branding item to be retrieved", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "3ababe0a-f95e-4348-92b2-02cff02c9246", + "name": "Branding item updated", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"default\",\n \"productName\": \"product name\",\n \"actionButtonColor\": \"0074D9\",\n \"activeLinkColor\": \"in aute\",\n \"navigationColor\": \"Ut et consectetur a\",\n \"emailFromAddress\": \"no-reply@sailpoint.com\",\n \"standardLogoURL\": \"\",\n \"loginInformationalMessage\": \"\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8cfc50a5-49a3-4b00-a3a7-6c584aa027e7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "773b6df9-90fe-4593-8c6b-7111322d4e50", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "42e4259d-8710-4ae0-b2b1-d46bb0b23a59", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be5dfd30-2aee-4e97-ba0f-d9944748808f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0c6ed6d5-23a5-43b3-a1d2-0385d2a6de7e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bfeb2d98-0eb8-4aa2-ba2b-e446559151a4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) name of branding item", + "type": "text/plain" + }, + "key": "name", + "value": "custom-branding-item", + "type": "text" + }, + { + "description": { + "content": "(Required) product name", + "type": "text/plain" + }, + "key": "productName", + "value": "product name", + "type": "text" + }, + { + "description": { + "content": "hex value of color for action button", + "type": "text/plain" + }, + "key": "actionButtonColor", + "value": "0074D9", + "type": "text" + }, + { + "description": { + "content": "hex value of color for link", + "type": "text/plain" + }, + "key": "activeLinkColor", + "value": "ipsum fugiat occaecat", + "type": "text" + }, + { + "description": { + "content": "hex value of color for navigation bar", + "type": "text/plain" + }, + "key": "navigationColor", + "value": "proident sint Lorem", + "type": "text" + }, + { + "description": { + "content": "email from address", + "type": "text/plain" + }, + "key": "emailFromAddress", + "value": "no-reply@sailpoint.com", + "type": "text" + }, + { + "description": { + "content": "login information message", + "type": "text/plain" + }, + "key": "loginInformationalMessage", + "value": "", + "type": "text" + }, + { + "description": { + "content": "png file with logo", + "type": "text/plain" + }, + "key": "fileStandard", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7ba8eec7-d891-4f26-8089-dfe547493003", + "name": "Delete a branding item", + "request": { + "name": "Delete a branding item", + "description": { + "content": "This API endpoint delete information for an existing branding item by name.\nA token with API, ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "default", + "key": "name", + "disabled": true, + "description": { + "content": "(Required) The name of the branding item to be deleted", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "a54b69cc-14b9-4350-bf81-a4e4f1418b20", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "946e0b21-8fc9-45b7-910b-16981b15bf0a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "03984a9c-c58e-4025-946a-7d13e5faada2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "38386282-2c60-411e-83b9-a2ad53f7aedb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f975f1fc-f0d5-477b-8fcd-08353e55c947", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "abcdfb1d-daee-459b-bfcf-404f7e7831c2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17984876-c60b-4bb7-929b-ca07bd8c66e2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "brandings", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Certification Campaign Filters", + "description": "Use this API to implement the certification campaign filter functionality. These filters can be used to create a certification campaign that includes a subset of your entitlements or users to certify.\n\nFor example, if for a certification campaign an organization wants to certify only specific users or entitlements, then those can be included/excluded on the basis of campaign filters.\n\nFor more information about creating a campaign filter, refer to [Creating a Campaign Filter](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#creating-a-campaign-filter)\n\nYou can create campaign filters using any of the following criteria types:\n\n- Access Profile : This criteria type includes or excludes access profiles from a campaign.\n\n- Account Attribute : This criteria type includes or excludes certification items that match a specified value in an account attribute.\n\n- Entitlement : This criteria type includes or excludes entitlements from a campaign.\n\n- Identity : This criteria type includes or excludes specific identities from your campaign.\n\n- Identity Attribute : This criteria type includes or excludes identities based on whether they have an identity attribute that matches criteria you've chosen.\n\n- Role : This criteria type includes or excludes roles, as opposed to identities.\n\n- Source : This criteria type includes or excludes entitlements from a source you select.\n\nFor more information about these criteria types, refer to [Types of Campaign Filters](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#types-of-campaign-filters)\n\nOnce the campaign filter is created, it can be linked while creating the campaign. The generated campaign will have the items to review as per the campaign filter.\n\nFor example, An inclusion campaign filter is created with a source of Source 1, an operation of Equals, and an entitlement of Entitlement 1. When this filter is selected, only users who have Entitlement 1 are included in the campaign, and only Entitlement 1 is shown in the certification.\n", + "item": [ + { + "id": "0c1808c8-4068-406c-b103-d19accd2b1a3", + "name": "Create Campaign Filter", + "request": { + "name": "Create Campaign Filter", + "description": { + "content": "Use this API to create a campaign filter based on filter details and criteria.", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "a324427e-e3e8-4bc7-917c-14d05e9dbacc", + "name": "Created successfully.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "764319aa-e6f4-49c5-b186-6e9487b4713c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "20c623a3-91c1-481a-aaab-207e70bf71e4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7bebacc9-504d-4057-8a26-f3596daa8922", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2b89182d-0081-4c84-97c8-0683791591cf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4036be1a-0643-4e1a-b31b-657de08056d5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ffc3f875-962f-4bd1-af57-d5732b758ca2", + "name": "List Campaign Filters", + "request": { + "name": "List Campaign Filters", + "description": { + "content": "Use this API to list all campaign filters. You can reduce scope with standard V3 query parameters.", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "start", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. ", + "type": "text/plain" + }, + "key": "includeSystemFilters", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "33fca9c4-e6f9-44c5-a4b8-0de5362ff150", + "name": "List of campaign filter objects.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "start", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. ", + "type": "text/plain" + }, + "key": "includeSystemFilters", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"items\": [\n {\n \"id\": \"5b8a2ba86393dd174495c4436dd76b25\",\n \"name\": \"IdentityAttribute Inclusion Campaign Filter\",\n \"description\": \"IdentityAttribute Inclusion Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"#\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ],\n \"isSystemFilter\": false\n },\n {\n \"id\": \"e9f9a1397b842fd5a65842087040d3ac\",\n \"name\": \"Exclusion Campaign Filter\",\n \"description\": \"Campaign filter for Exclusion update\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"EXCLUSION\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"#@\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ],\n \"isSystemFilter\": false\n }\n ],\n \"count\": 2\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74c7494f-2b4d-45c2-9f42-681d62f2b003", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "start", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. ", + "type": "text/plain" + }, + "key": "includeSystemFilters", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55f8aeb8-a4d3-43f1-bc70-80cc6ddba7ce", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "start", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. ", + "type": "text/plain" + }, + "key": "includeSystemFilters", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9c7117f7-be98-4d90-bf68-9bd7ec07d1b1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "start", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. ", + "type": "text/plain" + }, + "key": "includeSystemFilters", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a263898d-3404-40e7-979e-1a4ba717cf00", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "start", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. ", + "type": "text/plain" + }, + "key": "includeSystemFilters", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53ee1f71-ad0f-443e-a4f6-c9d42c49c89f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "start", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. ", + "type": "text/plain" + }, + "key": "includeSystemFilters", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "bcae3479-88f9-4a89-a049-1783367b8874", + "name": "Get Campaign Filter by ID", + "request": { + "name": "Get Campaign Filter by ID", + "description": { + "content": "Retrieves information for an existing campaign filter using the filter's ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "id" + }, + { + "disabled": true, + "description": { + "content": "(Required) The ID of the campaign filter to be retrieved.", + "type": "text/plain" + }, + "type": "any", + "value": "e9f9a1397b842fd5a65842087040d3ac", + "key": "filterId" + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ee5a7117-b7e5-4770-a296-66013f88e5b9", + "name": "A campaign filter object.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n },\n {\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d02ee9a-3888-4041-bf68-27a0de780874", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a30ad01a-7a48-43a4-9710-617077c87b67", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b0ba82a-0b78-4334-937f-80491fdfaa41", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "95e2c500-30e3-4f1a-9463-0f9030477194", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b62be9f8-50b9-44f5-985b-1399b0a0b7b7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6c7cf8a6-e847-4313-9a79-aae3b7cbbd09", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "dd1a915f-f5dc-4f41-84b9-ca805b42c0d3", + "name": "Updates a Campaign Filter", + "request": { + "name": "Updates a Campaign Filter", + "description": { + "content": "Updates an existing campaign filter using the filter's ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "id" + }, + { + "disabled": true, + "description": { + "content": "(Required) The ID of the campaign filter being modified.", + "type": "text/plain" + }, + "type": "any", + "value": "e9f9a1397b842fd5a65842087040d3ac", + "key": "filterId" + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "5bb2e871-eebe-4444-a876-55e4afcf46b5", + "name": "Created successfully.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "66408a3f-b7ba-41e5-9259-7a56253847b6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b9da8fe7-d876-4c6d-95ea-cfa1650e9f6e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5bfed985-6943-48b2-9bb1-7a01db3658f9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c64523e0-40e2-4804-8717-729d00bda766", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2749aea3-9516-4c8f-89d1-920cf8c620c0", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Identity Attribute Campaign Filter\",\n \"owner\": \"SailPoint Support\",\n \"mode\": \"INCLUSION\",\n \"description\": \"Campaign filter to certify data based on an identity attribute's specified property.\",\n \"criteriaList\": [\n {\n \"type\": \"IDENTITY_ATTRIBUTE\",\n \"property\": \"displayName\",\n \"value\": \"support\",\n \"operation\": \"CONTAINS\",\n \"negateResult\": false,\n \"shortCircuit\": false,\n \"recordChildMatches\": false,\n \"id\": null,\n \"suppressMatchedItems\": false,\n \"children\": null\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "80ed6e32-d504-4d6b-8308-32ec5cf53904", + "name": "Deletes Campaign Filters", + "request": { + "name": "Deletes Campaign Filters", + "description": { + "content": "Deletes campaign filters whose Ids are specified in the provided list of campaign filter Ids. Authorized callers must be an ORG_ADMIN or a CERT_ADMIN.", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-filters", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"2efb374d392c4d88a34sv7b11e8a4eq6\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "fdaabd29-ee14-45f1-ab81-daa271d41d5c", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"2efb374d392c4d88a34sv7b11e8a4eq6\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "91fe3469-19da-4534-9846-4cbd3d1ba2e6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"2efb374d392c4d88a34sv7b11e8a4eq6\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa9db6cf-63d9-4e89-ac20-b215d8ecbf56", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"2efb374d392c4d88a34sv7b11e8a4eq6\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e50773b1-beee-4eb0-a49a-642025b2ac84", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"2efb374d392c4d88a34sv7b11e8a4eq6\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5fffebfe-682d-4135-8652-cb69a3ca6b80", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"2efb374d392c4d88a34sv7b11e8a4eq6\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49e9f544-a4c1-420d-97c3-c421d550595c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"2efb374d392c4d88a34sv7b11e8a4eq6\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3273e15c-e9fe-49d2-8487-0299233c404b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-filters", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"2efb374d392c4d88a34sv7b11e8a4eq6\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Certification Campaigns", + "description": "Use this API to implement certification campaign functionality.\nWith this functionality in place, administrators can create, customize, and manage certification campaigns for their organizations' use. \nCertification campaigns provide Identity Security Cloud users with an interactive review process they can use to identify and verify access to systems. \nCampaigns help organizations reduce risk of inappropriate access and satisfy audit requirements. \n\nA certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. \nThese certifications serve as a way of showing that a user's access has been reviewed and approved. \nMultiple certifications by different reviewers are often required to approve a user's access. \nA set of multiple certifications is called a certification campaign. \n\nFor example, an organization may use a Manager Certification campaign as a way of showing that a user's access has been reviewed and approved by multiple managers. \nOnce this campaign has been completed, Identity Security Cloud would provision all the access the user needs, nothing more. \n\nIdentity Security Cloud provides two simple campaign types users can create without using search queries, Manager and Source Owner campaigns:\n\nYou can create these types of campaigns without using any search queries in Identity Security Cloud: \n\n- ManagerCampaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access is certified by their managers. \nYou only need to provide a name and description to create one. \n\n- Source Owner Campaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access to a source is certified by its source owners. \nYou only need to provide a name and description to create one. \nYou can specify the sources whose owners you want involved or just run it across all sources. \n\nFor more information about these campaign types, refer to [Starting a Manager or Source Owner Campaign](https://documentation.sailpoint.com/saas/help/certs/starting_campaign.html).\n\nOne useful way to create certification campaigns in Identity Security Cloud is to use a specific search and then run a campaign on the results returned by that search. \nThis allows you to be much more specific about whom you are certifying in your campaigns and what access you are certifying in your campaigns. \nFor example, you can search for all identities who are managed by \"Amanda.Ross\" and also have the access to the \"Accounting\" role and then run a certification campaign based on that search to ensure that the returned identities are appropriately certified. \n\nYou can use Identity Security Cloud search queries to create these types of campaigns: \n\n- Identities: Use this campaign type to review and revoke access items for specific identities. \nYou can either build a search query and create a campaign certifying all identities returned by that query, or you can search for individual identities and add those identities to the certification campaign. \n\n- Access Items: Use this campaign type to review and revoke a set of roles, access profiles, or entitlements from the identities that have them. \nYou can either build a search query and create a campaign certifying all access items returned by that query, or you can search for individual access items and add those items to the certification campaign. \n\n- Role Composition: Use this campaign type to review a role's composition, including its title, description, and membership criteria. \nYou can either build a search query and create a campaign certifying all roles returned by that query, or you can search for individual roles and add those roles to the certification campaign. \n\n- Uncorrelated Accounts: Use this campaign type to certify source accounts that aren't linked to an authoritative identity in Identity Security Cloud. \nYou can use this campaign type to view all the uncorrelated accounts for a source and certify them. \n\nFor more information about search-based campaigns, refer to [Starting a Campaign from Search](https://documentation.sailpoint.com/saas/help/certs/starting_search_campaign.html).\n\nOnce you have generated your campaign, it becomes available for preview. \nAn administrator can review the campaign and make changes, or if it's ready and accurate, activate it. \n\nOnce the campaign is active, organization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers. \nThose reviewers can view any of the certifications they either need to review (active) or have already reviewed (completed).\n\nWhen a certification campaign is in progress, certification reviewers see the listed active certifications whose involved identities they can review. \nReviewers can then make decisions to grant or revoke access, as well as reassign the certification to another reviewer. If the reviewer chooses this option, they must provide a reason for reassignment in the form of a comment.\n\nOnce a reviewer has made decisions on all the certification's involved access items, he or she must \"Sign Off\" to complete the review process.\nDoing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items. \n\nOnce all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase. \nIn the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation.\nIn this situation, the certification campaign completes once all the remediation requests are completed. \n\nThe end of a certification campaign is determined by its deadline, its completion status, or by an administrator's decision. \n\nFor more information about certifications and certification campaigns, refer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html).\n", + "item": [ + { + "id": "384a1c58-ef38-4354-b29c-4d194587d17a", + "name": "List Campaigns", + "request": { + "name": "List Campaigns", + "description": { + "content": "Use this API to get a list of campaigns. This API can provide increased level of detail for each campaign for the correct provided query.\n\nA token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**status**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Manager Campaign\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "130f9055-6cf3-4199-b0c2-0d9b0a4b84ea", + "name": "Slim Campaign", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**status**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Manager Campaign\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c918086719eec070171a7e3355a360a\",\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.123Z\",\n \"type\": \"MANAGER\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"created\": \"2022-08-02T19:00:27.731Z\",\n \"totalCertifications\": 10,\n \"completedCertifications\": 3,\n \"alerts\": [\n {\n \"level\": \"ERROR\",\n \"localizations\": [\n {\n \"locale\": \"en\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"Composite criterion must have children non-composite criterion must not.\"\n }\n ]\n }\n ]\n },\n {\n \"id\": \"7e1a731e3fb845cfbe58112ba4673ee4\",\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign Info\",\n \"deadline\": \"2022-07-26T15:42:44.000Z\",\n \"type\": \"SEARCH\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"created\": \"2022-07-25T15:42:18.276Z\",\n \"totalCertifications\": 5,\n \"completedCertifications\": 3,\n \"alerts\": null\n },\n {\n \"id\": \"2c918086719eec070171a7e3355a412b\",\n \"name\": \"AD Source Review\",\n \"description\": \"A review of our AD source.\",\n \"deadline\": \"2020-12-25T06:00:00.123Z\",\n \"type\": \"SOURCE_OWNER\",\n \"status\": \"STAGED\",\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"created\": \"2022-07-27T17:04:19.027Z\",\n \"totalCertifications\": 7,\n \"completedCertifications\": 3,\n \"alerts\": [\n {\n \"level\": \"WARN\",\n \"localizations\": [\n {\n \"locale\": \"en\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"Composite criterion is in wrong format.\"\n }\n ]\n }\n ]\n },\n {\n \"id\": \"3b2e2e5821e84127b6d693d41c40623b\",\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"created\": \"2022-08-02T20:29:51.065Z\",\n \"totalCertifications\": 1,\n \"completedCertifications\": 1,\n \"alerts\": null\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a06ed0be-e915-4795-8d41-d7a781f3079c", + "name": "Full Campaign", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**status**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Manager Campaign\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"078696a575e045c68d6722ccdb9f101d\",\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"status\": \"ERROR\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"modified\": \"2022-08-02T20:29:51.331Z\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"name\": \"Test Role Composition Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"reviewerId\": null,\n \"reviewer\": null,\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ],\n \"query\": null,\n \"description\": null\n },\n \"sourcesWithOrphanEntitlements\": null,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n },\n {\n \"id\": \"1be8fc1103914bf0a4e14e316b6a7b7c\",\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"MANAGER\",\n \"status\": \"STAGED\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"modified\": \"2022-08-02T19:00:34.391Z\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"name\": \"Test Manager Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"sourcesWithOrphanEntitlements\": [],\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n },\n {\n \"id\": \"7e1a731e3fb845cfbe58112ba4673ee4\",\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign for Identities\",\n \"deadline\": \"2022-07-26T15:42:44.000Z\",\n \"type\": \"SEARCH\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"modified\": \"2022-07-25T15:42:53.718Z\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"name\": \"Test Search Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": {\n \"type\": \"IDENTITY\",\n \"description\": \"Example of Search Campaign\",\n \"reviewer\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": null\n },\n \"query\": \"user\",\n \"identityIds\": null,\n \"accessConstraints\": []\n },\n \"roleCompositionCampaignInfo\": null,\n \"sourcesWithOrphanEntitlements\": [],\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n },\n {\n \"id\": \"ad3cf3dd50394b1bad646de4bc51b999\",\n \"name\": \"Source Owner Campaign\",\n \"description\": \"Example for Source Owner Campaign\",\n \"deadline\": \"2022-08-10T17:09:02.000Z\",\n \"type\": \"SOURCE_OWNER\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"modified\": \"2022-07-27T17:09:13.925Z\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"name\": \"Test Source Owner Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c91808781fd5aea01821200dc88318e\"\n ]\n },\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"sourcesWithOrphanEntitlements\": [],\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1143adc9-cbeb-45c5-aed4-2d1932543a63", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**status**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Manager Campaign\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9867a294-4e98-4cd3-a538-cc44485acf54", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**status**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Manager Campaign\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8729b5a2-1c30-4545-8491-76962f7c0ce4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**status**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Manager Campaign\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a3b1aee-75db-4f63-a1fb-e2713837b8e5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**status**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Manager Campaign\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb6be93d-9001-4121-a6c1-01b7eae62ff1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**status**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Manager Campaign\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e2418b66-244d-4f14-830c-3714390071d5", + "name": "Create a campaign", + "request": { + "name": "Create a campaign", + "description": { + "content": "Use this API to create a certification campaign with the information provided in the request body.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"MANAGER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d142c371-9dd6-4431-9b2a-49821ec858ce", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"MANAGER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"5594f43b76804a6980ece5fdccf74be7\",\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"MANAGER\",\n \"status\": \"PENDING\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"created\": \"2022-08-02T20:21:18.421Z\",\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"name\": \"Test Manager Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": 0,\n \"completedCertifications\": 0,\n \"sourcesWithOrphanEntitlements\": null,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "facac04e-c7f0-4597-88cb-422e625a846a", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SEARCH\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"user\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"ec041831cb2147778b594feb9d8db44a\",\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SEARCH\",\n \"status\": \"PENDING\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"created\": \"2022-08-03T13:54:34.344Z\",\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"name\": \"Test Search Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"description\": \"user\",\n \"reviewer\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": null\n },\n \"query\": \"user\",\n \"identityIds\": null,\n \"accessConstraints\": []\n },\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": 0,\n \"completedCertifications\": 0,\n \"sourcesWithOrphanEntitlements\": null,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9bc8969d-aaa0-4783-bd71-9d4605672246", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Source Owner\",\n \"description\": \"Source Owner Info\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SOURCE_OWNER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"612b31b1a0f04aaf83123bdb80e70db6\"\n ]\n },\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"fd7b76ba4ea042de8a9414aa12fc977a\",\n \"name\": \"Source Owner\",\n \"description\": \"Source Owner Info\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SOURCE_OWNER\",\n \"status\": \"PENDING\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"created\": \"2022-08-03T13:34:19.541Z\",\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"name\": \"Test Source Owner Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"sourceIds\": [\n \"612b31b1a0f04aaf83123bdb80e70db6\"\n ],\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": 0,\n \"completedCertifications\": 0,\n \"sourcesWithOrphanEntitlements\": null,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f399af40-46ec-4a7e-a19f-a34457dd7408", + "name": "Role Composition", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ]\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"3b2e2e5821e84127b6d693d41c40623b\",\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"status\": \"PENDING\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"created\": \"2022-08-02T20:30:46.083Z\",\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0fbe863c063c4c88a35fd7f17e8a3df5\",\n \"name\": \"Test Role Composition Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"reviewerId\": null,\n \"reviewer\": null,\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ],\n \"query\": null,\n \"description\": null\n },\n \"alerts\": null,\n \"totalCertifications\": 0,\n \"completedCertifications\": 0,\n \"sourcesWithOrphanEntitlements\": null,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a71530c5-5348-4670-9b17-0f1e61c71d3b", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"MANAGER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "31759ad2-a2f1-4adb-a245-a1cbf79ff5ab", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SEARCH\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"user\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e7d544d-02a2-4849-b47c-3a2214f543d0", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Source Owner\",\n \"description\": \"Source Owner Info\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SOURCE_OWNER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"612b31b1a0f04aaf83123bdb80e70db6\"\n ]\n },\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5dd528ba-3cf6-46c4-88e2-15e971d5c5ae", + "name": "Role Composition", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ]\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "94a377e0-4089-401a-9301-19efb29ac6d4", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"MANAGER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b354c760-44c0-4c32-9d6b-8965db9cd792", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SEARCH\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"user\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57abcee2-dc59-4519-9f02-1329713d3fe5", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Source Owner\",\n \"description\": \"Source Owner Info\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SOURCE_OWNER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"612b31b1a0f04aaf83123bdb80e70db6\"\n ]\n },\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "094ca577-6467-485c-b99c-c47579a44d3b", + "name": "Role Composition", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ]\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e021cdcd-b912-4f47-b80d-446c3451e316", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"MANAGER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4eeed6cd-e86e-4284-8205-85bd1e7f9db7", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SEARCH\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"user\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d588e76-38ac-44d7-b3a8-87056c769085", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Source Owner\",\n \"description\": \"Source Owner Info\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SOURCE_OWNER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"612b31b1a0f04aaf83123bdb80e70db6\"\n ]\n },\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d41cda7-d949-4f35-8584-3dea8290f747", + "name": "Role Composition", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ]\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1fd63ea0-08ca-489c-87f9-84b830256af1", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"MANAGER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a3fece6-6955-461b-8388-ddb8ca345b91", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SEARCH\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"user\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f3263e69-e604-46bb-9aef-008a8067660f", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Source Owner\",\n \"description\": \"Source Owner Info\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SOURCE_OWNER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"612b31b1a0f04aaf83123bdb80e70db6\"\n ]\n },\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7f38142d-5bf8-4580-821d-5424e15b9cf4", + "name": "Role Composition", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ]\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "32ed1165-5249-4264-88ff-eaac4546d108", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"MANAGER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5c16511-2b52-4e44-a492-782702853526", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SEARCH\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"user\"\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9c0975e4-dc60-4f2a-8d51-467eb6d4ccdf", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Source Owner\",\n \"description\": \"Source Owner Info\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"SOURCE_OWNER\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"612b31b1a0f04aaf83123bdb80e70db6\"\n ]\n },\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec4d1c58-67ce-45f4-affa-d8682030a103", + "name": "Role Composition", + "originalRequest": { + "url": { + "path": [ + "campaigns" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"0c46fb26c6b20967a55517ee90d15b93\"\n },\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ]\n },\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "152dc52f-df46-4e63-89dc-42b7355b7fe5", + "name": "Get Campaign", + "request": { + "name": "Get Campaign", + "description": { + "content": "Use this API to get information for an existing certification campaign by the campaign's ID.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [ + { + "type": "any", + "value": "2c91808571bcfcf80171c23e4b4221fc", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign to be retrieved.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7aef421b-080f-44ae-9949-a09373ca4185", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c918086719eec070171a7e3355a360a\",\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.123Z\",\n \"type\": \"MANAGER\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3a59022a-4c93-417b-9c0c-622659dd33f9", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"7e1a731e3fb845cfbe58112ba4673ee4\",\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign Info\",\n \"deadline\": \"2022-07-26T15:42:44.000Z\",\n \"type\": \"SEARCH\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe0f93b9-8a9e-4fd1-80d4-2a26c375dbe7", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c918086719eec070171a7e3355a412b\",\n \"name\": \"AD Source Review\",\n \"description\": \"A review of our AD source.\",\n \"deadline\": \"2020-12-25T06:00:00.123Z\",\n \"type\": \"SOURCE_OWNER\",\n \"status\": \"STAGED\",\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "565fd767-200e-4e99-bd01-3b3add2d4d35", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"3b2e2e5821e84127b6d693d41c40623b\",\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c21ad82c-f97e-4891-b7eb-a1ea759aa656", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ca3c7583-ab63-49d8-b8a3-686dcd20a032", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "019b40e8-422d-48dc-944a-d738c9257f49", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5fe84b66-80a2-4e8c-aefa-a55a4cc47d8b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2cbdc40f-607b-49b9-98a2-776e36eac177", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b2c5767e-bbf9-4290-b5e8-27ea4134e00b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.", + "type": "text/plain" + }, + "key": "detail", + "value": "FULL" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "967b0586-173f-45b6-8e38-4358eb2f5f00", + "name": "Update a Campaign", + "request": { + "name": "Update a Campaign", + "description": { + "content": "Use this API to update individual fields on a certification campaign, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808571bcfcf80171c23e4b4221fc", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign template being modified.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d300795f-7008-4ddc-b8eb-d3daeea72898", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c918086719eec070171a7e3355a360a\",\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadline\": \"2020-12-25T06:00:00.123Z\",\n \"type\": \"MANAGER\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "62a213fd-ba98-4d16-8471-8d858d405d06", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"7e1a731e3fb845cfbe58112ba4673ee4\",\n \"name\": \"Search Campaign\",\n \"description\": \"Search Campaign Info\",\n \"deadline\": \"2022-07-26T15:42:44.000Z\",\n \"type\": \"SEARCH\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d2f450f-9343-424a-a9fd-f5c1b18584d1", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c918086719eec070171a7e3355a412b\",\n \"name\": \"AD Source Review\",\n \"description\": \"A review of our AD source.\",\n \"deadline\": \"2020-12-25T06:00:00.123Z\",\n \"type\": \"SOURCE_OWNER\",\n \"status\": \"STAGED\",\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f8057676-3a8f-4450-ba7c-f793ad678656", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"3b2e2e5821e84127b6d693d41c40623b\",\n \"name\": \"Role Composition Campaign\",\n \"description\": \"A review done by a role owner.\",\n \"deadline\": \"2020-12-25T06:00:00.468Z\",\n \"type\": \"ROLE_COMPOSITION\",\n \"status\": \"ACTIVE\",\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "514143ac-9691-4679-bb54-f8550220ce2b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ccb3ecf0-6a57-48ba-b3ec-db1f6d6a8397", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "69b8edf2-8dca-428b-96ec-863cc07714bb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7c4288b5-8c49-4472-9509-8fcc81fb490f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "72af8d0e-bfc4-4c26-81a3-00c4c6581d33", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b4dcd3a7-0c5a-4db7-93c8-29af4b3590bb", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"This field has been updated!\"\n },\n {\n \"op\": \"copy\",\n \"from\": \"/name\",\n \"path\": \"/description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "393bfc1d-c3a0-43b6-aefa-268587c6b991", + "name": "Reassign Certifications", + "request": { + "name": "Reassign Certifications", + "description": { + "content": "This API reassigns the specified certifications from one identity to another.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The certification campaign ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"certificationIds\": [\n \"af3859464779471211bb8424a563abc1\",\n \"af3859464779471211bb8424a563abc2\",\n \"af3859464779471211bb8424a563abc3\"\n ],\n \"reassignTo\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"IDENTITY\"\n },\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "a31c05f2-38fa-4a18-b7fb-758731b91c54", + "name": "The reassign task that has been submitted.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"certificationIds\": [\n \"af3859464779471211bb8424a563abc1\",\n \"af3859464779471211bb8424a563abc2\",\n \"af3859464779471211bb8424a563abc3\"\n ],\n \"reassignTo\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"IDENTITY\"\n },\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c918086719eec070171a7e3355a360a\",\n \"type\": \"ADMIN_REASSIGN\",\n \"targetType\": \"CAMPAIGN\",\n \"targetId\": \"2c918086719eec070171a7e3355a834c\",\n \"status\": \"QUEUED\",\n \"errors\": [],\n \"created\": \"2020-09-24T18:10:47.693Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d1ac6629-9039-404b-a34f-473d22600e04", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"certificationIds\": [\n \"af3859464779471211bb8424a563abc1\",\n \"af3859464779471211bb8424a563abc2\",\n \"af3859464779471211bb8424a563abc3\"\n ],\n \"reassignTo\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"IDENTITY\"\n },\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "997d2df7-3554-4cf8-a885-8a27833b7e96", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"certificationIds\": [\n \"af3859464779471211bb8424a563abc1\",\n \"af3859464779471211bb8424a563abc2\",\n \"af3859464779471211bb8424a563abc3\"\n ],\n \"reassignTo\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"IDENTITY\"\n },\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9437f7e9-1bf5-4f30-aeff-a1a5039a62e5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"certificationIds\": [\n \"af3859464779471211bb8424a563abc1\",\n \"af3859464779471211bb8424a563abc2\",\n \"af3859464779471211bb8424a563abc3\"\n ],\n \"reassignTo\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"IDENTITY\"\n },\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "637ecce7-2524-4953-9a82-b51eeb62f27c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"certificationIds\": [\n \"af3859464779471211bb8424a563abc1\",\n \"af3859464779471211bb8424a563abc2\",\n \"af3859464779471211bb8424a563abc3\"\n ],\n \"reassignTo\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"IDENTITY\"\n },\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e83a032d-e6bf-403b-a410-6bfcf99ec1b6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"certificationIds\": [\n \"af3859464779471211bb8424a563abc1\",\n \"af3859464779471211bb8424a563abc2\",\n \"af3859464779471211bb8424a563abc3\"\n ],\n \"reassignTo\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"IDENTITY\"\n },\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "79a42146-e581-424f-b7e1-0b6b75a2c65d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"certificationIds\": [\n \"af3859464779471211bb8424a563abc1\",\n \"af3859464779471211bb8424a563abc2\",\n \"af3859464779471211bb8424a563abc3\"\n ],\n \"reassignTo\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"IDENTITY\"\n },\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b0cfc645-90fa-4fa8-8063-a437b1e74343", + "name": "Activate a Campaign", + "request": { + "name": "Activate a Campaign", + "description": { + "content": "Use this API to submit a job to activate the certified campaign with the specified ID. The campaign must be staged.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. \n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + ":id", + "activate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Campaign ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"timeZone\": \"-05:00\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "a73990f2-d4f9-458f-a9b9-0fec26b92cdd", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "activate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"timeZone\": \"-05:00\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc109225-6648-4183-8dc3-296383d00459", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "activate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"timeZone\": \"-05:00\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8137ba07-f988-4fd6-84b2-0556ddc3c83e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "activate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"timeZone\": \"-05:00\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fb1fa9cf-ba95-4dfd-90d0-b5995b699317", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "activate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"timeZone\": \"-05:00\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "131fb84a-c013-4b24-abd6-9669ff31d1b4", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "activate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"timeZone\": \"-05:00\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e42d3326-2940-4235-9ab9-42bb29ca2398", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "activate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"timeZone\": \"-05:00\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a5b274c5-29a2-4915-8a64-52a34c90f5c2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "activate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"timeZone\": \"-05:00\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "83890250-da1e-4e84-abc5-ac0ca8209dc7", + "name": "Complete a Campaign", + "request": { + "name": "Complete a Campaign", + "description": { + "content": ":::caution\n\nThis endpoint will run successfully for any campaigns that are **past due**.\n\nThis endpoint will return a content error if the campaign is **not past due**.\n\n:::\n\nUse this API to complete a certification campaign. This functionality is provided to admins so that they\ncan complete a certification even if all items have not been completed.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Campaign ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"autoCompleteAction\": \"REVOKE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "93325401-913c-46a1-a952-43e852588fce", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"autoCompleteAction\": \"REVOKE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b9728ff-cd1a-4924-bfd9-268dfda7fd33", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"autoCompleteAction\": \"REVOKE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6cfde338-7949-49a6-a60c-501f5f8819f9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"autoCompleteAction\": \"REVOKE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e144914d-ed9e-4e00-89bc-ca195da35942", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"autoCompleteAction\": \"REVOKE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a275376-9735-434d-bbe8-e7ab3dd6c360", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"autoCompleteAction\": \"REVOKE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b426d5a-cafc-4d39-897e-f8e6bc6e3d45", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"autoCompleteAction\": \"REVOKE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc5aa184-b8f0-445d-a6c0-0a74c5720558", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"autoCompleteAction\": \"REVOKE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "577a760c-00f0-4347-a62f-3c7c9d4e53f0", + "name": "Delete Campaigns", + "request": { + "name": "Delete Campaigns", + "description": { + "content": "Use this API to delete certification campaigns whose IDs are specified in the provided list of campaign IDs.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2c9180887335cee10173490db1776c26\",\n \"2c9180836a712436016a7125a90c0021\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "ee08c8e1-6952-45b6-bdff-ecbadf7ab1d1", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2c9180887335cee10173490db1776c26\",\n \"2c9180836a712436016a7125a90c0021\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "103f069c-0ae4-424b-84b8-a326f74cd40c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2c9180887335cee10173490db1776c26\",\n \"2c9180836a712436016a7125a90c0021\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ae728fc1-651b-4c96-86bc-686a319c37dc", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2c9180887335cee10173490db1776c26\",\n \"2c9180836a712436016a7125a90c0021\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2a1acb02-2313-4a62-88d8-bcefcd7785d2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2c9180887335cee10173490db1776c26\",\n \"2c9180836a712436016a7125a90c0021\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7055f3dc-8e71-4c15-aa6e-2311d7c58c29", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2c9180887335cee10173490db1776c26\",\n \"2c9180836a712436016a7125a90c0021\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0b23e2ad-d55e-4e13-a236-660612aecc9b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2c9180887335cee10173490db1776c26\",\n \"2c9180836a712436016a7125a90c0021\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "346a86af-c0f7-43ff-b784-9af0f157d4d8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2c9180887335cee10173490db1776c26\",\n \"2c9180836a712436016a7125a90c0021\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "45e6adff-744a-4b67-9ab6-dbf52ac9d5ea", + "name": "Run Campaign Remediation Scan", + "request": { + "name": "Run Campaign Remediation Scan", + "description": { + "content": "Use this API to run a remediation scan task for a certification campaign.\n\nA token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + ":id", + "run-remediation-scan" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808571bcfcf80171c23e4b4221fc", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign the remediation scan is being run for.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "91347ff6-9ce5-40dc-a3ad-2a828e265a34", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-remediation-scan" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "45ea73c6-1247-4e20-8696-ac8036283d9b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-remediation-scan" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8bf8acae-af72-4309-832c-13bccb34485f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-remediation-scan" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17487f4e-6972-4af0-863c-f573d515c045", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-remediation-scan" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c2f452a5-3fb5-4a2d-bcdc-366d3affbed3", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-remediation-scan" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0707471e-146f-4fb6-a912-90299c829de4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-remediation-scan" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47410f3b-3aee-440b-a481-a8e7d24792dc", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-remediation-scan" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ac4f149d-e193-4115-9a3f-0a3ba58fda67", + "name": "Get Campaign Reports", + "request": { + "name": "Get Campaign Reports", + "description": { + "content": "Use this API to fetch all reports for a certification campaign by campaign ID.\n\nA token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + ":id", + "reports" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808571bcfcf80171c23e4b4221fc", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign whose reports are being fetched.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "6893b20e-7d5c-4870-8f7f-79b1e3d42b4c", + "name": "Array of campaign report objects.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reports" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"REPORT_RESULT\",\n \"name\": \"Campaign Composition Report\",\n \"status\": \"SUCCESS\",\n \"reportType\": \"CAMPAIGN_COMPOSITION_REPORT\",\n \"lastRunAt\": \"2019-12-19T13:49:37.385Z\"\n },\n {\n \"type\": \"REPORT_RESULT\",\n \"name\": \"Campaign Composition Report\",\n \"status\": \"SUCCESS\",\n \"reportType\": \"CAMPAIGN_COMPOSITION_REPORT\",\n \"lastRunAt\": \"2019-12-19T13:49:37.385Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8ba38dad-61fb-415a-8e46-c3cd0e9f7113", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reports" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aeab3164-b589-4dc0-b2cc-c451230ee526", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reports" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "77261b02-817c-48f3-99c0-1b2f62e559ed", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reports" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "23bc034a-8332-4389-85f8-583093f79868", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reports" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "883427b0-fd07-4745-ab50-fe68c2fa74aa", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reports" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5678437-6348-4b72-9080-133d723fda05", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "reports" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "cc25e491-a674-4c25-ad9a-1d8649e949b0", + "name": "Run Campaign Report", + "request": { + "name": "Run Campaign Report", + "description": { + "content": "Use this API to run a report for a certification campaign.\n\nA token with ORG_ADMIN, CERT_ADMIN or REPORT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + ":id", + "run-report", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808571bcfcf80171c23e4b4221fc", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign the report is being run for.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "CAMPAIGN_COMPOSITION_REPORT", + "key": "type", + "disabled": true, + "description": { + "content": "(Required) Type of the report to run.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "6cb040e0-1fe4-4e98-bf11-2bf395035423", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-report", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8bedbf73-c668-4e95-bde9-fdb2ba75bf36", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-report", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c9d4c75-a8df-454f-bc7a-3057bf9d4af9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-report", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a97828b9-d6df-42a2-9196-2355f2712843", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-report", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fffb207e-3bbb-4c89-ba21-0dff3422a98b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-report", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7079c5ba-4f19-43d8-b75a-5d28c4a4fa3e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-report", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "736e827d-f463-45f4-a03c-cab35733d3e4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + ":id", + "run-report", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "aa6d62f0-eef4-4c2a-a222-d486c79009a7", + "name": "Get Campaign Reports Configuration", + "request": { + "name": "Get Campaign Reports Configuration", + "description": { + "content": "Use this API to fetch the configuration for certification campaign reports. The configuration includes only one element - identity attributes defined as custom report columns. \n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ff45b248-38f6-495f-be7c-83f15b17e68e", + "name": "Campaign report configuration.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identityAttributeColumns\": [\n \"firstname\",\n \"lastname\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9222d7e0-75a8-4d6a-9d22-3933193615c5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "697c515f-f280-4da8-960c-9461be58aad2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0cdb6b2d-dc71-4dc0-9fe8-b2a80f63acc2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e721bc64-f0c0-4f96-a5a8-7e89c4b6d475", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f04dfcc-cf30-4965-8b10-01faf7d8ca49", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "04c1696b-e463-4b41-befb-2a3f7cbeaf8c", + "name": "Set Campaign Reports Configuration", + "request": { + "name": "Set Campaign Reports Configuration", + "description": { + "content": "Use this API to overwrite the configuration for campaign reports. \n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identityAttributeColumns\": [\n \"firstname\",\n \"lastname\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "16bd2be1-6ec5-4e34-a81a-f172dd924b93", + "name": "The persisted campaign report configuration.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identityAttributeColumns\": [\n \"firstname\",\n \"lastname\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identityAttributeColumns\": [\n \"firstname\",\n \"lastname\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "08c6ee4f-0238-47b4-97ee-782e58cfb665", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identityAttributeColumns\": [\n \"firstname\",\n \"lastname\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "766cd9bc-d947-4dc2-8dc9-ced51173614d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identityAttributeColumns\": [\n \"firstname\",\n \"lastname\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "628dfa40-b325-4365-91f0-e32264879cd0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identityAttributeColumns\": [\n \"firstname\",\n \"lastname\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0386a67f-f05b-4849-bfc2-0bf7932f559e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identityAttributeColumns\": [\n \"firstname\",\n \"lastname\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "28f8fce3-0f97-4503-9cf5-7d46b03a73a4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaigns", + "reports-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identityAttributeColumns\": [\n \"firstname\",\n \"lastname\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a767618d-3ab3-43b6-b679-9fabfb880c7f", + "name": "Create a Campaign Template", + "request": { + "name": "Create a Campaign Template", + "description": { + "content": "Use this API to create a certification campaign template based on campaign.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"MANAGER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "6b954fb4-afa8-4c41-bf6d-37f773c62010", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"MANAGER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"e7dbec99d49349c8951bd84f58a05120\",\n \"name\": \"Manager Review\",\n \"created\": \"2022-08-02T19:16:42.632Z\",\n \"modified\": null,\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P14D\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Manager Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"deadline\": null,\n \"type\": \"MANAGER\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d78b2dc4-9a6a-4c7d-81d1-478144f7691c", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Reporting Access Review\",\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Search Review\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"type\": \"SEARCH\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"description\": \"Identities with reporting abilities\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"b7e6459eed5247ac8b98a5fed81fe27f\",\n \"name\": \"Reporting Access Review\",\n \"created\": \"2022-07-28T19:19:40.035Z\",\n \"modified\": null,\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P14D\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Search Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"description\": \"Identities with reporting abilities\",\n \"reviewerId\": null,\n \"reviewer\": null,\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"identityIds\": null,\n \"accessConstraints\": []\n },\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Search Campaign Review\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"deadline\": null,\n \"type\": \"SEARCH\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6161fc94-14fe-4a1a-8512-86933d2ca6df", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"AD Source Review\",\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"campaign\": {\n \"name\": \"Source Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"SOURCE_OWNER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"b9f41bc69e7a4291b9de0630396d030d\",\n \"name\": \"AD Source Review\",\n \"created\": \"2022-08-02T13:40:36.857Z\",\n \"modified\": null,\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Source Owner Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"AD Source Review\",\n \"description\": \"Review everyone's access.\",\n \"deadline\": null,\n \"type\": \"SOURCE_OWNER\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "81183f93-c00b-4492-8fb8-27a593a55478", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Review\",\n \"description\": \"A review of every role's access items, by the specified reviewer.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Role Composition Review\",\n \"description\": \"Review all our roles.\",\n \"type\": \"ROLE_COMPOSITION\",\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180876ab2c053016ab6f65dfd5aaa\"\n }\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"b9f41bc69e7a4291b9de0630396d030d\",\n \"name\": \"Campaign With Admin Role\",\n \"created\": \"2022-08-02T13:40:36.857Z\",\n \"modified\": null,\n \"description\": \"Campaign With Admin Role\",\n \"deadlineDuration\": null,\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": null,\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"reviewerId\": null,\n \"reviewer\": null,\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ],\n \"query\": null,\n \"description\": null\n },\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Campaign With Admin Role\",\n \"description\": \"Campaign With Admin Role\",\n \"deadline\": null,\n \"type\": \"ROLE_COMPOSITION\",\n \"status\": null,\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b7e13c0e-d0af-4423-9b93-68aa6907f0cf", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"MANAGER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "78865c19-83fa-411b-97af-3957dc901e89", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Reporting Access Review\",\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Search Review\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"type\": \"SEARCH\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"description\": \"Identities with reporting abilities\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9cd78a35-b8ee-4240-91a5-b2006e3bba0c", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"AD Source Review\",\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"campaign\": {\n \"name\": \"Source Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"SOURCE_OWNER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e5fbef68-6911-48ba-a16f-887627c390b5", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Review\",\n \"description\": \"A review of every role's access items, by the specified reviewer.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Role Composition Review\",\n \"description\": \"Review all our roles.\",\n \"type\": \"ROLE_COMPOSITION\",\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180876ab2c053016ab6f65dfd5aaa\"\n }\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc305e40-39f6-4d1e-9c36-a75468242e12", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"MANAGER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f12a94e-7b33-4b64-801f-1bd96997cb54", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Reporting Access Review\",\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Search Review\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"type\": \"SEARCH\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"description\": \"Identities with reporting abilities\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5297d4b-29a6-4e34-9483-8511305a72a3", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"AD Source Review\",\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"campaign\": {\n \"name\": \"Source Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"SOURCE_OWNER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9ee6e460-52c2-4a56-a16f-4c4f885b7d08", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Review\",\n \"description\": \"A review of every role's access items, by the specified reviewer.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Role Composition Review\",\n \"description\": \"Review all our roles.\",\n \"type\": \"ROLE_COMPOSITION\",\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180876ab2c053016ab6f65dfd5aaa\"\n }\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe44299a-7e24-4dfc-81e6-b451eaf551c6", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"MANAGER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3406e3e9-1368-4980-9ca9-214b610bed83", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Reporting Access Review\",\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Search Review\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"type\": \"SEARCH\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"description\": \"Identities with reporting abilities\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "302c419b-4012-4822-9da9-a88449898d99", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"AD Source Review\",\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"campaign\": {\n \"name\": \"Source Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"SOURCE_OWNER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "65a6208c-6305-45af-b9e3-d041419ad448", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Review\",\n \"description\": \"A review of every role's access items, by the specified reviewer.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Role Composition Review\",\n \"description\": \"Review all our roles.\",\n \"type\": \"ROLE_COMPOSITION\",\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180876ab2c053016ab6f65dfd5aaa\"\n }\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a81d3f5-8494-4540-89df-3f5ba821a96b", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"MANAGER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5e9acc9-f276-411d-bd92-5be72f13a3f2", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Reporting Access Review\",\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Search Review\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"type\": \"SEARCH\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"description\": \"Identities with reporting abilities\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "80718dfe-7109-4d85-a0b9-c02437ec650c", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"AD Source Review\",\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"campaign\": {\n \"name\": \"Source Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"SOURCE_OWNER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "25dea916-419e-4562-81e2-80ac1bb969b9", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Review\",\n \"description\": \"A review of every role's access items, by the specified reviewer.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Role Composition Review\",\n \"description\": \"Review all our roles.\",\n \"type\": \"ROLE_COMPOSITION\",\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180876ab2c053016ab6f65dfd5aaa\"\n }\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3757f36e-323f-4b48-aae5-bc9fac6d5325", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Manager Review\",\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"MANAGER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd545223-f1b2-4a3a-aa2e-24358db74f01", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Reporting Access Review\",\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Search Review\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"type\": \"SEARCH\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"description\": \"Identities with reporting abilities\"\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b60c79fe-44de-4618-9a90-09c83e58daca", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"AD Source Review\",\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"campaign\": {\n \"name\": \"Source Review\",\n \"description\": \"Review everyone's access.\",\n \"type\": \"SOURCE_OWNER\",\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n },\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b3888d39-2d18-45be-83e4-622dfac2e661", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role Composition Review\",\n \"description\": \"A review of every role's access items, by the specified reviewer.\",\n \"deadlineDuration\": \"P2W\",\n \"campaign\": {\n \"name\": \"Role Composition Review\",\n \"description\": \"Review all our roles.\",\n \"type\": \"ROLE_COMPOSITION\",\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180876ab2c053016ab6f65dfd5aaa\"\n }\n },\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "340e63ed-8d26-40d2-8b1f-68eb69d1e511", + "name": "List Campaign Templates", + "request": { + "name": "List Campaign Templates", + "description": { + "content": "Use this API to get a list of all campaign templates. Scope can be reduced through standard V3 query params.\n\nThe API returns all campaign templates matching the query parameters. \n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, ge, gt, in, le, lt, ne, sw*\n\n**id**: *eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"manager template\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a696c51e-234c-4508-be03-30b658dee608", + "name": "List of campaign template objects.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, ge, gt, in, le, lt, ne, sw*\n\n**id**: *eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"manager template\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"e7dbec99d49349c8951bd84f58a05120\",\n \"name\": \"Manager Review\",\n \"created\": \"2022-08-02T19:16:42.632Z\",\n \"modified\": null,\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P14D\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Manager Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"deadline\": null,\n \"type\": \"MANAGER\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n },\n {\n \"id\": \"b7e6459eed5247ac8b98a5fed81fe27f\",\n \"name\": \"Reporting Access Review\",\n \"created\": \"2022-07-28T19:19:40.035Z\",\n \"modified\": null,\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P14D\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Search Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"description\": \"Identities with reporting abilities\",\n \"reviewerId\": null,\n \"reviewer\": null,\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"identityIds\": null,\n \"accessConstraints\": []\n },\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Search Campaign\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"deadline\": null,\n \"type\": \"SEARCH\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n },\n {\n \"id\": \"b9f41bc69e7a4291b9de0630396d030d\",\n \"name\": \"Campaign With Admin Role\",\n \"created\": \"2022-08-02T13:40:36.857Z\",\n \"modified\": null,\n \"description\": \"Campaign With Admin Role\",\n \"deadlineDuration\": null,\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": null,\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"reviewerId\": null,\n \"reviewer\": null,\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ],\n \"query\": null,\n \"description\": null\n },\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Campaign With Admin Role\",\n \"description\": \"Campaign With Admin Role\",\n \"deadline\": null,\n \"type\": \"ROLE_COMPOSITION\",\n \"status\": null,\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n },\n {\n \"id\": \"b9f41bc69e7a4291b9de0630396d030d\",\n \"name\": \"AD Source Review\",\n \"created\": \"2022-08-02T13:40:36.857Z\",\n \"modified\": null,\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Source Owner Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"AD Source Review\",\n \"description\": \"Review everyone's access.\",\n \"deadline\": null,\n \"type\": \"SOURCE_OWNER\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "deedbafa-fbaf-4141-90cc-323f3c0a07bb", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, ge, gt, in, le, lt, ne, sw*\n\n**id**: *eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"manager template\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1bc5ba6b-b4f7-4c56-8f99-656ca2e0d0d8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, ge, gt, in, le, lt, ne, sw*\n\n**id**: *eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"manager template\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b32c0977-9237-4ec4-a43c-7cb5d0be61c3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, ge, gt, in, le, lt, ne, sw*\n\n**id**: *eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"manager template\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb1a4a07-021c-43cc-8c2b-f626dfb6c470", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, ge, gt, in, le, lt, ne, sw*\n\n**id**: *eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"manager template\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90939f67-864c-480c-a7c8-49aaee480cfa", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, ge, gt, in, le, lt, ne, sw*\n\n**id**: *eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"manager template\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b703177a-05cc-4d12-bb3b-0fdce9b3bfea", + "name": "Update a Campaign Template", + "request": { + "name": "Update a Campaign Template", + "description": { + "content": "Use this API to update individual fields on a certification campaign template, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign template being modified.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "bc2d0011-afc7-45e6-be8c-ab26d1563b59", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"e7dbec99d49349c8951bd84f58a05120\",\n \"name\": \"Manager Review\",\n \"created\": \"2022-08-02T19:16:42.632Z\",\n \"modified\": null,\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P14D\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Manager Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"deadline\": null,\n \"type\": \"MANAGER\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "949e9634-7af3-48d3-9ca7-3ff6e0c9d402", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"b7e6459eed5247ac8b98a5fed81fe27f\",\n \"name\": \"Reporting Access Review\",\n \"created\": \"2022-07-28T19:19:40.035Z\",\n \"modified\": null,\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P14D\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Search Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"description\": \"Identities with reporting abilities\",\n \"reviewerId\": null,\n \"reviewer\": null,\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"identityIds\": null,\n \"accessConstraints\": []\n },\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Search Campaign Review\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"deadline\": null,\n \"type\": \"SEARCH\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "218b2209-8c67-44f7-ab1a-0a8ef1875776", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"b9f41bc69e7a4291b9de0630396d030d\",\n \"name\": \"AD Source Review\",\n \"created\": \"2022-08-02T13:40:36.857Z\",\n \"modified\": null,\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Source Owner Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"AD Source Review\",\n \"description\": \"Review everyone's access.\",\n \"deadline\": null,\n \"type\": \"SOURCE_OWNER\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe8e55d9-5999-4010-bb81-bae9cfa3a06a", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"b9f41bc69e7a4291b9de0630396d030d\",\n \"name\": \"Campaign With Admin Role\",\n \"created\": \"2022-08-02T13:40:36.857Z\",\n \"modified\": null,\n \"description\": \"Campaign With Admin Role\",\n \"deadlineDuration\": null,\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": null,\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"reviewerId\": null,\n \"reviewer\": null,\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ],\n \"query\": null,\n \"description\": null\n },\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Campaign With Admin Role\",\n \"description\": \"Campaign With Admin Role\",\n \"deadline\": null,\n \"type\": \"ROLE_COMPOSITION\",\n \"status\": null,\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d0733c3-d7b8-462d-92e8-5e177197ae0e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "45bdb78e-b9f8-499a-aa9d-eb2e429f51b9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90005dbd-4962-4849-be32-ff358045748e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "23db10e4-8b32-4531-997e-efbab38c2416", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e895a103-1612-4597-ba9f-ccef27eb3528", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af0ef180-e922-4a43-a132-b84cb18213bc", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/campaign/filter/id\",\n \"value\": \"ff80818155fe8c080155fe8d925b0316\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "cf215d27-64da-4635-81dd-e6fbb2dc26d9", + "name": "Get a Campaign Template", + "request": { + "name": "Get a Campaign Template", + "description": { + "content": "Use this API to fetch a certification campaign template by ID.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Requested campaign template's ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "158a3887-ab18-4c8b-92fc-04bea2275350", + "name": "Manager", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"e7dbec99d49349c8951bd84f58a05120\",\n \"name\": \"Manager Review\",\n \"created\": \"2022-08-02T19:16:42.632Z\",\n \"modified\": null,\n \"description\": \"A review of everyone's access by their manager.\",\n \"deadlineDuration\": \"P14D\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Manager Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Manager Review\",\n \"description\": \"Review everyone's access.\",\n \"deadline\": null,\n \"type\": \"MANAGER\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f4d56aa5-1223-41da-8296-4194ad0774a2", + "name": "Search", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"b7e6459eed5247ac8b98a5fed81fe27f\",\n \"name\": \"Reporting Access Review\",\n \"created\": \"2022-07-28T19:19:40.035Z\",\n \"modified\": null,\n \"description\": \"A review of everyone's access to the reporting system.\",\n \"deadlineDuration\": \"P14D\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Search Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": {\n \"type\": \"ACCESS\",\n \"description\": \"Identities with reporting abilities\",\n \"reviewerId\": null,\n \"reviewer\": null,\n \"query\": \"@access(name: (\\\"reporter\\\"))\",\n \"identityIds\": null,\n \"accessConstraints\": []\n },\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Search Campaign Review\",\n \"description\": \"Review everyone's access to the reporting system.\",\n \"deadline\": null,\n \"type\": \"SEARCH\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b72b1793-e731-4e61-abf8-8dda5245a9b5", + "name": "Source Owner", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"b9f41bc69e7a4291b9de0630396d030d\",\n \"name\": \"AD Source Review\",\n \"created\": \"2022-08-02T13:40:36.857Z\",\n \"modified\": null,\n \"description\": \"A review of our AD source.\",\n \"deadlineDuration\": \"P1M\",\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": {\n \"type\": \"CAMPAIGN_FILTER\",\n \"id\": \"e0adaae69852e8fe8b8a3d48e5ce757c\",\n \"name\": \"Test Source Owner Filter\"\n },\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": {\n \"sourceIds\": [\n \"2c918084707deba501709d45ce4e5569\"\n ]\n },\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": null,\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"AD Source Review\",\n \"description\": \"Review everyone's access.\",\n \"deadline\": null,\n \"type\": \"SOURCE_OWNER\",\n \"status\": null,\n \"emailNotificationEnabled\": true,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc816d41-b588-4021-b05e-c2c58391b91d", + "name": "RoleComposition", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"b9f41bc69e7a4291b9de0630396d030d\",\n \"name\": \"Campaign With Admin Role\",\n \"created\": \"2022-08-02T13:40:36.857Z\",\n \"modified\": null,\n \"description\": \"Campaign With Admin Role\",\n \"deadlineDuration\": null,\n \"ownerRef\": {\n \"email\": \"support@testmail.identitysoon.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"scheduled\": false,\n \"campaign\": {\n \"created\": null,\n \"modified\": null,\n \"filter\": null,\n \"sunsetCommentsRequired\": true,\n \"sourceOwnerCampaignInfo\": null,\n \"searchCampaignInfo\": null,\n \"roleCompositionCampaignInfo\": {\n \"remediatorRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"7ec252acbd4245548bc25df22348cb75\",\n \"name\": \"SailPoint Support\"\n },\n \"reviewerId\": null,\n \"reviewer\": null,\n \"roleIds\": [\n \"b15d609fc5c8434b865fe552315fda8f\"\n ],\n \"query\": null,\n \"description\": null\n },\n \"alerts\": null,\n \"totalCertifications\": null,\n \"completedCertifications\": null,\n \"sourcesWithOrphanEntitlements\": null,\n \"id\": null,\n \"name\": \"Campaign With Admin Role\",\n \"description\": \"Campaign With Admin Role\",\n \"deadline\": null,\n \"type\": \"ROLE_COMPOSITION\",\n \"status\": null,\n \"emailNotificationEnabled\": false,\n \"autoRevokeAllowed\": false,\n \"recommendationsEnabled\": false,\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f96710a0-d394-4e51-8b8e-660c7b244b17", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb2185ae-a15a-4dfa-90a4-805e834077e9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14bec425-6665-47c8-ae69-643f47b77ce0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d27e026-21a6-4162-9b78-f7d6bb6e2921", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5060880a-b309-456d-a607-9bbcb6c9f1ed", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "acac5cf1-7275-487d-8eab-88bb451c8376", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "36d2eb30-f743-403b-9474-1501fffbecc7", + "name": "Delete a Campaign Template", + "request": { + "name": "Delete a Campaign Template", + "description": { + "content": "Use this API to delete a certification campaign template by ID.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign template being deleted.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "a50370fa-87b2-4200-b692-0c9e4558bcd3", + "name": "The campaign template was successfully deleted.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "40a69127-0858-468c-a844-d10d6e3a213c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a407ee1-6ab9-4e06-ba55-56fa61f63dd4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e9f55a8-0910-4ebf-80a2-b6ae556f9424", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd9bd19e-b902-4d6d-af3b-77fbaee2373b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb280fc3-00ac-41f7-be99-a3fbd9e62b57", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18dec835-0e76-420b-a656-f92d6aa51763", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2d7d8a61-d3c1-4699-b4de-b8ed59a13170", + "name": "Get Campaign Template Schedule", + "request": { + "name": "Get Campaign Template Schedule", + "description": { + "content": "Use this API to get the schedule for a certification campaign template. The API returns a 404 if there is no schedule set.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "04bedce387bd47b2ae1f86eb0bb36dee", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign template whose schedule is being fetched.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "bb3c7381-b985-4a45-b3fd-5db1935c841c", + "name": "Current schedule for the campaign template. See the [Set Campaign Template Schedule endpoint documentation](https://developer.sailpoint.com/docs/api/v3/set-campaign-template-schedule) for more examples.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 2\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 2\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 2\n },\n \"expiration\": \"2022-09-19 13:55:26\",\n \"timeZoneId\": \"CST\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dfba901a-259b-49ea-9f4a-22f107966f67", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "41f14aa4-1e5d-46d3-bce7-906f291de522", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d5e1cd2f-6714-4c4b-bbca-b1abc0e71d58", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b324e064-78ca-43dd-b2db-f072ea2940e9", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7bbffb85-1895-4909-893c-230c3c739605", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9f3cabc4-08a1-4510-aedf-14db93292ded", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "acc30d19-48e9-46a0-b18e-9fc82820af39", + "name": "Set Campaign Template Schedule", + "request": { + "name": "Set Campaign Template Schedule", + "description": { + "content": "Use this API to set the schedule for a certification campaign template. If a schedule already exists, the API overwrites it with the new one.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "04bedce387bd47b2ae1f86eb0bb36dee", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign template being scheduled.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"MONTHLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"17\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"15\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "569645d7-52a4-41d8-ab1d-2329e89fe1dc", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"MONTHLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"17\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"15\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "ed3582b2-cde0-4162-ad32-1078a07ac03f", + "name": "Monthly", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"MONTHLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"17\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"15\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fd88ec6a-92f1-4a34-85c0-07817163cf4e", + "name": "Once a year", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"0\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--01-01\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "afae240b-fc8e-4161-b90c-6ffc156045c3", + "name": "Quarterly", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2d86429c-85da-4aaa-845d-01a637decc48", + "name": "Yearly on Specific Days", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--03-12\",\n \"--12-05\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a6f2290-8ec3-4c79-925a-24bcceb6e087", + "name": "On a Specific Date", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"CALENDAR\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2020-02-18\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f747356d-16cc-412b-90c6-e5f7081688a3", + "name": "Monthly", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"MONTHLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"17\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"15\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b753b43-063f-4cf5-bc92-1b29021e17ab", + "name": "Once a year", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"0\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--01-01\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59796e20-ae6d-4641-b058-812d6d1eeda5", + "name": "Quarterly", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9174a21a-0dce-45d6-91fb-7d9981de3194", + "name": "Yearly on Specific Days", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--03-12\",\n \"--12-05\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a9f2790-e4c4-4411-b183-3e03061e1e42", + "name": "On a Specific Date", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"CALENDAR\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2020-02-18\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59f80539-6279-4313-afa4-bf055edf7bc0", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"MONTHLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"17\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"15\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1155ccbc-cee8-4334-b28d-48c7186a238b", + "name": "Once a year", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"0\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--01-01\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "048fbffb-a0e2-41e7-9b23-26276fa47156", + "name": "Quarterly", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9791ec9f-8ed5-481b-b288-dd800ab51a75", + "name": "Yearly on Specific Days", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--03-12\",\n \"--12-05\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f570e4a0-a849-4668-818a-69948713fe94", + "name": "On a Specific Date", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"CALENDAR\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2020-02-18\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a22a82b7-dd01-4ef6-9173-564387c17296", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"MONTHLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"17\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"15\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59565818-06eb-402e-aa92-28cef82a76fe", + "name": "Once a year", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"0\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--01-01\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6772d541-cc76-4670-b9f5-0508721c9aba", + "name": "Quarterly", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "36d954dc-f61c-45f7-a024-163c321fe4f5", + "name": "Yearly on Specific Days", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--03-12\",\n \"--12-05\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6e873cad-21d2-4b02-84c8-61874d8bbfc8", + "name": "On a Specific Date", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"CALENDAR\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2020-02-18\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2dac0fa5-1b40-4851-92d0-9ee88e8a5fbf", + "name": "Monthly", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"MONTHLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"17\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"15\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a2ef6fa6-3924-4814-bd5d-5ef886585e1c", + "name": "Once a year", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"0\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--01-01\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e31a7b0a-e52c-4496-b603-7d8811fef693", + "name": "Quarterly", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa52fd0b-3a0e-4a1e-83e7-7302c6ec9649", + "name": "Yearly on Specific Days", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--03-12\",\n \"--12-05\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "13069121-0ee5-440d-b45f-fff74f39bcb7", + "name": "On a Specific Date", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"CALENDAR\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2020-02-18\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "67abcae5-ad84-4946-bd8c-d0c868f77b21", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"MONTHLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"17\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"15\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "495f0951-6931-416f-aefe-2f2784265d88", + "name": "Once a year", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"0\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--01-01\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e0979f0f-e3de-4ac3-b4aa-5c79571e2680", + "name": "Quarterly", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e4c7a69c-7489-48c1-9a30-beff3008487a", + "name": "Yearly on Specific Days", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"ANNUALLY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"--03-12\",\n \"--12-05\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "46976477-a08b-4c09-ae92-8f16954d2dcc", + "name": "On a Specific Date", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"CALENDAR\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2020-02-18\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "27fb5eb0-acde-4651-bdaf-664c109a5ed8", + "name": "Delete Campaign Template Schedule", + "request": { + "name": "Delete Campaign Template Schedule", + "description": { + "content": "Use this API to delete the schedule for a certification campaign template. The API returns a 404 if there is no schedule set.\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "04bedce387bd47b2ae1f86eb0bb36dee", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign template whose schedule is being deleted.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "93018358-f13b-4368-aa8f-dfe7f325163a", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "6a0f20f7-c38a-4769-8ae2-d03309e2c02f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "20bc5a75-8633-43cb-a8d4-c71886a68206", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "80b74a1f-004a-454c-b70f-6b35b35975f2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "91bc1159-c62d-43de-b897-337287328197", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f0f0887-e867-4fe4-a16e-eb5927da3afd", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "449bd19b-eadb-4a8e-ace2-500496dd02d4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ddda4197-e261-457d-9828-32661058d587", + "name": "Generate a Campaign from Template", + "request": { + "name": "Generate a Campaign from Template", + "description": { + "content": "Use this API to generate a new certification campaign from a campaign template.\n\nThe campaign object contained in the template has special formatting applied to its name and description\nfields that determine the generated campaign's name/description. Placeholders in those fields are\nformatted with the current date and time upon generation.\n\nPlaceholders consist of a percent sign followed by a letter indicating what should be inserted. For\nexample, \"%Y\" inserts the current year, and a campaign template named \"Campaign for %y\" generates a\ncampaign called \"Campaign for 2020\" (assuming the year at generation time is 2020).\n\nValid placeholders are the date/time conversion suffix characters supported by [java.util.Formatter](https://docs.oracle.com/javase/8/docs/api/java/util/Formatter.html).\n\nA token with ORG_ADMIN or CERT_ADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "campaign-templates", + ":id", + "generate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the campaign template to use for generation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "48f37b47-fc36-4511-8ad8-5ac6b22481ee", + "name": "This response indicates that a campaign was successfully generated from this template, and the API returns a reference to the new campaign.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "generate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Campaign Name\",\n \"type\": \"CAMPAIGN\",\n \"campaignType\": \"MANAGER\",\n \"description\": \"A description of the campaign\",\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f431fb2f-6fee-4762-8d9d-549b88ac6ba7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "generate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7354f32b-b0fc-45a7-8fdb-15cac4236e6e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "generate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "985daceb-38b3-440a-882a-4de7a60ee9db", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "generate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc906fbe-072e-46b9-8613-39b998a10e1b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "generate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fc5bd376-4dc1-4d84-a99a-9e607330d30b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "campaign-templates", + ":id", + "generate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Certification Summaries", + "description": "Use this API to implement certification summary functionality. \nWith this functionality in place, administrators and designated certification reviewers can review summaries of identity certification campaigns and draw conclusions about the campaigns' scope, security, and effectiveness. \nImplementing certification summary functionality improves organizations' ability to review their [certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) and helps them satisfy audit and regulatory requirements by enabling them to trace access changes and the decisions made in their review processes. \n\nA certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. \nThese certifications serve as a way of showing that a user's access has been reviewed and approved. \nMultiple certifications by different reviewers are often required to approve a user's access. \nA set of multiple certifications is called a certification campaign. \n\nFor example, an organization may use a Manager Certification as a way of showing that a user's access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user's access has been reviewed and approved by multiple managers. \nOnce this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more. \n\nCertification summaries provide information about identity certification campaigns such as the identities involved, the number of decisions made, and the access changed. \nFor example, an administrator or designated certification reviewer can examine the Manager Certification campaign to get an overview of how many entitlement decisions are made in that campaign as opposed to role decisions, which identities would be affected by changes to the campaign, and how those identities' access would be affected.\n", + "item": [ + { + "id": "86f2a722-e071-4b10-8ee3-c54855c02b97", + "name": "Summary of Certification Decisions", + "request": { + "name": "Summary of Certification Decisions", + "description": { + "content": "This API returns a summary of the decisions made on an identity campaign certification. The decisions are summarized by type. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "decision-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**identitySummary.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identitySummary.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The certification ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "edc1da02-65e2-4b0e-b43e-26e29632bfa1", + "name": "Summary of the decisions made", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decision-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**identitySummary.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identitySummary.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"entitlementDecisionsMade\": 3,\n \"accessProfileDecisionsMade\": 5,\n \"roleDecisionsMade\": 2,\n \"accountDecisionsMade\": 4,\n \"entitlementDecisionsTotal\": 6,\n \"accessProfileDecisionsTotal\": 10,\n \"roleDecisionsTotal\": 4,\n \"accountDecisionsTotal\": 8,\n \"entitlementsApproved\": 2,\n \"entitlementsRevoked\": 1,\n \"accessProfilesApproved\": 3,\n \"accessProfilesRevoked\": 2,\n \"rolesApproved\": 2,\n \"rolesRevoked\": 0,\n \"accountsApproved\": 1,\n \"accountsRevoked\": 3\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "35eee286-8eec-4f55-80f4-7bc6db22b041", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decision-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**identitySummary.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identitySummary.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d36f613-28ac-40b8-a2a8-a7fc050acb13", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decision-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**identitySummary.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identitySummary.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "617acc9b-a0e6-4ac5-a51b-54e1b068b475", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decision-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**identitySummary.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identitySummary.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a2db8e6c-0607-444c-9039-69cd733b1e11", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decision-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**identitySummary.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identitySummary.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75fac9e6-59ea-4a7c-ae30-c72bc7912fc7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decision-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**identitySummary.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identitySummary.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6436a0ee-fae3-45a8-8dee-91309baeefd7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decision-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**identitySummary.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identitySummary.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4b01f3cb-ed90-492d-b3a5-68e8da4b9bfb", + "name": "Identity Summaries for Campaign Certification", + "request": { + "name": "Identity Summaries for Campaign Certification", + "description": { + "content": "This API returns a list of the identity summaries for a specific identity campaign certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**completed**: *eq, ne*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity campaign certification ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f4c379b3-4ba4-48ec-a00e-049309d9cd8a", + "name": "List of identity summaries", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**completed**: *eq, ne*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c91808772a504f50172a9540e501ba7\",\n \"name\": \"Aaron Grey\",\n \"identityId\": \"2c9180857182306001719937379633e4\",\n \"completed\": false\n },\n {\n \"id\": \"2c91808772a504f50172a9540e501ba8\",\n \"name\": \"Aglae Wilson\",\n \"identityId\": \"2c9180857182306001719937377a33de\",\n \"completed\": true\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a373462c-1be3-4e14-b358-a4e463e52426", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**completed**: *eq, ne*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fece4681-184d-404e-b801-ebdc84c9d87a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**completed**: *eq, ne*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "91538b90-d61b-4e92-a4be-695a3e2f16ef", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**completed**: *eq, ne*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5b05437b-7b3d-4cf4-aef3-aae56b816640", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**completed**: *eq, ne*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b45b7456-a44c-404d-889b-e852eb7e16b7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**completed**: *eq, ne*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "20d048d1-412d-406e-b63d-7ba15538d407", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**completed**: *eq, ne*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "072c413b-e310-4243-8e5f-7870b6f45fc2", + "name": "Access Summaries", + "request": { + "name": "Access Summaries", + "description": { + "content": "This API returns a list of access summaries for the specified identity campaign certification and type. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "access-summaries", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity campaign certification ID", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ACCESS_PROFILE", + "key": "type", + "disabled": true, + "description": { + "content": "(Required) The type of access review item to retrieve summaries for", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "643fafa9-91ee-4d09-b32b-0d486c2aefe8", + "name": "List of access summaries", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-summaries", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"access\": {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180857182305e01719937429e2bad\",\n \"name\": \"CN=Engineering\"\n },\n \"entitlement\": {\n \"id\": \"2c9180857182305e01719937429e2bad\",\n \"name\": \"CN=Engineering\",\n \"description\": \"Access to the engineering database\",\n \"privileged\": false,\n \"owner\": {\n \"email\": \"brandon.gray@acme-solar.com\",\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867160846801719932c5153fb7\",\n \"name\": \"Brandon Gray\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=Engineering\",\n \"sourceName\": \"ODS-AD-Source\",\n \"hasPermissions\": true,\n \"revocable\": true,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-1\"\n },\n {\n \"value\": \"GDPR-2\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 74\n },\n {\n \"value\": \"email-9\",\n \"matchCount\": 30\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "db8a72af-df35-40c6-9fd7-4b8f6eca037d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-summaries", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "08103878-619b-4c41-8aee-123b317b4202", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-summaries", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a3f0e588-6073-4528-a045-755e136b0f2d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-summaries", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "82eeca1e-3793-4e35-a6ca-65918f40703a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-summaries", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "10770d74-c871-4e8b-a3aa-5aeb2d9ff294", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-summaries", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fb62df32-e336-48b4-90f7-dc7f2045027b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-summaries", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a9e52f78-fe4b-4a5d-9fd3-5f1faefe1268", + "name": "Summary for Identity", + "request": { + "name": "Summary for Identity", + "description": { + "content": "This API returns the summary for an identity on a specified identity campaign certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries", + ":identitySummaryId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity campaign certification ID", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2c91808772a504f50172a9540e501ba8", + "key": "identitySummaryId", + "disabled": true, + "description": { + "content": "(Required) The identity summary ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "4ac177fe-a0f5-4ad0-847e-fb66262bf6b6", + "name": "An identity summary", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries", + ":identitySummaryId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808772a504f50172a9540e501ba7\",\n \"name\": \"Alison Ferguso\",\n \"identityId\": \"2c9180857182306001719937377a33de\",\n \"completed\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2e2dbff7-ef5a-40f5-ab99-4628e680e77f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries", + ":identitySummaryId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0fdaa1be-3129-4e42-a680-9098eb7a34ef", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries", + ":identitySummaryId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "43812e02-1e83-4e72-a408-90d34918b847", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries", + ":identitySummaryId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "620cbec5-3fec-431b-9c89-59fd29289f6d", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries", + ":identitySummaryId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "16db836a-5008-43cc-8464-86b010f4fa8d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries", + ":identitySummaryId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ca694d1c-0508-4e19-ba3d-8212218ab9cc", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "identity-summaries", + ":identitySummaryId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Certifications", + "description": "Use this API to implement certification functionality. \nWith this functionality in place, administrators and designated certification reviewers can review users' access certifications and decide whether to approve access, revoke it, or reassign the review to another reviewer. \nImplementing certifications improves organizations' data security by reducing inappropriate access through a distributed review process and helping them satisfy audit and regulatory requirements. \n\nA certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. \nThese serve as a way of showing that a user's access has been reviewed and approved. \nMultiple certifications by different reviewers are often required to approve a user's access. \nA set of multiple certifications is called a certification campaign.\n\nFor example, an organization may use a Manager Certification as a way of showing that a user's access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user's access has been reviewed and approved by multiple managers. \nOnce this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more. \n\nOrganization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers. \nThose reviewers can select the 'Certifications' tab to view any of the certifications they either need to review or have already reviewed under the 'Active' and 'Completed' tabs, respectively. \n\nWhen a certification campaign is in progress, certification reviewers will see certifications listed under 'Active,' where they can review the involved identities. \nUnder the 'Decision' column on the right, next to each access item, reviewers can select the checkmark to approve access, select the 'X' to revoke access, or they can toggle the 'More Options' menu to reassign the certification to another reviewer and provide a reason for reassignment in the form of a comment. \n\nOnce a reviewer has made decisions on all the certification's involved access items, he or she must select 'Sign Off' to complete the review process.\nDoing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items. \n\nOnce all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase. In the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation.\nIn this situation, the certification campaign completes once all the remediation requests are completed.\n", + "item": [ + { + "id": "a4a85f05-ac21-4b3d-b8ed-e86567aaa754", + "name": "List Identity Campaign Certifications", + "request": { + "name": "List Identity Campaign Certifications", + "description": { + "content": "Use this API to get a list of identity campaign certifications for the specified query parameters. Any authenticated token can call this API, but only certifications you are authorized to review will be returned. This API does not support requests for certifications assigned to governance groups.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Reviewer's identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**campaign.id**: *eq, in*\n\n**phase**: *eq*\n\n**completed**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, due, signed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,due" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f698f725-a8cf-4a80-83e7-ac8481748045", + "name": "List of identity campaign certifications.", + "originalRequest": { + "url": { + "path": [ + "certifications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Reviewer's identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**campaign.id**: *eq, in*\n\n**phase**: *eq*\n\n**completed**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, due, signed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,due" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Source Owner Access Review for Employees [source]\",\n \"campaign\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Campaign Name\",\n \"type\": \"CAMPAIGN\",\n \"campaignType\": \"MANAGER\",\n \"description\": \"A description of the campaign\",\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n },\n \"completed\": true,\n \"identitiesCompleted\": 5,\n \"identitiesTotal\": 10,\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"decisionsMade\": 20,\n \"decisionsTotal\": 40,\n \"due\": \"2018-10-19T13:49:37.385Z\",\n \"signed\": \"2018-10-19T13:49:37.385Z\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n },\n \"reassignment\": {\n \"from\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Certification Name\",\n \"type\": \"CERTIFICATION\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n }\n },\n \"comment\": \"Reassigned for a reason\"\n },\n \"hasErrors\": false,\n \"errorMessage\": \"The certification has an error\",\n \"phase\": \"ACTIVE\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Source Owner Access Review for Employees [source]\",\n \"campaign\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Campaign Name\",\n \"type\": \"CAMPAIGN\",\n \"campaignType\": \"MANAGER\",\n \"description\": \"A description of the campaign\",\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n },\n \"completed\": true,\n \"identitiesCompleted\": 5,\n \"identitiesTotal\": 10,\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"decisionsMade\": 20,\n \"decisionsTotal\": 40,\n \"due\": \"2018-10-19T13:49:37.385Z\",\n \"signed\": \"2018-10-19T13:49:37.385Z\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n },\n \"reassignment\": {\n \"from\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Certification Name\",\n \"type\": \"CERTIFICATION\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n }\n },\n \"comment\": \"Reassigned for a reason\"\n },\n \"hasErrors\": false,\n \"errorMessage\": \"The certification has an error\",\n \"phase\": \"ACTIVE\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a495ea4-5777-4aa0-82c7-4cee1899cdb6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Reviewer's identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**campaign.id**: *eq, in*\n\n**phase**: *eq*\n\n**completed**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, due, signed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,due" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e447c42-57ae-489c-afa6-37ec313645d9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Reviewer's identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**campaign.id**: *eq, in*\n\n**phase**: *eq*\n\n**completed**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, due, signed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,due" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ca9b80d2-3896-4245-9567-81eb42e045cb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Reviewer's identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**campaign.id**: *eq, in*\n\n**phase**: *eq*\n\n**completed**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, due, signed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,due" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "60b987f5-70a1-4c38-b1e3-d8d01984269f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Reviewer's identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**campaign.id**: *eq, in*\n\n**phase**: *eq*\n\n**completed**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, due, signed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,due" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e8dcdbcd-2040-4ab7-bd23-39e3c701acc0", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Reviewer's identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**campaign.id**: *eq, in*\n\n**phase**: *eq*\n\n**completed**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, due, signed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,due" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f06a8ea5-7ead-4816-a0b1-06dc3ee0ac29", + "name": "Identity Certification by ID", + "request": { + "name": "Identity Certification by ID", + "description": { + "content": "This API returns a single identity campaign certification by its ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The certification id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "8bddd2dc-ceab-439c-97cd-0bd209019515", + "name": "An identity campaign certification object", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Source Owner Access Review for Employees [source]\",\n \"campaign\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Campaign Name\",\n \"type\": \"CAMPAIGN\",\n \"campaignType\": \"MANAGER\",\n \"description\": \"A description of the campaign\",\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n },\n \"completed\": true,\n \"identitiesCompleted\": 5,\n \"identitiesTotal\": 10,\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"decisionsMade\": 20,\n \"decisionsTotal\": 40,\n \"due\": \"2018-10-19T13:49:37.385Z\",\n \"signed\": \"2018-10-19T13:49:37.385Z\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n },\n \"reassignment\": {\n \"from\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Certification Name\",\n \"type\": \"CERTIFICATION\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n }\n },\n \"comment\": \"Reassigned for a reason\"\n },\n \"hasErrors\": false,\n \"errorMessage\": \"The certification has an error\",\n \"phase\": \"ACTIVE\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "28c05bf3-f5f4-4a42-83ad-a8e1355de107", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5c336e55-9fc5-4ac7-a2c9-d19fe1ee1836", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6e629a52-900c-4e79-9ea2-07495839859a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5bd1f0bf-3a69-403b-8dc9-dff862e34e99", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59c38209-bc6f-4030-a599-576cb0d68383", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b24acff-f3bd-47ea-9965-ea1ff4cc8d77", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8e139e8e-ef4f-4d22-a163-99a7e0355e69", + "name": "List of Access Review Items", + "request": { + "name": "List of Access Review Items", + "description": { + "content": "This API returns a list of access review items for an identity campaign certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "access-review-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**type**: *eq*\n\n**access.type**: *eq*\n\n**completed**: *eq, ne*\n\n**identitySummary.id**: *eq, in*\n\n**identitySummary.name**: *eq, sw*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name,-accessProfile.sourceName" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs.\n\nAn error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "entitlements", + "value": "identityEntitlement" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs.\n\nAn error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "access-profiles", + "value": "accessProfile1" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated role IDs.\n\nAn error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "roles", + "value": "userRole" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity campaign certification ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "cd1f7a42-8c0d-4d25-8bef-3b85a9807331", + "name": "A list of access review items", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-review-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**type**: *eq*\n\n**access.type**: *eq*\n\n**completed**: *eq, ne*\n\n**identitySummary.id**: *eq, in*\n\n**identitySummary.name**: *eq, sw*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name,-accessProfile.sourceName" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs.\n\nAn error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "entitlements", + "value": "identityEntitlement" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs.\n\nAn error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "access-profiles", + "value": "accessProfile1" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated role IDs.\n\nAn error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "roles", + "value": "userRole" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"accessSummary\": {\n \"access\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867160846801719932c5153fb7\",\n \"name\": \"Entitlement for Company Database\"\n },\n \"entitlement\": {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n \"accessProfile\": {\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"endDate\": \"2021-12-25T00:00:00.000Z\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n }\n ],\n \"created\": \"2021-01-01T22:32:58.104Z\",\n \"modified\": \"2021-02-01T22:32:58.104Z\"\n },\n \"role\": {\n \"id\": \"2c91808a7190d06e0171993907fd0794\",\n \"name\": \"Accounting-Employees\",\n \"description\": \"Role for members of the accounting department with the necessary Access Profiles\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"revocable\": false,\n \"endDate\": \"2021-12-25T00:00:00.000Z\",\n \"accessProfiles\": [\n {\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"endDate\": \"2021-12-25T00:00:00.000Z\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n }\n ],\n \"created\": \"2021-01-01T22:32:58.104Z\",\n \"modified\": \"2021-02-01T22:32:58.104Z\"\n },\n {\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"endDate\": \"2021-12-25T00:00:00.000Z\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n }\n ],\n \"created\": \"2021-01-01T22:32:58.104Z\",\n \"modified\": \"2021-02-01T22:32:58.104Z\"\n }\n ],\n \"entitlements\": [\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n }\n ]\n }\n },\n \"identitySummary\": {\n \"id\": \"2c91808772a504f50172a9540e501ba7\",\n \"name\": \"Alison Ferguso\",\n \"identityId\": \"2c9180857182306001719937377a33de\",\n \"completed\": true\n },\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"completed\": false,\n \"newAccess\": false,\n \"decision\": \"APPROVE\",\n \"comments\": \"This user still needs access to this source\"\n },\n {\n \"accessSummary\": {\n \"access\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867160846801719932c5153fb7\",\n \"name\": \"Entitlement for Company Database\"\n },\n \"entitlement\": {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n \"accessProfile\": {\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"endDate\": \"2021-12-25T00:00:00.000Z\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n }\n ],\n \"created\": \"2021-01-01T22:32:58.104Z\",\n \"modified\": \"2021-02-01T22:32:58.104Z\"\n },\n \"role\": {\n \"id\": \"2c91808a7190d06e0171993907fd0794\",\n \"name\": \"Accounting-Employees\",\n \"description\": \"Role for members of the accounting department with the necessary Access Profiles\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"revocable\": false,\n \"endDate\": \"2021-12-25T00:00:00.000Z\",\n \"accessProfiles\": [\n {\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"endDate\": \"2021-12-25T00:00:00.000Z\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n }\n ],\n \"created\": \"2021-01-01T22:32:58.104Z\",\n \"modified\": \"2021-02-01T22:32:58.104Z\"\n },\n {\n \"id\": \"2c91808a7190d06e01719938fcd20792\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"Collection of entitlements to read/write the employee database\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"endDate\": \"2021-12-25T00:00:00.000Z\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n }\n ],\n \"created\": \"2021-01-01T22:32:58.104Z\",\n \"modified\": \"2021-02-01T22:32:58.104Z\"\n }\n ],\n \"entitlements\": [\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n },\n {\n \"id\": \"2c918085718230600171993742c63558\",\n \"name\": \"CN=entitlement.bbb7c650\",\n \"description\": \"Gives read/write access to the company database\",\n \"privileged\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"attributeName\": \"memberOf\",\n \"attributeValue\": \"CN=entitlement.bbb7c650\",\n \"sourceSchemaObjectType\": \"groups\",\n \"sourceName\": \"ODS-AD-Source\",\n \"sourceType\": \"Active Directory - Direct\",\n \"sourceId\": \"78ca6be511cb41fbb86dba2fcca7780c\",\n \"hasPermissions\": false,\n \"isPermission\": false,\n \"revocable\": true,\n \"cloudGoverned\": false,\n \"containsDataAccess\": true,\n \"dataAccess\": {\n \"policies\": [\n {\n \"value\": \"GDPR-20\"\n },\n {\n \"value\": \"GDPR-20\"\n }\n ],\n \"categories\": [\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n },\n {\n \"value\": \"email-7\",\n \"matchCount\": 10\n }\n ],\n \"impactScore\": {\n \"value\": \"Medium\"\n }\n },\n \"account\": {\n \"nativeIdentity\": \"CN=Alison Ferguso\",\n \"disabled\": false,\n \"locked\": false,\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180857182305e0171993737eb29e6\",\n \"name\": \"Alison Ferguso\",\n \"created\": \"2020-04-20T20:11:05.067Z\",\n \"modified\": \"2020-05-20T18:57:16.987Z\",\n \"activityInsights\": {\n \"accountID\": \"c4ddd5421d8549f0abd309162cafd3b1\",\n \"usageDays\": 45,\n \"usageDaysState\": \"COMPLETE\"\n }\n }\n }\n ]\n }\n },\n \"identitySummary\": {\n \"id\": \"2c91808772a504f50172a9540e501ba7\",\n \"name\": \"Alison Ferguso\",\n \"identityId\": \"2c9180857182306001719937377a33de\",\n \"completed\": true\n },\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"completed\": false,\n \"newAccess\": false,\n \"decision\": \"APPROVE\",\n \"comments\": \"This user still needs access to this source\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "769d11f7-3d5d-4d8e-b094-175771f50e80", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-review-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**type**: *eq*\n\n**access.type**: *eq*\n\n**completed**: *eq, ne*\n\n**identitySummary.id**: *eq, in*\n\n**identitySummary.name**: *eq, sw*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name,-accessProfile.sourceName" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs.\n\nAn error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "entitlements", + "value": "identityEntitlement" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs.\n\nAn error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "access-profiles", + "value": "accessProfile1" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated role IDs.\n\nAn error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "roles", + "value": "userRole" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1f3da8ed-8071-4334-a013-0aa219296dfb", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-review-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**type**: *eq*\n\n**access.type**: *eq*\n\n**completed**: *eq, ne*\n\n**identitySummary.id**: *eq, in*\n\n**identitySummary.name**: *eq, sw*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name,-accessProfile.sourceName" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs.\n\nAn error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "entitlements", + "value": "identityEntitlement" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs.\n\nAn error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "access-profiles", + "value": "accessProfile1" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated role IDs.\n\nAn error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "roles", + "value": "userRole" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba2cb963-c19d-4b7e-9cee-9690b104b278", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-review-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**type**: *eq*\n\n**access.type**: *eq*\n\n**completed**: *eq, ne*\n\n**identitySummary.id**: *eq, in*\n\n**identitySummary.name**: *eq, sw*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name,-accessProfile.sourceName" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs.\n\nAn error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "entitlements", + "value": "identityEntitlement" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs.\n\nAn error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "access-profiles", + "value": "accessProfile1" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated role IDs.\n\nAn error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "roles", + "value": "userRole" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f83bd1b-26b7-4bd3-b96e-8abd2d622441", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-review-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**type**: *eq*\n\n**access.type**: *eq*\n\n**completed**: *eq, ne*\n\n**identitySummary.id**: *eq, in*\n\n**identitySummary.name**: *eq, sw*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name,-accessProfile.sourceName" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs.\n\nAn error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "entitlements", + "value": "identityEntitlement" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs.\n\nAn error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "access-profiles", + "value": "accessProfile1" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated role IDs.\n\nAn error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "roles", + "value": "userRole" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dbb01843-c1af-468a-909d-98db782bcfc7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-review-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**type**: *eq*\n\n**access.type**: *eq*\n\n**completed**: *eq, ne*\n\n**identitySummary.id**: *eq, in*\n\n**identitySummary.name**: *eq, sw*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name,-accessProfile.sourceName" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs.\n\nAn error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "entitlements", + "value": "identityEntitlement" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs.\n\nAn error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "access-profiles", + "value": "accessProfile1" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated role IDs.\n\nAn error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "roles", + "value": "userRole" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f084619-46d9-4568-b744-d11ecb4a51fc", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "access-review-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**type**: *eq*\n\n**access.type**: *eq*\n\n**completed**: *eq, ne*\n\n**identitySummary.id**: *eq, in*\n\n**identitySummary.name**: *eq, sw*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name,-accessProfile.sourceName" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs.\n\nAn error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "entitlements", + "value": "identityEntitlement" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs.\n\nAn error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "access-profiles", + "value": "accessProfile1" + }, + { + "disabled": true, + "description": { + "content": "Filter results to view access review items that pertain to any of the specified comma-separated role IDs.\n\nAn error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.", + "type": "text/plain" + }, + "key": "roles", + "value": "userRole" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "da07d246-afe4-4349-a4af-4076656bb542", + "name": "Decide on a Certification Item", + "request": { + "name": "Decide on a Certification Item", + "description": { + "content": "The API makes a decision to approve or revoke one or more identity campaign certification items. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "decide" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the identity campaign certification on which to make decisions", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"ef38f94347e94562b5bb8424a56396b5\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source.\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source too.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "ed9eef16-b6df-423a-bca4-cc3f108e061a", + "name": "An identity campaign certification object", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decide" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"ef38f94347e94562b5bb8424a56396b5\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source.\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source too.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Source Owner Access Review for Employees [source]\",\n \"campaign\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Campaign Name\",\n \"type\": \"CAMPAIGN\",\n \"campaignType\": \"MANAGER\",\n \"description\": \"A description of the campaign\",\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n },\n \"completed\": true,\n \"identitiesCompleted\": 5,\n \"identitiesTotal\": 10,\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"decisionsMade\": 20,\n \"decisionsTotal\": 40,\n \"due\": \"2018-10-19T13:49:37.385Z\",\n \"signed\": \"2018-10-19T13:49:37.385Z\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n },\n \"reassignment\": {\n \"from\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Certification Name\",\n \"type\": \"CERTIFICATION\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n }\n },\n \"comment\": \"Reassigned for a reason\"\n },\n \"hasErrors\": false,\n \"errorMessage\": \"The certification has an error\",\n \"phase\": \"ACTIVE\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "80b0ff61-5ee3-494e-9f3d-b593f7e0b436", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decide" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"ef38f94347e94562b5bb8424a56396b5\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source.\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source too.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b923fea4-d1f1-4c84-9bef-e1a833548a4b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decide" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"ef38f94347e94562b5bb8424a56396b5\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source.\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source too.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6cdcf907-7e65-4998-8487-778b8196e7d7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decide" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"ef38f94347e94562b5bb8424a56396b5\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source.\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source too.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d12373fd-1c56-49f2-81a2-98ea9288b572", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decide" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"ef38f94347e94562b5bb8424a56396b5\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source.\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source too.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3eb3c89d-76b5-48d4-9435-2b46f6b2b8b0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decide" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"ef38f94347e94562b5bb8424a56396b5\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source.\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source too.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "63b27384-b590-497b-a09c-90f5a2797aa8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "decide" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"ef38f94347e94562b5bb8424a56396b5\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source.\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"decision\": \"APPROVE\",\n \"bulk\": true,\n \"comments\": \"This user still needs access to this source too.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "95288c2e-7249-46e5-a8ae-490f32372a7a", + "name": "Reassign Identities or Items", + "request": { + "name": "Reassign Identities or Items", + "description": { + "content": "This API reassigns up to 50 identities or items in an identity campaign certification to another reviewer. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity campaign certification ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "f675f151-13cc-433b-b25d-1c4f420b0863", + "name": "An identity campaign certification details after completing the reassignment.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Source Owner Access Review for Employees [source]\",\n \"campaign\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Campaign Name\",\n \"type\": \"CAMPAIGN\",\n \"campaignType\": \"MANAGER\",\n \"description\": \"A description of the campaign\",\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n },\n \"completed\": true,\n \"identitiesCompleted\": 5,\n \"identitiesTotal\": 10,\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"decisionsMade\": 20,\n \"decisionsTotal\": 40,\n \"due\": \"2018-10-19T13:49:37.385Z\",\n \"signed\": \"2018-10-19T13:49:37.385Z\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n },\n \"reassignment\": {\n \"from\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Certification Name\",\n \"type\": \"CERTIFICATION\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n }\n },\n \"comment\": \"Reassigned for a reason\"\n },\n \"hasErrors\": false,\n \"errorMessage\": \"The certification has an error\",\n \"phase\": \"ACTIVE\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c12f8ce-0a9a-40e0-95b4-2caef7f2f4a5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2e1deeee-30b2-4bb1-9a3b-dff34aac8668", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "77af32a8-a15c-44a7-985a-994ada5d204e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e8d38c29-968d-42cc-bea0-baa5bc48a783", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "391d3498-2c2b-433c-b547-9b15fe70c4c0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "445a0d6a-4218-4f4f-b3be-f18bbc93da58", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "96967c7d-a805-4073-9fd6-5f405e5f2a0f", + "name": "Finalize Identity Certification Decisions", + "request": { + "name": "Finalize Identity Certification Decisions", + "description": { + "content": "This API finalizes all decisions made on an identity campaign certification and initiates any remediations required. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "sign-off" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity campaign certification ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "464ab5c2-3ac8-4a6f-85c3-9d038135bdc9", + "name": "An identity campaign certification object", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "sign-off" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Source Owner Access Review for Employees [source]\",\n \"campaign\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Campaign Name\",\n \"type\": \"CAMPAIGN\",\n \"campaignType\": \"MANAGER\",\n \"description\": \"A description of the campaign\",\n \"correlatedStatus\": \"CORRELATED\",\n \"mandatoryCommentRequirement\": \"NO_DECISIONS\"\n },\n \"completed\": true,\n \"identitiesCompleted\": 5,\n \"identitiesTotal\": 10,\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"decisionsMade\": 20,\n \"decisionsTotal\": 40,\n \"due\": \"2018-10-19T13:49:37.385Z\",\n \"signed\": \"2018-10-19T13:49:37.385Z\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n },\n \"reassignment\": {\n \"from\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Certification Name\",\n \"type\": \"CERTIFICATION\",\n \"reviewer\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"name\": \"Reviewer Name\",\n \"email\": \"reviewer@test.com\",\n \"type\": \"IDENTITY\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\"\n }\n },\n \"comment\": \"Reassigned for a reason\"\n },\n \"hasErrors\": false,\n \"errorMessage\": \"The certification has an error\",\n \"phase\": \"ACTIVE\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8d36bda-2f2e-40c4-b78e-6fee8c5d3d86", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "sign-off" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "662a60e7-34fa-4615-bd56-21f2df56d29d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "sign-off" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53c5b9c4-9020-4d14-95be-f4ebc552d636", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "sign-off" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "41a55200-9643-41b6-a033-a75eb9179e4a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "sign-off" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "15794a7a-bc3b-4435-a760-e4098902fd6b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "sign-off" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b57d02d1-d7d8-44d8-ac40-a0ae5502f57a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "sign-off" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0dc7be9b-5a88-4d9c-a675-051b94316c97", + "name": "Permissions for Entitlement Certification Item", + "request": { + "name": "Permissions for Entitlement Certification Item", + "description": { + "content": "This API returns the permissions associated with an entitlement certification item based on the certification item's ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":certificationId", + "access-review-items", + ":itemId", + "permissions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**target**: *eq, sw*\n\n**rights**: *ca*\n\nSupported composite operators: *and, or*\n\nAll field values (second filter operands) are case-insensitive for this API.\n\nOnly a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field.\n\nFor example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22`\n\nThe following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1", + "type": "text/plain" + }, + "key": "filters", + "value": "target eq \"SYS.OBJAUTH2\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "certificationId", + "disabled": true, + "description": { + "content": "(Required) The certification ID", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2c91808671bcbab40171bd945d961227", + "key": "itemId", + "disabled": true, + "description": { + "content": "(Required) The certification item ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fefead96-c29a-49a2-8115-a0251654a88f", + "name": "A list of permissions associated with the given itemId", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":certificationId", + "access-review-items", + ":itemId", + "permissions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**target**: *eq, sw*\n\n**rights**: *ca*\n\nSupported composite operators: *and, or*\n\nAll field values (second filter operands) are case-insensitive for this API.\n\nOnly a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field.\n\nFor example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22`\n\nThe following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1", + "type": "text/plain" + }, + "key": "filters", + "value": "target eq \"SYS.OBJAUTH2\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n },\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bdf52150-3ae0-4e7a-80db-261ffb75ede6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":certificationId", + "access-review-items", + ":itemId", + "permissions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**target**: *eq, sw*\n\n**rights**: *ca*\n\nSupported composite operators: *and, or*\n\nAll field values (second filter operands) are case-insensitive for this API.\n\nOnly a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field.\n\nFor example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22`\n\nThe following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1", + "type": "text/plain" + }, + "key": "filters", + "value": "target eq \"SYS.OBJAUTH2\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ced3b0a5-5dc1-4ae5-b651-f5cf9b084ba9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":certificationId", + "access-review-items", + ":itemId", + "permissions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**target**: *eq, sw*\n\n**rights**: *ca*\n\nSupported composite operators: *and, or*\n\nAll field values (second filter operands) are case-insensitive for this API.\n\nOnly a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field.\n\nFor example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22`\n\nThe following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1", + "type": "text/plain" + }, + "key": "filters", + "value": "target eq \"SYS.OBJAUTH2\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "740eb7b5-3017-409e-8d75-ba88771c1d04", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":certificationId", + "access-review-items", + ":itemId", + "permissions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**target**: *eq, sw*\n\n**rights**: *ca*\n\nSupported composite operators: *and, or*\n\nAll field values (second filter operands) are case-insensitive for this API.\n\nOnly a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field.\n\nFor example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22`\n\nThe following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1", + "type": "text/plain" + }, + "key": "filters", + "value": "target eq \"SYS.OBJAUTH2\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2d873db3-edb5-42a2-9a3c-01fc73b01a02", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":certificationId", + "access-review-items", + ":itemId", + "permissions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**target**: *eq, sw*\n\n**rights**: *ca*\n\nSupported composite operators: *and, or*\n\nAll field values (second filter operands) are case-insensitive for this API.\n\nOnly a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field.\n\nFor example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22`\n\nThe following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1", + "type": "text/plain" + }, + "key": "filters", + "value": "target eq \"SYS.OBJAUTH2\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6c13db4e-270d-4045-9886-e0250d9861dc", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":certificationId", + "access-review-items", + ":itemId", + "permissions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**target**: *eq, sw*\n\n**rights**: *ca*\n\nSupported composite operators: *and, or*\n\nAll field values (second filter operands) are case-insensitive for this API.\n\nOnly a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field.\n\nFor example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22`\n\nThe following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1", + "type": "text/plain" + }, + "key": "filters", + "value": "target eq \"SYS.OBJAUTH2\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "69c37d88-7048-4554-976e-c31a3e5e361d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":certificationId", + "access-review-items", + ":itemId", + "permissions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**target**: *eq, sw*\n\n**rights**: *ca*\n\nSupported composite operators: *and, or*\n\nAll field values (second filter operands) are case-insensitive for this API.\n\nOnly a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field.\n\nFor example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22`\n\nThe following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1", + "type": "text/plain" + }, + "key": "filters", + "value": "target eq \"SYS.OBJAUTH2\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5cebfa08-20cd-4041-b646-42c19985709c", + "name": "List of Reviewers for certification", + "request": { + "name": "List of Reviewers for certification", + "description": { + "content": "This API returns a list of reviewers for the certification. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "reviewers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**email**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The certification ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2d2c276a-a5e7-4a2f-a929-ce09f3935ecf", + "name": "A list of reviewers", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reviewers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**email**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "934cb674-3e9f-4112-b8f5-c48c59dccf7f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reviewers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**email**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "078e67e4-f1c7-4d99-a195-f435d0c3e585", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reviewers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**email**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f1172f2-b1a7-4369-b1a3-4a19692c84e0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reviewers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**email**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "78db1e69-fc17-4c29-9257-e32b49442f7d", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reviewers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**email**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1bd1389c-7790-43b1-a8b9-59f3dadd2430", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reviewers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**email**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa7e9b37-8d2e-4ee0-bba2-ced1413c3649", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reviewers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**email**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "87a4fc5b-022d-4cc3-862c-c66a08316bda", + "name": "Reassign Certifications Asynchronously", + "request": { + "name": "Reassign Certifications Asynchronously", + "description": { + "content": "This API initiates a task to reassign up to 500 identities or items in an identity campaign certification to another reviewer. The `certification-tasks` API can be used to get an updated status on the task and determine when the reassignment is complete. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "certifications", + ":id", + "reassign-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity campaign certification ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "19970531-cad2-476f-a39e-7cb4301cbc9b", + "name": "A certification task object for the reassignment which can be queried for status.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c918086719eec070171a7e3355a360a\",\n \"type\": \"ADMIN_REASSIGN\",\n \"targetType\": \"CAMPAIGN\",\n \"targetId\": \"2c918086719eec070171a7e3355a834c\",\n \"status\": \"QUEUED\",\n \"errors\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"reassignmentTrailDTOs\": [\n {\n \"previousOwner\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"newOwner\": \"ef38f94347e94562b5bb8424a56397a3\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"previousOwner\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"newOwner\": \"ef38f94347e94562b5bb8424a56397a3\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ],\n \"created\": \"2020-09-24T18:10:47.693Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3bbe78ce-4471-4fb8-a9f1-65cdf674a3a3", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5f351a5d-26ac-4d37-ae7c-afba33fe731f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b0ddc968-1d1f-47cc-9092-916e323cab7d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d4efe48a-ce4a-4283-a9a5-26d60450d7f4", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7c76a573-5e0a-4425-972f-1f4e0bb374b1", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f9f4e39b-37c3-4cb6-87b6-ed70b121cd17", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certifications", + ":id", + "reassign-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassign\": [\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"ITEM\"\n }\n ],\n \"reassignTo\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"reason\": \"reassigned for some reason\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9642ecdc-5bf9-4387-9e45-f7436424f308", + "name": "Certification Task by ID", + "request": { + "name": "Certification Task by ID", + "description": { + "content": "This API returns the certification task for the specified ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for the specified certification can also call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "certification-tasks", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "63b32151-26c0-42f4-9299-8898dc1c9daa", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The task ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "eb4bbd7d-e9fb-4301-b1da-52da6e0174dc", + "name": "A certification task", + "originalRequest": { + "url": { + "path": [ + "certification-tasks", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c918086719eec070171a7e3355a360a\",\n \"type\": \"ADMIN_REASSIGN\",\n \"targetType\": \"CAMPAIGN\",\n \"targetId\": \"2c918086719eec070171a7e3355a834c\",\n \"status\": \"QUEUED\",\n \"errors\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"reassignmentTrailDTOs\": [\n {\n \"previousOwner\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"newOwner\": \"ef38f94347e94562b5bb8424a56397a3\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"previousOwner\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"newOwner\": \"ef38f94347e94562b5bb8424a56397a3\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ],\n \"created\": \"2020-09-24T18:10:47.693Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2188eab3-999d-464b-9818-0b28e3e6bed9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "386e154e-f6df-4c3b-9471-54ae141260c7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "10545e53-38d4-4235-89b7-860005a8d643", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e5c79daa-a6d3-4221-8283-1c80e811554d", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certification-tasks", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64049b80-4d34-4bd1-9ed3-09b7062ba0e8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b392633-2db1-4069-8b67-e83b23dd575c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "78fdb6b4-1cdc-49f8-a33b-797284fd806b", + "name": "List of Pending Certification Tasks", + "request": { + "name": "List of Pending Certification Tasks", + "description": { + "content": "This API returns a list of pending (`QUEUED` or `IN_PROGRESS`) certification tasks. Any authenticated token can call this API, but only certification tasks you are authorized to review will be returned.", + "type": "text/plain" + }, + "url": { + "path": [ + "certification-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of reviewer identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "Ada.1de82e55078344" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**targetId**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"ADMIN_REASSIGN\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b65d0e97-3cde-41c0-b851-467e9c0a42be", + "name": "A list of pending certification tasks", + "originalRequest": { + "url": { + "path": [ + "certification-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of reviewer identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "Ada.1de82e55078344" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**targetId**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"ADMIN_REASSIGN\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c918086719eec070171a7e3355a360a\",\n \"type\": \"ADMIN_REASSIGN\",\n \"targetType\": \"CAMPAIGN\",\n \"targetId\": \"2c918086719eec070171a7e3355a834c\",\n \"status\": \"QUEUED\",\n \"errors\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"reassignmentTrailDTOs\": [\n {\n \"previousOwner\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"newOwner\": \"ef38f94347e94562b5bb8424a56397a3\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"previousOwner\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"newOwner\": \"ef38f94347e94562b5bb8424a56397a3\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ],\n \"created\": \"2020-09-24T18:10:47.693Z\"\n },\n {\n \"id\": \"2c918086719eec070171a7e3355a360a\",\n \"type\": \"ADMIN_REASSIGN\",\n \"targetType\": \"CAMPAIGN\",\n \"targetId\": \"2c918086719eec070171a7e3355a834c\",\n \"status\": \"QUEUED\",\n \"errors\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"reassignmentTrailDTOs\": [\n {\n \"previousOwner\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"newOwner\": \"ef38f94347e94562b5bb8424a56397a3\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"previousOwner\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"newOwner\": \"ef38f94347e94562b5bb8424a56397a3\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ],\n \"created\": \"2020-09-24T18:10:47.693Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64776069-b76d-4cc7-8f74-6313e11a12de", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of reviewer identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "Ada.1de82e55078344" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**targetId**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"ADMIN_REASSIGN\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "36735163-293b-4215-8774-3375380f57d1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of reviewer identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "Ada.1de82e55078344" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**targetId**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"ADMIN_REASSIGN\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ec65e6b-3cb1-4e67-b5b2-f479c163f62e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of reviewer identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "Ada.1de82e55078344" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**targetId**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"ADMIN_REASSIGN\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7870c94e-b594-42c0-9948-adf90ed0ac56", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "certification-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of reviewer identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "Ada.1de82e55078344" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**targetId**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"ADMIN_REASSIGN\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "138b363c-fa17-41f9-81e3-b628e5df107c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of reviewer identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "Ada.1de82e55078344" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**targetId**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"ADMIN_REASSIGN\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9456d78-d8f1-477c-bca9-3a5a45ca2e8d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "certification-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The ID of reviewer identity. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "reviewer-identity", + "value": "Ada.1de82e55078344" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**targetId**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "type eq \"ADMIN_REASSIGN\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Configuration Hub", + "description": "Upload configurations and manage object mappings between tenants.\n\nConfiguration files can be managed and deployed using Configuration Hub by uploading a JSON file which contains configuration data.\n\nThe function of object mapping allows objects with varying names and IDs to be compared. While objects are compared, a user can replace a value in the source tenant with a new value. Object mapping also helps in locating referenced objects to the source object during the drafting process.\n\nRefer to [Uploading a Configuration File](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html#uploading-a-configuration-file) for more information about uploading Configuration Files\n\nRefer to [Mapping Objects](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html#mapping-objects) for more information about object mappings.\n", + "item": [ + { + "id": "c95015ea-9224-44e2-a001-78bfb01420b1", + "name": "Gets list of object mappings", + "request": { + "name": "Gets list of object mappings", + "description": { + "content": "This gets a list of existing object mappings between current org and source org.\nSource org should be \"default\" when getting object mappings that are not associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:read", + "type": "text/plain" + }, + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "source-org", + "key": "sourceOrg", + "disabled": true, + "description": { + "content": "(Required) The name of the source org.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b8ebb5e4-5967-438c-bcba-5019b301bee0", + "name": "List of existing object mappings between current org and source org.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"objectMappingId\": \"3d6e0144-963f-4bd6-8d8d-d77b4e507ce4\",\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true,\n \"created\": \"2024-03-19T23:18:53.732Z\",\n \"modified\": \"2024-03-19T23:18:53.732Z\"\n },\n {\n \"objectMappingId\": \"e1d5cb80-65e2-4f92-ae2e-9588f61cc4cd\",\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"SailPoint Support\",\n \"targetValue\": \"john.doe\",\n \"enabled\": false,\n \"created\": \"2024-03-19T23:18:06.238Z\",\n \"modified\": \"2024-03-19T23:18:06.238Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7c0a5b28-bce5-4e1d-b2ed-ecaa8f6c4288", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f1861249-33b6-4dff-b4b4-625dc7fcffa8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e41ff3ef-0830-4b1d-b5a4-0960a955f628", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c16e3c7d-1229-4c47-8186-83ff7694aed7", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb23f887-2206-452e-bd70-221f7814585c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b656776e-f8d1-4205-872b-c2dd2e020730", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9b3377a0-4dab-49f1-97f6-c3cd0369fa0f", + "name": "Creates an object mapping", + "request": { + "name": "Creates an object mapping", + "description": { + "content": "This creates an object mapping between current org and source org.\nSource org should be \"default\" when creating an object mapping that is not to be associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "source-org", + "key": "sourceOrg", + "disabled": true, + "description": { + "content": "(Required) The name of the source org.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "72c734be-5af8-4718-acac-a4711aea2367", + "name": "The created object mapping between current org and source org.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"objectMappingId\": \"3d6e0144-963f-4bd6-8d8d-d77b4e507ce4\",\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true,\n \"created\": \"2024-03-19T23:18:53.732Z\",\n \"modified\": \"2024-03-19T23:18:53.732Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b9a9b17b-ec44-409d-b637-48fe24fad039", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "408f6fc3-b865-4625-9d1c-c7d9a86aa419", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "070e7f58-bd97-4bfd-9400-c1b9411b56b5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f055c6f7-5eff-4849-a3c1-c10fe361e21b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ccdbc660-369e-4c72-8a13-8265abe484dc", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "564970f2-4674-4a1f-896b-3c211c25ced1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"GOVERNANCE_GROUP\",\n \"jsonPath\": \"$.description\",\n \"sourceValue\": \"Sample Governance Group\",\n \"targetValue\": \"Sample Governance Group - Updated\",\n \"enabled\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9a604f87-8911-4ca5-9cb2-d3654979c2b5", + "name": "Deletes an object mapping", + "request": { + "name": "Deletes an object mapping", + "description": { + "content": "This deletes an existing object mapping.\nSource org should be \"default\" when deleting an object mapping that is not associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + ":objectMappingId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "source-org", + "key": "sourceOrg", + "disabled": true, + "description": { + "content": "(Required) The name of the source org.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "3d6e0144-963f-4bd6-8d8d-d77b4e507ce4", + "key": "objectMappingId", + "disabled": true, + "description": { + "content": "(Required) The id of the object mapping to be deleted.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "db559dd0-721c-4177-881d-b507b286a562", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + ":objectMappingId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "71084965-b089-4f14-8f86-008d2b1a475a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + ":objectMappingId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4524ed32-da3a-4a4a-9cdc-d74a1d3923b4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + ":objectMappingId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b964c8e0-c231-442e-bc77-70444dcd31ea", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + ":objectMappingId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af43bdf2-6fbc-4b4d-b7b6-090e0364af9b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + ":objectMappingId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9fcc321-82c0-4f46-9e66-efe92ac24922", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + ":objectMappingId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2277f20d-85be-4b96-a15a-b94219df70ca", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + ":objectMappingId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9efb8f94-36a5-44cd-a32f-83ecc8dfec53", + "name": "Bulk creates object mappings", + "request": { + "name": "Bulk creates object mappings", + "description": { + "content": "This creates a set of object mappings (Max 25) between current org and source org.\nSource org should be \"default\" when creating object mappings that are not to be associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "source-org", + "key": "sourceOrg", + "disabled": true, + "description": { + "content": "(Required) The name of the source org.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newObjectsMappings\": [\n {\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true\n },\n {\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "1efcc95c-ba65-4548-8af0-09087cfd56a3", + "name": "The created object mapping between current org and source org.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newObjectsMappings\": [\n {\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true\n },\n {\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"addedObjects\": [\n {\n \"objectMappingId\": \"603b1a61-d03d-4ed1-864f-a508fbd1995d\",\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true,\n \"created\": \"2024-03-25T15:50:41.314Z\",\n \"modified\": \"2024-03-25T15:50:41.299Z\"\n },\n {\n \"objectMappingId\": \"00bece34-f50d-4227-8878-76f620b5a971\",\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true,\n \"created\": \"2024-03-25T15:50:41.316Z\",\n \"modified\": \"2024-03-25T15:50:41.316Z\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a2a09c30-9163-4376-9521-ca1ee2b8b275", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newObjectsMappings\": [\n {\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true\n },\n {\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8b33f2b0-568e-4d53-8344-49960da6b7d6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newObjectsMappings\": [\n {\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true\n },\n {\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f0258768-5500-46dd-8429-404788c18883", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newObjectsMappings\": [\n {\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true\n },\n {\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3313bbe3-adc0-4ec1-8933-4b81571d0d58", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newObjectsMappings\": [\n {\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true\n },\n {\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b74cff4a-93b0-4156-ba30-f79c35383bb4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newObjectsMappings\": [\n {\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true\n },\n {\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "adbb09e6-71e2-428c-9ad6-dc4bc0e62f1a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"newObjectsMappings\": [\n {\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true\n },\n {\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "21bf80ab-68b8-4cba-ad8f-6574fa6394c3", + "name": "Bulk updates object mappings", + "request": { + "name": "Bulk updates object mappings", + "description": { + "content": "This updates a set of object mappings, only enabled and targetValue fields can be updated.\nSource org should be \"default\" when updating object mappings that are not associated to any particular org.\nThe request will need the following security scope:\n- sp:config-object-mapping:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-patch" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "source-org", + "key": "sourceOrg", + "disabled": true, + "description": { + "content": "(Required) The name of the source org.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"patches\": {\n \"603b1a61-d03d-4ed1-864f-a508fbd1995d\": [\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n ],\n \"00bece34-f50d-4227-8878-76f620b5a971\": [\n {\n \"op\": \"replace\",\n \"path\": \"/targetValue\",\n \"value\": \"New Target Value\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "de36993f-1363-4d05-b029-7ab4b021d5e9", + "name": "The updated object mappings.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-patch" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"patches\": {\n \"603b1a61-d03d-4ed1-864f-a508fbd1995d\": [\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n ],\n \"00bece34-f50d-4227-8878-76f620b5a971\": [\n {\n \"op\": \"replace\",\n \"path\": \"/targetValue\",\n \"value\": \"New Target Value\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"patchedObjects\": [\n {\n \"objectMappingId\": \"603b1a61-d03d-4ed1-864f-a508fbd1995d\",\n \"objectType\": \"SOURCE\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original SOURCE Name\",\n \"targetValue\": \"New SOURCE Name\",\n \"enabled\": true,\n \"created\": \"2024-03-25T15:50:41.314Z\",\n \"modified\": \"2024-03-25T15:50:41.299Z\"\n },\n {\n \"objectMappingId\": \"00bece34-f50d-4227-8878-76f620b5a971\",\n \"objectType\": \"IDENTITY\",\n \"jsonPath\": \"$.name\",\n \"sourceValue\": \"Original IDENTITY Name\",\n \"targetValue\": \"New IDENTITY Name \",\n \"enabled\": true,\n \"created\": \"2024-03-25T15:50:41.316Z\",\n \"modified\": \"2024-03-25T15:50:41.316Z\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3e9aafda-9670-4f6a-a4fc-a60d45a6aaca", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-patch" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"patches\": {\n \"603b1a61-d03d-4ed1-864f-a508fbd1995d\": [\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n ],\n \"00bece34-f50d-4227-8878-76f620b5a971\": [\n {\n \"op\": \"replace\",\n \"path\": \"/targetValue\",\n \"value\": \"New Target Value\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0691d4f1-b2f2-448a-946d-fa607cd33db2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-patch" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"patches\": {\n \"603b1a61-d03d-4ed1-864f-a508fbd1995d\": [\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n ],\n \"00bece34-f50d-4227-8878-76f620b5a971\": [\n {\n \"op\": \"replace\",\n \"path\": \"/targetValue\",\n \"value\": \"New Target Value\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "992dbbc5-300d-49e9-b028-2bfd1df90e58", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-patch" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"patches\": {\n \"603b1a61-d03d-4ed1-864f-a508fbd1995d\": [\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n ],\n \"00bece34-f50d-4227-8878-76f620b5a971\": [\n {\n \"op\": \"replace\",\n \"path\": \"/targetValue\",\n \"value\": \"New Target Value\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b2017230-66b6-4be8-b1fa-6b67d1f52173", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-patch" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"patches\": {\n \"603b1a61-d03d-4ed1-864f-a508fbd1995d\": [\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n ],\n \"00bece34-f50d-4227-8878-76f620b5a971\": [\n {\n \"op\": \"replace\",\n \"path\": \"/targetValue\",\n \"value\": \"New Target Value\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "93ecc79d-4795-454c-b7ba-a824f8fe7726", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-patch" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"patches\": {\n \"603b1a61-d03d-4ed1-864f-a508fbd1995d\": [\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n ],\n \"00bece34-f50d-4227-8878-76f620b5a971\": [\n {\n \"op\": \"replace\",\n \"path\": \"/targetValue\",\n \"value\": \"New Target Value\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "553de3a6-5515-4550-b857-72c6b359bc11", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "object-mappings", + ":sourceOrg", + "bulk-patch" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"patches\": {\n \"603b1a61-d03d-4ed1-864f-a508fbd1995d\": [\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n ],\n \"00bece34-f50d-4227-8878-76f620b5a971\": [\n {\n \"op\": \"replace\",\n \"path\": \"/targetValue\",\n \"value\": \"New Target Value\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "96617228-d873-458c-adf6-db0176f37a8c", + "name": "Uploads a backup file", + "request": { + "name": "Uploads a backup file", + "description": { + "content": "This post will upload a JSON backup file into a tenant. Configuration files can be managed and deployed via Configuration Hub by uploading a json file which contains configuration data. The JSON file should be the same as the one used by our import endpoints. The object types that currently support by upload file functionality are the same as the ones supported by our regular backup functionality. here: [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).\n\nThe request will need the following security scope:\n- sp:config:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "minim mollit magna", + "type": "text" + }, + { + "description": { + "content": "(Required) Name that will be assigned to the uploaded file.", + "type": "text/plain" + }, + "key": "name", + "value": "adipisicing do est", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "5a4fecea-ced4-433b-9e82-a48f31c84b72", + "name": "Upload job accepted and queued for processing.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "minim mollit magna", + "type": "text" + }, + { + "description": { + "content": "(Required) Name that will be assigned to the uploaded file.", + "type": "text/plain" + }, + "key": "name", + "value": "adipisicing do est", + "type": "text" + } + ] + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"jobId\": \"3469b87d-48ca-439a-868f-2160001da8c1\",\n \"status\": \"COMPLETE\",\n \"type\": \"BACKUP\",\n \"created\": \"2021-05-11T22:23:16Z\",\n \"modified\": \"2021-05-11T22:23:16Z\",\n \"tenant\": \"uploaderTenant\",\n \"requesterName\": \"support\",\n \"name\": \"A_NEW_UPLOADED_BACKUP\",\n \"userCanDelete\": false,\n \"isPartial\": false,\n \"backupType\": \"UPLOADED\",\n \"hydrationStatus\": \"NOT_HYDRATED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "94072cbf-aa18-4f20-b629-7fb9aefaa3db", + "name": "Client Error - Returned if the request body is invalid.\n", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "minim mollit magna", + "type": "text" + }, + { + "description": { + "content": "(Required) Name that will be assigned to the uploaded file.", + "type": "text/plain" + }, + "key": "name", + "value": "adipisicing do est", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9cddb365-45c0-4fb7-993b-08ccec1413e8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "minim mollit magna", + "type": "text" + }, + { + "description": { + "content": "(Required) Name that will be assigned to the uploaded file.", + "type": "text/plain" + }, + "key": "name", + "value": "adipisicing do est", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e284ba4d-ab29-4827-9af8-854d73992101", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "minim mollit magna", + "type": "text" + }, + { + "description": { + "content": "(Required) Name that will be assigned to the uploaded file.", + "type": "text/plain" + }, + "key": "name", + "value": "adipisicing do est", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0f5e67cb-e3b1-43be-8f1e-2806f58b4537", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "minim mollit magna", + "type": "text" + }, + { + "description": { + "content": "(Required) Name that will be assigned to the uploaded file.", + "type": "text/plain" + }, + "key": "name", + "value": "adipisicing do est", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5949c34d-a4d3-4302-8799-9b48f5eb4509", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "minim mollit magna", + "type": "text" + }, + { + "description": { + "content": "(Required) Name that will be assigned to the uploaded file.", + "type": "text/plain" + }, + "key": "name", + "value": "adipisicing do est", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ac4d4af4-285b-48a9-af23-8ff3fc8c967e", + "name": "Gets list of Uploaded backups", + "request": { + "name": "Gets list of Uploaded backups", + "description": { + "content": "Returns a list of the current uploaded backups associated with the current tenant.\nA filter \"status\" can be added to only return the Completed, Failed, or Successful uploads", + "type": "text/plain" + }, + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter listed uploaded backups by status of operation", + "type": "text/plain" + }, + "key": "status", + "value": "COMPLETE" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "58136687-4d66-4e56-ac45-74949358cf19", + "name": "List of existing uploaded backups.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter listed uploaded backups by status of operation", + "type": "text/plain" + }, + "key": "status", + "value": "COMPLETE" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"jobId\": \"3d0fe04b-57df-4a46-a83b-8f04b0f9d10b\",\n \"status\": \"FAILED\",\n \"type\": \"BACKUP\",\n \"tenant\": \"someTenant\",\n \"message\": \"com.sailpoint.sp.config.exception.IncorrectBackupUploadFormatException: Uploaded backup file could not be parsed to correct format.\",\n \"requesterName\": \"support\",\n \"fileExists\": false,\n \"created\": \"2024-04-04T17:29:16.904Z\",\n \"modified\": \"2024-04-04T17:29:17.076Z\",\n \"name\": \"dfs\",\n \"userCanDelete\": false,\n \"isPartial\": false,\n \"backupType\": \"UPLOADED\",\n \"hydrationStatus\": \"NOT_HYDRATED\",\n \"totalObjectCount\": 0\n },\n {\n \"jobId\": \"281d421c-0643-4004-9fe5-29a95d2f73df\",\n \"status\": \"COMPLETE\",\n \"type\": \"BACKUP\",\n \"tenant\": \"someTenant\",\n \"requesterName\": \"support\",\n \"fileExists\": true,\n \"created\": \"2024-03-07T21:11:00.375Z\",\n \"modified\": \"2024-03-07T21:11:25.046Z\",\n \"completed\": \"2024-03-07T21:11:00.66Z\",\n \"name\": \"test1\",\n \"userCanDelete\": false,\n \"isPartial\": false,\n \"backupType\": \"UPLOADED\",\n \"hydrationStatus\": \"HYDRATED\",\n \"totalObjectCount\": 64\n },\n {\n \"jobId\": \"4831ad5c-f6cf-42a6-a191-8c4abec30006\",\n \"status\": \"COMPLETE\",\n \"type\": \"BACKUP\",\n \"tenant\": \"someTenant\",\n \"requesterName\": \"support\",\n \"fileExists\": true,\n \"created\": \"2024-02-26T18:19:26.312Z\",\n \"modified\": \"2024-02-26T18:19:40.773Z\",\n \"completed\": \"2024-02-26T18:19:26.545Z\",\n \"name\": \"testing Daniel\",\n \"userCanDelete\": false,\n \"isPartial\": false,\n \"backupType\": \"UPLOADED\",\n \"hydrationStatus\": \"HYDRATED\",\n \"totalObjectCount\": 64\n },\n {\n \"jobId\": \"2ea830f3-2b14-4772-8a20-3d006742e419\",\n \"status\": \"COMPLETE\",\n \"type\": \"BACKUP\",\n \"tenant\": \"someTenant\",\n \"requesterName\": \"support\",\n \"fileExists\": true,\n \"created\": \"2024-02-20T22:08:31.064Z\",\n \"modified\": \"2024-02-20T22:13:15.662Z\",\n \"completed\": \"2024-02-20T22:08:31.689Z\",\n \"name\": \"something new\",\n \"userCanDelete\": false,\n \"isPartial\": false,\n \"backupType\": \"UPLOADED\",\n \"hydrationStatus\": \"HYDRATED\",\n \"totalObjectCount\": 2\n },\n {\n \"jobId\": \"473b5cef-90e4-4cb3-ad43-7671c17d3a46\",\n \"status\": \"COMPLETE\",\n \"type\": \"BACKUP\",\n \"tenant\": \"someTenant\",\n \"requesterName\": \"support\",\n \"fileExists\": true,\n \"created\": \"2024-02-19T21:30:07.947Z\",\n \"modified\": \"2024-02-19T21:31:01.65Z\",\n \"completed\": \"2024-02-19T21:30:08.195Z\",\n \"name\": \"test upload\",\n \"userCanDelete\": false,\n \"isPartial\": false,\n \"backupType\": \"UPLOADED\",\n \"hydrationStatus\": \"HYDRATED\",\n \"totalObjectCount\": 2\n },\n {\n \"jobId\": \"09491993-9cb6-49a7-8d37-8bef54d33502\",\n \"status\": \"COMPLETE\",\n \"type\": \"BACKUP\",\n \"tenant\": \"someTenant\",\n \"requesterName\": \"support\",\n \"fileExists\": true,\n \"created\": \"2024-02-19T19:54:15.373Z\",\n \"modified\": \"2024-02-19T20:39:00.341Z\",\n \"completed\": \"2024-02-19T19:54:15.605Z\",\n \"name\": \"Testing Daniel\",\n \"userCanDelete\": false,\n \"isPartial\": false,\n \"backupType\": \"UPLOADED\",\n \"hydrationStatus\": \"HYDRATED\",\n \"totalObjectCount\": 2\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40c0227d-8e6c-4214-9e5b-3fec6c9be810", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter listed uploaded backups by status of operation", + "type": "text/plain" + }, + "key": "status", + "value": "COMPLETE" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "81d00438-ac0c-4753-b607-567331970455", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter listed uploaded backups by status of operation", + "type": "text/plain" + }, + "key": "status", + "value": "COMPLETE" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f35ea03a-b903-4468-a732-06f73356598a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter listed uploaded backups by status of operation", + "type": "text/plain" + }, + "key": "status", + "value": "COMPLETE" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6da41efe-a3b1-40c4-82de-735c9714751a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter listed uploaded backups by status of operation", + "type": "text/plain" + }, + "key": "status", + "value": "COMPLETE" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d4a9aa9-edfd-4db1-836e-f20f7d6fa116", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter listed uploaded backups by status of operation", + "type": "text/plain" + }, + "key": "status", + "value": "COMPLETE" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "22635c51-4aa4-4896-91ba-2429be14870c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter listed uploaded backups by status of operation", + "type": "text/plain" + }, + "key": "status", + "value": "COMPLETE" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8eb54579-79a5-49d1-b78e-0d22c2daef37", + "name": "Deletes an uploaded backup file", + "request": { + "name": "Deletes an uploaded backup file", + "description": { + "content": "This deletes an Uploaded backup based on job ID.\nOn success, this endpoint will return an empty response.\nThe job id can be obtained from the response after a successful upload, or the list uploads endpoint.\nThe following scopes are required to access this endpoint: sp:config:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "3d0fe04b-57df-4a46-a83b-8f04b0f9d10b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The id of the uploaded backup.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "61904ec0-1080-4029-86ad-9e680ad5592a", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "ed3b7753-dfd9-4825-aac2-be1ce1993f02", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cd4f44e8-509f-4acf-b4d0-681456eeb5c0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3685ba6c-8e88-4699-8a9f-344382a9b605", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "39fd3aa2-6c0f-426d-8f43-8dce83b25c57", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b0acddc-c8b5-4ea3-8968-4d765499b525", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "afa49def-b19c-43e5-b372-a1b78fefb468", + "name": "Get an uploaded backup's information", + "request": { + "name": "Get an uploaded backup's information", + "description": { + "content": "Returns all the information and status of an upload job.\n- sp:config-backups:read", + "type": "text/plain" + }, + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "3d0fe04b-57df-4a46-a83b-8f04b0f9d10b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The id of the uploaded backup.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "54829d5d-b3ca-4e28-b9b6-45371ecacf3f", + "name": "List of existing uploaded backups.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"jobId\": \"2ea830f3-2b14-4772-8a20-3d006742e419\",\n \"status\": \"COMPLETE\",\n \"type\": \"BACKUP\",\n \"tenant\": \"someTenant\",\n \"requesterName\": \"support\",\n \"fileExists\": true,\n \"created\": \"2024-02-20T22:08:31.064Z\",\n \"modified\": \"2024-02-20T22:13:15.662Z\",\n \"completed\": \"2024-02-20T22:08:31.689Z\",\n \"name\": \"something new\",\n \"userCanDelete\": false,\n \"isPartial\": false,\n \"backupType\": \"UPLOADED\",\n \"hydrationStatus\": \"HYDRATED\",\n \"totalObjectCount\": 2\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cb1e7671-06f8-42d7-bc68-51191c14eb9e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b15cdba-6601-4935-b802-e9721a27620c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "34cc7912-681f-40f1-a89d-f0b8e4b12323", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "740ce16a-fea1-463a-9e30-6915e69228cb", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c92fdc32-c3ea-4329-a735-eaba374a7ffc", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6bff3b85-3625-4095-92b1-a9e5fb877105", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "configuration-hub", + "backups", + "uploads", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Connector Rule Management", + "description": "", + "item": [ + { + "id": "bafc0d19-7d90-4943-8574-9f107963e461", + "name": "List Connector Rules", + "request": { + "name": "List Connector Rules", + "description": { + "content": "Returns the list of connector rules.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "207bc8b0-8187-4a89-a6b2-d9785ed81a49", + "name": "A list of connector rules", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"created\": \"021-07-22T15:59:23Z\",\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {},\n \"modified\": \"021-07-22T15:59:23Z\"\n },\n {\n \"created\": \"021-07-22T15:59:23Z\",\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {},\n \"modified\": \"021-07-22T15:59:23Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "29ccfccb-061a-4069-9211-76ed4ac32123", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0dfd42b8-a91a-443f-ad83-fd8bf2edf96a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6ea8fb9-a299-458b-a3f3-ff5a4977ce11", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2155de24-9004-439c-bf2e-ea13f6e307f2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4686d8bf-f33d-4603-b5be-d2f3a0a38c68", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "724fee9d-d8ab-46cf-bff8-2c7d91a704ce", + "name": "Create Connector Rule", + "request": { + "name": "Create Connector Rule", + "description": { + "content": "Creates a new connector rule.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"WebServiceBeforeOperationRule\",\n \"type\": \"BuildMap\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "e1d8f8a9-69d8-46fb-a824-407ef495054e", + "name": "The created connector rule", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"WebServiceBeforeOperationRule\",\n \"type\": \"BuildMap\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"021-07-22T15:59:23Z\",\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {},\n \"modified\": \"021-07-22T15:59:23Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc97bc24-61ba-4040-86b4-aa92ac6f9ed9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"WebServiceBeforeOperationRule\",\n \"type\": \"BuildMap\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "957c7b6a-8696-4b3f-bc6a-ecbdd12c7552", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"WebServiceBeforeOperationRule\",\n \"type\": \"BuildMap\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e7ec705-0d11-407d-9f6e-1b327ef3b0cc", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"WebServiceBeforeOperationRule\",\n \"type\": \"BuildMap\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70d33030-0181-4ebc-993c-1f20ce055a7b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"WebServiceBeforeOperationRule\",\n \"type\": \"BuildMap\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "802ec0a2-db28-4971-b9bb-5ba78892d464", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connector-rules" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"WebServiceBeforeOperationRule\",\n \"type\": \"BuildMap\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "68d45522-1c16-48b6-a70b-0110a85c1455", + "name": "Connector-Rule by ID", + "request": { + "name": "Connector-Rule by ID", + "description": { + "content": "Returns the connector rule specified by ID.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the connector rule to retrieve", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e6829410-7d30-4a17-a361-985233c7bdc8", + "name": "Connector rule with the given ID", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"021-07-22T15:59:23Z\",\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {},\n \"modified\": \"021-07-22T15:59:23Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64146e10-6ad2-40e6-99a9-2cf345582657", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "88c49554-275e-4deb-bbaf-d099465d661e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c82324c9-aa07-41f2-a242-2a37eb9f417b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6c6353c5-c86d-4014-9da6-34562e933c06", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fab727df-45dd-4d83-b4c4-e0c46358e9fa", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "278fa6d4-aa75-49db-ba32-c080f8a84d87", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "deb38365-1b0a-4255-a809-9f4e907d7959", + "name": "Update a Connector Rule", + "request": { + "name": "Update a Connector Rule", + "description": { + "content": "Updates an existing connector rule with the one provided in the request body. Note that the fields 'id', 'name', and 'type' are immutable.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the connector rule to update", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "5d097d7a-53d2-41e9-8109-a933512a4683", + "name": "The updated connector rule", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"021-07-22T15:59:23Z\",\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {},\n \"modified\": \"021-07-22T15:59:23Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "861a3799-84b2-497b-9266-34d1ab55211b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2cc49298-560e-4a43-950f-22b59fbd6ea1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0077bce7-4420-47c4-8604-fff8bb074cba", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a0dab7af-101d-45b9-99d0-c6d55286cedc", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5efd5250-f8a8-473a-a2b4-e6e950b8b9a2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d69b8e52-8deb-4512-83f7-13757f764696", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"8113d48c0b914f17b4c6072d4dcb9dfe\",\n \"name\": \"WebServiceBeforeOperationRule\",\n \"sourceCode\": {\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n },\n \"type\": \"BuildMap\",\n \"description\": \"This rule does that\",\n \"signature\": {\n \"input\": [\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n },\n {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n ],\n \"output\": {\n \"name\": \"firstName\",\n \"description\": \"the first name of the identity\",\n \"type\": \"String\"\n }\n },\n \"attributes\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b7156c04-53e2-43d5-8906-b7f472724157", + "name": "Delete a Connector-Rule", + "request": { + "name": "Delete a Connector-Rule", + "description": { + "content": "Deletes the connector rule specified by the given ID.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the connector rule to delete", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "2a7eb1f4-6bfb-443f-b12d-f436e98d79cb", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "b0e57d6c-6631-4aad-b6f1-d70980043d43", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd9a6a88-d1d3-4931-9b8d-2f2becaae28a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1459013c-f63a-499d-90bb-c3520b0a6242", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2aba9375-81a5-4fdf-bd3d-c243fb674e71", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "22ca5962-6cad-4736-8e6e-ce2a82fa550f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "db4958ce-63ed-46d0-b750-0a455dd18477", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "48e3069e-c2b4-4a43-8d80-90e0a9dbae35", + "name": "Validate Connector Rule", + "request": { + "name": "Validate Connector Rule", + "description": { + "content": "Returns a list of issues within the code to fix, if any.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connector-rules", + "validate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "b7b7e970-21af-4fa4-8eff-40bdb828744c", + "name": "The status of the code's eligibility as a connector rule", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + "validate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"state\": \"ERROR\",\n \"details\": [\n {\n \"line\": 2,\n \"column\": 5,\n \"messsage\": \"Remove reference to .decrypt(\"\n },\n {\n \"line\": 2,\n \"column\": 5,\n \"messsage\": \"Remove reference to .decrypt(\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1fb6ab79-6f93-46ea-b5e1-1dc32fdcf847", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + "validate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7f22dc80-36bc-4ad5-8701-30ab0d3724f1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + "validate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f936d4e-4373-4503-b660-9d85b9eedebc", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + "validate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3bd1a8e-8600-40e4-a763-9780d1ecaae7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + "validate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f61c079-b62f-4e29-92ba-27e30873fe58", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connector-rules", + "validate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"version\": \"1.0\",\n \"script\": \"return \\\"Mr. \\\" + firstName;\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Connectors", + "description": "Use this API to implement connector functionality.\nWith this functionality in place, administrators can view available connectors.\n\nConnectors are the bridges Identity Security Cloud uses to communicate with and aggregate data from sources.\nFor example, if it is necessary to set up a connection between Identity Security Cloud and the Active Directory source, a connector can bridge the two and enable Identity Security Cloud to synchronize data between the systems.\nThis ensures account entitlements and states are correct throughout the organization.\n\nIn Identity Security Cloud, administrators can use the Connections drop-down menu and select Sources to view the available source connectors.\n\nRefer to [Identity Security Cloud Connectors](https://documentation.sailpoint.com/connectors/identitynow/landingpages/help/landingpages/identitynow_connectivity_landing.html) for more information about the connectors available in Identity Security Cloud.\n\nRefer to [SaaS Connectivity](https://developer.sailpoint.com/docs/connectivity/saas-connectivity/) for more information about the SaaS custom connectors that do not need VAs (virtual appliances) to communicate with their sources.\n\nRefer to [Managing Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) for more information about using connectors in Identity Security Cloud.\n", + "item": [ + { + "id": "af964892-5728-4d35-bf61-19e80f43bf79", + "name": "Gets connector by script name", + "request": { + "name": "Gets connector by script name", + "description": { + "content": "Fetches a connector that using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b2492970-54d2-4372-9d03-dee479b5a95a", + "name": "A Connector Dto object", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"name\",\n \"type\": \"ServiceNow\",\n \"className\": \"class name\",\n \"scriptName\": \"servicenow\",\n \"applicationXml\": \"\\n\\n\\n\",\n \"correlationConfigXml\": \"\\n\\n\\n\\n\\n\\n\\t\\n\\t\\t\\n\\t\\t\\n\\t\\t\\n\\t\\n\\n\",\n \"sourceConfigXml\": \"
\\n \\n \\n \\n \\n\\n \\n
\",\n \"sourceConfig\": \"
\\n \\n \\n \\n \\n\\n \\n
\",\n \"sourceConfigFrom\": \"sp-connect\",\n \"s3Location\": \"custom-connector/scriptname\",\n \"uploadedFiles\": [\n \"pod/org/connectorFiles/testconnector/test1.jar\"\n ],\n \"fileUpload\": true,\n \"directConnect\": true,\n \"translationProperties\": {\n \"de\": \"# Copyright (C) 2024 SailPoint Technologies, Inc. All rights reserved.\\n# DO NOT EDIT. This file is generated by \\\"sailpointTranslate\\\" command.\\nmenuLabel_ConnectionSettings=Verbindungseinstellungen\\nmenuLabel_AggregationSettings=Aggregationseinstellungen\\nsectionLabel_AuthenticationSettings=Verbindungseinstellungen\\nsectionLabel_AggregationSettings=Aggregationseinstellungen\\nsectionInfo_AuthenticationSettings=Konfigurieren Sie eine direkte Verbindung zwischen der Quelle Delinea Secret Server On-Premise und IdentityNow.

Geben Sie bei Zeit\\\\u00fcberschreitung bei Verbindung die maximal erlaubte Zeitdauer (in Minuten) f\\\\u00fcr die Verbindung von IdentityNow mit der Quelle ein.

Geben Sie die Host-URL der Delinea-SCIM-Serverquelle ein.

Geben Sie den API-Token der Quelle zur Authentifizierung ein.\\nsectionInfo_AggregationSettings=Geben Sie die Einstellungen f\\\\u00fcr Ihre Aggregation an.

Geben Sie in das Feld Seitengr\\\\u00f6\\\\u00dfe die Anzahl an Kontoeintr\\\\u00e4gen ein, die auf einer einzelnen Seite aggregiert werden sollen, wenn gro\\\\u00dfe Datens\\\\u00e4tze durchlaufen werden.
\\\\n
Geben Sie im Kontofilter die Bedingungen f\\\\u00fcr den Kontofilter an. Beispiel: userName sw \\\"S\\\"

Geben Sie im Gruppenfilter die Gruppenfilterbedingungen an. Beispiel: displayName sw \\\"S\\\".\\nplaceHolder_accAggregation=userName sw \\\"S\\\"\\nplaceHolder_grpAggregation=displayName sw \\\"S\\\"\\nplaceHolder_host=https://{Delinea_SCIM_Server_host}/v2\\ndocLinkLabel_AuthenticationSettings=Mehr \\\\u00fcber Verbindungseinstellungen\\ndocLinkLabel_Filters=Mehr \\\\u00fcber Konto- und Gruppenfilter\\nHostURL=Host-URL\\nConnectionTimeout=Zeit\\\\u00fcberschreitung bei Verbindung\\nAPI_TOKEN=API-Token\\nJSONPathMapping=JSON-Path-Attribut-Mapping\\nFilterConditionForAccounts=Kontofilter\\nFilterConditionForGroups=Gruppenfilter\\nPage_Size=Seitengr\\\\u00f6\\\\u00dfe\\nSchemaAttribute=Schema-Attribut\\nJSONpath=JSON-Pfad\\nShortDesc=Das Integrationsmodul IdentityNow f\\\\u00fcr Delinea Secret Server On-Premise bietet die M\\\\u00f6glichkeit einer tiefen Governance f\\\\u00fcr Konten und Gruppen. Es unterst\\\\u00fctzt au\\\\u00dferdem das End-to-End-Lebenszyklus-Management.\"\n },\n \"connectorMetadata\": {\n \"supportedUI\": \"EXTJS\",\n \"platform\": \"ccg\",\n \"shortDesc\": \"connector description\"\n },\n \"status\": \"RELEASED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "742bcd9d-50c6-40e0-be1a-73857af1b7b6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bdcf5ad6-1ce8-43db-8314-f1387f308c40", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc433718-53e0-47db-a053-46f3ccb455c7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ca1a7d0-96a5-4219-9805-577100df95f1", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8b955f3c-4129-47b1-9b5b-9675ea7d7592", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4a1963b-69a9-4824-915d-335d829e9c79", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "68ee01cd-5ee3-4825-8044-1e185c5c720e", + "name": "Deletes connector by script name", + "request": { + "name": "Deletes connector by script name", + "description": { + "content": "Delete a custom connector that using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "5ea61ccc-0e25-4044-b774-c8bb9d44edb5", + "name": "The custom connector was successfully deleted.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "4dd70365-9064-47ed-ab0e-087aa3e93be8", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fd4ccd8d-9de1-4599-b628-1e8e8be8db3c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5f6ae2a6-ed0e-4431-862e-72922b2aa5c4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "efc3d76d-9157-4e52-b6b2-64b181860dad", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "614910af-98da-41f6-b6ef-499a018250ba", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5efe84bf-05e3-49b6-b20c-6e42a0915140", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "314f0266-e271-43ac-bcf8-1a39a11b75ac", + "name": "Update connector by script name", + "request": { + "name": "Update connector by script name", + "description": { + "content": "Patch a custom connector that using its script name.\nA token with ORG_ADMIN authority is required to call this API. The following fields are patchable: * connectorMetadata * applicationXml * correlationConfigXml * sourceConfigXml", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "81bcb6af-6df7-4451-86a0-b4b2ff8cc5cd", + "name": "A updated Connector Dto object", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"name\",\n \"type\": \"ServiceNow\",\n \"className\": \"class name\",\n \"scriptName\": \"servicenow\",\n \"applicationXml\": \"\\n\\n\\n\",\n \"correlationConfigXml\": \"\\n\\n\\n\\n\\n\\n\\t\\n\\t\\t\\n\\t\\t\\n\\t\\t\\n\\t\\n\\n\",\n \"sourceConfigXml\": \"
\\n \\n \\n \\n \\n\\n \\n
\",\n \"sourceConfig\": \"
\\n \\n \\n \\n \\n\\n \\n
\",\n \"sourceConfigFrom\": \"sp-connect\",\n \"s3Location\": \"custom-connector/scriptname\",\n \"uploadedFiles\": [\n \"pod/org/connectorFiles/testconnector/test1.jar\"\n ],\n \"fileUpload\": true,\n \"directConnect\": true,\n \"translationProperties\": {\n \"de\": \"# Copyright (C) 2024 SailPoint Technologies, Inc. All rights reserved.\\n# DO NOT EDIT. This file is generated by \\\"sailpointTranslate\\\" command.\\nmenuLabel_ConnectionSettings=Verbindungseinstellungen\\nmenuLabel_AggregationSettings=Aggregationseinstellungen\\nsectionLabel_AuthenticationSettings=Verbindungseinstellungen\\nsectionLabel_AggregationSettings=Aggregationseinstellungen\\nsectionInfo_AuthenticationSettings=Konfigurieren Sie eine direkte Verbindung zwischen der Quelle Delinea Secret Server On-Premise und IdentityNow.

Geben Sie bei Zeit\\\\u00fcberschreitung bei Verbindung die maximal erlaubte Zeitdauer (in Minuten) f\\\\u00fcr die Verbindung von IdentityNow mit der Quelle ein.

Geben Sie die Host-URL der Delinea-SCIM-Serverquelle ein.

Geben Sie den API-Token der Quelle zur Authentifizierung ein.\\nsectionInfo_AggregationSettings=Geben Sie die Einstellungen f\\\\u00fcr Ihre Aggregation an.

Geben Sie in das Feld Seitengr\\\\u00f6\\\\u00dfe die Anzahl an Kontoeintr\\\\u00e4gen ein, die auf einer einzelnen Seite aggregiert werden sollen, wenn gro\\\\u00dfe Datens\\\\u00e4tze durchlaufen werden.
\\\\n
Geben Sie im Kontofilter die Bedingungen f\\\\u00fcr den Kontofilter an. Beispiel: userName sw \\\"S\\\"

Geben Sie im Gruppenfilter die Gruppenfilterbedingungen an. Beispiel: displayName sw \\\"S\\\".\\nplaceHolder_accAggregation=userName sw \\\"S\\\"\\nplaceHolder_grpAggregation=displayName sw \\\"S\\\"\\nplaceHolder_host=https://{Delinea_SCIM_Server_host}/v2\\ndocLinkLabel_AuthenticationSettings=Mehr \\\\u00fcber Verbindungseinstellungen\\ndocLinkLabel_Filters=Mehr \\\\u00fcber Konto- und Gruppenfilter\\nHostURL=Host-URL\\nConnectionTimeout=Zeit\\\\u00fcberschreitung bei Verbindung\\nAPI_TOKEN=API-Token\\nJSONPathMapping=JSON-Path-Attribut-Mapping\\nFilterConditionForAccounts=Kontofilter\\nFilterConditionForGroups=Gruppenfilter\\nPage_Size=Seitengr\\\\u00f6\\\\u00dfe\\nSchemaAttribute=Schema-Attribut\\nJSONpath=JSON-Pfad\\nShortDesc=Das Integrationsmodul IdentityNow f\\\\u00fcr Delinea Secret Server On-Premise bietet die M\\\\u00f6glichkeit einer tiefen Governance f\\\\u00fcr Konten und Gruppen. Es unterst\\\\u00fctzt au\\\\u00dferdem das End-to-End-Lebenszyklus-Management.\"\n },\n \"connectorMetadata\": {\n \"supportedUI\": \"EXTJS\",\n \"platform\": \"ccg\",\n \"shortDesc\": \"connector description\"\n },\n \"status\": \"RELEASED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53b0549b-2ed7-42c6-b1e2-1e3a7451ffc3", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1878615e-f7be-4b2d-882c-a409a264303c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b0e61b30-52b2-4b7c-868d-557e69f168c0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "557ddb0c-3376-43a6-af7c-390ee79464fc", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6add2adf-e874-45c0-9155-45484eab5fc4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e2f747f5-b1fa-4d8b-b4d8-2ea45b12c8de", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f5cddb68-ae8d-464d-8710-833d01fddf68", + "name": "Gets connector list", + "request": { + "name": "Gets connector list", + "description": { + "content": "Fetches list of connectors that have 'RELEASED' status using filtering and pagination.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw, co*\n\n**type**: *sw, co, eq*\n\n**directConnect**: *eq*\n\n**category**: *eq*\n\n**features**: *ca*\n\n**labels**: *ca*", + "type": "text/plain" + }, + "key": "filters", + "value": "directConnect eq \"true\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5be1dcfb-83e8-4a49-b258-d503d51ea70e", + "name": "A Connector Dto object", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw, co*\n\n**type**: *sw, co, eq*\n\n**directConnect**: *eq*\n\n**category**: *eq*\n\n**features**: *ca*\n\n**labels**: *ca*", + "type": "text/plain" + }, + "key": "filters", + "value": "directConnect eq \"true\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"name\",\n \"type\": \"ServiceNow\",\n \"scriptName\": \"servicenow\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"features\": [\n \"PROVISIONING\",\n \"SYNC_PROVISIONING\",\n \"SEARCH\",\n \"UNSTRUCTURED_TARGETS\"\n ],\n \"directConnect\": true,\n \"connectorMetadata\": {\n \"supportedUI\": \"ANGULAR\",\n \"platform\": \"ccg\",\n \"shortDesc\": \"connector description\"\n },\n \"status\": \"RELEASED\"\n },\n {\n \"name\": \"name\",\n \"type\": \"ServiceNow\",\n \"scriptName\": \"servicenow\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"features\": [\n \"PROVISIONING\",\n \"SYNC_PROVISIONING\",\n \"SEARCH\",\n \"UNSTRUCTURED_TARGETS\"\n ],\n \"directConnect\": true,\n \"connectorMetadata\": {\n \"supportedUI\": \"ANGULAR\",\n \"platform\": \"ccg\",\n \"shortDesc\": \"connector description\"\n },\n \"status\": \"RELEASED\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "446f1ee1-bc05-4ca0-bf45-92d8cc967fe2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw, co*\n\n**type**: *sw, co, eq*\n\n**directConnect**: *eq*\n\n**category**: *eq*\n\n**features**: *ca*\n\n**labels**: *ca*", + "type": "text/plain" + }, + "key": "filters", + "value": "directConnect eq \"true\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0f18d9c6-460f-4076-8de7-6d60f9d43dc6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw, co*\n\n**type**: *sw, co, eq*\n\n**directConnect**: *eq*\n\n**category**: *eq*\n\n**features**: *ca*\n\n**labels**: *ca*", + "type": "text/plain" + }, + "key": "filters", + "value": "directConnect eq \"true\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eed19ea4-4749-44cf-a4e0-eab1deddef09", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw, co*\n\n**type**: *sw, co, eq*\n\n**directConnect**: *eq*\n\n**category**: *eq*\n\n**features**: *ca*\n\n**labels**: *ca*", + "type": "text/plain" + }, + "key": "filters", + "value": "directConnect eq \"true\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70eb155b-4f11-4052-ac1c-ff5590ce9267", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw, co*\n\n**type**: *sw, co, eq*\n\n**directConnect**: *eq*\n\n**category**: *eq*\n\n**features**: *ca*\n\n**labels**: *ca*", + "type": "text/plain" + }, + "key": "filters", + "value": "directConnect eq \"true\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "54c0209b-177c-4166-a353-4c0f7ad739ef", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw, co*\n\n**type**: *sw, co, eq*\n\n**directConnect**: *eq*\n\n**category**: *eq*\n\n**features**: *ca*\n\n**labels**: *ca*", + "type": "text/plain" + }, + "key": "filters", + "value": "directConnect eq \"true\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "51ab00bf-7f27-449e-9af6-2328deaf46dd", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw, co*\n\n**type**: *sw, co, eq*\n\n**directConnect**: *eq*\n\n**category**: *eq*\n\n**features**: *ca*\n\n**labels**: *ca*", + "type": "text/plain" + }, + "key": "filters", + "value": "directConnect eq \"true\"" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "de" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ed575aa4-7e44-44e7-b7e5-1af481c1bfce", + "name": "Create custom connector", + "request": { + "name": "Create custom connector", + "description": { + "content": "Create custom connector.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"custom connector\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"type\": \"custom connector type\",\n \"directConnect\": true,\n \"status\": \"RELEASED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "2541c629-92c4-49f0-ab01-64cd5a86e368", + "name": "A Connector Dto object", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"custom connector\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"type\": \"custom connector type\",\n \"directConnect\": true,\n \"status\": \"RELEASED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"name\",\n \"type\": \"ServiceNow\",\n \"scriptName\": \"servicenow\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"features\": [\n \"PROVISIONING\",\n \"SYNC_PROVISIONING\",\n \"SEARCH\",\n \"UNSTRUCTURED_TARGETS\"\n ],\n \"directConnect\": true,\n \"connectorMetadata\": {\n \"supportedUI\": \"ANGULAR\",\n \"platform\": \"ccg\",\n \"shortDesc\": \"connector description\"\n },\n \"status\": \"RELEASED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba37fc4c-326a-408b-9e40-90a7e0f74b1a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"custom connector\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"type\": \"custom connector type\",\n \"directConnect\": true,\n \"status\": \"RELEASED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e7af99ba-5947-4105-a5f2-e496b89f9f36", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"custom connector\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"type\": \"custom connector type\",\n \"directConnect\": true,\n \"status\": \"RELEASED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b40ec3ea-fb27-4a4c-86e4-e472187eb9ec", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"custom connector\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"type\": \"custom connector type\",\n \"directConnect\": true,\n \"status\": \"RELEASED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a30b116-d7d5-42ef-926d-6024f773d944", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"custom connector\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"type\": \"custom connector type\",\n \"directConnect\": true,\n \"status\": \"RELEASED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1d33e187-2aa0-43ba-a3e7-33bd048e9783", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"custom connector\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"type\": \"custom connector type\",\n \"directConnect\": true,\n \"status\": \"RELEASED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14a2d319-b444-4ebb-8dbb-af42b5301dda", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"custom connector\",\n \"className\": \"sailpoint.connector.OpenConnectorAdapter\",\n \"type\": \"custom connector type\",\n \"directConnect\": true,\n \"status\": \"RELEASED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "fa54ea9c-9938-46c6-bd68-12dc6fe8d03a", + "name": "get Connector Source Config", + "request": { + "name": "get Connector Source Config", + "description": { + "content": "Fetches a connector's source config using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/xml" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b8ca7948-d792-4e3d-af01-fac717e254a8", + "name": "The connector's source template", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/xml" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/xml" + } + ], + "body": "\n(string)", + "cookie": [], + "_postman_previewlanguage": "xml" + }, + { + "id": "a2d9a650-2dc6-4e0b-bc82-d22251b9ea1b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ae1c69b5-1a40-485e-9e19-9b45a7756560", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "60ebfd49-ce94-459e-bb16-6023476154d6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9597ef79-e09c-4be4-9913-e6a2e85ec6db", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "76cf6bd6-aa71-4711-bec7-50045b8d9972", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "25029a6f-d0a5-4c00-afc5-c229aae4e9d9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7955fcdc-b63f-443b-a46c-8e140c532766", + "name": "put Source Config", + "request": { + "name": "put Source Config", + "description": { + "content": "Update a connector's source config using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "voluptate veniam sed", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "82f04779-624d-4fed-b690-5f552da8cc40", + "name": "The connector's update detail", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "voluptate veniam sed", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config\",\n \"scriptName\": \"servicenow\",\n \"updatedFiles\": [\n \"pod/org/connectorFiles/testconnector/test1.jar\"\n ],\n \"status\": \"ERROR\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47518b9e-1588-40df-8cf1-c8f2d5dd7216", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "voluptate veniam sed", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "87d7b25d-615a-4d1c-9be7-34d670c2ed07", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "voluptate veniam sed", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f6f32a3-8a3a-4ee6-b7ed-1bb744a26c33", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "voluptate veniam sed", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1c7d65c3-afd2-424f-aa90-d1d90df8970d", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "voluptate veniam sed", + "type": "text" + } + ] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df01a5e3-c4a9-4225-96ca-7840053472d4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "voluptate veniam sed", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b9cfec59-ceaf-4be5-adba-9dd5e024cdb8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "voluptate veniam sed", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "edecd76d-a49a-4147-b6c7-bf32f1961f24", + "name": "get Connector Translations", + "request": { + "name": "get Connector Translations", + "description": { + "content": "Fetches a connector's translations using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "de", + "key": "locale", + "disabled": true, + "description": { + "content": "(Required) The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "text/plain" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "98517c63-2e0a-424a-a457-137d106bb7eb", + "name": "The connector's translations", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "text/plain" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "text/plain" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "234ddaec-ae9a-4451-91be-fe72afe1b528", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "506b7fe5-cb33-49ce-9eb2-89bfcbaf6702", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0ea75113-2713-4bb8-bc51-58a83001b260", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dcc27e40-5c37-4be1-9a6d-21abbc0254f0", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "44857196-9450-4725-8382-ee820ebffcc8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4d9f477-fec2-42e4-af35-7df6beac1f16", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b04474c0-2365-4742-9816-4d22373c4796", + "name": "put Translations", + "request": { + "name": "put Translations", + "description": { + "content": "Update a connector's translations using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "de", + "key": "locale", + "disabled": true, + "description": { + "content": "(Required) The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [] + } + }, + "response": [ + { + "id": "a9ba783b-5cf2-449e-8a91-d61b5b8ee586", + "name": "The connector's update detail", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [] + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config\",\n \"scriptName\": \"servicenow\",\n \"updatedFiles\": [\n \"pod/org/connectorFiles/testconnector/test1.jar\"\n ],\n \"status\": \"ERROR\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ed1826cc-dfc1-4b47-9e0e-4d21fae215da", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "22af26c5-3bca-445f-a415-748a8a06eaaa", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d0074b1e-3474-4a3e-ab0b-7db88cf08fa7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a533d6a4-d3e9-4f6a-b66e-58afe01544fb", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70464da4-e711-411e-bfe7-f2372634b697", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c8c57379-6b58-458c-b456-284873651d10", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "translations", + ":locale" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8da9dd1e-89a0-4d38-b69d-a2908b4b6a02", + "name": "get Connector Source Template", + "request": { + "name": "get Connector Source Template", + "description": { + "content": "Fetches a connector's source template using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/xml" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b5a0b8d9-c711-45cb-b205-18de1ccb6a4a", + "name": "The connector's source template", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/xml" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/xml" + } + ], + "body": "\n(string)", + "cookie": [], + "_postman_previewlanguage": "xml" + }, + { + "id": "1a2c81c2-e97b-49a8-8a5e-ca4b26bfe06c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d8ee0674-83d1-43fc-96c3-13371cbe9360", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "edc2228a-2ce5-4186-8fe3-5fab0b0749e3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "69955a0a-a9a4-4392-b7cb-e06a3d3404d5", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ebac979-6560-4432-b94a-b3d5dc99e4b3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ec31be5-86b7-44d2-bef7-b6282dd516d2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ebb463f2-db23-426d-b435-2b03715f394a", + "name": "put Source Template", + "request": { + "name": "put Source Template", + "description": { + "content": "Update a connector's source template using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source template xml file", + "type": "text/plain" + }, + "key": "file", + "value": "elit eiusmod incididunt voluptat", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "691a7a26-a32d-4ecb-85e5-d09e29b082d1", + "name": "The connector's update detail", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source template xml file", + "type": "text/plain" + }, + "key": "file", + "value": "elit eiusmod incididunt voluptat", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config\",\n \"scriptName\": \"servicenow\",\n \"updatedFiles\": [\n \"pod/org/connectorFiles/testconnector/test1.jar\"\n ],\n \"status\": \"ERROR\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "325270f4-e066-4aec-bf34-f5fd933f7909", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source template xml file", + "type": "text/plain" + }, + "key": "file", + "value": "elit eiusmod incididunt voluptat", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0082a323-adf4-4845-9f80-28ddc69764d3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source template xml file", + "type": "text/plain" + }, + "key": "file", + "value": "elit eiusmod incididunt voluptat", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "156057cf-3989-44bf-991d-5e11c9a04f67", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source template xml file", + "type": "text/plain" + }, + "key": "file", + "value": "elit eiusmod incididunt voluptat", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a62a755a-012e-4eda-83ca-30ef67a17cd5", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source template xml file", + "type": "text/plain" + }, + "key": "file", + "value": "elit eiusmod incididunt voluptat", + "type": "text" + } + ] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8cd93091-d70d-40e6-9395-35a8535961f6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source template xml file", + "type": "text/plain" + }, + "key": "file", + "value": "elit eiusmod incididunt voluptat", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bad4b895-3eb4-441c-8eef-24280013a7e5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "source-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector source template xml file", + "type": "text/plain" + }, + "key": "file", + "value": "elit eiusmod incididunt voluptat", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7d27db23-2d10-4c6a-ab80-38effcf4714b", + "name": "get Connector Correlation Config", + "request": { + "name": "get Connector Correlation Config", + "description": { + "content": "Fetches a connector's correlation config using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/xml" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "67d927c2-6c3c-4498-909f-d14b1a4a74f5", + "name": "The connector's correlation config", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/xml" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/xml" + } + ], + "body": "\n(string)", + "cookie": [], + "_postman_previewlanguage": "xml" + }, + { + "id": "9a987671-2328-4734-974e-a67fc8f8ea60", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5bd21a9f-3222-420c-a179-817a88a30ba2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "011b43bf-f75b-4938-80f1-ebc4f4fa2281", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5133a812-6d28-44e8-bc28-dd656325575c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "607e9e9b-ef55-4381-bae3-671cf7224d04", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4acc4336-5515-403a-83f0-bbb4bfa296c4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7d934230-6f77-4693-9e5e-defbe9998600", + "name": "put Correlation Config", + "request": { + "name": "put Correlation Config", + "description": { + "content": "Update a connector's correlation config using its script name.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the connector. Scriptname is the unique id generated at connector creation.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector correlation config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "dolore an", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "8353a6c3-4a0c-4a48-9c0f-9ffb4a61cc2f", + "name": "The connector's update detail", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector correlation config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "dolore an", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"unsupported xsd version, please ensure latest xsd version http://www.sailpoint.com/xsd/sailpoint_form_2_0.xsd is used for source config\",\n \"scriptName\": \"servicenow\",\n \"updatedFiles\": [\n \"pod/org/connectorFiles/testconnector/test1.jar\"\n ],\n \"status\": \"ERROR\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5f83d15a-bb9a-4323-bf11-0a2445626c44", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector correlation config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "dolore an", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f3db7da0-be35-4b5b-a63e-fa7ba0c62a68", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector correlation config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "dolore an", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "93a08dd3-bb0f-4b21-9467-df2298b41417", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector correlation config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "dolore an", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "056d8e38-1fda-4460-af82-0d5aff956928", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector correlation config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "dolore an", + "type": "text" + } + ] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7b3cfda5-6e63-4beb-a987-bd1e5b3003ba", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector correlation config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "dolore an", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1176c52a-1eb2-4c33-8689-c7a952c3bf89", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "connectors", + ":scriptName", + "correlation-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) connector correlation config xml file", + "type": "text/plain" + }, + "key": "file", + "value": "dolore an", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Custom Forms", + "description": "Use this API to build and manage custom forms.\nWith this functionality in place, administrators can create and view form definitions and form instances.\n\nForms are composed of sections and fields. Sections split the form into logical groups of fields and fields are the data collection points within the form. Configure conditions to modify elements of the form as the responder provides input. Create form inputs to pass information from a calling feature, like a workflow, to your form.\n\nForms can be used within workflows as an action or as a trigger. The Form Action allows you to assign a form as a step in a running workflow, suspending the workflow until the form is submitted or times out, and the workflow resumes. The Form Submitted Trigger initiates a workflow when a form is submitted. The trigger can be configured to initiate on submission of a full form, a form element with any value, or a form element with a particular value.\n\nRefer to [Forms](https://documentation.sailpoint.com/saas/help/forms/index.html) for more information about using forms in Identity Security Cloud.\n", + "item": [ + { + "id": "1139aed9-e063-4d84-9866-2b84aea4aa69", + "name": "Export form definitions by tenant.", + "request": { + "name": "Export form definitions by tenant.", + "description": { + "content": "No parameters required.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5c9551d7-df2d-4002-8853-28e3f5d6f5d9", + "name": "Returns a list of form definitions by tenant", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"count\": 1,\n \"results\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"name\": \"My form\",\n \"description\": \"My form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"name\": \"Grant Smith\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n }\n ],\n \"formInput\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"TEXTAREA\"\n },\n {\n \"validationType\": \"PHONE\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"DATE\"\n },\n {\n \"validationType\": \"MIN_LENGTH\"\n }\n ]\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"aute in\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"aliquip reprehenderit ut\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"deserunt velit commodo\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"repr\"\n }\n }\n ]\n }\n ],\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"name\": \"My form\",\n \"description\": \"My form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"name\": \"Grant Smith\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n }\n ],\n \"formInput\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"PHONE\"\n },\n {\n \"validationType\": \"REGEX\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"EMAIL\"\n },\n {\n \"validationType\": \"DATE\"\n }\n ]\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"nulla ex deserunt\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"dolor Ut est incididunt\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"Ut in\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"in anim pariatur nulla\"\n }\n }\n ]\n }\n ],\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af5a0ac7-188a-4119-a081-c82877385854", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "708b1387-cf78-4338-a6cd-cd9ba2eac53a", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d813d86-6423-4622-b9d8-f7828613f415", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7f4cc62-143d-450f-ad99-2263e36035de", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "740e99d0-05bd-4743-9d9c-614c407648f5", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d039951f-143f-4f92-ac80-7ba7d9dad220", + "name": "Creates a form definition.", + "request": { + "name": "Creates a form definition.", + "description": {}, + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"my form\",\n \"description\": \"my form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"00000000-0000-0000-0000-000000000000\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "ff067850-6791-4aff-8664-9b156871417a", + "name": "Returns a new form definition", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"my form\",\n \"description\": \"my form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"00000000-0000-0000-0000-000000000000\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"name\": \"My form\",\n \"description\": \"My form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"name\": \"Grant Smith\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n }\n ],\n \"formInput\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"MIN_LENGTH\"\n },\n {\n \"validationType\": \"REGEX\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"REQUIRED\"\n },\n {\n \"validationType\": \"MIN_LENGTH\"\n }\n ]\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"in laborum\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"voluptate occaecat cillum enim\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"nostrud\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"eiusmod\"\n }\n }\n ]\n }\n ],\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ccab3ca4-797b-4d8f-9a9f-9c3b40bd8ebf", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"my form\",\n \"description\": \"my form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"00000000-0000-0000-0000-000000000000\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb701b65-5b1a-47f8-b1ca-e52d562135c5", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"my form\",\n \"description\": \"my form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"00000000-0000-0000-0000-000000000000\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8dae38aa-6774-44de-a555-21ca6d5bc4e9", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"my form\",\n \"description\": \"my form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"00000000-0000-0000-0000-000000000000\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "329203c5-0ec9-4eda-b106-d526a91fe92e", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"my form\",\n \"description\": \"my form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"00000000-0000-0000-0000-000000000000\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "85a2d159-10d6-4e7f-993d-de68f341ce78", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"my form\",\n \"description\": \"my form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"00000000-0000-0000-0000-000000000000\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c75dd554-a61b-4504-acb7-cca56477d1b9", + "name": "Return a form definition.", + "request": { + "name": "Return a form definition.", + "description": { + "content": "Parameter `{formDefinitionID}` should match a form definition ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formDefinitionID", + "disabled": true, + "description": { + "content": "(Required) Form definition ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e1063d11-7f44-4b4e-91ee-05291378394d", + "name": "Returns a form definition", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"name\": \"My form\",\n \"description\": \"My form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"name\": \"Grant Smith\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n }\n ],\n \"formInput\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"MIN_LENGTH\"\n },\n {\n \"validationType\": \"REGEX\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"REQUIRED\"\n },\n {\n \"validationType\": \"MIN_LENGTH\"\n }\n ]\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"in laborum\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"voluptate occaecat cillum enim\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"nostrud\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"eiusmod\"\n }\n }\n ]\n }\n ],\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ea4fbc8-3c46-403e-a500-e551b8fb1de0", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "04f4b678-b883-4219-ad1c-985529a98eea", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "63adf74d-507b-40b8-8d35-aa3aaaf2a0aa", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5aa8a069-b791-4d27-b1d9-c687147ee012", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2b811a3e-4806-4294-8090-6dd928170e89", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b81c2fc4-1ee0-4488-bf90-8c57a57c0c69", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2b49c21e-0131-4f9d-8c80-1a151660ecb2", + "name": "Deletes a form definition.", + "request": { + "name": "Deletes a form definition.", + "description": { + "content": "Parameter `{formDefinitionID}` should match a form definition ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formDefinitionID", + "disabled": true, + "description": { + "content": "(Required) Form definition ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "8ce1e49d-ea5c-4501-a0c4-00642a440499", + "name": "Returns an empty body", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "86de4fac-f6cc-4529-9ae1-bf471db979fe", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8aeaf77-4210-4bff-82ee-e1506f3f4e76", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c7dcb837-e250-44bf-a725-d8ab6de630c8", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "455100c4-9cce-40b8-ba54-572e09a0299b", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8391876f-78b2-4df4-9c4b-f2d2ea05c888", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0f7a5242-d94e-48d5-b392-504c202d0f61", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "acc89488-ced7-49fb-8c4a-403658216d76", + "name": "Patch a form definition.", + "request": { + "name": "Patch a form definition.", + "description": { + "content": "Parameter `{formDefinitionID}` should match a form definition ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formDefinitionID", + "disabled": true, + "description": { + "content": "(Required) Form definition ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"test-description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "0393bfa9-67a1-4af6-a453-2febd8e4a348", + "name": "Returns the form definition updated", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"test-description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"name\": \"My form\",\n \"description\": \"My form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"name\": \"Grant Smith\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n }\n ],\n \"formInput\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"MIN_LENGTH\"\n },\n {\n \"validationType\": \"REGEX\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"REQUIRED\"\n },\n {\n \"validationType\": \"MIN_LENGTH\"\n }\n ]\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"in laborum\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"voluptate occaecat cillum enim\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"nostrud\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"eiusmod\"\n }\n }\n ]\n }\n ],\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "45e4f9c1-f545-4526-9c79-352492a8fb6f", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"test-description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ef91afa8-6761-451e-b33d-0af4683fd6d0", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"test-description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "32c50476-29cb-475c-b6fb-d71418cf50eb", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"test-description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "160be547-82ea-4fd2-960d-ee045fc153a2", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"test-description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f9724bac-dffc-42ad-889a-f29d8541ca51", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"test-description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e5ed41b4-7ae3-4c39-85f1-78f29908dd6c", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"test-description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d09433f0-694c-45ee-8930-36f4d8c9763a", + "name": "Preview form definition data source.", + "request": { + "name": "Preview form definition data source.", + "description": {}, + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "data-source" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "ac" + } + ], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formDefinitionID", + "disabled": true, + "description": { + "content": "(Required) Form definition ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"dataSource\": {\n \"config\": {\n \"aggregationBucketField\": \"attributes.cloudStatus.exact\",\n \"indices\": [\n \"identities\"\n ],\n \"objectType\": \"IDENTITY\",\n \"query\": \"*\"\n },\n \"dataSourceType\": \"STATIC\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7b64d242-2fc0-487f-8432-ea72e1bb5d00", + "name": "Returns a preview of a form definition data source", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "data-source" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "ac" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"dataSource\": {\n \"config\": {\n \"aggregationBucketField\": \"attributes.cloudStatus.exact\",\n \"indices\": [\n \"identities\"\n ],\n \"objectType\": \"IDENTITY\",\n \"query\": \"*\"\n },\n \"dataSourceType\": \"STATIC\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"results\": [\n {\n \"label\": \"regression-test-access-request-07c55dd6-3056-430a-86b5-fccc395bb6c5\",\n \"subLabel\": \"\",\n \"value\": \"e96674448eba4ca1ba04eee999a8f3cd\"\n },\n {\n \"label\": \"regression-test-access-request-07c55dd6-3056-430a-86b5-fccc395bb6c5\",\n \"subLabel\": \"\",\n \"value\": \"e96674448eba4ca1ba04eee999a8f3cd\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "011bf166-7f9a-4b47-8c97-ddbafed2986a", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "data-source" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "ac" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"dataSource\": {\n \"config\": {\n \"aggregationBucketField\": \"attributes.cloudStatus.exact\",\n \"indices\": [\n \"identities\"\n ],\n \"objectType\": \"IDENTITY\",\n \"query\": \"*\"\n },\n \"dataSourceType\": \"STATIC\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "21a20d98-645b-4c86-8556-ce679989efea", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "data-source" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "ac" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"dataSource\": {\n \"config\": {\n \"aggregationBucketField\": \"attributes.cloudStatus.exact\",\n \"indices\": [\n \"identities\"\n ],\n \"objectType\": \"IDENTITY\",\n \"query\": \"*\"\n },\n \"dataSourceType\": \"STATIC\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "06ee5e0d-77a2-461f-b2c6-37d953e01d16", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "data-source" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "ac" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"dataSource\": {\n \"config\": {\n \"aggregationBucketField\": \"attributes.cloudStatus.exact\",\n \"indices\": [\n \"identities\"\n ],\n \"objectType\": \"IDENTITY\",\n \"query\": \"*\"\n },\n \"dataSourceType\": \"STATIC\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "300540c5-05c3-41b1-a8c6-cf74ea262282", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "data-source" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "ac" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"dataSource\": {\n \"config\": {\n \"aggregationBucketField\": \"attributes.cloudStatus.exact\",\n \"indices\": [\n \"identities\"\n ],\n \"objectType\": \"IDENTITY\",\n \"query\": \"*\"\n },\n \"dataSourceType\": \"STATIC\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a8edf2f-282b-42aa-bbff-bcc5270c1d29", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "data-source" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "ac" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"dataSource\": {\n \"config\": {\n \"aggregationBucketField\": \"attributes.cloudStatus.exact\",\n \"indices\": [\n \"identities\"\n ],\n \"objectType\": \"IDENTITY\",\n \"query\": \"*\"\n },\n \"dataSourceType\": \"STATIC\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "996f0a1f-7749-4eb9-ab06-27f0472592f5", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "data-source" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "10" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "ac" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"dataSource\": {\n \"config\": {\n \"aggregationBucketField\": \"attributes.cloudStatus.exact\",\n \"indices\": [\n \"identities\"\n ],\n \"objectType\": \"IDENTITY\",\n \"query\": \"*\"\n },\n \"dataSourceType\": \"STATIC\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "95052741-183c-4831-bf05-d8fb1003480c", + "name": "List form definitions by tenant.", + "request": { + "name": "List form definitions by tenant.", + "description": { + "content": "No parameters required.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-definitions", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a0b56b30-e30d-425c-aff1-02286de8a2fe", + "name": "Returns a list of form definition objects by tenant used by SP-Config", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"object\": {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"name\": \"My form\",\n \"description\": \"My form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"name\": \"Grant Smith\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n }\n ],\n \"formInput\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"MIN_DATE\"\n },\n {\n \"validationType\": \"EMAIL\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"DATA_SOURCE\"\n },\n {\n \"validationType\": \"REGEX\"\n }\n ]\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"non deserunt\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"exercitation\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"voluptate consequat non\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"id\"\n }\n }\n ]\n }\n ],\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\"\n },\n \"self\": \"in incididunt\",\n \"version\": 60858415\n },\n {\n \"object\": {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"name\": \"My form\",\n \"description\": \"My form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"name\": \"Grant Smith\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n }\n ],\n \"formInput\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"DATA_SOURCE\"\n },\n {\n \"validationType\": \"DATA_SOURCE\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"REGEX\"\n },\n {\n \"validationType\": \"TEXTAREA\"\n }\n ]\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"esse sed commodo dolor\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"ut pariatur nisi\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"la\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"magna tempor Lorem adipi\"\n }\n }\n ]\n }\n ],\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\"\n },\n \"self\": \"aliqua id nisi\",\n \"version\": 77393435\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7edc2c1e-09e8-40dc-bbc9-d592c14aa572", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb4eb961-89fe-46fa-8975-1f0408a07e51", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bca4816a-e927-411f-8992-cd53817d3e92", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0eb1ae20-2401-41a6-af27-0599a86d9743", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "41119436-1559-464b-b64f-12e9d7b591c5", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset\n\nInteger specifying the offset of the first result from the beginning of the collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nThe offset value is record-based, not page-based, and the index starts at 0.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *eq, gt, sw, in*\n\n**description**: *eq, gt, sw, in*\n\n**created**: *eq, gt, sw, in*\n\n**modified**: *eq, gt, sw, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"my form\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "34bc87c1-8429-47d8-b5f7-65c732c96ef6", + "name": "Generate JSON Schema dynamically.", + "request": { + "name": "Generate JSON Schema dynamically.", + "description": {}, + "url": { + "path": [ + "form-definitions", + "forms-action-dynamic-schema" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"sp:forms\",\n \"attributes\": {\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\"\n },\n \"description\": \"AnotherDescription\",\n \"type\": \"action\",\n \"versionNumber\": 1\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "cc36cfca-df97-4e8a-a9c1-edf0501982ef", + "name": "Returns a form elements dynamic schema", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "forms-action-dynamic-schema" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"sp:forms\",\n \"attributes\": {\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\"\n },\n \"description\": \"AnotherDescription\",\n \"type\": \"action\",\n \"versionNumber\": 1\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"outputSchema\": {\n \"outputSchema\": {\n \"$schema\": \"https://json-schema.org/draft/2020-12/schema\",\n \"additionalProperties\": false,\n \"properties\": {\n \"firstName\": {\n \"title\": \"First Name\",\n \"type\": \"string\"\n },\n \"fullName\": {\n \"title\": \"Full Name\",\n \"type\": \"string\"\n },\n \"lastName\": {\n \"title\": \"Last Name\",\n \"type\": \"string\"\n },\n \"startDate\": {\n \"format\": \"date-time\",\n \"title\": \"Start Date\",\n \"type\": \"string\"\n }\n },\n \"type\": \"object\"\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b5d276d-2d5f-4c94-8807-7644372a8a6b", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "forms-action-dynamic-schema" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"sp:forms\",\n \"attributes\": {\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\"\n },\n \"description\": \"AnotherDescription\",\n \"type\": \"action\",\n \"versionNumber\": 1\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "62b1c907-c959-4c61-bd92-be25f4799d6f", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "forms-action-dynamic-schema" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"sp:forms\",\n \"attributes\": {\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\"\n },\n \"description\": \"AnotherDescription\",\n \"type\": \"action\",\n \"versionNumber\": 1\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "88186d86-09b9-4d8e-9e24-112c2ab704ed", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "forms-action-dynamic-schema" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"sp:forms\",\n \"attributes\": {\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\"\n },\n \"description\": \"AnotherDescription\",\n \"type\": \"action\",\n \"versionNumber\": 1\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "567ca8df-22f7-432d-8b50-4b8a831f9037", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "forms-action-dynamic-schema" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"sp:forms\",\n \"attributes\": {\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\"\n },\n \"description\": \"AnotherDescription\",\n \"type\": \"action\",\n \"versionNumber\": 1\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "866c7876-3dc1-4d3e-beab-d1cbb022a389", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "forms-action-dynamic-schema" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"sp:forms\",\n \"attributes\": {\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\"\n },\n \"description\": \"AnotherDescription\",\n \"type\": \"action\",\n \"versionNumber\": 1\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d025570-c66e-4257-b6c3-2486ba66ee02", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "forms-action-dynamic-schema" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"sp:forms\",\n \"attributes\": {\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\"\n },\n \"description\": \"AnotherDescription\",\n \"type\": \"action\",\n \"versionNumber\": 1\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "67ffdd4c-7415-4c26-a7ab-82216bef22a7", + "name": "Import form definitions from export.", + "request": { + "name": "Import form definitions from export.", + "description": {}, + "url": { + "path": [ + "form-definitions", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"name\": \"All fields not required\",\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"type\": \"FORM_DEFINITION\"\n },\n \"object\": {\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"name\": \"All fields not required\",\n \"description\": \"description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"3447d8ec2602455ab6f1e8408a0f0150\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"5008594c-dacc-4295-8fee-41df60477304\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"97e75a75-c179-4fbc-a2da-b5fa4aaa8743\"\n }\n ],\n \"formInput\": [\n {\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"3069272797630701\",\n \"elementType\": \"SECTION\",\n \"config\": {\n \"label\": \"First Section\",\n \"formElements\": [\n {\n \"id\": \"3069272797630700\",\n \"elementType\": \"TEXT\",\n \"key\": \"firstName\",\n \"config\": {\n \"label\": \"First Name\"\n }\n },\n {\n \"id\": \"3498415402897539\",\n \"elementType\": \"TEXT\",\n \"key\": \"lastName\",\n \"config\": {\n \"label\": \"Last Name\"\n }\n }\n ]\n }\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"INPUT\",\n \"source\": \"Department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Sales\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"element\": \"2614088730489570\"\n }\n }\n ]\n }\n ],\n \"created\": \"2022-10-04T19:27:04.456Z\",\n \"modified\": \"2022-11-16T20:45:02.172Z\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "85770c6b-3d1f-4841-bfe7-aacb21b48996", + "name": "Returns statuses of those form definition objects imported", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"name\": \"All fields not required\",\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"type\": \"FORM_DEFINITION\"\n },\n \"object\": {\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"name\": \"All fields not required\",\n \"description\": \"description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"3447d8ec2602455ab6f1e8408a0f0150\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"5008594c-dacc-4295-8fee-41df60477304\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"97e75a75-c179-4fbc-a2da-b5fa4aaa8743\"\n }\n ],\n \"formInput\": [\n {\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"3069272797630701\",\n \"elementType\": \"SECTION\",\n \"config\": {\n \"label\": \"First Section\",\n \"formElements\": [\n {\n \"id\": \"3069272797630700\",\n \"elementType\": \"TEXT\",\n \"key\": \"firstName\",\n \"config\": {\n \"label\": \"First Name\"\n }\n },\n {\n \"id\": \"3498415402897539\",\n \"elementType\": \"TEXT\",\n \"key\": \"lastName\",\n \"config\": {\n \"label\": \"Last Name\"\n }\n }\n ]\n }\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"INPUT\",\n \"source\": \"Department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Sales\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"element\": \"2614088730489570\"\n }\n }\n ]\n }\n ],\n \"created\": \"2022-10-04T19:27:04.456Z\",\n \"modified\": \"2022-11-16T20:45:02.172Z\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"errors\": [\n {\n \"detail\": {\n \"eiusmodfd\": {}\n },\n \"key\": \"Excepteur irure\",\n \"text\": \"est id sunt\"\n },\n {\n \"detail\": {\n \"dolore_366\": {},\n \"fugiat_c\": {},\n \"in1_\": {}\n },\n \"key\": \"sit Lorem Duis\",\n \"text\": \"in sint\"\n }\n ],\n \"importedObjects\": [\n {\n \"object\": {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"name\": \"My form\",\n \"description\": \"My form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"name\": \"Grant Smith\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n }\n ],\n \"formInput\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"PHONE\"\n },\n {\n \"validationType\": \"DATA_SOURCE\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"EMAIL\"\n },\n {\n \"validationType\": \"DATA_SOURCE\"\n }\n ]\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"nostrud sit do\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"nulla proident exercitation aute\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"commodo dolor in aliqua\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"dolor\"\n }\n }\n ]\n }\n ],\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\"\n },\n \"self\": \"ex magna Duis velit proident\",\n \"version\": -58095657\n },\n {\n \"object\": {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"name\": \"My form\",\n \"description\": \"My form description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"name\": \"Grant Smith\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"61940a92-5484-42bc-bc10-b9982b218cdf\",\n \"name\": \"Access Request Form\"\n }\n ],\n \"formInput\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc.) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"MAX_LENGTH\"\n },\n {\n \"validationType\": \"REGEX\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"LESS_THAN_DATE\"\n },\n {\n \"validationType\": \"DATA_SOURCE\"\n }\n ]\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"aute irure ipsum sit\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"ipsum labore\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"adipisicing\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"sint laboris\"\n }\n }\n ]\n }\n ],\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\"\n },\n \"self\": \"officia voluptate adipisicing sit tempor\",\n \"version\": -80156390\n }\n ],\n \"infos\": [\n {\n \"detail\": {\n \"veniam_e4\": {},\n \"pariatura\": {},\n \"anim8ec\": {}\n },\n \"key\": \"anim occaecat\",\n \"text\": \"dolor aute\"\n },\n {\n \"detail\": {\n \"sintcb\": {},\n \"sit__\": {},\n \"autefb\": {},\n \"aliquip__2\": {}\n },\n \"key\": \"veniam ipsum\",\n \"text\": \"ut nostrud sint mollit\"\n }\n ],\n \"warnings\": [\n {\n \"detail\": {\n \"laborum_7\": {},\n \"pariatur7\": {}\n },\n \"key\": \"in\",\n \"text\": \"reprehenderit dolore magna quis\"\n },\n {\n \"detail\": {\n \"est__\": {}\n },\n \"key\": \"dolore\",\n \"text\": \"aliquip eu\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d79e9e5f-10b4-4b9a-b342-78d1e1f434a1", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"name\": \"All fields not required\",\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"type\": \"FORM_DEFINITION\"\n },\n \"object\": {\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"name\": \"All fields not required\",\n \"description\": \"description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"3447d8ec2602455ab6f1e8408a0f0150\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"5008594c-dacc-4295-8fee-41df60477304\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"97e75a75-c179-4fbc-a2da-b5fa4aaa8743\"\n }\n ],\n \"formInput\": [\n {\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"3069272797630701\",\n \"elementType\": \"SECTION\",\n \"config\": {\n \"label\": \"First Section\",\n \"formElements\": [\n {\n \"id\": \"3069272797630700\",\n \"elementType\": \"TEXT\",\n \"key\": \"firstName\",\n \"config\": {\n \"label\": \"First Name\"\n }\n },\n {\n \"id\": \"3498415402897539\",\n \"elementType\": \"TEXT\",\n \"key\": \"lastName\",\n \"config\": {\n \"label\": \"Last Name\"\n }\n }\n ]\n }\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"INPUT\",\n \"source\": \"Department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Sales\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"element\": \"2614088730489570\"\n }\n }\n ]\n }\n ],\n \"created\": \"2022-10-04T19:27:04.456Z\",\n \"modified\": \"2022-11-16T20:45:02.172Z\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "92825ef4-f80b-4416-ae30-68244e1bcbc8", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"name\": \"All fields not required\",\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"type\": \"FORM_DEFINITION\"\n },\n \"object\": {\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"name\": \"All fields not required\",\n \"description\": \"description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"3447d8ec2602455ab6f1e8408a0f0150\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"5008594c-dacc-4295-8fee-41df60477304\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"97e75a75-c179-4fbc-a2da-b5fa4aaa8743\"\n }\n ],\n \"formInput\": [\n {\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"3069272797630701\",\n \"elementType\": \"SECTION\",\n \"config\": {\n \"label\": \"First Section\",\n \"formElements\": [\n {\n \"id\": \"3069272797630700\",\n \"elementType\": \"TEXT\",\n \"key\": \"firstName\",\n \"config\": {\n \"label\": \"First Name\"\n }\n },\n {\n \"id\": \"3498415402897539\",\n \"elementType\": \"TEXT\",\n \"key\": \"lastName\",\n \"config\": {\n \"label\": \"Last Name\"\n }\n }\n ]\n }\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"INPUT\",\n \"source\": \"Department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Sales\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"element\": \"2614088730489570\"\n }\n }\n ]\n }\n ],\n \"created\": \"2022-10-04T19:27:04.456Z\",\n \"modified\": \"2022-11-16T20:45:02.172Z\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5c0c091-7ac5-449f-9ce4-ed03befd3d2c", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"name\": \"All fields not required\",\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"type\": \"FORM_DEFINITION\"\n },\n \"object\": {\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"name\": \"All fields not required\",\n \"description\": \"description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"3447d8ec2602455ab6f1e8408a0f0150\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"5008594c-dacc-4295-8fee-41df60477304\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"97e75a75-c179-4fbc-a2da-b5fa4aaa8743\"\n }\n ],\n \"formInput\": [\n {\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"3069272797630701\",\n \"elementType\": \"SECTION\",\n \"config\": {\n \"label\": \"First Section\",\n \"formElements\": [\n {\n \"id\": \"3069272797630700\",\n \"elementType\": \"TEXT\",\n \"key\": \"firstName\",\n \"config\": {\n \"label\": \"First Name\"\n }\n },\n {\n \"id\": \"3498415402897539\",\n \"elementType\": \"TEXT\",\n \"key\": \"lastName\",\n \"config\": {\n \"label\": \"Last Name\"\n }\n }\n ]\n }\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"INPUT\",\n \"source\": \"Department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Sales\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"element\": \"2614088730489570\"\n }\n }\n ]\n }\n ],\n \"created\": \"2022-10-04T19:27:04.456Z\",\n \"modified\": \"2022-11-16T20:45:02.172Z\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ceb73409-4d30-4c95-a3bb-b3000b67a777", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"name\": \"All fields not required\",\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"type\": \"FORM_DEFINITION\"\n },\n \"object\": {\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"name\": \"All fields not required\",\n \"description\": \"description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"3447d8ec2602455ab6f1e8408a0f0150\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"5008594c-dacc-4295-8fee-41df60477304\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"97e75a75-c179-4fbc-a2da-b5fa4aaa8743\"\n }\n ],\n \"formInput\": [\n {\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"3069272797630701\",\n \"elementType\": \"SECTION\",\n \"config\": {\n \"label\": \"First Section\",\n \"formElements\": [\n {\n \"id\": \"3069272797630700\",\n \"elementType\": \"TEXT\",\n \"key\": \"firstName\",\n \"config\": {\n \"label\": \"First Name\"\n }\n },\n {\n \"id\": \"3498415402897539\",\n \"elementType\": \"TEXT\",\n \"key\": \"lastName\",\n \"config\": {\n \"label\": \"Last Name\"\n }\n }\n ]\n }\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"INPUT\",\n \"source\": \"Department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Sales\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"element\": \"2614088730489570\"\n }\n }\n ]\n }\n ],\n \"created\": \"2022-10-04T19:27:04.456Z\",\n \"modified\": \"2022-11-16T20:45:02.172Z\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e5d4c0fb-0e82-4bb4-a07b-fc68b56494ef", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"name\": \"All fields not required\",\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"type\": \"FORM_DEFINITION\"\n },\n \"object\": {\n \"id\": \"05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa\",\n \"name\": \"All fields not required\",\n \"description\": \"description\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"3447d8ec2602455ab6f1e8408a0f0150\"\n },\n \"usedBy\": [\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"5008594c-dacc-4295-8fee-41df60477304\"\n },\n {\n \"type\": \"WORKFLOW\",\n \"id\": \"97e75a75-c179-4fbc-a2da-b5fa4aaa8743\"\n }\n ],\n \"formInput\": [\n {\n \"type\": \"STRING\",\n \"label\": \"input1\",\n \"description\": \"A single dynamic scalar value (i.e. number, string, date, etc) that can be passed into the form for use in conditional logic\"\n }\n ],\n \"formElements\": [\n {\n \"id\": \"3069272797630701\",\n \"elementType\": \"SECTION\",\n \"config\": {\n \"label\": \"First Section\",\n \"formElements\": [\n {\n \"id\": \"3069272797630700\",\n \"elementType\": \"TEXT\",\n \"key\": \"firstName\",\n \"config\": {\n \"label\": \"First Name\"\n }\n },\n {\n \"id\": \"3498415402897539\",\n \"elementType\": \"TEXT\",\n \"key\": \"lastName\",\n \"config\": {\n \"label\": \"Last Name\"\n }\n }\n ]\n }\n }\n ],\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"INPUT\",\n \"source\": \"Department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Sales\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"element\": \"2614088730489570\"\n }\n }\n ]\n }\n ],\n \"created\": \"2022-10-04T19:27:04.456Z\",\n \"modified\": \"2022-11-16T20:45:02.172Z\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "50a87d81-9dd8-4fe0-a557-28f5170803ad", + "name": "Upload new form definition file.", + "request": { + "name": "Upload new form definition file.", + "description": { + "content": "Parameter `{formDefinitionID}` should match a form definition ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formDefinitionID", + "disabled": true, + "description": { + "content": "(Required) FormDefinitionID\n\nString specifying FormDefinitionID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "response": [ + { + "id": "873633d6-c728-40ba-b22f-aff31b11f484", + "name": "Returns a new form definition file", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"2023-07-12T20:14:57.744Z\",\n \"fileId\": \"01FHZXHK8PTP9FVK99Z66GXQTX.png\",\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8390a8d-07bc-4084-9fec-79f5b0655846", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9cc33113-2d08-4425-be24-a95a700c1a56", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5cf2eef-4468-46d5-adc1-a1755cea7682", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8fe89e20-9526-417d-b38c-471344f52e82", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a86cb916-2104-4ca1-8634-71b3d7a06ba5", + "name": "An error with payload size too large", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Request Entity Too Large", + "code": 413, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "afa8407b-1e1a-4b78-804e-7bde3168413a", + "name": "An error with unsupported media type", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Unsupported Media Type", + "code": 415, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5639838b-d24f-4a53-9c87-12764a49bf52", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d05b6f4e-73d9-4a5f-8ad5-28e8096c5403", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55886723-fa49-480c-941c-fc7329e43392", + "name": "An external service is not available", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) File specifying the multipart", + "type": "text/plain" + }, + "key": "file", + "value": "sed proident esse", + "type": "text", + "contentType": "image/png, image/jpeg" + } + ] + } + }, + "status": "Service Unavailable", + "code": 503, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4de1165b-83c4-4081-81af-f68189c908ac", + "name": "Download definition file by fileId.", + "request": { + "name": "Download definition file by fileId.", + "description": {}, + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formDefinitionID", + "disabled": true, + "description": { + "content": "(Required) FormDefinitionID\n\nForm definition ID", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "00000031N0J7R2B57M8YG73J7M.png", + "key": "fileID", + "disabled": true, + "description": { + "content": "(Required) FileID\n\nString specifying the hashed name of the uploaded file we are retrieving.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b00e7510-78b0-40b5-8c22-c60705c862e7", + "name": "Returns a file that is referred to by fileID and associated with the formDefinitionID", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b272e214-5e6e-4a3e-85c6-b13212f64259", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "76cf0a03-a99f-4f76-824d-c58695bfbb61", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "73021f34-dc57-48e0-9a77-f2e110b1944f", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c6331a8-448d-4605-880d-1d3a8ee8f177", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f3e008f6-8658-4c20-91a3-03887aeb7e00", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e584c6e-51a7-418d-b362-3277b2dff1cc", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6570d8d3-d70b-4ab0-a7c2-8e5275a199dd", + "name": "An external service is not available", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + ":formDefinitionID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Service Unavailable", + "code": 503, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ed3a47dd-4e64-4fe8-be0b-47e4f2c124d2", + "name": "List form instances by tenant.", + "request": { + "name": "List form instances by tenant.", + "description": { + "content": "No parameters required.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "51dc614d-49cb-4967-8f61-d1909650702a", + "name": "Returns a list of form instances by tenant", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"count\": 1,\n \"results\": [\n {\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"createdBy\": {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"WORKFLOW_EXECUTION\"\n },\n \"expire\": \"2023-08-12T20:14:57.74486Z\",\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"aute incididunt\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"mollit laboris labore\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"veniam ad proide\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"sint \"\n }\n }\n ]\n }\n ],\n \"formData\": {\n \"department\": \"Engineering\"\n },\n \"formDefinitionId\": \"49841cb8-00a5-4fbd-9888-8bbb28d48331\",\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"MAX_DATE\"\n },\n {\n \"validationType\": \"REQUIRED\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"REQUIRED\"\n },\n {\n \"validationType\": \"MIN_LENGTH\"\n }\n ]\n }\n ],\n \"formErrors\": [\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n },\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n }\n ],\n \"formInput\": {\n \"input1\": \"Sales\"\n },\n \"id\": \"06a2d961-07fa-44d1-8d0a-2f6470e30fd2\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\",\n \"recipients\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n }\n ],\n \"standAloneForm\": false,\n \"standAloneFormUrl\": \"https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000\",\n \"state\": \"ASSIGNED\"\n },\n {\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"createdBy\": {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"WORKFLOW_EXECUTION\"\n },\n \"expire\": \"2023-08-12T20:14:57.74486Z\",\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"non aliquip labore minim\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"irure proident esse sed\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"esse aute commodo nisi\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"ut ali\"\n }\n }\n ]\n }\n ],\n \"formData\": {\n \"department\": \"Engineering\"\n },\n \"formDefinitionId\": \"49841cb8-00a5-4fbd-9888-8bbb28d48331\",\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"DATE\"\n },\n {\n \"validationType\": \"REGEX\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"PHONE\"\n },\n {\n \"validationType\": \"PHONE\"\n }\n ]\n }\n ],\n \"formErrors\": [\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n },\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n }\n ],\n \"formInput\": {\n \"input1\": \"Sales\"\n },\n \"id\": \"06a2d961-07fa-44d1-8d0a-2f6470e30fd2\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\",\n \"recipients\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n }\n ],\n \"standAloneForm\": false,\n \"standAloneFormUrl\": \"https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000\",\n \"state\": \"ASSIGNED\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "32cd442b-3412-4bce-bf28-cf3d073c1e8d", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8cfe3654-8ea4-4ed5-bb7c-9d2131274813", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d5477aef-f00b-41d7-8cf2-1b4b9cd94792", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "97469790-736c-44ef-9daa-50c56b710b2b", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f378903-b75a-417a-b498-52596c191ff6", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0deacf4b-efd5-4622-9121-bcfd10441fb2", + "name": "Creates a form instance.", + "request": { + "name": "Creates a form instance.", + "description": {}, + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"expire\": \"2023-06-20T15:57:55.332882Z\",\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"an-identity-id\"\n }\n ],\n \"createdBy\": {\n \"type\": \"WORKFLOW_EXECUTION\",\n \"id\": \"a-workflow-execution-id\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "a1fd6d5e-059c-40ba-8d6f-2658797ee496", + "name": "Returns a new form instance", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"expire\": \"2023-06-20T15:57:55.332882Z\",\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"an-identity-id\"\n }\n ],\n \"createdBy\": {\n \"type\": \"WORKFLOW_EXECUTION\",\n \"id\": \"a-workflow-execution-id\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"createdBy\": {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"WORKFLOW_EXECUTION\"\n },\n \"expire\": \"2023-08-12T20:14:57.74486Z\",\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"exercitation velit \"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"cillum elit pariatur eu\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"adipisicing qui magna\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"Ut proident enim nisi est\"\n }\n }\n ]\n }\n ],\n \"formData\": {\n \"department\": \"Engineering\"\n },\n \"formDefinitionId\": \"49841cb8-00a5-4fbd-9888-8bbb28d48331\",\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"TEXTAREA\"\n },\n {\n \"validationType\": \"MAX_DATE\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"MIN_DATE\"\n },\n {\n \"validationType\": \"MAX_LENGTH\"\n }\n ]\n }\n ],\n \"formErrors\": [\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n },\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n }\n ],\n \"formInput\": {\n \"input1\": \"Sales\"\n },\n \"id\": \"06a2d961-07fa-44d1-8d0a-2f6470e30fd2\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\",\n \"recipients\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n }\n ],\n \"standAloneForm\": false,\n \"standAloneFormUrl\": \"https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000\",\n \"state\": \"ASSIGNED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4731775-5766-417a-9b4b-a11730919875", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"expire\": \"2023-06-20T15:57:55.332882Z\",\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"an-identity-id\"\n }\n ],\n \"createdBy\": {\n \"type\": \"WORKFLOW_EXECUTION\",\n \"id\": \"a-workflow-execution-id\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b166e2c0-6fe4-4629-9232-63e5011234b3", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"expire\": \"2023-06-20T15:57:55.332882Z\",\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"an-identity-id\"\n }\n ],\n \"createdBy\": {\n \"type\": \"WORKFLOW_EXECUTION\",\n \"id\": \"a-workflow-execution-id\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f2fec0d9-97d0-4210-90f0-5c7b031aac45", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"expire\": \"2023-06-20T15:57:55.332882Z\",\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"an-identity-id\"\n }\n ],\n \"createdBy\": {\n \"type\": \"WORKFLOW_EXECUTION\",\n \"id\": \"a-workflow-execution-id\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba8cbad3-c894-4109-9261-09281a08ef0e", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"expire\": \"2023-06-20T15:57:55.332882Z\",\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"an-identity-id\"\n }\n ],\n \"createdBy\": {\n \"type\": \"WORKFLOW_EXECUTION\",\n \"id\": \"a-workflow-execution-id\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "69127ef0-1de1-45ed-899c-a09685fe29d8", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"expire\": \"2023-06-20T15:57:55.332882Z\",\n \"formDefinitionId\": \"00000000-0000-0000-0000-000000000000\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"an-identity-id\"\n }\n ],\n \"createdBy\": {\n \"type\": \"WORKFLOW_EXECUTION\",\n \"id\": \"a-workflow-execution-id\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6e5d34a0-7ba0-476f-ba01-7c2ef6261da0", + "name": "Returns a form instance.", + "request": { + "name": "Returns a form instance.", + "description": { + "content": "Parameter `{formInstanceID}` should match a form instance ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formInstanceID", + "disabled": true, + "description": { + "content": "(Required) Form instance ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "832706f4-39e4-4e78-80f8-eee53884c953", + "name": "Returns a form instance by its key", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"createdBy\": {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"WORKFLOW_EXECUTION\"\n },\n \"expire\": \"2023-08-12T20:14:57.74486Z\",\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"exercitation velit \"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"cillum elit pariatur eu\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"adipisicing qui magna\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"Ut proident enim nisi est\"\n }\n }\n ]\n }\n ],\n \"formData\": {\n \"department\": \"Engineering\"\n },\n \"formDefinitionId\": \"49841cb8-00a5-4fbd-9888-8bbb28d48331\",\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"TEXTAREA\"\n },\n {\n \"validationType\": \"MAX_DATE\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"MIN_DATE\"\n },\n {\n \"validationType\": \"MAX_LENGTH\"\n }\n ]\n }\n ],\n \"formErrors\": [\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n },\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n }\n ],\n \"formInput\": {\n \"input1\": \"Sales\"\n },\n \"id\": \"06a2d961-07fa-44d1-8d0a-2f6470e30fd2\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\",\n \"recipients\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n }\n ],\n \"standAloneForm\": false,\n \"standAloneFormUrl\": \"https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000\",\n \"state\": \"ASSIGNED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "db3a1e24-e0e6-4ac0-a38c-ef6015af5f92", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fecad76c-5a6c-4479-8760-4b5846e24b5c", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3de1a5a2-1c92-4802-ab7f-56aa0866a37d", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9cfc0e12-d64a-4521-a8ed-57ba979a74f5", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9bbb3fe4-c4a7-4a5e-9617-9e6ed8cb32ea", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec0e86f7-957b-41d9-9b56-4c54e36ceb20", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4e3fac13-19d3-456c-9c66-f03b32ff8688", + "name": "Patch a form instance.", + "request": { + "name": "Patch a form instance.", + "description": { + "content": "Parameter `{formInstanceID}` should match a form instance ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formInstanceID", + "disabled": true, + "description": { + "content": "(Required) Form instance ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/state\",\n \"value\": \"SUBMITTED\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/formData\",\n \"value\": {\n \"a-key-1\": \"a-value-1\",\n \"a-key-2\": true,\n \"a-key-3\": 1\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "fb5fcd70-9e0a-4510-b6f1-f6e672a735e3", + "name": "Returns the form instance updated", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/state\",\n \"value\": \"SUBMITTED\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/formData\",\n \"value\": {\n \"a-key-1\": \"a-value-1\",\n \"a-key-2\": true,\n \"a-key-3\": 1\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"2023-07-12T20:14:57.74486Z\",\n \"createdBy\": {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"WORKFLOW_EXECUTION\"\n },\n \"expire\": \"2023-08-12T20:14:57.74486Z\",\n \"formConditions\": [\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"exercitation velit \"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"cillum elit pariatur eu\"\n }\n }\n ]\n },\n {\n \"ruleOperator\": \"AND\",\n \"rules\": [\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n },\n {\n \"sourceType\": \"ELEMENT\",\n \"source\": \"department\",\n \"operator\": \"EQ\",\n \"valueType\": \"STRING\",\n \"value\": \"Engineering\"\n }\n ],\n \"effects\": [\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"adipisicing qui magna\"\n }\n },\n {\n \"effectType\": \"HIDE\",\n \"config\": {\n \"defaultValueLabel\": \"Access to Remove\",\n \"element\": \"Ut proident enim nisi est\"\n }\n }\n ]\n }\n ],\n \"formData\": {\n \"department\": \"Engineering\"\n },\n \"formDefinitionId\": \"49841cb8-00a5-4fbd-9888-8bbb28d48331\",\n \"formElements\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"TEXTAREA\"\n },\n {\n \"validationType\": \"MAX_DATE\"\n }\n ]\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"elementType\": \"TEXT\",\n \"config\": {\n \"label\": \"Department\"\n },\n \"key\": \"department\",\n \"validations\": [\n {\n \"validationType\": \"MIN_DATE\"\n },\n {\n \"validationType\": \"MAX_LENGTH\"\n }\n ]\n }\n ],\n \"formErrors\": [\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n },\n {\n \"key\": \"department\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"value\": \"Engineering\"\n }\n ],\n \"formInput\": {\n \"input1\": \"Sales\"\n },\n \"id\": \"06a2d961-07fa-44d1-8d0a-2f6470e30fd2\",\n \"modified\": \"2023-07-12T20:14:57.74486Z\",\n \"recipients\": [\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n },\n {\n \"id\": \"00000000-0000-0000-0000-000000000000\",\n \"type\": \"IDENTITY\"\n }\n ],\n \"standAloneForm\": false,\n \"standAloneFormUrl\": \"https://my-org.identitynow.com/ui/d/forms/00000000-0000-0000-0000-000000000000\",\n \"state\": \"ASSIGNED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d91d041a-f66b-4c55-9fc6-70afcfd57d65", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/state\",\n \"value\": \"SUBMITTED\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/formData\",\n \"value\": {\n \"a-key-1\": \"a-value-1\",\n \"a-key-2\": true,\n \"a-key-3\": 1\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bcde5189-f4a6-4419-bf52-ff04ac30c960", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/state\",\n \"value\": \"SUBMITTED\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/formData\",\n \"value\": {\n \"a-key-1\": \"a-value-1\",\n \"a-key-2\": true,\n \"a-key-3\": 1\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "68e3c637-3631-457f-b660-94399539b809", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/state\",\n \"value\": \"SUBMITTED\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/formData\",\n \"value\": {\n \"a-key-1\": \"a-value-1\",\n \"a-key-2\": true,\n \"a-key-3\": 1\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "105110fc-938b-4756-bf2a-c8f9b79c82ee", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/state\",\n \"value\": \"SUBMITTED\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/formData\",\n \"value\": {\n \"a-key-1\": \"a-value-1\",\n \"a-key-2\": true,\n \"a-key-3\": 1\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb32bc65-57fb-41b5-bcfa-cb8f020e2c73", + "name": "An error with the request property conflicts with stored", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/state\",\n \"value\": \"SUBMITTED\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/formData\",\n \"value\": {\n \"a-key-1\": \"a-value-1\",\n \"a-key-2\": true,\n \"a-key-3\": 1\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Conflict", + "code": 409, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "71b6841f-d60a-43d3-be00-ef1068a00239", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/state\",\n \"value\": \"SUBMITTED\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/formData\",\n \"value\": {\n \"a-key-1\": \"a-value-1\",\n \"a-key-2\": true,\n \"a-key-3\": 1\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f2ddfae8-4df7-44ca-9edf-92598a3d2bc3", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/state\",\n \"value\": \"SUBMITTED\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/formData\",\n \"value\": {\n \"a-key-1\": \"a-value-1\",\n \"a-key-2\": true,\n \"a-key-3\": 1\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e02ac45e-0170-46f0-8611-36a10853b78a", + "name": "Retrieves dynamic data by element.", + "request": { + "name": "Retrieves dynamic data by element.", + "description": { + "content": "Parameter `{formInstanceID}` should match a form instance ID.\nParameter `{formElementID}` should match a form element ID at the data source configuration.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "data-source", + ":formElementID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "support" + } + ], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formInstanceID", + "disabled": true, + "description": { + "content": "(Required) Form instance ID", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "1", + "key": "formElementID", + "disabled": true, + "description": { + "content": "(Required) Form element ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "4cc55184-65cb-4a3f-875c-c4736741647e", + "name": "Retrieves dynamic data to aid in correctly completing a valid form by form element ID from data source configuration", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "data-source", + ":formElementID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "support" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"results\": [\n {\n \"label\": \"regression-test-access-request-07c55dd6-3056-430a-86b5-fccc395bb6c5\",\n \"subLabel\": \"\",\n \"value\": \"e96674448eba4ca1ba04eee999a8f3cd\"\n },\n {\n \"label\": \"regression-test-access-request-07c55dd6-3056-430a-86b5-fccc395bb6c5\",\n \"subLabel\": \"\",\n \"value\": \"e96674448eba4ca1ba04eee999a8f3cd\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "21b556cb-a199-47eb-ad2f-bedbb57af103", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "data-source", + ":formElementID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "support" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba03fecd-ad99-4b26-914e-273302071b91", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "data-source", + ":formElementID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "support" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d8d1c26-d0e4-4bce-9fe3-18df83ef378b", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "data-source", + ":formElementID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "support" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "efca8a00-f104-4f42-8516-6810621381a5", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "data-source", + ":formElementID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "support" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7481238c-4d23-4b34-8b98-8db85e1e0389", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "data-source", + ":formElementID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "support" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f71eb968-494a-4f59-a147-aa59685ab817", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "data-source", + ":formElementID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Limit\n\nInteger specifying the maximum number of records to return in a single API call. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nIf it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**value**: *eq, ne, in*\n\nSupported composite operators: *not*\n\nOnly a single *not* may be used, and it can only be used with the `in` operator. The `not` composite operator must be used in front of the field. For example, the following is valid: `not value in (\"ID01\")`", + "type": "text/plain" + }, + "key": "filters", + "value": "value eq \"ID01\"" + }, + { + "disabled": true, + "description": { + "content": "String that is passed to the underlying API to filter other (non-ID) fields. For example, for access profile data sources, this string will be passed to the access profile api and used with a \"starts with\" filter against several fields.", + "type": "text/plain" + }, + "key": "query", + "value": "support" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f707a509-b583-4ee1-bf26-990bf23c0e11", + "name": "Download instance file by fileId.", + "request": { + "name": "Download instance file by fileId.", + "description": {}, + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00000000-0000-0000-0000-000000000000", + "key": "formInstanceID", + "disabled": true, + "description": { + "content": "(Required) FormInstanceID\n\nForm instance ID", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "00000031N0J7R2B57M8YG73J7M.png", + "key": "fileID", + "disabled": true, + "description": { + "content": "(Required) FileID\n\nString specifying the hashed name of the uploaded file we are retrieving.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "70a59215-93cd-43cf-a106-222912d4d57b", + "name": "Returns a file that is referred to by fileID and associated with the formInstanceID", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "04bc9a2e-b631-44c2-9974-837ba106ac60", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75559279-7468-46ed-baa9-4dfdbda03552", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e9915f48-b593-4faa-abf5-a95ffb0954e6", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f61d4172-23b0-41ba-b5c2-f421e12dd8fd", + "name": "An error with the item not found", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f56c05b-989b-4229-a4fb-2943fef0ea78", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "81f1e16a-4765-468d-89c0-c9dadcfcfed7", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b938033c-568d-454d-b643-57736e13d032", + "name": "An external service is not available", + "originalRequest": { + "url": { + "path": [ + "form-instances", + ":formInstanceID", + "file", + ":fileID" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Service Unavailable", + "code": 503, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c9c04689-323a-4386-b178-eb5afc70d478", + "name": "List predefined select options.", + "request": { + "name": "List predefined select options.", + "description": { + "content": "No parameters required.", + "type": "text/plain" + }, + "url": { + "path": [ + "form-definitions", + "predefined-select-options" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a0aac76e-dae5-45fe-941e-410e5e1d9c0c", + "name": "Returns a list of available predefined select options", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "predefined-select-options" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"results\": [\n \"IDENTITY\",\n \"IDENTITY\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "782b3d30-e54e-4767-aae7-53a7b790c8b4", + "name": "An error with the request occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "predefined-select-options" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1d7d8885-9976-40f8-b5cb-1bb2ddd3e5d4", + "name": "An error with the authorization occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "predefined-select-options" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e1d8b624-931e-48f1-a29d-3cf141ad90c8", + "name": "An error with the user permissions occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "predefined-select-options" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "65bde460-0549-4bbd-b5ae-6dfeb5b7f855", + "name": "Too many requests", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "predefined-select-options" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"Internal Server Error\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"trackingId\": \"9cd03ef80e6a425eb6b11bdbb057cdb4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90195053-d3df-4f53-a3b4-da101a568416", + "name": "An internal server error occurred", + "originalRequest": { + "url": { + "path": [ + "form-definitions", + "predefined-select-options" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"aute sint\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"This is an error\"\n }\n ],\n \"statusCode\": 62850943,\n \"trackingId\": \"in sunt\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Custom Password Instructions", + "description": "Use this API to implement custom password instruction functionality.\nWith this functionality in place, administrators can create custom password instructions to help users reset their passwords, change them, unlock their accounts, or recover their usernames.\nThis allows administrators to emphasize password policies or provide organization-specific instructions.\n\nAdministrators must first use [Update Password Org Config](https://developer.sailpoint.com/docs/api/beta/put-password-org-config/) to set `customInstructionsEnabled` to `true`.\n\nOnce they have enabled custom instructions, they can use [Create Custom Password Instructions](https://developer.sailpoint.com/docs/api/beta/create-custom-password-instructions/) to create custom page content for the specific pageId they select.\n\nFor example, an administrator can use the pageId forget-username:user-email to set the custom text for the case when users forget their usernames and must enter their emails.\n\nRefer to [Creating Custom Instruction Text](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html#creating-custom-instruction-text) for more information about creating custom password instructions.\n", + "item": [ + { + "id": "e6fb96fc-1a8f-4db2-b89c-ac9872c1a4f9", + "name": "Create Custom Password Instructions", + "request": { + "name": "Create Custom Password Instructions", + "description": { + "content": "This API creates the custom password instructions for the specified page ID. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "custom-password-instructions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"pageId\": \"reset-password:enter-password\",\n \"pageContent\": \"See company password policies for details by clicking here\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "486b9098-9859-4468-a230-21e6d305636e", + "name": "Reference to the custom password instructions.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"pageId\": \"reset-password:enter-password\",\n \"pageContent\": \"See company password policies for details by clicking here\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"pageId\": \"reset-password:enter-password\",\n \"locale\": \"default\",\n \"pageContent\": \"See company password policies for details by clicking here\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c8c50792-906a-4701-9494-26a55519f893", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"pageId\": \"reset-password:enter-password\",\n \"pageContent\": \"See company password policies for details by clicking here\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b0f5d4b6-c3ca-4fc3-9e95-6b92e7a060a1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"pageId\": \"reset-password:enter-password\",\n \"pageContent\": \"See company password policies for details by clicking here\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e451f5fb-c204-4cc9-ad8b-778f3d421b37", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"pageId\": \"reset-password:enter-password\",\n \"pageContent\": \"See company password policies for details by clicking here\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c45d47ad-1ed1-41da-9c1c-031fb81a06d6", + "name": "Get Custom Password Instructions by Page ID", + "request": { + "name": "Get Custom Password Instructions by Page ID", + "description": { + "content": "This API returns the custom password instructions for the specified page ID. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [ + { + "type": "any", + "value": "mfa:select", + "key": "pageId", + "disabled": true, + "description": { + "content": "(Required) The page ID of custom password instructions to query.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "d301af0a-51ac-4228-8944-87607783e79d", + "name": "Reference to the custom password instructions.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"pageId\": \"reset-password:enter-password\",\n \"locale\": \"default\",\n \"pageContent\": \"See company password policies for details by clicking here\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fd194335-d1f1-4c03-acdd-b82fcce4453d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "457fcfd2-aeb9-404a-8555-06bb0dc2afc6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0cf84fdd-c693-460d-aaa5-1805b468c3c0", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e1d865d5-2e6c-40ee-a012-9fdc2fc2e69b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b762366f-07c1-4d05-8611-e5f165726b44", + "name": "Delete Custom Password Instructions by page ID", + "request": { + "name": "Delete Custom Password Instructions by page ID", + "description": { + "content": "This API delete the custom password instructions for the specified page ID. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [ + { + "type": "any", + "value": "mfa:select", + "key": "pageId", + "disabled": true, + "description": { + "content": "(Required) The page ID of custom password instructions to delete.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "5a5473ae-44f2-4239-a942-95702eeb93fd", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "13874986-e37b-4638-986a-05512203bee0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "836fb7b5-4117-4db5-b071-dc719d5d9be8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "684500b4-adac-484a-8834-136d31548614", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ace215bc-6c48-4d9e-b018-69a0b5e6cd1d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "custom-password-instructions", + ":pageId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale for the custom instructions, a BCP47 language tag. The default value is \\\"default\\\".", + "type": "text/plain" + }, + "key": "locale", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Discovered Applications", + "description": "Use this API to retrieve all the available discovered apps for a given tenant id.\n", + "item": [] + }, + { + "name": "Entitlements", + "description": "Use this API to implement and customize entitlement functionality.\nWith this functionality in place, administrators can view entitlements and configure them for use throughout Identity Security Cloud in certifications, access profiles, and roles.\nAdministrators in Identity Security Cloud can then grant users access to the entitlements or configure them so users themselves can request access to the entitlements whenever they need them.\nWith a good approval process, this entitlement functionality allows users to gain the specific access they need on sources quickly and securely.\n\nEntitlements represent access rights on sources.\nEntitlements are the most granular form of access in Identity Security Cloud.\nEntitlements are often grouped into access profiles, and access profiles themselves are often grouped into roles, the broadest form of access in Identity Security Cloud.\n\nFor example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization.\n\nAn administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement.\n\nAn administrator can then create an even broader set of access in the form of a role grouping the 'AD Developers' access profile with another profile, 'GitHub Developers,' grouping entitlements for the GitHub source.\n\nWhen users only need Active Directory employee access, they can request access to the 'Employees' entitlement.\n\nWhen users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile.\n\nWhen users need both the 'AD Developers' access profile and the 'GitHub Developers' access profile, they can request access to the role grouping both.\n\nAdministrators often use roles and access profiles within those roles to manage access so that users can gain access more quickly, but the hierarchy of access all starts with entitlements.\n\nAnywhere entitlements appear, you can select them to find more information about the following:\n\n- Cloud Access Details: These provide details about the cloud access entitlements on cloud-enabled sources.\n\n- Permissions: Permissions represent individual units of read/write/admin access to a system.\n\n- Relationships: These list each entitlement's parent and child relationships.\n\n- Type: This is the entitlement's type. Some sources support multiple types, each with a different attribute schema.\n\nIdentity Security Cloud uses entitlements in many features, including the following:\n\n- Certifications: Entitlements can be revoked from an identity that no longer needs them.\n\n- Roles: Roles can group access profiles which themselves group entitlements. You can grant and revoke access on a broad level with roles. Role membership criteria can grant roles to identities based on whether they have certain entitlements or attributes.\n\n- Access Profiles: Access profiles group entitlements.\nThey are the most important units of access in Identity Security Cloud.\nIdentity Security Cloud uses them in provisioning, certifications, and access requests, and administrators can configure them to grant very broad or very granular access.\n\nYou cannot delete entitlements directly from Identity Security Cloud.\nEntitlements are deleted based on their inclusion in aggregations.\n\nRefer to [Deleting Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html#deleting-entitlements) more information about deleting entitlements.\n\nRefer to [Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html) for more information about entitlements.\n", + "item": [ + { + "id": "8246b945-ba9b-4bde-8f07-c662a42e8619", + "name": "Gets a list of entitlements.", + "request": { + "name": "Gets a list of entitlements.", + "description": { + "content": "This API returns a list of entitlements.\n\nThis API can be used in one of the two following ways: either getting entitlements for a specific **account-id**, or getting via use of **filters** (those two options are exclusive).\n\nAny authenticated token can call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).", + "type": "text/plain" + }, + "key": "account-id", + "value": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.", + "type": "text/plain" + }, + "key": "segmented-for-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCannot be specified with the **account-id** or **segmented-for-identity** param(s).", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "179dbcac-3a88-46c3-b907-03b3d3ecb99f", + "name": "List of entitlements", + "originalRequest": { + "url": { + "path": [ + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).", + "type": "text/plain" + }, + "key": "account-id", + "value": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.", + "type": "text/plain" + }, + "key": "segmented-for-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCannot be specified with the **account-id** or **segmented-for-identity** param(s).", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c91808874ff91550175097daaec161c\",\n \"name\": \"LauncherTest2\",\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2020-10-08T18:33:52.029Z\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"sourceSchemaObjectType\": \"group\",\n \"privileged\": true,\n \"cloudGoverned\": true,\n \"description\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"requestable\": true,\n \"attributes\": {\n \"fieldName\": \"fieldValue\"\n },\n \"source\": {\n \"id\": \"2c9180827ca885d7017ca8ce28a000eb\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-Source\"\n },\n \"owner\": {\n \"id\": \"2a2fdacca5e345f18bf7970cfbb8fec2\",\n \"name\": \"identity 1\",\n \"type\": \"IDENTITY\"\n },\n \"directPermissions\": [\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n },\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n }\n ],\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"manuallyUpdatedFields\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n },\n \"accessModelMetadata\": {\n \"attributes\": [\n {\n \"key\": \"iscPrivacy\",\n \"name\": \"Privacy\",\n \"multiselect\": false,\n \"status\": \"active\",\n \"type\": \"governance\",\n \"objectTypes\": [\n \"all\"\n ],\n \"description\": \"Specifies the level of privacy associated with an access item.\",\n \"values\": [\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n }\n ]\n }\n ]\n }\n },\n {\n \"id\": \"2c91808874ff91550175097daaec161c\",\n \"name\": \"LauncherTest2\",\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2020-10-08T18:33:52.029Z\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"sourceSchemaObjectType\": \"group\",\n \"privileged\": true,\n \"cloudGoverned\": true,\n \"description\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"requestable\": true,\n \"attributes\": {\n \"fieldName\": \"fieldValue\"\n },\n \"source\": {\n \"id\": \"2c9180827ca885d7017ca8ce28a000eb\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-Source\"\n },\n \"owner\": {\n \"id\": \"2a2fdacca5e345f18bf7970cfbb8fec2\",\n \"name\": \"identity 1\",\n \"type\": \"IDENTITY\"\n },\n \"directPermissions\": [\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n },\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n }\n ],\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"manuallyUpdatedFields\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n },\n \"accessModelMetadata\": {\n \"attributes\": [\n {\n \"key\": \"iscPrivacy\",\n \"name\": \"Privacy\",\n \"multiselect\": false,\n \"status\": \"active\",\n \"type\": \"governance\",\n \"objectTypes\": [\n \"all\"\n ],\n \"description\": \"Specifies the level of privacy associated with an access item.\",\n \"values\": [\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n }\n ]\n }\n ]\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b9d13267-cd5b-4750-a9a9-62f672e2043f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).", + "type": "text/plain" + }, + "key": "account-id", + "value": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.", + "type": "text/plain" + }, + "key": "segmented-for-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCannot be specified with the **account-id** or **segmented-for-identity** param(s).", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "abb729ad-a523-4b51-b8e7-904ab1ea7b35", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).", + "type": "text/plain" + }, + "key": "account-id", + "value": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.", + "type": "text/plain" + }, + "key": "segmented-for-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCannot be specified with the **account-id** or **segmented-for-identity** param(s).", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a45298d-71ff-4bfd-8267-97115e8d0ecb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).", + "type": "text/plain" + }, + "key": "account-id", + "value": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.", + "type": "text/plain" + }, + "key": "segmented-for-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCannot be specified with the **account-id** or **segmented-for-identity** param(s).", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14850ecd-e9ed-42b8-a5c2-3c6743a05286", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).", + "type": "text/plain" + }, + "key": "account-id", + "value": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.", + "type": "text/plain" + }, + "key": "segmented-for-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCannot be specified with the **account-id** or **segmented-for-identity** param(s).", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "22146ad8-ef2f-41e7-82a7-e3ebb52bda6e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).", + "type": "text/plain" + }, + "key": "account-id", + "value": "ef38f94347e94562b5bb8424a56397d8" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.", + "type": "text/plain" + }, + "key": "segmented-for-identity", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCannot be specified with the **account-id** or **segmented-for-identity** param(s).", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e90f6260-f904-4d8e-bc57-3dddaec31364", + "name": "Get an entitlement", + "request": { + "name": "Get an entitlement", + "description": { + "content": "This API returns an entitlement by its ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808874ff91550175097daaec161c", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The entitlement ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "55788fc6-7a28-4537-b59c-893c6b8ad731", + "name": "An entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"sourceSchemaObjectType\": \"group\",\n \"attribute\": \"memberOf\",\n \"attributes\": {\n \"GroupType\": \"Security\",\n \"sAMAccountName\": \"LauncherTest1\",\n \"GroupScope\": \"Global\",\n \"objectguid\": \"{01a6e70b-9705-4155-a5c6-492a9bcc8c64}\",\n \"objectSid\": \"S-1-5-21-3585869415-1648031554-2909195034-1633\",\n \"cn\": \"LauncherTest1\",\n \"msDS-PrincipalName\": \"AUTOMATIONAD\\\\LauncherTest1\"\n },\n \"value\": \"CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"description\": \"some description\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180877504c40e0175097d5ce707c8\",\n \"name\": \"EndToEnd-ADSource\"\n },\n \"owner\": {\n \"id\": \"2c9180858315595501831958427e5424\",\n \"name\": \"Addie Smith\",\n \"type\": \"IDENTITY\"\n },\n \"segments\": [\n \"1d126fe0-45e2-4aea-bc64-a07e9344ef26\"\n ],\n \"manuallyUpdatedFields\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n },\n \"id\": \"2c91808c74ff913f0175097daa9d59cd\",\n \"name\": \"LauncherTest1\",\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2021-01-19T16:53:35.707Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d93c4b44-4ba8-414b-8e2e-d9ab02fa6e4a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c0cba1f0-f856-4d60-9693-a33f12b29353", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d385ae0b-2041-457a-99c0-9a3519c34f7f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "266e4948-b1e1-4426-9c9e-f95ef24862fa", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "635979b0-46bf-4267-8609-1581e149a60c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e62b0e1-260f-4b47-a3a2-561298006d97", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e2786078-df47-4762-ba48-ba467e6e4c2c", + "name": "Patch an entitlement", + "request": { + "name": "Patch an entitlement", + "description": { + "content": "This API updates an existing entitlement using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.\n\nThe following fields are patchable: **requestable**, **privileged**, **segments**, **owner**, **name**, **description**, and **manuallyUpdatedFields**\n\nWhen you're patching owner, only owner type and owner id must be provided. Owner name is optional, and it won't be modified. If the owner name is provided, it should correspond to the real name. The only owner type currently supported is IDENTITY.\n\nA token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121e121518", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the entitlement to patch", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "214535fa-b5fa-4544-ba32-17f7ade63325", + "name": "Make an entitlement requestable and privileged in one call", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "daa76989-6072-437d-b24b-7cd64a4549d4", + "name": "Assign an entitlement to a segment", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "41fab5f3-dae4-49ea-88bf-81f86da50eb2", + "name": "Assign an owner to an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "216a8d03-57b5-42d4-b65f-86e1c80c6cf0", + "name": "Replace an owner for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b4897e44-63a2-4088-aeb1-9f62e9d2e60f", + "name": "Set entitlement manually updated fields", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/manuallyUpdatedFields\",\n \"value\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ea3d4d19-a6e8-4804-ba59-b602a5d28e46", + "name": "Add the description for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/description\",\n \"value\": \"new description for the entitlement\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4661ae52-e512-43b1-a013-91c65af9eb07", + "name": "Update the name for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"entitlement new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d5b6faf8-2db6-4102-a421-69fe68026114", + "name": "Make an entitlement requestable and privileged in one call", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9be7810e-d887-436b-9a52-4e701819eb61", + "name": "Assign an entitlement to a segment", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cabd5c6b-284f-4fa6-ad39-059bfcce93f7", + "name": "Assign an owner to an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eca17cd9-f3ba-4853-8859-12790ecb22a9", + "name": "Replace an owner for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fa195c0c-1db9-44ec-b092-511acb50f900", + "name": "Set entitlement manually updated fields", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/manuallyUpdatedFields\",\n \"value\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "111bce9a-3ec6-4d24-9d82-77a6684cc857", + "name": "Add the description for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/description\",\n \"value\": \"new description for the entitlement\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57e17051-6ca3-49cc-bbbc-adbe66cbc266", + "name": "Update the name for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"entitlement new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b6d489c-7d4e-46df-85f6-54bfc14121eb", + "name": "Make an entitlement requestable and privileged in one call", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "26b11fe9-8a38-4499-ada6-77f34cfa0898", + "name": "Assign an entitlement to a segment", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fad3bd7a-84ff-45ef-adec-28f1b1b4110c", + "name": "Assign an owner to an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb2a5341-f9ab-4eec-ac89-ffa3dcdd72ba", + "name": "Replace an owner for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5b96455d-f636-40fc-a18a-0871419834c5", + "name": "Set entitlement manually updated fields", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/manuallyUpdatedFields\",\n \"value\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ef4ba7be-9efc-4ff2-9cad-c4b0988a795b", + "name": "Add the description for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/description\",\n \"value\": \"new description for the entitlement\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bf767970-923c-4548-ae27-da89f9ef45bc", + "name": "Update the name for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"entitlement new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6c8f68c4-3a2f-4ed7-8e06-767059ee8dbc", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9d810993-1f4b-4993-8d45-e4ebd8a0aaec", + "name": "Assign an entitlement to a segment", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "427eaa94-3a21-4973-9ca7-83ff85c88b5d", + "name": "Assign an owner to an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b737add4-4d06-43f7-94f0-4217bbb21930", + "name": "Replace an owner for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5cf594f2-6bd0-4dc9-bad7-3cb6d6e19b5b", + "name": "Set entitlement manually updated fields", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/manuallyUpdatedFields\",\n \"value\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9f9e3e51-ecd3-4f70-a896-220422ad62fe", + "name": "Add the description for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/description\",\n \"value\": \"new description for the entitlement\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01ff7da6-8aff-48ca-b04f-dad568f3ed23", + "name": "Update the name for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"entitlement new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7b568475-f189-464f-a896-816e33dbc21e", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5760b3b6-4e59-44a0-b38c-67836244e3c8", + "name": "Assign an entitlement to a segment", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "08f2ec6a-f39b-41d1-863f-3f0bc20f3854", + "name": "Assign an owner to an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5c28678d-6724-4c66-b13b-8619dab5b764", + "name": "Replace an owner for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c886068c-606c-4e96-ba1d-16690041d5df", + "name": "Set entitlement manually updated fields", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/manuallyUpdatedFields\",\n \"value\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64ac1985-365d-4449-bc98-f476f7015f52", + "name": "Add the description for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/description\",\n \"value\": \"new description for the entitlement\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8b66128b-9088-4e1b-b055-3026a462be4d", + "name": "Update the name for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"entitlement new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ae08d2ea-1328-4803-9854-009bddfd8a62", + "name": "Make an entitlement requestable and privileged in one call", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8febcf56-f7c9-4d70-a608-da7117fc30a0", + "name": "Assign an entitlement to a segment", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a52454f-dfa3-4d9e-9b39-39399d9c9917", + "name": "Assign an owner to an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "346ce6bc-4ff5-40f3-8af3-3f5fc8d5ccce", + "name": "Replace an owner for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "afb66714-28e9-4449-9673-9b7d3a03c945", + "name": "Set entitlement manually updated fields", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/manuallyUpdatedFields\",\n \"value\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "982f81cb-e376-485d-a178-ea1f6d7dc67b", + "name": "Add the description for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/description\",\n \"value\": \"new description for the entitlement\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "92462a45-b402-460a-a74c-125ad6f73368", + "name": "Update the name for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"entitlement new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a1f59e98-a8dd-4aec-b6f1-e83395d2335c", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "130f95aa-bbaf-4f36-933e-bab58b9f0748", + "name": "Assign an entitlement to a segment", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df4e6d19-44c2-4c7c-8d68-1cedb1befb76", + "name": "Assign an owner to an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "942d1fda-8a61-4bec-841a-f7ca95230100", + "name": "Replace an owner for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "80fa99fa-c6b1-4ae2-b8bb-ce3e79016931", + "name": "Set entitlement manually updated fields", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/manuallyUpdatedFields\",\n \"value\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c472d856-367d-4dce-873b-7ee911bb9c5a", + "name": "Add the description for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/description\",\n \"value\": \"new description for the entitlement\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "97f0ac14-d49b-4ab9-ba81-6270a9d48c56", + "name": "Update the name for an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"entitlement new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "04e3a924-8b0d-49a5-924e-f6b723684397", + "name": "List of entitlements parents", + "request": { + "name": "List of entitlements parents", + "description": { + "content": "This API returns a list of all parent entitlements of a given entitlement.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + ":id", + "parents" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [ + { + "type": "any", + "value": "2c91808c74ff913f0175097daa9d59cd", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Entitlement Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "aaca3bf6-a086-4c0d-97d4-e6b43bd59e5b", + "name": "List of entitlements parents from an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "parents" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"sourceSchemaObjectType\": \"group\",\n \"attribute\": \"memberOf\",\n \"attributes\": {\n \"GroupType\": \"Security\",\n \"sAMAccountName\": \"LauncherTest1\",\n \"GroupScope\": \"Global\",\n \"objectguid\": \"{01a6e70b-9705-4155-a5c6-492a9bcc8c64}\",\n \"objectSid\": \"S-1-5-21-3585869415-1648031554-2909195034-1633\",\n \"cn\": \"LauncherTest1\",\n \"msDS-PrincipalName\": \"AUTOMATIONAD\\\\LauncherTest1\"\n },\n \"value\": \"CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"description\": \"some description\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180877504c40e0175097d5ce707c8\",\n \"name\": \"EndToEnd-ADSource\"\n },\n \"owner\": {\n \"id\": \"2a2fdacca5e345f18bf7970cfbb8fec2\",\n \"name\": \"identity 1\",\n \"type\": \"IDENTITY\"\n },\n \"segments\": [\n \"1d126fe0-45e2-4aea-bc64-a07e9344ef26\"\n ],\n \"manuallyUpdatedFields\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n },\n \"id\": \"2c91808c74ff913f0175097daa9d59cd\",\n \"name\": \"LauncherTest1\",\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2021-01-19T16:53:35.707Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e4483ac3-ae6d-4152-8190-1979b048b87a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "parents" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a4994fd-a8a7-44fc-a320-f716d598f796", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "parents" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "99826d0e-0f07-4aa0-947f-872b651f6b71", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "parents" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3eed8382-4028-4d53-ab19-675f0ca41ac3", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "parents" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a2a10de-b0ac-4404-a1e0-a231e2c3762d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "parents" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d42224e-dfbc-49bb-9c04-01c614d0799f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "parents" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "25112666-e8e8-4f4b-a672-8e2552e6699c", + "name": "List of entitlements children", + "request": { + "name": "List of entitlements children", + "description": { + "content": "This API returns a list of all child entitlements of a given entitlement.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + ":id", + "children" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [ + { + "type": "any", + "value": "2c91808874ff91550175097daaec161c", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Entitlement Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5290ed08-54e8-4c67-9778-b36b8956f5e5", + "name": "List of entitlements children from an entitlement", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "children" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"sourceSchemaObjectType\": \"group\",\n \"attribute\": \"memberOf\",\n \"attributes\": {\n \"GroupType\": \"Security\",\n \"sAMAccountName\": \"LauncherTest1\",\n \"GroupScope\": \"Global\",\n \"objectguid\": \"{01a6e70b-9705-4155-a5c6-492a9bcc8c64}\",\n \"objectSid\": \"S-1-5-21-3585869415-1648031554-2909195034-1633\",\n \"cn\": \"LauncherTest1\",\n \"msDS-PrincipalName\": \"AUTOMATIONAD\\\\LauncherTest1\"\n },\n \"value\": \"CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"description\": \"some description\",\n \"privileged\": false,\n \"cloudGoverned\": false,\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180877504c40e0175097d5ce707c8\",\n \"name\": \"EndToEnd-ADSource\"\n },\n \"owner\": {\n \"id\": \"2a2fdacca5e345f18bf7970cfbb8fec2\",\n \"name\": \"identity 1\",\n \"type\": \"IDENTITY\"\n },\n \"segments\": [\n \"1d126fe0-45e2-4aea-bc64-a07e9344ef26\"\n ],\n \"manuallyUpdatedFields\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n },\n \"id\": \"2c91808c74ff913f0175097daa9d59cd\",\n \"name\": \"LauncherTest1\",\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2021-01-19T16:53:35.707Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "476514d8-bc6d-43bd-9579-f727c7bd2fd2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "children" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a4b586ba-2a83-4548-b9df-6d5779baff24", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "children" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b20d6743-3c38-4dfe-bc1f-375973944a1d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "children" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0c0cdb72-a95c-46dc-bd91-89975a30419a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "children" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d719403b-db55-4a3f-9e99-ef7dff0e6410", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "children" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0eeb71ef-2a75-42d0-8985-964f07ee8d1c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "children" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "30aa8c91-d7cc-4502-8c09-129bc4bd9b6f", + "name": "Bulk update an entitlement list", + "request": { + "name": "Bulk update an entitlement list", + "description": { + "content": "This API applies an update to every entitlement of the list.\n\nThe number of entitlements to update is limited to 50 items maximum.\n\nThe JsonPatch update follows the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. allowed operations : **{ \"op\": \"replace\", \"path\": \"/privileged\", \"value\": boolean }** **{ \"op\": \"replace\", \"path\": \"/requestable\",\"value\": boolean }** \n\nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlementIds\": [\n \"2c91808a7624751a01762f19d665220d\",\n \"2c91808a7624751a01762f19d67c220e\",\n \"2c91808a7624751a01762f19d692220f\"\n ],\n \"jsonPatch\": [\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "432967d0-1dcd-44ee-a8bf-272f4a36601f", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlementIds\": [\n \"2c91808a7624751a01762f19d665220d\",\n \"2c91808a7624751a01762f19d67c220e\",\n \"2c91808a7624751a01762f19d692220f\"\n ],\n \"jsonPatch\": [\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "ccb12c8f-02b1-41c4-82ca-ed3962f803ac", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlementIds\": [\n \"2c91808a7624751a01762f19d665220d\",\n \"2c91808a7624751a01762f19d67c220e\",\n \"2c91808a7624751a01762f19d692220f\"\n ],\n \"jsonPatch\": [\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9bb1489-7d3b-4574-9740-5fe8951f5f0f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlementIds\": [\n \"2c91808a7624751a01762f19d665220d\",\n \"2c91808a7624751a01762f19d67c220e\",\n \"2c91808a7624751a01762f19d692220f\"\n ],\n \"jsonPatch\": [\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5b093c2-f6e5-4a77-9f76-5872cb23b624", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlementIds\": [\n \"2c91808a7624751a01762f19d665220d\",\n \"2c91808a7624751a01762f19d67c220e\",\n \"2c91808a7624751a01762f19d692220f\"\n ],\n \"jsonPatch\": [\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c40965af-8c15-443f-8152-ebd3ab8a4e5a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlementIds\": [\n \"2c91808a7624751a01762f19d665220d\",\n \"2c91808a7624751a01762f19d67c220e\",\n \"2c91808a7624751a01762f19d692220f\"\n ],\n \"jsonPatch\": [\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3247287e-2f8c-41bb-806b-584cce7d8d7a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlementIds\": [\n \"2c91808a7624751a01762f19d665220d\",\n \"2c91808a7624751a01762f19d67c220e\",\n \"2c91808a7624751a01762f19d692220f\"\n ],\n \"jsonPatch\": [\n {\n \"op\": \"replace\",\n \"path\": \"/privileged\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "88ca96b0-0f43-4411-b7ad-f708fe3bea06", + "name": "Get Entitlement Request Config", + "request": { + "name": "Get Entitlement Request Config", + "description": { + "content": "This API returns the entitlement request config for a specified entitlement.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808874ff91550175097daaec161c", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Entitlement Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "10fda13f-b787-422c-8033-dc182c1d6598", + "name": "An Entitlement Request Config", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accessRequestConfig\": {\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"ENTITLEMENT_OWNER\",\n \"approverId\": null\n },\n {\n \"approverType\": \"SOURCE_OWNER\",\n \"approverId\": null\n },\n {\n \"approverType\": \"MANAGER\",\n \"approverId\": null\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9446d311-3356-4c66-8d7a-d2a23aacc2e9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ae3e579e-d60a-4cb6-9ba0-db1c983fafe4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eee1387a-7549-4171-bbf7-f453757eabb7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc5d767e-11c7-4a71-8f2c-e317563f7898", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c38ed714-f217-4271-a026-bf21cac222ed", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17d496ec-65a7-4ee9-8931-77ee4fce3d29", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5079a974-b6ae-4e68-98d7-bdd9983e2bbd", + "name": "Replace Entitlement Request Config", + "request": { + "name": "Replace Entitlement Request Config", + "description": { + "content": "This API replaces the entitlement request config for a specified entitlement.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121e121518", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Entitlement ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3e329e6c-5eee-43ea-88e3-57a3cbc4c0d9", + "name": "Responds with the entitlement request config as updated.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accessRequestConfig\": {\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"ENTITLEMENT_OWNER\",\n \"approverId\": null\n },\n {\n \"approverType\": \"SOURCE_OWNER\",\n \"approverId\": null\n },\n {\n \"approverType\": \"MANAGER\",\n \"approverId\": null\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c89dc22-22ff-401b-a1cb-a49ad3720f9e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "333f8493-8b36-47cb-9896-3f9bd9f6a9f2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f747961-3ce6-41cd-85db-4c327b0b32a2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f771602b-695b-4192-8e35-f37f8dcf2580", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bbf85b29-bca7-464f-8a98-a675363f71d3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "25eacbfa-d820-49c5-8aad-cd9c2358b679", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d2162137-c8d7-4789-9f40-3606766b90fd", + "name": "Reset Source Entitlements", + "request": { + "name": "Reset Source Entitlements", + "description": { + "content": "Removes all entitlements on a specific source.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + "reset", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of source for the entitlement reset", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "8abf7014-bb98-4305-9c86-5c04e2c2be4a", + "name": "Entitlement source reset task result", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "reset", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"TASK_RESULT\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Entitlement Source Reset\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f56a21c8-a13a-48db-a95a-510a8838300d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "reset", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc7e354d-adb4-4d95-81b0-773555312d82", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "reset", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d93ed9dc-1393-4e3f-b177-50ed4c64be72", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "reset", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4fd24270-a6bd-4388-b1e4-4112043965e2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "reset", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6383ca23-eafe-4dfe-ab33-cf4705edeb4c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "reset", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7b79dc0e-2740-40e8-99d0-939f1001c744", + "name": "Add metadata to an entitlement.", + "request": { + "name": "Add metadata to an entitlement.", + "description": { + "content": "Add single Access Model Metadata to an entitlement.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808c74ff913f0175097daa9d59cd", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The entitlement id.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "iscPrivacy", + "key": "attributeKey", + "disabled": true, + "description": { + "content": "(Required) Technical name of the Attribute.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "public", + "key": "attributeValue", + "disabled": true, + "description": { + "content": "(Required) Technical name of the Attribute Value.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "65aff644-ba89-4a72-817b-745a24d8a5e7", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808874ff91550175097daaec161c\",\n \"name\": \"LauncherTest2\",\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2020-10-08T18:33:52.029Z\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"sourceSchemaObjectType\": \"group\",\n \"privileged\": true,\n \"cloudGoverned\": true,\n \"description\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"requestable\": true,\n \"attributes\": {\n \"fieldName\": \"fieldValue\"\n },\n \"source\": {\n \"id\": \"2c9180827ca885d7017ca8ce28a000eb\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-Source\"\n },\n \"owner\": {\n \"id\": \"2a2fdacca5e345f18bf7970cfbb8fec2\",\n \"name\": \"identity 1\",\n \"type\": \"IDENTITY\"\n },\n \"directPermissions\": [\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n },\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n }\n ],\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"manuallyUpdatedFields\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n },\n \"accessModelMetadata\": {\n \"attributes\": [\n {\n \"key\": \"iscPrivacy\",\n \"name\": \"Privacy\",\n \"multiselect\": false,\n \"status\": \"active\",\n \"type\": \"governance\",\n \"objectTypes\": [\n \"all\"\n ],\n \"description\": \"Specifies the level of privacy associated with an access item.\",\n \"values\": [\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n }\n ]\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "346c04eb-ed4f-4f95-9deb-d9d9fa281a29", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3db1cabf-85ec-4bba-b1d4-bf2c3cc52dc0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6dc13a1a-3403-4025-b3df-75b4409cbc87", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2fb95ea9-64be-4881-a93f-e4e1b71c7016", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "02b395d0-e1c8-45ac-b8ef-774447a90df1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "171c41cf-3970-4086-8d54-e51f9593a81e", + "name": "Remove metadata from an entitlement.", + "request": { + "name": "Remove metadata from an entitlement.", + "description": { + "content": "Remove single Access Model Metadata from an entitlement.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808c74ff913f0175097daa9d59cd", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The entitlement id.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "iscPrivacy", + "key": "attributeKey", + "disabled": true, + "description": { + "content": "(Required) Technical name of the Attribute.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "public", + "key": "attributeValue", + "disabled": true, + "description": { + "content": "(Required) Technical name of the Attribute Value.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "b995b3bd-e520-4219-bcb9-1981beca965d", + "name": "OK", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "806081a4-2e22-4cbf-8160-928d0af5e14a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "196295e4-56fe-433d-99ca-9bf5bfbe7747", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9bc70acd-c419-4d7c-af76-cb3503c11838", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14a3a0e4-a26e-4ed6-975d-9b8390e356cb", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47b1321b-29d4-446d-a5f8-189a717fc3b8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + ":id", + "access-model-metadata", + ":attributeKey", + "values", + ":attributeValue" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2cf40fb6-5384-4eac-90aa-65b92484a8eb", + "name": "Aggregate Entitlements", + "request": { + "name": "Aggregate Entitlements", + "description": { + "content": "Starts an entitlement aggregation on the specified source. Though this endpoint has been deprecated, you can find its Beta equivalent [here](https://developer.sailpoint.com/docs/api/beta/import-entitlements).\n\nIf the target source is a direct connection, then the request body must be empty. You will also need to make sure the Content-Type header is not set. If you set the Content-Type header without specifying a body, then you will receive a 500 error.\n\nIf the target source is a delimited file source, then the CSV file needs to be included in the request body. You will also need to set the Content-Type header to `multipart/form-data`.", + "type": "text/plain" + }, + "url": { + "path": [ + "entitlements", + "aggregate", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source entitlements to aggregate.", + "type": "text/plain" + }, + "key": "csvFile", + "value": "non Lorem ut", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "06117529-65b6-4c27-8495-1d56c1df214e", + "name": "Aggregate Entitlements Task", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "aggregate", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source entitlements to aggregate.", + "type": "text/plain" + }, + "key": "csvFile", + "value": "non Lorem ut", + "type": "text" + } + ] + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"QUARTZ\",\n \"uniqueName\": \"Cloud Group Aggregation\",\n \"description\": \"Aggregate from the specified application\",\n \"launcher\": \"John Doe\",\n \"created\": \"2020-07-11T21:23:15.000Z\",\n \"returns\": [\n {\n \"displayLabel\": \"TASK_OUT_ACCOUNT_GROUP_AGGREGATION_APPLICATIONS\",\n \"attributeName\": \"applications\"\n },\n {\n \"displayLabel\": \"TASK_OUT_ACCOUNT_GROUP_AGGREGATION_TOTAL\",\n \"attributeName\": \"total\"\n },\n {\n \"displayLabel\": \"TASK_OUT_ACCOUNT_GROUP_AGGREGATION_CREATED\",\n \"attributeName\": \"groupsCreated\"\n },\n {\n \"displayLabel\": \"TASK_OUT_ACCOUNT_GROUP_AGGREGATION_UPDATED\",\n \"attributeName\": \"groupsUpdated\"\n },\n {\n \"displayLabel\": \"TASK_OUT_ACCOUNT_GROUP_AGGREGATION_DELETED\",\n \"attributeName\": \"groupsDeleted\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7c856fde-1d01-4dde-b3c4-153c6b010069", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "aggregate", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source entitlements to aggregate.", + "type": "text/plain" + }, + "key": "csvFile", + "value": "non Lorem ut", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "004a1981-d517-483b-abc7-b6acc229a223", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "aggregate", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source entitlements to aggregate.", + "type": "text/plain" + }, + "key": "csvFile", + "value": "non Lorem ut", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0903bd46-2182-49b5-bb2c-a9a1443a5a89", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "aggregate", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source entitlements to aggregate.", + "type": "text/plain" + }, + "key": "csvFile", + "value": "non Lorem ut", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d57edcfe-afca-4c6c-a9a7-e6e35c866617", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "aggregate", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source entitlements to aggregate.", + "type": "text/plain" + }, + "key": "csvFile", + "value": "non Lorem ut", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2e75fce3-a173-47e7-bd82-53f686ee42c0", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "entitlements", + "aggregate", + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source entitlements to aggregate.", + "type": "text/plain" + }, + "key": "csvFile", + "value": "non Lorem ut", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Global Tenant Security Settings", + "description": "Use this API to implement and customize global tenant security settings.\nWith this functionality in place, administrators can manage the global security settings that a tenant/org has.\nThis API can be used to configure the networks and Geographies allowed to access Identity Security Cloud URLs.\n", + "item": [ + { + "id": "d95f8c3f-db31-4d02-a5e7-aa4cee7099c3", + "name": "Get security network configuration.", + "request": { + "name": "Get security network configuration.", + "description": { + "content": "This API returns the details of an org's network auth configuration. Requires security scope of: 'sp:auth-org:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "08533e78-0f16-4335-afbd-eb24f4610964", + "name": "Network configuration for the tenant's auth org.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5c962f5b-fd1c-4752-9d7b-d36c49df4b81", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ab299ad5-2748-49ac-81c2-9c35a7c7303f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b630e71-69cb-4595-acaf-6b46e211d914", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a27d4b5-2184-45ee-9aeb-fa1869d49e0b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8fc0dba9-f9b4-41b2-9c8e-e3c2b7e6a517", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8fec003-f7a5-4b6e-8099-a66fda033df5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d0c15a56-cdc4-4cd4-af5b-6eef0be70df8", + "name": "Create security network configuration.", + "request": { + "name": "Create security network configuration.", + "description": { + "content": "This API returns the details of an org's network auth configuration. Requires security scope of: 'sp:auth-org:create'", + "type": "text/plain" + }, + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d207c13c-d919-48e4-b071-73d4052b7a4a", + "name": "Network configuration for the tenant.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "12fbca56-248a-47a7-b6fe-fc9481b08e59", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1a09aaf-0901-4004-b470-5ea1ba7078f9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ae9685c-3e59-4b15-ab7e-f3a0a725d33c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8edbb47e-bec5-4c86-8d6b-44bed5b94d52", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6408f9ec-4b9d-4eb4-b596-d86845b4946d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a7361f2-eccd-40a7-8a29-081699f48fff", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "af579460-9431-4ae8-99a3-b9a744ddf855", + "name": "Update security network configuration.", + "request": { + "name": "Update security network configuration.", + "description": { + "content": "This API updates an existing network configuration for an org using PATCH\n Requires security scope of: 'sp:auth-org:update'", + "type": "text/plain" + }, + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/whitelisted\",\n \"value\": \"false,\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/geolocation\",\n \"value\": [\n \"AF\",\n \"HN\",\n \"ES\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7251fd2b-a05f-477b-b7c9-f5594faa1e54", + "name": "Updated Auth Org network configuration.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/whitelisted\",\n \"value\": \"false,\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/geolocation\",\n \"value\": [\n \"AF\",\n \"HN\",\n \"ES\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"range\": [\n \"1.3.7.2\",\n \"255.255.255.252/30\"\n ],\n \"geolocation\": [\n \"CA\",\n \"FR\",\n \"HT\"\n ],\n \"whitelisted\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "76c53aa1-ba9e-4a1f-b576-1ac1c0ef8260", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/whitelisted\",\n \"value\": \"false,\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/geolocation\",\n \"value\": [\n \"AF\",\n \"HN\",\n \"ES\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e1078077-37dd-4498-b7c1-c36c625c8492", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/whitelisted\",\n \"value\": \"false,\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/geolocation\",\n \"value\": [\n \"AF\",\n \"HN\",\n \"ES\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9076f01a-15c3-47e9-ba25-109528ddc0a2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/whitelisted\",\n \"value\": \"false,\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/geolocation\",\n \"value\": [\n \"AF\",\n \"HN\",\n \"ES\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "150f97a4-61a7-4fd1-ae65-b2f1494bf976", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/whitelisted\",\n \"value\": \"false,\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/geolocation\",\n \"value\": [\n \"AF\",\n \"HN\",\n \"ES\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "486d5e93-bade-49a7-89f6-f1777ab6c333", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/whitelisted\",\n \"value\": \"false,\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/geolocation\",\n \"value\": [\n \"AF\",\n \"HN\",\n \"ES\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64c5553b-4e0d-4a7a-a44d-9a16d780024e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "auth-org", + "network-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/whitelisted\",\n \"value\": \"false,\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/geolocation\",\n \"value\": [\n \"AF\",\n \"HN\",\n \"ES\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Governance Groups", + "description": "Use this API to implement and customize Governance Group functionality. With this functionality in place, administrators can create Governance Groups and configure them for use throughout Identity Security Cloud.\n\nA governance group is a group of users that can make governance decisions about access. If your organization has the Access Request or Certifications service, you can configure governance groups to review access requests or certifications. A governance group can determine whether specific access is appropriate for a user.\n\nRefer to [Creating and Managing Governance Groups](https://documentation.sailpoint.com/saas/help/common/users/governance_groups.html) for more information about how to build Governance Groups in the visual builder in the Identity Security Cloud UI.\n", + "item": [ + { + "id": "7a4fb0f1-21d1-4e7e-a5c4-c9cc3ebafc86", + "name": "List Governance Groups", + "request": { + "name": "List Governance Groups", + "description": { + "content": "This API returns list of Governance Groups", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**name**: *eq, sw, in*\n\n**memberships.identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Test\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified, id, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5c1432d5-60a8-450a-bb0c-63cde5eb5e61", + "name": "List of Governance Groups", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**name**: *eq, sw, in*\n\n**memberships.identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Test\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified, id, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n },\n {\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d79faa1-f24a-45cc-9b16-4538b46c470a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**name**: *eq, sw, in*\n\n**memberships.identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Test\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified, id, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6fd1d59e-694d-4466-b3d2-a793d7bac933", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**name**: *eq, sw, in*\n\n**memberships.identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Test\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified, id, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6c4b0655-1910-4f81-be85-235c8a2e345f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**name**: *eq, sw, in*\n\n**memberships.identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Test\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified, id, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d5abbae-edd2-4ac4-957e-e3e51005be34", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**name**: *eq, sw, in*\n\n**memberships.identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Test\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified, id, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b64ae19-082c-4cc0-870f-7e82c58c25f6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, sw*\n\n**name**: *eq, sw, in*\n\n**memberships.identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Test\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified, id, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "077ac65e-2b76-4867-b52f-0c9716eba8f6", + "name": "Create a new Governance Group.", + "request": { + "name": "Create a new Governance Group.", + "description": { + "content": "This API creates a new Governance Group.", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7e9166c5-3762-450b-b6f7-cf310606e6d4", + "name": "Governance Group object created.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cbe2820f-a755-48ef-a316-238258138c7c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "224e2b49-72ac-4cce-96f0-8fa7a64b2663", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "680e8147-a947-4b5a-97e3-78dde105e7a8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e1581718-8cb5-4148-b8f1-316fb45327e8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "26ddd180-6f27-4141-9244-983eb225f2d0", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "684527cd-4e51-4fdb-94ab-083b12a2f98d", + "name": "Get Governance Group by Id", + "request": { + "name": "Get Governance Group by Id", + "description": { + "content": "This API returns a Governance Groups by its ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180837ca6693d017ca8d097500149", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Governance Group", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "516d4087-dee5-4329-bfe8-4f39120d8fe4", + "name": "A Governance Group", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0634cb5a-f96a-46f5-9225-fba29b966f9b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0fa23402-e157-416b-8d66-4b4df5cc0772", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0fc9682c-7871-4ace-9294-96795ce181bc", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b6c9dd3c-9470-4185-914c-7798678c6287", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "16db0a6e-a55e-40f7-9a48-a5d4bdf11ea6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "add06d03-bb5e-4fc7-b264-7bcb5de02a67", + "name": "Delete a Governance Group", + "request": { + "name": "Delete a Governance Group", + "description": { + "content": "This API deletes a Governance Group by its ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180837ca6693d017ca8d097500149", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Governance Group", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "0d91b699-2e59-4966-9c9f-e8eec6324393", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "e16de926-fbfe-438e-9e74-abb434de5406", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1270a105-5938-415c-bbe4-edab5417863a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64beb5e1-b52d-40bc-95fd-a2620a70f60f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd54c8df-7524-42bd-825b-051a55b5cb82", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "93e68956-24ec-4ba4-b454-c5124b388932", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3ec8fe2a-33db-40db-bc8e-59a618d57054", + "name": "Patch a Governance Group", + "request": { + "name": "Patch a Governance Group", + "description": { + "content": "This API updates an existing governance group by ID. \nThe following fields and objects are patchable:\n * name\n * description\n * owner\n\nA token with API or ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180837ca6693d017ca8d097500149", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Governance Group", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Governance Group new description.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "27881bd3-23c2-443f-a05a-43257969d0dd", + "name": "A Governance Group.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Governance Group new description.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"displayName\": \"Support\",\n \"emailAddress\": \"support@sailpoint.com\"\n },\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"DB Access Governance Group\",\n \"description\": \"Description of the Governance Group\",\n \"memberCount\": 1641498673000,\n \"connectionCount\": 1641498673000,\n \"created\": \"2022-01-06T19:51:13Z\",\n \"modified\": \"2022-01-06T19:51:13Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "249f07c3-a5bf-4e1e-909e-38dcac448fee", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Governance Group new description.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2831cc1e-374e-4f31-8880-11b95858a12a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Governance Group new description.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "339d7c73-176e-475c-828e-6012ef97e85f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Governance Group new description.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a0c56e3-0f2c-4093-8f8d-bbd5fb2cedb6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Governance Group new description.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a1c01fc2-71d1-4507-a729-a36d56bd1f24", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Governance Group new description.\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c50a433a-4530-4488-adc4-f2b921ef1438", + "name": "Delete Governance Group(s)", + "request": { + "name": "Delete Governance Group(s)", + "description": { + "content": "\nThis API initiates a bulk deletion of one or more Governance Groups.\n\n> If any of the indicated Governance Groups have one or more connections associated with it,then those Governance Groups will be added in **inUse** list of the response. Governance Group(s) marked as **inUse** can not be deleted.\n\n> If any of the indicated Governance Groups is not does not exists in Organization,then those Governance Groups will be added in **notFound** list of the response. Governance Groups marked as **notFound** will not be deleted.\n\n> If any of the indicated Governance Groups does not have any connections associated with it,then those Governance Groups will be added in **deleted** list of the response. A Governance Group marked as **deleted** will be deleted from current Organization.\n\n> If the request contains any **inUse** or **notFound** Governance Group IDs then it skips only these Governance Groups for deletion and deletes the rest of Governance Groups which have no connections associated with it. \n\n> **This API has limit number of Governance Groups can be deleted at one time. If the request contains more then 100 Governance Groups IDs to be deleted then the API will throw an exception.**", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"567a697e-885b-495a-afc5-d55e1c23a302\",\n \"c7b0f7b2-1e78-4063-b294-a555333dacd2\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "47ccee17-26a5-4df9-914f-4e8aad36de6c", + "name": "Governance Group bulk delete response.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"567a697e-885b-495a-afc5-d55e1c23a302\",\n \"c7b0f7b2-1e78-4063-b294-a555333dacd2\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Multi-Status (WebDAV) (RFC 4918)", + "code": 207, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"status\": \"204\",\n \"description\": \"Governance Group deleted successfully.\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "447a0653-4897-4733-b576-081099c5b8e7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"567a697e-885b-495a-afc5-d55e1c23a302\",\n \"c7b0f7b2-1e78-4063-b294-a555333dacd2\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "42d811bc-2ba8-48be-8266-02e54c51b0b0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"567a697e-885b-495a-afc5-d55e1c23a302\",\n \"c7b0f7b2-1e78-4063-b294-a555333dacd2\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f4f1e3d2-bc03-4890-9aa9-6a7bdb9fd4e1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"567a697e-885b-495a-afc5-d55e1c23a302\",\n \"c7b0f7b2-1e78-4063-b294-a555333dacd2\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "63602bbe-a0a5-4ce4-a1c2-f08f5193e3f3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"567a697e-885b-495a-afc5-d55e1c23a302\",\n \"c7b0f7b2-1e78-4063-b294-a555333dacd2\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1f85a224-0917-4bba-857b-b95c1fc14a92", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"567a697e-885b-495a-afc5-d55e1c23a302\",\n \"c7b0f7b2-1e78-4063-b294-a555333dacd2\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "32bb5044-6b86-4f56-93d3-b302ef80e9f3", + "name": "List connections for Governance Group", + "request": { + "name": "List connections for Governance Group", + "description": { + "content": "This API returns list of connections associated with a Governance Group.", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups", + ":workgroupId", + "connections" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "workgroupId", + "disabled": true, + "description": { + "content": "(Required) ID of the Governance Group.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "6526dea3-b8c7-46f3-8ca4-9150bd68a0c9", + "name": "List all connections associated with a Governance Group.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "connections" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"object\": {\n \"type\": \"ACCESS_PROFILE\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"Collection of entitlements to read/write the employee database.\"\n },\n \"connectionType\": \"AccessRequestReviewer\"\n },\n {\n \"object\": {\n \"type\": \"ACCESS_PROFILE\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"Collection of entitlements to read/write the employee database.\"\n },\n \"connectionType\": \"AccessRequestReviewer\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8bb8fd80-32dd-435c-96c8-dce8146497e4", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "connections" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a300b1a-64e5-4ba2-982d-ce557c23490a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "connections" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "21db9445-860b-4636-bf8f-6c3c2506c195", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "connections" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0331ef28-69a9-4523-8d9d-be080aad0a2b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "connections" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bae9a5fa-1fd8-45e1-86ca-c5f76e02bed0", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "connections" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e32fa967-a150-46ef-b4b8-cbbe13caf661", + "name": "List Governance Group Members", + "request": { + "name": "List Governance Group Members", + "description": { + "content": "This API returns list of members associated with a Governance Group.", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "workgroupId", + "disabled": true, + "description": { + "content": "(Required) ID of the Governance Group.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a59bb4f4-2db4-4d9f-9cf6-487a9e1fa467", + "name": "List all members associated with a Governance Group.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\",\n \"email\": \"michael.michaels@sailpoint.com\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\",\n \"email\": \"michael.michaels@sailpoint.com\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4b9c2d8c-275f-4e91-8fe1-2fe90490921d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e04412d7-eb31-4035-a9fb-91b3520439e9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4eabc461-4d5d-4224-a87b-5cf7f9f7be40", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9faaee71-a954-414d-82d5-e71b03481ef7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "29a422f4-9b08-4b4c-a400-4820de9c34a5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "141981aa-e151-4bdf-b932-e00a98b80117", + "name": "Add members to Governance Group", + "request": { + "name": "Add members to Governance Group", + "description": { + "content": "This API adds one or more members to a Governance Group. A token with API, ORG_ADMIN authority is required to call this API.\n\n> **Following field of Identity is an optional field in the request.**\n\n> **name**", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "workgroupId", + "disabled": true, + "description": { + "content": "(Required) ID of the Governance Group.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "0015bfb0-1ab2-4e2e-a307-50293b452b90", + "name": "List of added and not added identities into Governance Group members list.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Multi-Status (WebDAV) (RFC 4918)", + "code": 207, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"status\": \"201\",\n \"description\": \"Identity added to Governance Group members list.\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b521f89-e851-4c58-88bb-a44f2f65128f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3cbb0c6f-0815-42ab-8b07-729fc5774ea0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "91939b37-561e-4f9d-8c83-11c83ee3e87f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6776368a-7a5f-4f98-a979-c2bd37c10cd2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "725817fd-8045-4988-abc7-a85fa301009e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2b141307-d905-4a16-9f9a-3ce761325243", + "name": "Remove members from Governance Group", + "request": { + "name": "Remove members from Governance Group", + "description": { + "content": "This API removes one or more members from a Governance Group. A token with API, ORG_ADMIN authority is required to call this API.\n\n> **Following field of Identity is an optional field in the request.**\n\n> **name**", + "type": "text/plain" + }, + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "workgroupId", + "disabled": true, + "description": { + "content": "(Required) ID of the Governance Group.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "1019df82-e084-4f69-85ed-1fa3afd295d1", + "name": "List of deleted and not deleted identities from Governance Group members list.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Multi-Status (WebDAV) (RFC 4918)", + "code": 207, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"status\": \"204\",\n \"description\": \"Identity deleted from Governance Group members list.\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2d97703a-002c-4c43-95ef-90b4ae59d4fc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9828148-d519-437f-bebe-e8f25ea31da0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "39d3c8db-3402-47cc-bdc2-5542fe011840", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "13b3b2eb-d595-44bc-8c99-dfcd3cac6b8e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb5c0ab6-4420-4ef3-b395-6c377537943c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workgroups", + ":workgroupId", + "members", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"type\": \"IDENTITY\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": \"Addie Smith\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "IAI Access Request Recommendations", + "description": "", + "item": [ + { + "id": "f3757739-d6d2-4f23-8cf4-068cc2638164", + "name": "Identity Access Request Recommendations", + "request": { + "name": "Identity Access Request Recommendations", + "description": { + "content": "This API returns the access request recommendations for the specified identity. The default identity is *me* which indicates the current user.", + "type": "text/plain" + }, + "url": { + "path": [ + "ai-access-request-recommendations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Get access request recommendations for an identityId. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "2c91808570313110017040b06f344ec9" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "15" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate a list of translation messages in the response.", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.name**: *co*\n\n**access.type**: *eq, in*\n\n**access.description**: *co, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.name co \"admin\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, access.type**\n\nBy default the recommendations are sorted by highest confidence first.", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "74c7d548-a073-405c-9c1b-609ccacac8af", + "name": "List of access request recommendations for the identityId", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Get access request recommendations for an identityId. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "2c91808570313110017040b06f344ec9" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "15" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate a list of translation messages in the response.", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.name**: *co*\n\n**access.type**: *eq, in*\n\n**access.description**: *co, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.name co \"admin\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, access.type**\n\nBy default the recommendations are sorted by highest confidence first.", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"This item grants an employee read and write access to the database\"\n },\n \"ignored\": true,\n \"requested\": true,\n \"viewed\": true,\n \"messages\": [\n {\n \"interpretation\": \"95% of your peers have this access.\"\n },\n {\n \"interpretation\": \"95% of your peers have this access.\"\n }\n ],\n \"translationMessages\": [\n {\n \"key\": \"recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH\",\n \"values\": [\n \"75\",\n \"department\"\n ]\n }\n ]\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Employee-database-read-write\",\n \"description\": \"This item grants an employee read and write access to the database\"\n },\n \"ignored\": true,\n \"requested\": true,\n \"viewed\": true,\n \"messages\": [\n {\n \"interpretation\": \"95% of your peers have this access.\"\n },\n {\n \"interpretation\": \"95% of your peers have this access.\"\n }\n ],\n \"translationMessages\": [\n {\n \"key\": \"recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH\",\n \"values\": [\n \"75\",\n \"department\"\n ]\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e9d8f625-7535-4930-8bff-78c864ff9861", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Get access request recommendations for an identityId. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "2c91808570313110017040b06f344ec9" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "15" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate a list of translation messages in the response.", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.name**: *co*\n\n**access.type**: *eq, in*\n\n**access.description**: *co, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.name co \"admin\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, access.type**\n\nBy default the recommendations are sorted by highest confidence first.", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2aa15c27-760c-4a91-a39a-d25884f2854d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Get access request recommendations for an identityId. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "2c91808570313110017040b06f344ec9" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "15" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate a list of translation messages in the response.", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.name**: *co*\n\n**access.type**: *eq, in*\n\n**access.description**: *co, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.name co \"admin\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, access.type**\n\nBy default the recommendations are sorted by highest confidence first.", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "876f0821-ecbd-4ac8-97fa-6962839c570e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Get access request recommendations for an identityId. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "2c91808570313110017040b06f344ec9" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "15" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate a list of translation messages in the response.", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.name**: *co*\n\n**access.type**: *eq, in*\n\n**access.description**: *co, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.name co \"admin\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, access.type**\n\nBy default the recommendations are sorted by highest confidence first.", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f86c2129-470b-41d1-8080-7d946ce47319", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Get access request recommendations for an identityId. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "2c91808570313110017040b06f344ec9" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "15" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate a list of translation messages in the response.", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.name**: *co*\n\n**access.type**: *eq, in*\n\n**access.description**: *co, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.name co \"admin\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, access.type**\n\nBy default the recommendations are sorted by highest confidence first.", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc9d80eb-9565-4368-af46-36ecd0defeb8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Get access request recommendations for an identityId. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "2c91808570313110017040b06f344ec9" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.", + "type": "text/plain" + }, + "key": "limit", + "value": "15" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate a list of translation messages in the response.", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.name**: *co*\n\n**access.type**: *eq, in*\n\n**access.description**: *co, eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.name co \"admin\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, access.type**\n\nBy default the recommendations are sorted by highest confidence first.", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "013792ea-6f06-4316-af40-5cba866211d1", + "name": "Notification of Ignored Access Request Recommendations", + "request": { + "name": "Notification of Ignored Access Request Recommendations", + "description": { + "content": "This API ignores a recommended access request item. Once an item is ignored, it will be marked as ignored=true if it is still a recommended item. The consumer can decide to hide ignored recommendations.", + "type": "text/plain" + }, + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "36d88e73-0a24-48b1-ae68-b3a3a708a2dc", + "name": "Recommendation successfully stored as ignored.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "43d754ab-287e-4113-9150-154320fb2096", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "30dc056f-8ad5-4897-93e7-882cc22b25b0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fdb2026c-ac55-4cc9-afa8-7fb89a26bcb0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "db6cace4-aaea-46bc-929d-cff997df1e35", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a6a08ee-34d9-43d7-8ac3-d7366f1a1085", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c595c8f0-fab8-4754-960b-01a676840317", + "name": "List of Ignored Access Request Recommendations", + "request": { + "name": "List of Ignored Access Request Recommendations", + "description": { + "content": "This API returns the list of ignored access request recommendations.", + "type": "text/plain" + }, + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.id" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "983ccac0-97fb-4799-b9b0-70c8465f7e90", + "name": "Returns list of ignored access request recommendations.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.id" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b15e3e4b-bd5e-4cc6-8155-bad7bd0f265a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.id" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "65b5e4e3-7392-46ab-a0f9-cffc8ffc0db6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.id" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c54cf9f4-6804-4e51-9e78-baa8f9257d15", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.id" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "52a77bcd-542e-411f-8760-4faa00357c89", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.id" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "acea85d4-64d5-4e2d-8e65-ae3567fcf4fb", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "ignored-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "identityId eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.id" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "dc50c03c-ca55-4a78-821d-e41084dc3b63", + "name": "Notification of Requested Access Request Recommendations", + "request": { + "name": "Notification of Requested Access Request Recommendations", + "description": { + "content": "This API consumes a notification that a recommended access request item was requested. This API does not actually make the request, it is just a notification. This will help provide feedback in order to improve our recommendations.", + "type": "text/plain" + }, + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3109a64b-07a2-4db0-91ad-4bfa2db1b18c", + "name": "Notification successfully acknowledged.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "62c79fb3-a482-4bad-b884-e03151c75d11", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05472e91-13ff-4655-b4e4-5a3ea6cdff86", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8f149014-ed33-4a55-bd19-671791e8c8e7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b9f4abca-58d3-4469-bc96-74929b70d64d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70ed7b64-e5a8-4f89-95e5-b5d314e5f868", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5e673bb2-3acc-4109-9a8a-1ff6a845d53e", + "name": "List of Requested Access Request Recommendations", + "request": { + "name": "List of Requested Access Request Recommendations", + "description": { + "content": "This API returns a list of requested access request recommendations.", + "type": "text/plain" + }, + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c02c00d6-9035-4750-887f-bc01af0088e2", + "name": "Returns the list of requested access request recommendations.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a50c9179-737e-4d2f-9637-8403f5d63d8f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "264c0055-bc69-4991-b241-f58da8497132", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1b9d7afa-a2f5-436f-b223-f10e87e6dc54", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce2b3b48-cafb-4fd2-89c4-564e99e041bc", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90b0ddfe-b56f-41da-9ada-5f41284f7618", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "requested-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b727cf1c-36d7-49f0-b7d9-b97fdc941216", + "name": "Notification of Viewed Access Request Recommendations", + "request": { + "name": "Notification of Viewed Access Request Recommendations", + "description": { + "content": "This API consumes a notification that a recommended access request item was viewed. Future recommendations with this item will be marked with viewed=true. This can be useful for the consumer to determine if there are any new/unviewed recommendations.", + "type": "text/plain" + }, + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "2e6ffa0c-eab3-4231-91ab-306a9db46e6e", + "name": "Recommendation successfully stored as viewed.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7f987994-c49e-49ad-868f-02b3ac0aed60", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "055681e4-34b5-4819-9b65-3bcfbdcab8e6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7c7de459-7473-4f85-b8b5-5bbfe1bdcf29", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53c6eb73-604d-4c87-96e1-245d29647365", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "56448101-f66e-4abd-969b-3cfabe07eea2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "03cfe751-abf0-4d5f-94d7-e939a43ce229", + "name": "List of Viewed Access Request Recommendations", + "request": { + "name": "List of Viewed Access Request Recommendations", + "description": { + "content": "This API returns the list of viewed access request recommendations.", + "type": "text/plain" + }, + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "38666e79-5a49-4f31-8090-8dc19711f788", + "name": "Returns list of viewed access request recommendations.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "abafcf7a-a29e-4502-a1c4-720c54ac2864", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "03cddc54-6754-4e8f-958c-59e08d8981d2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e9f8759-83da-4e8c-a2b9-ebc237c6f988", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9d3823db-4aea-4888-be62-4319e9403b71", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e4fa16de-58c6-46a1-9c6d-6b4d61938e04", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**access.id**: *eq, in*\n\n**access.type**: *eq, in*\n\n**identityId**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.id eq \"2c9180846b0a0583016b299f210c1314\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.id, access.type, identityId, timestamp**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e0ec1d90-5932-4a69-836b-97f9523a5fa6", + "name": "Notification of Viewed Access Request Recommendations in Bulk", + "request": { + "name": "Notification of Viewed Access Request Recommendations in Bulk", + "description": { + "content": "This API consumes a notification that a set of recommended access request item were viewed. Future recommendations with these items will be marked with viewed=true. This can be useful for the consumer to determine if there are any new/unviewed recommendations.", + "type": "text/plain" + }, + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "dc0f6627-04fb-4eef-83c4-bd1d6a92e461", + "name": "Recommendations successfully stored as viewed.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n },\n \"timestamp\": \"2017-07-11T18:45:37.098Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "555ad485-ea17-4c99-b6cf-2cb9d1e0ca35", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "42b0b673-f6b8-44b4-a025-7adbff46757a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "61c00714-273d-4ab2-b298-54d8b2a7b428", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01bbddb8-8c6a-4894-a0ca-a4c2dc762003", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49026e00-f92b-4d15-915d-2a20306c82d8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ai-access-request-recommendations", + "viewed-items", + "bulk-create" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n },\n {\n \"identityId\": \"2c91808570313110017040b06f344ec9\",\n \"access\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"type\": \"ACCESS_PROFILE\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "IAI Common Access", + "description": "", + "item": [ + { + "id": "bafd8955-a8d2-4813-b9c6-955ed9893372", + "name": "Get a paginated list of common access", + "request": { + "name": "Get a paginated list of common access", + "description": { + "content": "This endpoint returns the current common access for a customer. The returned items can be filtered and sorted. Requires authorization scope of iai:access-modeling:read", + "type": "text/plain" + }, + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq, sw*\n\n**reviewedByUser** *eq*\n\n**access.id**: *eq, sw*\n\n**access.type**: *eq*\n\n**access.name**: *sw, eq*\n\n**access.description**: *sw, eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.type eq \"ROLE\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, status**\n\nBy default the common access items are sorted by name, ascending.", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "8410b3e0-7083-463c-9029-d4344edb4bae", + "name": "Succeeded. Returns a list of common access for a customer.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq, sw*\n\n**reviewedByUser** *eq*\n\n**access.id**: *eq, sw*\n\n**access.type**: *eq*\n\n**access.name**: *sw, eq*\n\n**access.description**: *sw, eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.type eq \"ROLE\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, status**\n\nBy default the common access items are sorted by name, ascending.", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"555ab47a-0d32-4813-906f-adf3567de6a4\",\n \"access\": {\n \"id\": \"in ex exercitation minim\",\n \"type\": \"ROLE\",\n \"name\": \"do et cupidatat\",\n \"description\": \"eiusmod pariatur\",\n \"ownerName\": \"cillum cup\",\n \"ownerId\": \"qui elit\"\n },\n \"status\": \"tempor enim laborum aliquip nulla\",\n \"commonAccessType\": \"UNSET\",\n \"lastUpdated\": \"1971-03-13T21:08:06.099Z\",\n \"reviewedByUser\": false,\n \"lastReviewed\": \"1965-05-09T09:10:45.749Z\",\n \"createdByUser\": false\n },\n {\n \"id\": \"555ab47a-0d32-4813-906f-adf3567de6a4\",\n \"access\": {\n \"id\": \"velit et sit in\",\n \"type\": \"ROLE\",\n \"name\": \"eu sit pariatur reprehenderit\",\n \"description\": \"consequat ea Excepteur do adipisicing\",\n \"ownerName\": \"officia con\",\n \"ownerId\": \"eu et ullamco\"\n },\n \"status\": \"nostrud ipsum\",\n \"commonAccessType\": \"UNSET\",\n \"lastUpdated\": \"1988-12-03T06:08:52.707Z\",\n \"reviewedByUser\": false,\n \"lastReviewed\": \"2019-11-20T22:29:39.573Z\",\n \"createdByUser\": false\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "08d5e077-743f-46d3-91bb-4ae87c5c6c60", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq, sw*\n\n**reviewedByUser** *eq*\n\n**access.id**: *eq, sw*\n\n**access.type**: *eq*\n\n**access.name**: *sw, eq*\n\n**access.description**: *sw, eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.type eq \"ROLE\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, status**\n\nBy default the common access items are sorted by name, ascending.", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce687d25-79ee-4fad-b127-b10858990884", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq, sw*\n\n**reviewedByUser** *eq*\n\n**access.id**: *eq, sw*\n\n**access.type**: *eq*\n\n**access.name**: *sw, eq*\n\n**access.description**: *sw, eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.type eq \"ROLE\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, status**\n\nBy default the common access items are sorted by name, ascending.", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a955c1e9-9a19-4c74-a8b1-d95dd0112182", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq, sw*\n\n**reviewedByUser** *eq*\n\n**access.id**: *eq, sw*\n\n**access.type**: *eq*\n\n**access.name**: *sw, eq*\n\n**access.description**: *sw, eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.type eq \"ROLE\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, status**\n\nBy default the common access items are sorted by name, ascending.", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "810a0381-aa7d-4fff-ad48-352764fe90f3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**status**: *eq, sw*\n\n**reviewedByUser** *eq*\n\n**access.id**: *eq, sw*\n\n**access.type**: *eq*\n\n**access.name**: *sw, eq*\n\n**access.description**: *sw, eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "access.type eq \"ROLE\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **access.name, status**\n\nBy default the common access items are sorted by name, ascending.", + "type": "text/plain" + }, + "key": "sorters", + "value": "access.name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "cb9c7a52-5dbd-4d4f-a7d3-c0866075bb31", + "name": "Create common access items", + "request": { + "name": "Create common access items", + "description": { + "content": "This API is used to add roles/access profiles to the list of common access for a customer. Requires authorization scope of iai:access-modeling:create", + "type": "text/plain" + }, + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"access\": {\n \"id\": \"consequat adipi\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"est dolore culpa sunt reprehenderit\",\n \"description\": \"non\",\n \"ownerName\": \"tempor minim\",\n \"ownerId\": \"commodo qui\"\n },\n \"status\": \"DENIED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "a88b3b2b-80c7-48cc-8a34-0cea7bb67229", + "name": "Returns details of the common access classification request.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"access\": {\n \"id\": \"consequat adipi\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"est dolore culpa sunt reprehenderit\",\n \"description\": \"non\",\n \"ownerName\": \"tempor minim\",\n \"ownerId\": \"commodo qui\"\n },\n \"status\": \"DENIED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"dolore\",\n \"access\": {\n \"id\": \"sed elit ut\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"est id sunt aliqua\",\n \"description\": \"laborum pariatur\",\n \"ownerName\": \"sit sunt et\",\n \"ownerId\": \"irure fugiat sed\"\n },\n \"status\": \"DENIED\",\n \"lastUpdated\": \"sit qui\",\n \"reviewedByUser\": false,\n \"lastReviewed\": \"Excepteur\",\n \"createdByUser\": \"sit sed cupidatat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9498245a-b130-459b-ad1f-a3f70f256706", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"access\": {\n \"id\": \"consequat adipi\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"est dolore culpa sunt reprehenderit\",\n \"description\": \"non\",\n \"ownerName\": \"tempor minim\",\n \"ownerId\": \"commodo qui\"\n },\n \"status\": \"DENIED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c515eff1-2f72-47be-bee1-0e0b2549492e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"access\": {\n \"id\": \"consequat adipi\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"est dolore culpa sunt reprehenderit\",\n \"description\": \"non\",\n \"ownerName\": \"tempor minim\",\n \"ownerId\": \"commodo qui\"\n },\n \"status\": \"DENIED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d5e7cf2-78ce-4c8b-a269-d6a0ef15a192", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"access\": {\n \"id\": \"consequat adipi\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"est dolore culpa sunt reprehenderit\",\n \"description\": \"non\",\n \"ownerName\": \"tempor minim\",\n \"ownerId\": \"commodo qui\"\n },\n \"status\": \"DENIED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4ddbaba6-22e8-4eab-8e3c-a8c77cda4ecf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"access\": {\n \"id\": \"consequat adipi\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"est dolore culpa sunt reprehenderit\",\n \"description\": \"non\",\n \"ownerName\": \"tempor minim\",\n \"ownerId\": \"commodo qui\"\n },\n \"status\": \"DENIED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8f429d78-0a33-4a38-9eeb-fab5a35d446c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "common-access" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"access\": {\n \"id\": \"consequat adipi\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"est dolore culpa sunt reprehenderit\",\n \"description\": \"non\",\n \"ownerName\": \"tempor minim\",\n \"ownerId\": \"commodo qui\"\n },\n \"status\": \"DENIED\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "35d0d89d-a27e-4d22-bf86-6e3ab686c7db", + "name": "Bulk update common access status", + "request": { + "name": "Bulk update common access status", + "description": { + "content": "This submits an update request to the common access application. At this time there are no parameters. Requires authorization scope of iai:access-modeling:update", + "type": "text/plain" + }, + "url": { + "path": [ + "common-access", + "update-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"confirmedIds\": [\n \"urn:uuid:1d4e33e5-2f36-4923-c58b-73e3012792c1\",\n \"urn:uuid:406854a2-3ad8-9f36-3892-7762b51cf6c7\"\n ],\n \"deniedIds\": [\n \"3bf989f7-b0f2-08b3-5007-d2ba8396e2d0\",\n \"26be966a-43a8-27fe-4c31-58bfd2ce89a2\"\n ]\n },\n {\n \"confirmedIds\": [\n \"0ba5f6d2-a2b1-4b59-a89a-a02a217f18bc\",\n \"urn:uuid:c0603398-96d2-386d-18f2-188349ba0ee5\"\n ],\n \"deniedIds\": [\n \"urn:uuid:e8428e38-b32a-0ff4-bb07-259e74787199\",\n \"264b9f25-05e7-45b3-77d3-457c8dd01144\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "541c3d4b-0ea2-491b-b451-c3b513427e79", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "common-access", + "update-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"confirmedIds\": [\n \"urn:uuid:1d4e33e5-2f36-4923-c58b-73e3012792c1\",\n \"urn:uuid:406854a2-3ad8-9f36-3892-7762b51cf6c7\"\n ],\n \"deniedIds\": [\n \"3bf989f7-b0f2-08b3-5007-d2ba8396e2d0\",\n \"26be966a-43a8-27fe-4c31-58bfd2ce89a2\"\n ]\n },\n {\n \"confirmedIds\": [\n \"0ba5f6d2-a2b1-4b59-a89a-a02a217f18bc\",\n \"urn:uuid:c0603398-96d2-386d-18f2-188349ba0ee5\"\n ],\n \"deniedIds\": [\n \"urn:uuid:e8428e38-b32a-0ff4-bb07-259e74787199\",\n \"264b9f25-05e7-45b3-77d3-457c8dd01144\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c49c2ac-a789-476a-b44f-99a6eeec5d06", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "common-access", + "update-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"confirmedIds\": [\n \"urn:uuid:1d4e33e5-2f36-4923-c58b-73e3012792c1\",\n \"urn:uuid:406854a2-3ad8-9f36-3892-7762b51cf6c7\"\n ],\n \"deniedIds\": [\n \"3bf989f7-b0f2-08b3-5007-d2ba8396e2d0\",\n \"26be966a-43a8-27fe-4c31-58bfd2ce89a2\"\n ]\n },\n {\n \"confirmedIds\": [\n \"0ba5f6d2-a2b1-4b59-a89a-a02a217f18bc\",\n \"urn:uuid:c0603398-96d2-386d-18f2-188349ba0ee5\"\n ],\n \"deniedIds\": [\n \"urn:uuid:e8428e38-b32a-0ff4-bb07-259e74787199\",\n \"264b9f25-05e7-45b3-77d3-457c8dd01144\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8544532c-b97c-46de-b91d-d587c31e09f7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "common-access", + "update-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"confirmedIds\": [\n \"urn:uuid:1d4e33e5-2f36-4923-c58b-73e3012792c1\",\n \"urn:uuid:406854a2-3ad8-9f36-3892-7762b51cf6c7\"\n ],\n \"deniedIds\": [\n \"3bf989f7-b0f2-08b3-5007-d2ba8396e2d0\",\n \"26be966a-43a8-27fe-4c31-58bfd2ce89a2\"\n ]\n },\n {\n \"confirmedIds\": [\n \"0ba5f6d2-a2b1-4b59-a89a-a02a217f18bc\",\n \"urn:uuid:c0603398-96d2-386d-18f2-188349ba0ee5\"\n ],\n \"deniedIds\": [\n \"urn:uuid:e8428e38-b32a-0ff4-bb07-259e74787199\",\n \"264b9f25-05e7-45b3-77d3-457c8dd01144\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1859069a-cf2e-4423-b19b-e7591e38bbbe", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "common-access", + "update-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"confirmedIds\": [\n \"urn:uuid:1d4e33e5-2f36-4923-c58b-73e3012792c1\",\n \"urn:uuid:406854a2-3ad8-9f36-3892-7762b51cf6c7\"\n ],\n \"deniedIds\": [\n \"3bf989f7-b0f2-08b3-5007-d2ba8396e2d0\",\n \"26be966a-43a8-27fe-4c31-58bfd2ce89a2\"\n ]\n },\n {\n \"confirmedIds\": [\n \"0ba5f6d2-a2b1-4b59-a89a-a02a217f18bc\",\n \"urn:uuid:c0603398-96d2-386d-18f2-188349ba0ee5\"\n ],\n \"deniedIds\": [\n \"urn:uuid:e8428e38-b32a-0ff4-bb07-259e74787199\",\n \"264b9f25-05e7-45b3-77d3-457c8dd01144\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "85648e53-7b4a-4415-a31d-ce25f9d44b28", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "common-access", + "update-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"confirmedIds\": [\n \"urn:uuid:1d4e33e5-2f36-4923-c58b-73e3012792c1\",\n \"urn:uuid:406854a2-3ad8-9f36-3892-7762b51cf6c7\"\n ],\n \"deniedIds\": [\n \"3bf989f7-b0f2-08b3-5007-d2ba8396e2d0\",\n \"26be966a-43a8-27fe-4c31-58bfd2ce89a2\"\n ]\n },\n {\n \"confirmedIds\": [\n \"0ba5f6d2-a2b1-4b59-a89a-a02a217f18bc\",\n \"urn:uuid:c0603398-96d2-386d-18f2-188349ba0ee5\"\n ],\n \"deniedIds\": [\n \"urn:uuid:e8428e38-b32a-0ff4-bb07-259e74787199\",\n \"264b9f25-05e7-45b3-77d3-457c8dd01144\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7fd960d3-b251-4721-acd2-876db25d0b6c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "common-access", + "update-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"confirmedIds\": [\n \"urn:uuid:1d4e33e5-2f36-4923-c58b-73e3012792c1\",\n \"urn:uuid:406854a2-3ad8-9f36-3892-7762b51cf6c7\"\n ],\n \"deniedIds\": [\n \"3bf989f7-b0f2-08b3-5007-d2ba8396e2d0\",\n \"26be966a-43a8-27fe-4c31-58bfd2ce89a2\"\n ]\n },\n {\n \"confirmedIds\": [\n \"0ba5f6d2-a2b1-4b59-a89a-a02a217f18bc\",\n \"urn:uuid:c0603398-96d2-386d-18f2-188349ba0ee5\"\n ],\n \"deniedIds\": [\n \"urn:uuid:e8428e38-b32a-0ff4-bb07-259e74787199\",\n \"264b9f25-05e7-45b3-77d3-457c8dd01144\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "IAI Message Catalogs", + "description": "", + "item": [] + }, + { + "name": "IAI Outliers", + "description": "", + "item": [ + { + "id": "2fc28be9-4e37-4e40-87e5-5800fbb1a3ed", + "name": "IAI Identity Outliers Summary", + "request": { + "name": "IAI Identity Outliers Summary", + "description": { + "content": "This API receives a summary containing: the number of identities that customer has, the number of outliers, and the type of outlier\nRequires authorization scope of 'iai:outliers-management:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "outlier-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**snapshotDate**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "snapshotDate ge \"2022-02-07T20:13:29.356648026Z\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **snapshotDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "snapshotDate" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "23147ac0-b6fe-4c90-aaa5-cba5d12d5ec0", + "name": "Succeeded. Returns list of objects. Each object is a summary to give high level statistics/counts of outliers", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**snapshotDate**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "snapshotDate ge \"2022-02-07T20:13:29.356648026Z\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **snapshotDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "snapshotDate" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count.", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "-26728924" + } + ], + "body": "[\n {\n \"type\": \"LOW_SIMILARITY\",\n \"snapshotDate\": \"2021-05-01T18:40:35.772Z\",\n \"totalOutliers\": 50,\n \"totalIdentities\": 5000,\n \"totalIgnored\": 0\n },\n {\n \"type\": \"LOW_SIMILARITY\",\n \"snapshotDate\": \"2021-05-01T18:40:35.772Z\",\n \"totalOutliers\": 50,\n \"totalIdentities\": 5000,\n \"totalIgnored\": 0\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a34c0ca4-0237-4769-94c2-aedc87a8b497", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**snapshotDate**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "snapshotDate ge \"2022-02-07T20:13:29.356648026Z\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **snapshotDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "snapshotDate" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c6020afa-0dbf-4e6c-bf04-fba37650510d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**snapshotDate**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "snapshotDate ge \"2022-02-07T20:13:29.356648026Z\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **snapshotDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "snapshotDate" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b9cdf7b1-e098-46a9-b5d8-a17c7b1df74f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**snapshotDate**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "snapshotDate ge \"2022-02-07T20:13:29.356648026Z\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **snapshotDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "snapshotDate" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c0060959-a202-4df3-ae57-47d00064b53a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**snapshotDate**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "snapshotDate ge \"2022-02-07T20:13:29.356648026Z\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **snapshotDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "snapshotDate" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "04d5f75b-bf03-4aa0-9428-c857984859f9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**snapshotDate**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "snapshotDate ge \"2022-02-07T20:13:29.356648026Z\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **snapshotDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "snapshotDate" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b249821a-d1af-44ff-8859-ebaee05a1403", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**snapshotDate**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "snapshotDate ge \"2022-02-07T20:13:29.356648026Z\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **snapshotDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "snapshotDate" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "bed640a3-5f47-4d4d-9712-594d37410d9a", + "name": "IAI Identity Outliers Latest Summary", + "request": { + "name": "IAI Identity Outliers Latest Summary", + "description": { + "content": "This API returns a most recent snapshot of each outlier type, each containing: the number of identities that customer has, the number of outliers, and the type of outlier\nRequires authorization scope of 'iai:outliers-management:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "outlier-summaries", + "latest" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "26f8774e-1d1c-40e6-88e6-3af02fd755a8", + "name": "Succeeded. Returns list of objects. Each object is a summary to give high level statistics/counts of outliers", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries", + "latest" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"LOW_SIMILARITY\",\n \"snapshotDate\": \"2021-05-01T18:40:35.772Z\",\n \"totalOutliers\": 50,\n \"totalIdentities\": 5000,\n \"totalIgnored\": 10\n },\n {\n \"type\": \"LOW_SIMILARITY\",\n \"snapshotDate\": \"2021-05-01T18:40:35.772Z\",\n \"totalOutliers\": 50,\n \"totalIdentities\": 5000,\n \"totalIgnored\": 10\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8cfac57a-13e3-4262-b070-6b64402c4190", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries", + "latest" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9864a0d6-13fc-45ab-b8ff-306896882309", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries", + "latest" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75406e54-17d0-43da-9d16-3ab7fdd76b96", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries", + "latest" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8f217175-6eb5-4bbe-868c-30f77127bd74", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries", + "latest" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6fc6686d-e99a-4930-9a68-1af8507da220", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries", + "latest" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c36c9e6c-40d7-4bac-9e87-63bf07842024", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "outlier-summaries", + "latest" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1e6454fb-ab43-4b26-ae6d-3bc2fb35c029", + "name": "IAI Get Identity Outliers", + "request": { + "name": "IAI Get Identity Outliers", + "description": { + "content": "This API receives a list of outliers, containing data such as: identityId, outlier type, detection dates, identity attributes, if identity is ignore, and certification information\nRequires authorization scope of 'iai:outliers-management:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "LOW_SIMILARITY" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**attributes**: *eq, sw, co, in*\n\n**firstDetectionDate**: *ge, le*\n\n**certStatus**: *eq*\n\n**ignored**: *eq*\n\n**score**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attributes.displayName sw \"John\" and certStatus eq \"false\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **firstDetectionDate, attributes, score**", + "type": "text/plain" + }, + "key": "sorters", + "value": "attributes.displayName,firstDetectionDate,-score" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "dbc705ab-a734-495a-b3a6-f67a4b66e5fd", + "name": "Succeeded. Returns list of objects. Each object contains information about outliers", + "originalRequest": { + "url": { + "path": [ + "outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "LOW_SIMILARITY" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**attributes**: *eq, sw, co, in*\n\n**firstDetectionDate**: *ge, le*\n\n**certStatus**: *eq*\n\n**ignored**: *eq*\n\n**score**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attributes.displayName sw \"John\" and certStatus eq \"false\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **firstDetectionDate, attributes, score**", + "type": "text/plain" + }, + "key": "sorters", + "value": "attributes.displayName,firstDetectionDate,-score" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count.", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "-26728924" + } + ], + "body": "[\n {\n \"id\": \"5be33d3e-c54d-4ed7-af73-2380543e8283\",\n \"identityId\": \"5be33d3e-c54d-4ed7-af73-2380543e8283\",\n \"type\": \"LOW_SIMILARITY\",\n \"firstDetectionDate\": \"2021-05-01T18:40:35.772Z\",\n \"latestDetectionDate\": \"2021-05-03T18:40:35.772Z\",\n \"ignored\": false,\n \"attributes\": {\n \"displayName\": \"John Smith\",\n \"jobTitle\": \"Software Engineer\",\n \"department\": \"Engineering\"\n },\n \"score\": 0.92,\n \"unignoreType\": \"MANUAL\",\n \"unignoreDate\": \"2021-06-01T18:40:35.772Z\",\n \"ignoreDate\": \"2021-06-01T18:40:35.772Z\"\n },\n {\n \"id\": \"5be33d3e-c54d-4ed7-af73-2380543e8283\",\n \"identityId\": \"5be33d3e-c54d-4ed7-af73-2380543e8283\",\n \"type\": \"LOW_SIMILARITY\",\n \"firstDetectionDate\": \"2021-05-01T18:40:35.772Z\",\n \"latestDetectionDate\": \"2021-05-03T18:40:35.772Z\",\n \"ignored\": false,\n \"attributes\": {\n \"displayName\": \"John Smith\",\n \"jobTitle\": \"Software Engineer\",\n \"department\": \"Engineering\"\n },\n \"score\": 0.92,\n \"unignoreType\": \"MANUAL\",\n \"unignoreDate\": \"2021-06-01T18:40:35.772Z\",\n \"ignoreDate\": \"2021-06-01T18:40:35.772Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dbf8afd4-431f-4da8-b025-1984e0981711", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "LOW_SIMILARITY" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**attributes**: *eq, sw, co, in*\n\n**firstDetectionDate**: *ge, le*\n\n**certStatus**: *eq*\n\n**ignored**: *eq*\n\n**score**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attributes.displayName sw \"John\" and certStatus eq \"false\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **firstDetectionDate, attributes, score**", + "type": "text/plain" + }, + "key": "sorters", + "value": "attributes.displayName,firstDetectionDate,-score" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c970b255-a0db-4dfc-a96b-cf85ec21ea24", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "LOW_SIMILARITY" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**attributes**: *eq, sw, co, in*\n\n**firstDetectionDate**: *ge, le*\n\n**certStatus**: *eq*\n\n**ignored**: *eq*\n\n**score**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attributes.displayName sw \"John\" and certStatus eq \"false\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **firstDetectionDate, attributes, score**", + "type": "text/plain" + }, + "key": "sorters", + "value": "attributes.displayName,firstDetectionDate,-score" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ae11a45c-06e4-4205-b642-35c1ecf6696c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "LOW_SIMILARITY" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**attributes**: *eq, sw, co, in*\n\n**firstDetectionDate**: *ge, le*\n\n**certStatus**: *eq*\n\n**ignored**: *eq*\n\n**score**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attributes.displayName sw \"John\" and certStatus eq \"false\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **firstDetectionDate, attributes, score**", + "type": "text/plain" + }, + "key": "sorters", + "value": "attributes.displayName,firstDetectionDate,-score" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "923208d3-8a7d-4fc8-aad7-3a8137ab9702", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "LOW_SIMILARITY" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**attributes**: *eq, sw, co, in*\n\n**firstDetectionDate**: *ge, le*\n\n**certStatus**: *eq*\n\n**ignored**: *eq*\n\n**score**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attributes.displayName sw \"John\" and certStatus eq \"false\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **firstDetectionDate, attributes, score**", + "type": "text/plain" + }, + "key": "sorters", + "value": "attributes.displayName,firstDetectionDate,-score" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e0a40a36-a689-47bc-9c3f-608b681afcb1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "LOW_SIMILARITY" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**attributes**: *eq, sw, co, in*\n\n**firstDetectionDate**: *ge, le*\n\n**certStatus**: *eq*\n\n**ignored**: *eq*\n\n**score**: *ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "attributes.displayName sw \"John\" and certStatus eq \"false\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **firstDetectionDate, attributes, score**", + "type": "text/plain" + }, + "key": "sorters", + "value": "attributes.displayName,firstDetectionDate,-score" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1f743645-9f83-4060-bc7f-9018a6e10d64", + "name": "Get identity outlier's contibuting features", + "request": { + "name": "Get identity outlier's contibuting features", + "description": { + "content": "This API returns a list of contributing feature objects for a single outlier. The object contains: feature name, feature value type, value, importance, display name (translated text or message key), description (translated text or message key), translation messages object\nRequires authorization scope of 'iai:outliers-management:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "outliers", + ":outlierId", + "contributing-features" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Whether or not to include translation messages object in returned response", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "include-translation-messages=" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **importance**", + "type": "text/plain" + }, + "key": "sorters", + "value": "importance" + } + ], + "variable": [ + { + "type": "any", + "value": "2c918085842e69ae018432d22ccb212f", + "key": "outlierId", + "disabled": true, + "description": { + "content": "(Required) The outlier id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "59caf551-e878-4bd5-8da5-161909b77159", + "name": "Succeeded. Returns list of objects. Each object contains a feature and metadata about that feature", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "contributing-features" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Whether or not to include translation messages object in returned response", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "include-translation-messages=" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **importance**", + "type": "text/plain" + }, + "key": "sorters", + "value": "importance" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count.", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "-26728924" + }, + { + "disabled": true, + "description": { + "content": "The locale to use for translations for displayName and description text", + "type": "text/plain" + }, + "key": "accept-language", + "value": "irure nisi et dolore aliqua" + } + ], + "body": "[\n {\n \"id\": \"66e38828-5017-47af-92ff-9844871352c5\",\n \"name\": \"entitlement_count\",\n \"valueType\": \"INTEGER\",\n \"value\": 0.2656372967497067,\n \"importance\": -0.15,\n \"displayName\": \"Number of entitlements\",\n \"description\": \"The total number of entitlements belonging to an identity\",\n \"translationMessages\": {\n \"displayName\": {\n \"key\": \"recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH\",\n \"values\": [\n \"75\",\n \"department\"\n ]\n },\n \"description\": {\n \"key\": \"recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH\",\n \"values\": [\n \"75\",\n \"department\"\n ]\n }\n }\n },\n {\n \"id\": \"66e38828-5017-47af-92ff-9844871352c5\",\n \"name\": \"entitlement_count\",\n \"valueType\": \"INTEGER\",\n \"value\": 0.5763411655501793,\n \"importance\": -0.15,\n \"displayName\": \"Number of entitlements\",\n \"description\": \"The total number of entitlements belonging to an identity\",\n \"translationMessages\": {\n \"displayName\": {\n \"key\": \"recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH\",\n \"values\": [\n \"75\",\n \"department\"\n ]\n },\n \"description\": {\n \"key\": \"recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH\",\n \"values\": [\n \"75\",\n \"department\"\n ]\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0ae8bfb7-4031-428c-b30c-02814e2d9b92", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "contributing-features" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Whether or not to include translation messages object in returned response", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "include-translation-messages=" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **importance**", + "type": "text/plain" + }, + "key": "sorters", + "value": "importance" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "467d6734-12f1-4aa0-9f40-7a968cc085df", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "contributing-features" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Whether or not to include translation messages object in returned response", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "include-translation-messages=" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **importance**", + "type": "text/plain" + }, + "key": "sorters", + "value": "importance" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e076428-6369-4256-a834-4593ef0ce16e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "contributing-features" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Whether or not to include translation messages object in returned response", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "include-translation-messages=" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **importance**", + "type": "text/plain" + }, + "key": "sorters", + "value": "importance" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d1c3f01-93e7-4472-8256-24c554ad9d34", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "contributing-features" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Whether or not to include translation messages object in returned response", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "include-translation-messages=" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **importance**", + "type": "text/plain" + }, + "key": "sorters", + "value": "importance" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a3db0387-a493-4494-9b50-f5a066ad20ab", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "contributing-features" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Whether or not to include translation messages object in returned response", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "include-translation-messages=" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **importance**", + "type": "text/plain" + }, + "key": "sorters", + "value": "importance" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "60ea6592-5e97-48e7-9b82-88a2833b17d3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "contributing-features" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Whether or not to include translation messages object in returned response", + "type": "text/plain" + }, + "key": "include-translation-messages", + "value": "include-translation-messages=" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **importance**", + "type": "text/plain" + }, + "key": "sorters", + "value": "importance" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4eb0c68f-9e33-4b36-a3bc-9a28dcdfa5bd", + "name": "Gets a list of access items associated with each identity outlier contributing feature", + "request": { + "name": "Gets a list of access items associated with each identity outlier contributing feature", + "description": { + "content": "This API returns a list of the enriched access items associated with each feature filtered by the access item type The object contains: accessItemId, display name (translated text or message key), description (translated text or message key), accessType, sourceName, extremelyRare\nRequires authorization scope of 'iai:outliers-management:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "outliers", + ":outlierId", + "feature-details", + ":contributingFeatureName", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The type of access item for the identity outlier contributing feature. If not provided, it returns all", + "type": "text/plain" + }, + "key": "accessType", + "value": "ENTITLEMENT" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **displayName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "displayName" + } + ], + "variable": [ + { + "type": "any", + "value": "2c918085842e69ae018432d22ccb212f", + "key": "outlierId", + "disabled": true, + "description": { + "content": "(Required) The outlier id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "entitlement_count", + "key": "contributingFeatureName", + "disabled": true, + "description": { + "content": "(Required) The name of contributing feature", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5b6667d5-6ef4-44f3-bc7f-69ccdcaffc2b", + "name": "The list of access items.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "feature-details", + ":contributingFeatureName", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The type of access item for the identity outlier contributing feature. If not provided, it returns all", + "type": "text/plain" + }, + "key": "accessType", + "value": "ENTITLEMENT" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **displayName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "displayName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"displayName\": \"Applied Research Access\",\n \"description\": \"Access to research information, lab results, and schematics\",\n \"accessType\": \"ENTITLEMENT\",\n \"sourceName\": \"appName\",\n \"extremelyRare\": true\n },\n {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"displayName\": \"Applied Research Access\",\n \"description\": \"Access to research information, lab results, and schematics\",\n \"accessType\": \"ENTITLEMENT\",\n \"sourceName\": \"appName\",\n \"extremelyRare\": true\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "112b9c73-5300-42e1-adbd-2d44020239fe", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "feature-details", + ":contributingFeatureName", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The type of access item for the identity outlier contributing feature. If not provided, it returns all", + "type": "text/plain" + }, + "key": "accessType", + "value": "ENTITLEMENT" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **displayName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "displayName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd67a140-4e9a-4b0a-b5b4-4ae3c879ccaf", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "feature-details", + ":contributingFeatureName", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The type of access item for the identity outlier contributing feature. If not provided, it returns all", + "type": "text/plain" + }, + "key": "accessType", + "value": "ENTITLEMENT" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **displayName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "displayName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a49b1b6d-83f0-455e-8125-960e0fec9df0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "feature-details", + ":contributingFeatureName", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The type of access item for the identity outlier contributing feature. If not provided, it returns all", + "type": "text/plain" + }, + "key": "accessType", + "value": "ENTITLEMENT" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **displayName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "displayName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e7dbcab2-359d-45fd-bb58-27aa6ffd347b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "feature-details", + ":contributingFeatureName", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The type of access item for the identity outlier contributing feature. If not provided, it returns all", + "type": "text/plain" + }, + "key": "accessType", + "value": "ENTITLEMENT" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **displayName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "displayName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd0de47a-1130-4f02-9ef7-67c43aa22ff7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "feature-details", + ":contributingFeatureName", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The type of access item for the identity outlier contributing feature. If not provided, it returns all", + "type": "text/plain" + }, + "key": "accessType", + "value": "ENTITLEMENT" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **displayName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "displayName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1b64fafb-9cf7-4d58-b7af-8a1d52185401", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "outliers", + ":outlierId", + "feature-details", + ":contributingFeatureName", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "The type of access item for the identity outlier contributing feature. If not provided, it returns all", + "type": "text/plain" + }, + "key": "accessType", + "value": "ENTITLEMENT" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **displayName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "displayName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "fea779c5-8794-4dde-8d35-d0e4973a5e85", + "name": "IAI Identity Outliers Ignore", + "request": { + "name": "IAI Identity Outliers Ignore", + "description": { + "content": "This API receives a list of IdentityIDs in the request, changes the outliers to be ignored--returning a 204 if successful.\nRequires authorization scope of 'iai:outliers-management:update'", + "type": "text/plain" + }, + "url": { + "path": [ + "outliers", + "ignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7ede01cc-2736-4b33-a1b7-fc92c503db02", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "ignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "4a21970e-6c94-4c5d-887c-53535daccb34", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "ignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ab2d9127-b92a-4eb4-80b9-0c61623d38f5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "ignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5cdba888-eda9-4837-9960-677158e80800", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "ignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ae3dae81-3aea-474a-a86f-f4c55a337616", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "ignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "367e34e4-f0a1-417e-ad4e-762a7fef8da5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "ignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ac944a80-6f73-4ba3-8c0e-093bf9e55df9", + "name": "IAI Identity Outliers Unignore", + "request": { + "name": "IAI Identity Outliers Unignore", + "description": { + "content": "This API receives a list of IdentityIDs in the request, changes the outliers to be un-ignored--returning a 204 if successful.\nRequires authorization scope of 'iai:outliers-management:update'", + "type": "text/plain" + }, + "url": { + "path": [ + "outliers", + "unignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3ed0afed-bd85-4d39-bf9f-8811c975534a", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "unignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "048d1624-f795-49cf-a362-c80b0cd25d49", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "unignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0008c84b-1e09-4288-b085-64e0e49f612d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "unignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5dda841b-5c83-493b-9b8a-08dfa8b1bf32", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "unignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ae4a353-3fdf-4464-bc18-53d04378eaec", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "unignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01c3ff7e-e645-44b8-8b55-c94f29813be9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "unignore" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"abc123def456\",\n \"ghi789jkl012\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0e026b78-b5b2-4367-af1b-150b76aef006", + "name": "IAI Identity Outliers Export", + "request": { + "name": "IAI Identity Outliers Export", + "description": { + "content": "This API exports a list of ignored outliers to a CSV as well as list of non-ignored outliers to a CSV. These two CSVs will be zipped and exported Columns will include: identityID, type, firstDetectionDate, latestDetectionDate, ignored, & attributes (defined set of identity attributes)\nRequires authorization scope of 'iai:outliers-management:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "outliers", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/zip" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "70d9d757-b623-4329-a1f1-3d75d62b4e8f", + "name": "Succeeded. Returns zip of 2 CSVs to download. 1 CSV for ignored outliers and 1 for non-ignored outliers", + "originalRequest": { + "url": { + "path": [ + "outliers", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/zip" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/zip" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "5ac7c3b2-c17c-49c1-9072-bfe8c30e33e9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57699874-43af-4fe3-8fef-e17acf5ca7e3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ffe2acc3-6927-46cb-94ae-34d62923fed1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fc66d996-e848-470c-9014-732ab5acc253", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "72ac003c-988c-442d-9bd6-0dc8d1a063bf", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "outliers", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Type of the identity outliers snapshot to filter on", + "type": "text/plain" + }, + "key": "type", + "value": "STRUCTURAL" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "fa027084-6d40-4ad6-9db8-86cecd0d176d", + "name": "Get identity outlier contibuting feature summary", + "request": { + "name": "Get identity outlier contibuting feature summary", + "description": { + "content": "This API returns a summary of a contributing feature for an identity outlier. The object contains: contributing feature name (translated text or message key), identity outlier display name, feature values, feature definition and explanation (translated text or message key), peer display name and identityId, access item reference, translation messages object\nRequires authorization scope of 'iai:outliers-management:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "outlier-feature-summaries", + ":outlierFeatureId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "04654b66-7561-4090-94f9-abee0722a1af", + "key": "outlierFeatureId", + "disabled": true, + "description": { + "content": "(Required) Contributing feature id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "9a3b767b-83a7-4c74-9294-070e5bf2dd41", + "name": "Succeeded. Returns selected contributing feature summary for an outlier", + "originalRequest": { + "url": { + "path": [ + "outlier-feature-summaries", + ":outlierFeatureId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The locale to use for translations", + "type": "text/plain" + }, + "key": "accept-language", + "value": "irure nisi et dolore aliqua" + } + ], + "body": "{\n \"contributingFeatureName\": \"Rare Access\",\n \"identityOutlierDisplayName\": \"John Smith\",\n \"outlierFeatureDisplayValues\": [\n {\n \"displayName\": \"Aliza Chris\",\n \"value\": \"ut proident Ut\",\n \"valueType\": \"INTEGER\"\n },\n {\n \"displayName\": \"Aliza Chris\",\n \"value\": \"minim non Duis Ut eu\",\n \"valueType\": \"INTEGER\"\n }\n ],\n \"featureDefinition\": \"Identity total number of entitlements\",\n \"featureExplanation\": \"An identity that has too much rare access has a higher change of becoming a security threat due to the unique access they possess\",\n \"peerDisplayName\": \"Mary Jane\",\n \"peerIdentityId\": \"9f9d5d53ad0e48fba7352f6da9f1b8gbg\",\n \"accessItemReference\": {\n \"displayName\": \"All Rare Entitlements\",\n \"searchPlaceholder\": \"Search by name or description\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ddc6560-fb69-4556-ba1b-6d934becb27e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "outlier-feature-summaries", + ":outlierFeatureId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "58016b24-f665-47a6-ad3a-be8457d668cd", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "outlier-feature-summaries", + ":outlierFeatureId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3af5d8d-1087-4bff-9924-f7bc332b7afa", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "outlier-feature-summaries", + ":outlierFeatureId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cfc14c94-b536-4281-9f0c-0f4bd5e7d41c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "outlier-feature-summaries", + ":outlierFeatureId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "757a0a12-99f3-4ccc-90b8-8b7cd9e27d13", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "outlier-feature-summaries", + ":outlierFeatureId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cf830f5d-51cc-4f9b-9d8a-e7bba74d1992", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "outlier-feature-summaries", + ":outlierFeatureId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "IAI Peer Group Strategies", + "description": "", + "item": [ + { + "id": "62f447de-209b-4c29-b2a6-7e9a9a02b4b6", + "name": "Identity Outliers List", + "request": { + "name": "Identity Outliers List", + "description": { + "content": "-- Deprecated : See 'IAI Outliers' This API will be used by Identity Governance systems to identify identities that are not included in an organization's peer groups. By default, 250 identities are returned. You can specify between 1 and 1000 number of identities that can be returned.", + "type": "text/plain" + }, + "url": { + "path": [ + "peer-group-strategies", + ":strategy", + "identity-outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "entitlement", + "key": "strategy", + "disabled": true, + "description": { + "content": "(Required) The strategy used to create peer groups. Currently, 'entitlement' is supported.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "07b1e9fe-84ba-468e-8395-8d44dc1109ae", + "name": "List of identities that are not included in peer groups.", + "originalRequest": { + "url": { + "path": [ + "peer-group-strategies", + ":strategy", + "identity-outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"ut sint adipisicing\",\n \"type\": \"veniam sed sint\",\n \"peer_group_id\": \"esse sed ad officia\",\n \"attributes\": {\n \"nostrud96\": {},\n \"amet_d\": {},\n \"in_f_a\": {}\n }\n },\n {\n \"id\": \"irure eni\",\n \"type\": \"laborum ad sint reprehenderit\",\n \"peer_group_id\": \"do commodo eius\",\n \"attributes\": {\n \"sit48\": {},\n \"ullamco_1d\": {},\n \"id__\": {}\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "66e84083-65bb-49c9-930b-74a6b4914c31", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "peer-group-strategies", + ":strategy", + "identity-outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "94ce3898-887e-4e9f-8045-4fdd1d6924f9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "peer-group-strategies", + ":strategy", + "identity-outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74870db9-f313-4440-a36b-34dc9cd4cc7c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "peer-group-strategies", + ":strategy", + "identity-outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "58931a87-fb7b-4d76-b40b-9a211b34bc96", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "peer-group-strategies", + ":strategy", + "identity-outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3fce69c9-46e5-459f-8174-64dcceab2963", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "peer-group-strategies", + ":strategy", + "identity-outliers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "IAI Recommendations", + "description": "", + "item": [ + { + "id": "a8bad91e-b253-4b83-ae26-c478707e5ef5", + "name": "Returns a Recommendation Based on Object", + "request": { + "name": "Returns a Recommendation Based on Object", + "description": { + "content": "The getRecommendations API returns recommendations based on the requested object. The recommendations are invoked by IdentityIQ and IdentityNow plug-ins that retrieve recommendations based on the performed calculations.", + "type": "text/plain" + }, + "url": { + "path": [ + "recommendations", + "request" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requests\": [\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n },\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n }\n ],\n \"excludeInterpretations\": \"false\",\n \"includeTranslationMessages\": \"false\",\n \"includeDebugInformation\": \"false\",\n \"prescribeMode\": \"false\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "1c94d0aa-6d54-4ca4-9827-c4ae31dc480e", + "name": "The recommendations for a customer", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "request" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requests\": [\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n },\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n }\n ],\n \"excludeInterpretations\": \"false\",\n \"includeTranslationMessages\": \"false\",\n \"includeDebugInformation\": \"false\",\n \"prescribeMode\": \"false\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"response\": [\n {\n \"request\": {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n },\n \"recommendation\": \"YES\",\n \"interpretations\": [\n \"75% of identities with the same department have this access. This information had a high impact on the overall score.\",\n \"67% of identities with the same peer group have this access. This information had a low impact on the overall score.\",\n \"42% of identities with the same location have this access. This information had a low impact on the overall score.\"\n ],\n \"translationMessages\": [\n {\n \"key\": \"recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH\",\n \"values\": [\n \"75\",\n \"department\"\n ]\n }\n ],\n \"recommenderCalculations\": {\n \"identityId\": \"2c91808457d8f3ab0157e3e62cb4213c\",\n \"entitlementId\": \"2c91809050db617d0150e0bf3215385e\",\n \"recommendation\": \"YES\",\n \"overallWeightedScore\": 20122445.932547927,\n \"featureWeightedScores\": {\n \"consectetur310\": 36745093.07773194,\n \"quis_c0\": -35932916.04264257,\n \"esse_c5a\": -16986163.541487858,\n \"dolore_459\": 10923870.864807263,\n \"officiaa_\": -33222168.33863347\n },\n \"threshold\": -2479090.2785179764,\n \"identityAttributes\": {\n \"veniamed\": {\n \"value\": \"non\"\n }\n },\n \"featureValues\": {\n \"feature\": \"department\",\n \"numerator\": 14,\n \"denominator\": 14\n }\n }\n },\n {\n \"request\": {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n },\n \"recommendation\": \"YES\",\n \"interpretations\": [\n \"75% of identities with the same department have this access. This information had a high impact on the overall score.\",\n \"67% of identities with the same peer group have this access. This information had a low impact on the overall score.\",\n \"42% of identities with the same location have this access. This information had a low impact on the overall score.\"\n ],\n \"translationMessages\": [\n {\n \"key\": \"recommender-api.V2_WEIGHT_FEATURE_PRODUCT_INTERPRETATION_HIGH\",\n \"values\": [\n \"75\",\n \"department\"\n ]\n }\n ],\n \"recommenderCalculations\": {\n \"identityId\": \"2c91808457d8f3ab0157e3e62cb4213c\",\n \"entitlementId\": \"2c91809050db617d0150e0bf3215385e\",\n \"recommendation\": \"YES\",\n \"overallWeightedScore\": 84767506.92380235,\n \"featureWeightedScores\": {\n \"laborea9\": -58473084.407907374,\n \"quisb\": -25908275.527385965,\n \"tempor24\": 29923572.48652713,\n \"sit_\": 15809045.388085872\n },\n \"threshold\": 52385020.812619895,\n \"identityAttributes\": {\n \"aliquip9ac\": {\n \"value\": \"Ut aliquip minim\"\n }\n },\n \"featureValues\": {\n \"feature\": \"department\",\n \"numerator\": 14,\n \"denominator\": 14\n }\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "42ddcdf0-75b6-4643-83c3-4cacdc29608b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "request" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requests\": [\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n },\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n }\n ],\n \"excludeInterpretations\": \"false\",\n \"includeTranslationMessages\": \"false\",\n \"includeDebugInformation\": \"false\",\n \"prescribeMode\": \"false\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b78e732f-a44c-4be7-951f-4b9f2302bac7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "request" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requests\": [\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n },\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n }\n ],\n \"excludeInterpretations\": \"false\",\n \"includeTranslationMessages\": \"false\",\n \"includeDebugInformation\": \"false\",\n \"prescribeMode\": \"false\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6e34ec67-a2a3-4285-a24d-75d8f4ecde1e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "request" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requests\": [\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n },\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n }\n ],\n \"excludeInterpretations\": \"false\",\n \"includeTranslationMessages\": \"false\",\n \"includeDebugInformation\": \"false\",\n \"prescribeMode\": \"false\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b538fe5-bf3a-4607-9116-5e38f81aad06", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "request" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requests\": [\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n },\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n }\n ],\n \"excludeInterpretations\": \"false\",\n \"includeTranslationMessages\": \"false\",\n \"includeDebugInformation\": \"false\",\n \"prescribeMode\": \"false\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9545727e-2f9e-4d42-afed-82fd53aed11c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "request" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"requests\": [\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n },\n {\n \"identityId\": \"2c938083633d259901633d25c68c00fa\",\n \"item\": {\n \"id\": \"2c938083633d259901633d2623ec0375\",\n \"type\": \"ENTITLEMENT\"\n }\n }\n ],\n \"excludeInterpretations\": \"false\",\n \"includeTranslationMessages\": \"false\",\n \"includeDebugInformation\": \"false\",\n \"prescribeMode\": \"false\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a4541c7b-5c06-4751-b969-20d7af8801fd", + "name": "Get certification recommendation config values", + "request": { + "name": "Get certification recommendation config values", + "description": { + "content": "Retrieves configuration attributes used by certification recommendations.", + "type": "text/plain" + }, + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2e6fd75a-258c-4944-9c15-ea95ebfca2a6", + "name": "Cert recommendation configuration attributes", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"recommenderFeatures\": [\n \"jobTitle\",\n \"location\",\n \"peer_group\",\n \"department\",\n \"active\"\n ],\n \"peerGroupPercentageThreshold\": 0.5,\n \"runAutoSelectOnce\": false,\n \"onlyTuneThreshold\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cd47a8b0-ca21-4832-87ac-bc9bbf23c2cc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64a04512-7954-4f6f-a69b-cae6052e1942", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "266295d9-bb82-4ad2-ad11-9217a7398104", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5498b454-8d0b-41d5-bbd6-5102316d68ed", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e43bb255-d69e-475b-bd1c-d6e9c0494a20", + "name": "Update certification recommendation config values", + "request": { + "name": "Update certification recommendation config values", + "description": { + "content": "Updates configuration attributes used by certification recommendations.", + "type": "text/plain" + }, + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"recommenderFeatures\": [\n \"jobTitle\",\n \"location\",\n \"peer_group\",\n \"department\",\n \"active\"\n ],\n \"peerGroupPercentageThreshold\": 0.5,\n \"runAutoSelectOnce\": false,\n \"onlyTuneThreshold\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "34332e2c-23d1-4f0a-837a-e62a144435cd", + "name": "Cert recommendation configuration attributes after update", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"recommenderFeatures\": [\n \"jobTitle\",\n \"location\",\n \"peer_group\",\n \"department\",\n \"active\"\n ],\n \"peerGroupPercentageThreshold\": 0.5,\n \"runAutoSelectOnce\": false,\n \"onlyTuneThreshold\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"recommenderFeatures\": [\n \"jobTitle\",\n \"location\",\n \"peer_group\",\n \"department\",\n \"active\"\n ],\n \"peerGroupPercentageThreshold\": 0.5,\n \"runAutoSelectOnce\": false,\n \"onlyTuneThreshold\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1b9ed2d-dd6c-435c-9585-bbb8ad8d56d9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"recommenderFeatures\": [\n \"jobTitle\",\n \"location\",\n \"peer_group\",\n \"department\",\n \"active\"\n ],\n \"peerGroupPercentageThreshold\": 0.5,\n \"runAutoSelectOnce\": false,\n \"onlyTuneThreshold\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e7d3f86-2a62-4d79-b4ed-e8bc9e1a5099", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"recommenderFeatures\": [\n \"jobTitle\",\n \"location\",\n \"peer_group\",\n \"department\",\n \"active\"\n ],\n \"peerGroupPercentageThreshold\": 0.5,\n \"runAutoSelectOnce\": false,\n \"onlyTuneThreshold\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6419c72d-6f37-430f-9287-0433ad5ee8aa", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"recommenderFeatures\": [\n \"jobTitle\",\n \"location\",\n \"peer_group\",\n \"department\",\n \"active\"\n ],\n \"peerGroupPercentageThreshold\": 0.5,\n \"runAutoSelectOnce\": false,\n \"onlyTuneThreshold\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59c11476-9dc0-49bb-94c1-c43ad57b010a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "recommendations", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"recommenderFeatures\": [\n \"jobTitle\",\n \"location\",\n \"peer_group\",\n \"department\",\n \"active\"\n ],\n \"peerGroupPercentageThreshold\": 0.5,\n \"runAutoSelectOnce\": false,\n \"onlyTuneThreshold\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "IAI Role Mining", + "description": "", + "item": [ + { + "id": "7b1884c1-62eb-4e11-9d90-dab9c2b7d841", + "name": "Create a role mining session", + "request": { + "name": "Create a role mining session", + "description": { + "content": "This submits a create role mining session request to the role mining application.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": [\n {\n \"displayName\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"ariaLabel\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"data\": {\n \"displayName\": {\n \"translateKey\": \"IDN.IDENTITY_ATTRIBUTES.LOCATION\"\n },\n \"name\": \"location\",\n \"operator\": \"EQUALS\",\n \"values\": [\n \"Miami\"\n ]\n }\n }\n ]\n },\n \"pruneThreshold\": 50,\n \"prescribedPruneThreshold\": 10,\n \"minNumIdentitiesInPotentialRole\": 20,\n \"potentialRoleCount\": 0,\n \"potentialRolesReadyCount\": 0,\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": \"2c918090761a5aac0176215c46a62d58\",\n \"identityCount\": 0,\n \"saved\": true,\n \"name\": \"Saved RM Session - 07/10\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "f61850d8-1f17-4784-bec2-9e4f34e9b171", + "name": "Submitted a role mining session request", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": [\n {\n \"displayName\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"ariaLabel\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"data\": {\n \"displayName\": {\n \"translateKey\": \"IDN.IDENTITY_ATTRIBUTES.LOCATION\"\n },\n \"name\": \"location\",\n \"operator\": \"EQUALS\",\n \"values\": [\n \"Miami\"\n ]\n }\n }\n ]\n },\n \"pruneThreshold\": 50,\n \"prescribedPruneThreshold\": 10,\n \"minNumIdentitiesInPotentialRole\": 20,\n \"potentialRoleCount\": 0,\n \"potentialRolesReadyCount\": 0,\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": \"2c918090761a5aac0176215c46a62d58\",\n \"identityCount\": 0,\n \"saved\": true,\n \"name\": \"Saved RM Session - 07/10\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": null\n },\n \"scopingMethod\": \"AUTO_RM\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 70,\n \"prescribedPruneThreshold\": 83,\n \"potentialRoleCount\": 8,\n \"potentialRolesReadyCount\": 4,\n \"status\": {\n \"state\": \"POTENTIAL_ROLES_PROCESSING\"\n },\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": null,\n \"createdBy\": null,\n \"identityCount\": 0,\n \"saved\": false,\n \"name\": null,\n \"dataFilePath\": null,\n \"id\": \"602ba738-cf48-499b-a780-7b67b3fc1ecf\",\n \"createdDate\": \"2021-09-08T16:11:05.348Z\",\n \"modifiedDate\": \"2021-09-08T16:11:05.348Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c510d8b0-3764-4940-b88f-6d341b85228b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": [\n {\n \"displayName\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"ariaLabel\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"data\": {\n \"displayName\": {\n \"translateKey\": \"IDN.IDENTITY_ATTRIBUTES.LOCATION\"\n },\n \"name\": \"location\",\n \"operator\": \"EQUALS\",\n \"values\": [\n \"Miami\"\n ]\n }\n }\n ]\n },\n \"pruneThreshold\": 50,\n \"prescribedPruneThreshold\": 10,\n \"minNumIdentitiesInPotentialRole\": 20,\n \"potentialRoleCount\": 0,\n \"potentialRolesReadyCount\": 0,\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": \"2c918090761a5aac0176215c46a62d58\",\n \"identityCount\": 0,\n \"saved\": true,\n \"name\": \"Saved RM Session - 07/10\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d83149d0-d034-4474-8a77-ffc6c0e36d5a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": [\n {\n \"displayName\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"ariaLabel\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"data\": {\n \"displayName\": {\n \"translateKey\": \"IDN.IDENTITY_ATTRIBUTES.LOCATION\"\n },\n \"name\": \"location\",\n \"operator\": \"EQUALS\",\n \"values\": [\n \"Miami\"\n ]\n }\n }\n ]\n },\n \"pruneThreshold\": 50,\n \"prescribedPruneThreshold\": 10,\n \"minNumIdentitiesInPotentialRole\": 20,\n \"potentialRoleCount\": 0,\n \"potentialRolesReadyCount\": 0,\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": \"2c918090761a5aac0176215c46a62d58\",\n \"identityCount\": 0,\n \"saved\": true,\n \"name\": \"Saved RM Session - 07/10\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e4bf2f7-7796-4583-b21c-4aad4c33ec0f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": [\n {\n \"displayName\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"ariaLabel\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"data\": {\n \"displayName\": {\n \"translateKey\": \"IDN.IDENTITY_ATTRIBUTES.LOCATION\"\n },\n \"name\": \"location\",\n \"operator\": \"EQUALS\",\n \"values\": [\n \"Miami\"\n ]\n }\n }\n ]\n },\n \"pruneThreshold\": 50,\n \"prescribedPruneThreshold\": 10,\n \"minNumIdentitiesInPotentialRole\": 20,\n \"potentialRoleCount\": 0,\n \"potentialRolesReadyCount\": 0,\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": \"2c918090761a5aac0176215c46a62d58\",\n \"identityCount\": 0,\n \"saved\": true,\n \"name\": \"Saved RM Session - 07/10\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8967bafa-3af2-45a4-bdcc-96b4797d66f5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": [\n {\n \"displayName\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"ariaLabel\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"data\": {\n \"displayName\": {\n \"translateKey\": \"IDN.IDENTITY_ATTRIBUTES.LOCATION\"\n },\n \"name\": \"location\",\n \"operator\": \"EQUALS\",\n \"values\": [\n \"Miami\"\n ]\n }\n }\n ]\n },\n \"pruneThreshold\": 50,\n \"prescribedPruneThreshold\": 10,\n \"minNumIdentitiesInPotentialRole\": 20,\n \"potentialRoleCount\": 0,\n \"potentialRolesReadyCount\": 0,\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": \"2c918090761a5aac0176215c46a62d58\",\n \"identityCount\": 0,\n \"saved\": true,\n \"name\": \"Saved RM Session - 07/10\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "27136079-8fca-4b16-aaea-c90ddc96587e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": [\n {\n \"displayName\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"ariaLabel\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"data\": {\n \"displayName\": {\n \"translateKey\": \"IDN.IDENTITY_ATTRIBUTES.LOCATION\"\n },\n \"name\": \"location\",\n \"operator\": \"EQUALS\",\n \"values\": [\n \"Miami\"\n ]\n }\n }\n ]\n },\n \"pruneThreshold\": 50,\n \"prescribedPruneThreshold\": 10,\n \"minNumIdentitiesInPotentialRole\": 20,\n \"potentialRoleCount\": 0,\n \"potentialRolesReadyCount\": 0,\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": \"2c918090761a5aac0176215c46a62d58\",\n \"identityCount\": 0,\n \"saved\": true,\n \"name\": \"Saved RM Session - 07/10\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7ea85bff-09ca-42f2-9ae1-21e01b24d64c", + "name": "Retrieves all role mining sessions", + "request": { + "name": "Retrieves all role mining sessions", + "description": { + "content": "Returns all role mining sessions that match the query parameters", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**saved**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "saved eq \"true\" and name sw \"RM Session\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdBy, createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdBy,createdDate" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "6dadb857-6529-4604-b922-c9ded70230b0", + "name": "Succeeded. Returns all role mining sessions that match the query parameters.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**saved**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "saved eq \"true\" and name sw \"RM Session\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdBy, createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdBy,createdDate" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": [\n {\n \"displayName\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"ariaLabel\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"data\": {\n \"displayName\": {\n \"translateKey\": \"IDN.IDENTITY_ATTRIBUTES.LOCATION\"\n },\n \"name\": \"location\",\n \"operator\": \"EQUALS\",\n \"values\": [\n \"Miami\"\n ]\n }\n }\n ]\n },\n \"pruneThreshold\": 50,\n \"prescribedPruneThreshold\": 10,\n \"minNumIdentitiesInPotentialRole\": 20,\n \"potentialRoleCount\": 0,\n \"potentialRolesReadyCount\": 0,\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": \"2c918090761a5aac0176215c46a62d58\",\n \"identityCount\": 0,\n \"saved\": true,\n \"name\": \"Saved RM Session - 07/10\"\n },\n {\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": [\n {\n \"displayName\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"ariaLabel\": {\n \"untranslated\": \"Location: Miami\"\n },\n \"data\": {\n \"displayName\": {\n \"translateKey\": \"IDN.IDENTITY_ATTRIBUTES.LOCATION\"\n },\n \"name\": \"location\",\n \"operator\": \"EQUALS\",\n \"values\": [\n \"Miami\"\n ]\n }\n }\n ]\n },\n \"pruneThreshold\": 50,\n \"prescribedPruneThreshold\": 10,\n \"minNumIdentitiesInPotentialRole\": 20,\n \"potentialRoleCount\": 0,\n \"potentialRolesReadyCount\": 0,\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": \"2c918090761a5aac0176215c46a62d58\",\n \"identityCount\": 0,\n \"saved\": true,\n \"name\": \"Saved RM Session - 07/10\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7ad447d-30cd-4176-89df-ae018ec1ad0c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**saved**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "saved eq \"true\" and name sw \"RM Session\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdBy, createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdBy,createdDate" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df1cc0f9-25ae-4d3a-b4fa-f52ca3448321", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**saved**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "saved eq \"true\" and name sw \"RM Session\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdBy, createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdBy,createdDate" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2070a63b-d262-4c91-af1f-c113bf852dd6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**saved**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "saved eq \"true\" and name sw \"RM Session\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdBy, createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdBy,createdDate" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e70bd05-0be5-423a-b6ea-0dbea10026d6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**saved**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "saved eq \"true\" and name sw \"RM Session\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdBy, createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdBy,createdDate" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c2e5142d-9b11-42ec-bc29-45244fe06d91", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**saved**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "saved eq \"true\" and name sw \"RM Session\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdBy, createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdBy,createdDate" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e4c5ea9f-18fb-4188-a44d-7bae9ec2cd28", + "name": "Patch a role mining session", + "request": { + "name": "Patch a role mining session", + "description": { + "content": "The method updates an existing role mining session using PATCH. Supports op in {\"replace\"} and changes to pruneThreshold and/or minNumIdentitiesInPotentialRole. The potential roles in this role mining session is then re-calculated.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id to be patched", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/pruneThreshold\",\n \"value\": \"83\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/minNumIdentitiesInPotentialRole\",\n \"value\": \"10\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7713f24d-56c5-4eff-92f7-add4de3c0987", + "name": "Success", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/pruneThreshold\",\n \"value\": \"83\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/minNumIdentitiesInPotentialRole\",\n \"value\": \"10\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "29fcb738-c4ac-47ea-b6c4-e7d6c06fe6cf", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/pruneThreshold\",\n \"value\": \"83\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/minNumIdentitiesInPotentialRole\",\n \"value\": \"10\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d6bfeda-f366-46fc-99d6-232f075fe843", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/pruneThreshold\",\n \"value\": \"83\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/minNumIdentitiesInPotentialRole\",\n \"value\": \"10\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f8ffd894-6837-4d3b-ae35-0a9d3e84a71c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/pruneThreshold\",\n \"value\": \"83\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/minNumIdentitiesInPotentialRole\",\n \"value\": \"10\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e528f438-03e4-4854-b120-23fd78caf6ac", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/pruneThreshold\",\n \"value\": \"83\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/minNumIdentitiesInPotentialRole\",\n \"value\": \"10\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af92928d-cd5c-4181-bd10-36222fbefcb0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/pruneThreshold\",\n \"value\": \"83\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/minNumIdentitiesInPotentialRole\",\n \"value\": \"10\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "39229fa4-fbc1-40ed-a7a7-fce4ba5061a3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/pruneThreshold\",\n \"value\": \"83\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/minNumIdentitiesInPotentialRole\",\n \"value\": \"10\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/name\",\n \"value\": \"RM Session - 07/10/22\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e5a5a556-f2b4-4227-a459-9789e78f4d6a", + "name": "Get a role mining session", + "request": { + "name": "Get a role mining session", + "description": { + "content": "The method retrieves a role mining session.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id to be retrieved.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fd8cf20c-b934-4bcf-8082-3b3f675ae03b", + "name": "Returns a role mining session", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"scope\": {\n \"identityIds\": [],\n \"criteria\": \"source.name:DataScienceDataset\",\n \"attributeFilterCriteria\": null\n },\n \"scopingMethod\": \"AUTO_RM\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 70,\n \"prescribedPruneThreshold\": 83,\n \"potentialRoleCount\": 8,\n \"potentialRolesReadyCount\": 4,\n \"status\": {\n \"state\": \"POTENTIAL_ROLES_PROCESSING\"\n },\n \"type\": \"SPECIALIZED\",\n \"emailRecipientId\": null,\n \"createdBy\": null,\n \"identityCount\": 0,\n \"saved\": false,\n \"name\": null,\n \"dataFilePath\": null,\n \"id\": \"602ba738-cf48-499b-a780-7b67b3fc1ecf\",\n \"createdDate\": \"2021-09-08T16:11:05.348Z\",\n \"modifiedDate\": \"2021-09-08T16:11:05.348Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3fb14c3c-7b77-44d0-ad9e-32e3c187ed85", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "db268bc5-ba03-4e62-b8d1-9910cf1d01c8", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8062ec61-a6e1-4244-af32-bbce4aa44f8e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9caab276-bcbd-4665-8071-b4597cdc7a6a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f20f92b9-5e12-490b-85fe-3700e9ef01ed", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "28188785-befa-4fa2-b032-f17d93acc930", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7af5e17b-072b-476f-b31a-6b65703c8b7c", + "name": "Get role mining session status state", + "request": { + "name": "Get role mining session status state", + "description": { + "content": "This method returns a role mining session status for a customer.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "d20df193-1db9-4d08-9d8c-9a775ab8978e", + "name": "Succeeded. Returns session status", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"state\": \"CREATED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4fc9cd04-822b-45f2-a914-ac272eac2fc3", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f467cb6f-0cc7-4963-925f-b60f5689121d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "415a6213-0ded-46c7-85f7-dd968590b58c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c3b2b88f-d1fc-4d40-9feb-548f97c3adf8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a1d1fa6e-eaac-4aa6-83e8-0de7592a5b91", + "name": "Retrieves all potential role summaries", + "request": { + "name": "Retrieves all potential role summaries", + "description": { + "content": "This method returns the potential role summaries for a role mining session.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fc238b1b-8060-46b5-8e0c-c131295d3398", + "name": "Succeeded. Returns a list of potential role summaries for a role mining session.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\",\n \"potentialRoleRef\": {\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\"\n },\n \"identityCount\": 25,\n \"entitlementCount\": 15,\n \"identityGroupStatus\": \"OBTAINED\",\n \"provisionState\": \"PENDING\",\n \"roleId\": \"2a4be6fbcf3c4e66b95a0c15ffd591\",\n \"density\": 90,\n \"freshness\": 70,\n \"quality\": 80,\n \"type\": \"SPECIALIZED\",\n \"createdBy\": {\n \"id\": \"2c918090761a5aac0176215c46a62d58\",\n \"displayName\": \"Ashley.Pierce\"\n },\n \"createdDate\": \"2006-08-14T19:33:41.112Z\",\n \"saved\": true,\n \"description\": \"Ut ut aliqua\",\n \"session\": {\n \"id\": \"9f36f5e5-1e81-4eca-b087-548959d91c71\",\n \"name\": \"Saved RM Session - 07/10\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 5,\n \"saved\": true,\n \"scope\": {\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"criteria\": \"source.name:DataScienceDataset\"\n },\n \"type\": \"SPECIALIZED\",\n \"state\": \"CREATED\",\n \"scopingMethod\": \"MANUAL\"\n }\n },\n {\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\",\n \"potentialRoleRef\": {\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\"\n },\n \"identityCount\": 25,\n \"entitlementCount\": 15,\n \"identityGroupStatus\": \"OBTAINED\",\n \"provisionState\": \"PENDING\",\n \"roleId\": \"2a4be6fbcf3c4e66b95a0c15ffd591\",\n \"density\": 90,\n \"freshness\": 70,\n \"quality\": 80,\n \"type\": \"SPECIALIZED\",\n \"createdBy\": {\n \"id\": \"2c918090761a5aac0176215c46a62d58\",\n \"displayName\": \"Ashley.Pierce\"\n },\n \"createdDate\": \"1976-02-10T05:16:20.019Z\",\n \"saved\": true,\n \"description\": \"ad\",\n \"session\": {\n \"id\": \"9f36f5e5-1e81-4eca-b087-548959d91c71\",\n \"name\": \"Saved RM Session - 07/10\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 5,\n \"saved\": true,\n \"scope\": {\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"criteria\": \"source.name:DataScienceDataset\"\n },\n \"type\": \"SPECIALIZED\",\n \"state\": \"CREATED\",\n \"scopingMethod\": \"MANUAL\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0b9f76aa-da11-4fbb-9eb6-c034c0d11772", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fa83da6c-6a9b-4c6f-9e69-4b34a148cee6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9bc9e49d-22ee-4fd5-93c8-fe839b99311f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4598e65-fe07-4ae8-822e-e454831e5aa7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a2409b09-f16c-4a8e-86d7-113637f5ae2f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "68c53efa-7ada-4a4a-9a43-f55af2c7757f", + "name": "Retrieves a specific potential role", + "request": { + "name": "Retrieves a specific potential role", + "description": { + "content": "This method returns a specific potential role for a role mining session.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "4d3d850e-b477-4e00-89c4-b46e70d1eea1", + "name": "Succeeded. Returns a list of potential roles for a role mining session.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"createdBy\": {\n \"id\": \"2c918090761a5aac0176215c46a62d58\",\n \"displayName\": \"Ashley.Pierce\"\n },\n \"density\": 75,\n \"description\": \"Potential Role for Accounting dept\",\n \"entitlementCount\": 25,\n \"excludedEntitlements\": [\n \"07a0b4e2\",\n \"13b4e2a0\"\n ],\n \"freshness\": 75,\n \"identityCount\": 25,\n \"identityDistribution\": [\n {\n \"attributeName\": \"department\",\n \"distribution\": [\n {\n \"proident_f5\": \"esse sed\",\n \"consectetur_3\": \"non ullamco voluptate\",\n \"proident15\": \"n\",\n \"laborum5\": \"ad aliquip laboris\"\n },\n {\n \"non__\": \"reprehenderit proident deserunt\"\n }\n ]\n },\n {\n \"attributeName\": \"department\",\n \"distribution\": [\n {\n \"enim8d5\": \"Ut pariatur non\"\n },\n {\n \"in63e\": \"eu exercitation sit ullamco incididunt\",\n \"tempor_6b\": \"velit nisi magna fugiat\",\n \"exercitatione\": \"quis exercitation cupidatat Ut\"\n }\n ]\n }\n ],\n \"identityIds\": [\n \"07a0b4e2\",\n \"13b4e2a0\"\n ],\n \"name\": \"Saved Potential Role - 07/10\",\n \"provisionState\": \"POTENTIAL\",\n \"quality\": 100,\n \"roleId\": \"07a0b4e2-7a76-44fa-bd0b-c64654b66519\",\n \"saved\": true,\n \"session\": {\n \"id\": \"9f36f5e5-1e81-4eca-b087-548959d91c71\",\n \"name\": \"Saved RM Session - 07/10\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 5,\n \"saved\": true,\n \"scope\": {\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"criteria\": \"source.name:DataScienceDataset\"\n },\n \"type\": \"SPECIALIZED\",\n \"state\": \"CREATED\",\n \"scopingMethod\": \"MANUAL\"\n },\n \"type\": \"SPECIALIZED\",\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"createdDate\": \"1951-03-12T05:11:19.098Z\",\n \"modifiedDate\": \"1986-02-13T15:10:14.539Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a82af29f-034e-41f6-9d0f-597c3938c5bc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ee5f1f69-3087-448f-877c-f23fdd04ca32", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "215ff938-1dd9-457f-be9a-427cc21f62e3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7152ed5-218e-4446-833c-4cdac1997d21", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8660495d-834b-4315-9512-c2d791c335e7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c89cee40-e903-4a23-9c14-555594609066", + "name": "Update a potential role", + "request": { + "name": "Update a potential role", + "description": { + "content": "The method updates an existing potential role using.\n\nThe following fields can be modified:\n\n* `description`\n\n* `name`\n\n* `saved`\n\n\n>**NOTE: All other fields cannot be modified.**\n", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) The potential role summary id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "c5ee76a1-ea21-4c82-aef2-28cb90dc1386", + "name": "Succeeded. Returns the potential role summary based on the potentialRoleId provided.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "753b714c-08ae-4822-a9da-ee1b6a53e188", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "46d0e569-81c0-46a0-9d91-db0b5fba67d5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e705c56-cfd7-4ac6-982a-dc0377c22b60", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d45d7e1-af98-4275-9c79-b07f8aadfcea", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f8a7f2ab-7438-44d7-ac6a-6c6b0e38f70e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c253a7eb-dfee-4335-9564-bbff60d86422", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "01dd648d-3ca1-4d60-bd56-94674cda61f3", + "name": "Retrieves the applications of a potential role for a role mining session", + "request": { + "name": "Retrieves the applications of a potential role for a role mining session", + "description": { + "content": "This method returns the applications of a potential role for a role mining session.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId", + "applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2be54a1b-8d9c-4f0e-98c5-14a6a2e8e738", + "name": "Succeeded. Returns a list of potential roles for a role mining session.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId", + "applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"Slack\"\n },\n {\n \"name\": \"Slack\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cd093c62-da09-41c6-aeec-bf98a8c9e9b2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId", + "applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9eaba418-6137-42bc-9774-58bc60dc43a8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId", + "applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7cd8e71c-c681-4966-bfb9-e4560d1c9079", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId", + "applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b4bd0c28-5759-424c-8231-971d5ea5a023", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-role-summaries", + ":potentialRoleId", + "applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6629e454-38ef-4a70-a742-56c42ce00967", + "name": "Retrieves entitlements for a potential role in a role mining session", + "request": { + "name": "Retrieves entitlements for a potential role in a role mining session", + "description": { + "content": "This method returns entitlements for a potential role in a role mining session.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity, entitlementName, applicationName**\n\nThe default sort is **popularity** in descending order. ", + "type": "text/plain" + }, + "key": "sorters", + "value": "popularity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "6c067cf6-d419-47c3-b388-a8ce129a046d", + "name": "Succeeded. Returns a list of entitlements for a potential role.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity, entitlementName, applicationName**\n\nThe default sort is **popularity** in descending order. ", + "type": "text/plain" + }, + "key": "sorters", + "value": "popularity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"entitlementRef\": {\n \"name\": \"App.entitlement.1\",\n \"description\": \"Entitlement 1\",\n \"attribute\": \"groups\"\n },\n \"name\": \"Add/modify/delete users\",\n \"applicationName\": \"AppName\",\n \"identityCount\": 45,\n \"popularity\": 65.2,\n \"popularityInOrg\": 35.8,\n \"sourceId\": \"2c9180877620c1460176267f336a106f\",\n \"activitySourceState\": \"complete\",\n \"sourceUsagePercent\": 65.6\n },\n {\n \"entitlementRef\": {\n \"name\": \"App.entitlement.1\",\n \"description\": \"Entitlement 1\",\n \"attribute\": \"groups\"\n },\n \"name\": \"Add/modify/delete users\",\n \"applicationName\": \"AppName\",\n \"identityCount\": 45,\n \"popularity\": 65.2,\n \"popularityInOrg\": 35.8,\n \"sourceId\": \"2c9180877620c1460176267f336a106f\",\n \"activitySourceState\": \"complete\",\n \"sourceUsagePercent\": 65.6\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "490b069f-54eb-4bb7-99d5-95319a322d1e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity, entitlementName, applicationName**\n\nThe default sort is **popularity** in descending order. ", + "type": "text/plain" + }, + "key": "sorters", + "value": "popularity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0d0efc60-c3cd-411d-a2b8-e3d912627e2b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity, entitlementName, applicationName**\n\nThe default sort is **popularity** in descending order. ", + "type": "text/plain" + }, + "key": "sorters", + "value": "popularity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4af0b1d5-ad9a-4e8e-af80-64ab08793168", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity, entitlementName, applicationName**\n\nThe default sort is **popularity** in descending order. ", + "type": "text/plain" + }, + "key": "sorters", + "value": "popularity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0ad5a24c-165f-41c5-ad9e-adf627a81b30", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity, entitlementName, applicationName**\n\nThe default sort is **popularity** in descending order. ", + "type": "text/plain" + }, + "key": "sorters", + "value": "popularity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c8171e22-a8f3-4cc4-96cf-e71dadadc461", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity, entitlementName, applicationName**\n\nThe default sort is **popularity** in descending order. ", + "type": "text/plain" + }, + "key": "sorters", + "value": "popularity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b7d5b338-cb19-4e6f-90eb-19f2f7c33864", + "name": "Retrieves entitlement popularity distribution for a potential role in a role mining session", + "request": { + "name": "Retrieves entitlement popularity distribution for a potential role in a role mining session", + "description": { + "content": "This method returns entitlement popularity distribution for a potential role in a role mining session.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularity-distribution" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5695af53-0ce7-48b2-9bcc-eca064f064c0", + "name": "Succeeded. Returns a map containing entitlement popularity distribution for a potential role.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularity-distribution" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"deserunt5\": -98752541,\n \"magna_9ba\": 20616981\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "915512a4-4c50-4ffa-8df8-ba9af5cafb5f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularity-distribution" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "505d3932-3e2c-42f8-bebd-b2e61282452e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularity-distribution" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd002f67-038f-4386-8f08-5867944c650f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularity-distribution" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9e8a827-a9aa-4ccf-9ce4-66668d7cf2b4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "entitlement-popularity-distribution" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included or not", + "type": "text/plain" + }, + "key": "includeCommonAccess", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e93089de-24e1-46a2-ad8f-69f90d580754", + "name": "Edit entitlements for a potential role to exclude some entitlements", + "request": { + "name": "Edit entitlements for a potential role to exclude some entitlements", + "description": { + "content": "This endpoint adds or removes entitlements from an exclusion list for a potential role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "edit-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"entId1\",\n \"entId2\"\n ],\n \"exclude\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "24ee6e2e-c5f2-4e9d-aec4-fc08f633e2b0", + "name": "Adds or removes entitlements from a potential role's entitlement exclusion list.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "edit-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"entId1\",\n \"entId2\"\n ],\n \"exclude\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"createdBy\": {\n \"id\": \"2c918090761a5aac0176215c46a62d58\",\n \"displayName\": \"Ashley.Pierce\"\n },\n \"density\": 75,\n \"description\": \"Potential Role for Accounting dept\",\n \"entitlementCount\": 25,\n \"excludedEntitlements\": [\n \"07a0b4e2\",\n \"13b4e2a0\"\n ],\n \"freshness\": 75,\n \"identityCount\": 25,\n \"identityDistribution\": [\n {\n \"attributeName\": \"department\",\n \"distribution\": [\n {\n \"proident_f5\": \"esse sed\",\n \"consectetur_3\": \"non ullamco voluptate\",\n \"proident15\": \"n\",\n \"laborum5\": \"ad aliquip laboris\"\n },\n {\n \"non__\": \"reprehenderit proident deserunt\"\n }\n ]\n },\n {\n \"attributeName\": \"department\",\n \"distribution\": [\n {\n \"enim8d5\": \"Ut pariatur non\"\n },\n {\n \"in63e\": \"eu exercitation sit ullamco incididunt\",\n \"tempor_6b\": \"velit nisi magna fugiat\",\n \"exercitatione\": \"quis exercitation cupidatat Ut\"\n }\n ]\n }\n ],\n \"identityIds\": [\n \"07a0b4e2\",\n \"13b4e2a0\"\n ],\n \"name\": \"Saved Potential Role - 07/10\",\n \"provisionState\": \"POTENTIAL\",\n \"quality\": 100,\n \"roleId\": \"07a0b4e2-7a76-44fa-bd0b-c64654b66519\",\n \"saved\": true,\n \"session\": {\n \"id\": \"9f36f5e5-1e81-4eca-b087-548959d91c71\",\n \"name\": \"Saved RM Session - 07/10\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 5,\n \"saved\": true,\n \"scope\": {\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"criteria\": \"source.name:DataScienceDataset\"\n },\n \"type\": \"SPECIALIZED\",\n \"state\": \"CREATED\",\n \"scopingMethod\": \"MANUAL\"\n },\n \"type\": \"SPECIALIZED\",\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"createdDate\": \"1951-03-12T05:11:19.098Z\",\n \"modifiedDate\": \"1986-02-13T15:10:14.539Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53e06bb5-0689-4c11-ae29-2b531dd2c3df", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "edit-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"entId1\",\n \"entId2\"\n ],\n \"exclude\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4581a370-e1f3-416d-8adf-2411b19cbe70", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "edit-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"entId1\",\n \"entId2\"\n ],\n \"exclude\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9ab3261-9e88-4731-aa16-067f99d83f3e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "edit-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"entId1\",\n \"entId2\"\n ],\n \"exclude\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e10f5524-cd89-4668-a56e-beb87faee97a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "edit-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"entId1\",\n \"entId2\"\n ],\n \"exclude\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0996d078-028a-49c5-a811-d24b58f6308b", + "name": "Retrieves identities for a potential role in a role mining session", + "request": { + "name": "Retrieves identities for a potential role in a role mining session", + "description": { + "content": "This method returns identities for a potential role in a role mining session.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c547dc73-833f-40b3-aeab-e7ea4fd5f03f", + "name": "Succeeded. Returns a list of identities for a potential role.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"Allene Abernathy-Welch\",\n \"attributes\": {\n \"jobTitle\": \"SQL Developer\",\n \"department\": \"IT\",\n \"location\": \"NYC\",\n \"firstName\": \"Allene\"\n }\n },\n {\n \"name\": \"Allene Abernathy-Welch\",\n \"attributes\": {\n \"jobTitle\": \"SQL Developer\",\n \"department\": \"IT\",\n \"location\": \"NYC\",\n \"firstName\": \"Allene\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d777b822-880e-4558-a1cc-e6dc61c01200", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "545787ca-74e0-46a5-8672-71593dababea", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "06a6edea-c99d-4b98-88a3-adb3d832c02d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ae8c45c-6232-4934-967b-2001f1b56f77", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c19fe0d3-e5ad-4795-82db-3a10785c7f3c", + "name": "Export (download) details for a potential role in a role mining session", + "request": { + "name": "Export (download) details for a potential role in a role mining session", + "description": { + "content": "This endpoint downloads all the information for a potential role in a role mining session. Includes identities and entitlements in the potential role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/zip" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e93732b0-b650-4070-b896-2be871629e68", + "name": "Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/zip" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/zip" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "05f98af4-c967-4e87-844f-5149d0641f2f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a5473169-9021-4bd4-8737-02a842b340b4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9f871753-2819-4d03-86f6-e5c28714206d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5419dcc4-0186-4a40-8b39-741893d06cee", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6d6a4aff-bbcc-42c0-ba55-cff82e5d949c", + "name": "Asynchronously export details for a potential role in a role mining session and upload to S3", + "request": { + "name": "Asynchronously export details for a potential role in a role mining session and upload to S3", + "description": { + "content": "This endpoint uploads all the information for a potential role in a role mining session to S3 as a downloadable zip archive. Includes identities and entitlements in the potential role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "278359a6-04b7-4669-9468-924cf580964a", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"minEntitlementPopularity\": 0,\n \"includeCommonAccess\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7273e358-d38d-4ca1-8e2f-71609ab4923f", + "name": "Job Submitted. Returns a reportId that can be used to download the zip once complete", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"minEntitlementPopularity\": 0,\n \"includeCommonAccess\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"exportId\": \"0c6cdb76-1227-4aaf-af21-192dbdfbfa04\",\n \"status\": \"QUEUED\",\n \"minEntitlementPopularity\": 0,\n \"includeCommonAccess\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d74c8110-b1a2-42f4-8d88-a1a366557da5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"minEntitlementPopularity\": 0,\n \"includeCommonAccess\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4249a97a-e3c2-4ec9-8fa7-3fc32ede8234", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"minEntitlementPopularity\": 0,\n \"includeCommonAccess\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e6bb116e-f6e5-4bad-b179-a1c975804888", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"minEntitlementPopularity\": 0,\n \"includeCommonAccess\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6433ab14-ade2-4dd4-8001-2dac33f9d89f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"minEntitlementPopularity\": 0,\n \"includeCommonAccess\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9aa1f84e-fd7a-4f69-a228-4d1eb6768d53", + "name": "Retrieve status of a potential role export job", + "request": { + "name": "Retrieve status of a potential role export job", + "description": { + "content": "This endpoint retrieves information about the current status of a potential role export.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "278359a6-04b7-4669-9468-924cf580964a", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "4940ffd4-836f-48a3-b2b0-6d498c3fdf40", + "key": "exportId", + "disabled": true, + "description": { + "content": "(Required) The id of a previously run export job for this potential role", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c612b3f0-098f-4c4d-88d2-cff05adb21dc", + "name": "Success. Returns the current status of this export", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"exportId\": \"0c6cdb76-1227-4aaf-af21-192dbdfbfa04\",\n \"status\": \"QUEUED\",\n \"minEntitlementPopularity\": 0,\n \"includeCommonAccess\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ab085258-d073-41d1-8c3c-afa6e44eee78", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "de0a3e44-71aa-4dc1-bdb4-e2a7f599e655", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c04b7519-6801-49a2-b9d5-071e2f008599", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "227cbcfc-b7e5-4f9c-bc74-d952889bd0b4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3408d352-d1de-47d9-90d2-4a570c1dbdf3", + "name": "Export (download) details for a potential role in a role mining session", + "request": { + "name": "Export (download) details for a potential role in a role mining session", + "description": { + "content": "This endpoint downloads a completed export of information for a potential role in a role mining session.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "278359a6-04b7-4669-9468-924cf580964a", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "4940ffd4-836f-48a3-b2b0-6d498c3fdf40", + "key": "exportId", + "disabled": true, + "description": { + "content": "(Required) The id of a previously run export job for this potential role", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/zip" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "6ede28d2-f125-4f41-b3d0-60b89afd5d64", + "name": "Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/zip" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/zip" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "9a7d29ee-f476-46b3-8043-23c6e666c556", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "31103fd7-5102-4748-aa44-62c69116a7f1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4195bcef-3024-4659-ba2b-542a3ccc7283", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18c47f6b-ae68-434e-87fd-a5a61638ab48", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "export-async", + ":exportId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "71b69bce-99b5-4d45-9c5b-e6b043ccb3d0", + "name": "Create request to provision a potential role into an actual role.", + "request": { + "name": "Create request to provision a potential role into an actual role.", + "description": { + "content": "This method starts a job to provision a potential role", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "provision" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Minimum popularity required for an entitlement to be included in the provisioned role.", + "type": "text/plain" + }, + "key": "min-entitlement-popularity", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included in the provisioned role.", + "type": "text/plain" + }, + "key": "include-common-access", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleName\": \"Finance - Accounting\",\n \"roleDescription\": \"General access for accounting department\",\n \"ownerId\": \"2b568c65bc3c4c57a43bd97e3a8e41\",\n \"includeIdentities\": true,\n \"directlyAssignedEntitlements\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "51cbf8bb-f532-4b7c-ae1a-04dbc75736e8", + "name": "Accepted. Returns a potential role summary including the status of the provison request", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "provision" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Minimum popularity required for an entitlement to be included in the provisioned role.", + "type": "text/plain" + }, + "key": "min-entitlement-popularity", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included in the provisioned role.", + "type": "text/plain" + }, + "key": "include-common-access", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleName\": \"Finance - Accounting\",\n \"roleDescription\": \"General access for accounting department\",\n \"ownerId\": \"2b568c65bc3c4c57a43bd97e3a8e41\",\n \"includeIdentities\": true,\n \"directlyAssignedEntitlements\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\",\n \"potentialRoleRef\": {\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\"\n },\n \"identityCount\": 25,\n \"entitlementCount\": 15,\n \"identityGroupStatus\": \"OBTAINED\",\n \"provisionState\": \"PENDING\",\n \"roleId\": \"2a4be6fbcf3c4e66b95a0c15ffd591\",\n \"density\": 90,\n \"freshness\": 70,\n \"quality\": 80,\n \"type\": \"SPECIALIZED\",\n \"createdBy\": {\n \"id\": \"2c918090761a5aac0176215c46a62d58\",\n \"displayName\": \"Ashley.Pierce\"\n },\n \"createdDate\": \"1964-11-14T15:15:29.705Z\",\n \"saved\": true,\n \"description\": \"sed tempor dolore\",\n \"session\": {\n \"id\": \"9f36f5e5-1e81-4eca-b087-548959d91c71\",\n \"name\": \"Saved RM Session - 07/10\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 5,\n \"saved\": true,\n \"scope\": {\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"criteria\": \"source.name:DataScienceDataset\"\n },\n \"type\": \"SPECIALIZED\",\n \"state\": \"CREATED\",\n \"scopingMethod\": \"MANUAL\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "98fe2cdb-d73c-46a5-83d4-4821601ae69f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "provision" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Minimum popularity required for an entitlement to be included in the provisioned role.", + "type": "text/plain" + }, + "key": "min-entitlement-popularity", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included in the provisioned role.", + "type": "text/plain" + }, + "key": "include-common-access", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleName\": \"Finance - Accounting\",\n \"roleDescription\": \"General access for accounting department\",\n \"ownerId\": \"2b568c65bc3c4c57a43bd97e3a8e41\",\n \"includeIdentities\": true,\n \"directlyAssignedEntitlements\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17eb790a-af03-4a54-b410-db3c71185033", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "provision" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Minimum popularity required for an entitlement to be included in the provisioned role.", + "type": "text/plain" + }, + "key": "min-entitlement-popularity", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included in the provisioned role.", + "type": "text/plain" + }, + "key": "include-common-access", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleName\": \"Finance - Accounting\",\n \"roleDescription\": \"General access for accounting department\",\n \"ownerId\": \"2b568c65bc3c4c57a43bd97e3a8e41\",\n \"includeIdentities\": true,\n \"directlyAssignedEntitlements\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e5a7f245-5a2d-4a19-b260-4b96b89d88fc", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "provision" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Minimum popularity required for an entitlement to be included in the provisioned role.", + "type": "text/plain" + }, + "key": "min-entitlement-popularity", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included in the provisioned role.", + "type": "text/plain" + }, + "key": "include-common-access", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleName\": \"Finance - Accounting\",\n \"roleDescription\": \"General access for accounting department\",\n \"ownerId\": \"2b568c65bc3c4c57a43bd97e3a8e41\",\n \"includeIdentities\": true,\n \"directlyAssignedEntitlements\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "22884d0f-ed8e-441c-8bfb-d866b27d0906", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "provision" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Minimum popularity required for an entitlement to be included in the provisioned role.", + "type": "text/plain" + }, + "key": "min-entitlement-popularity", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included in the provisioned role.", + "type": "text/plain" + }, + "key": "include-common-access", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleName\": \"Finance - Accounting\",\n \"roleDescription\": \"General access for accounting department\",\n \"ownerId\": \"2b568c65bc3c4c57a43bd97e3a8e41\",\n \"includeIdentities\": true,\n \"directlyAssignedEntitlements\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "45d1bf29-6a4b-4e0f-b67d-433daa99ead7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "provision" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Minimum popularity required for an entitlement to be included in the provisioned role.", + "type": "text/plain" + }, + "key": "min-entitlement-popularity", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Boolean determining whether common access entitlements will be included in the provisioned role.", + "type": "text/plain" + }, + "key": "include-common-access", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleName\": \"Finance - Accounting\",\n \"roleDescription\": \"General access for accounting department\",\n \"ownerId\": \"2b568c65bc3c4c57a43bd97e3a8e41\",\n \"includeIdentities\": true,\n \"directlyAssignedEntitlements\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1cb8242f-48f9-40ee-a748-8aaf7e0f3070", + "name": "Retrieves excluded entitlements for a potential role in a role mining session", + "request": { + "name": "Retrieves excluded entitlements for a potential role in a role mining session", + "description": { + "content": "This method returns excluded entitlements for a potential role in a role mining session.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "excluded-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity**", + "type": "text/plain" + }, + "key": "sorters", + "value": "populariity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId", + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id in a role mining session", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f0f75a22-6d0b-4295-9cd0-127f59f80daa", + "name": "Succeeded. Returns a list of excluded entitlements for a potential roles.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "excluded-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity**", + "type": "text/plain" + }, + "key": "sorters", + "value": "populariity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"entitlementRef\": {\n \"name\": \"App.entitlement.1\",\n \"description\": \"Entitlement 1\",\n \"attribute\": \"groups\"\n },\n \"name\": \"Add/modify/delete users\",\n \"applicationName\": \"AppName\",\n \"identityCount\": 45,\n \"popularity\": 65.2,\n \"popularityInOrg\": 35.8,\n \"sourceId\": \"2c9180877620c1460176267f336a106f\",\n \"activitySourceState\": \"complete\",\n \"sourceUsagePercent\": 65.6\n },\n {\n \"entitlementRef\": {\n \"name\": \"App.entitlement.1\",\n \"description\": \"Entitlement 1\",\n \"attribute\": \"groups\"\n },\n \"name\": \"Add/modify/delete users\",\n \"applicationName\": \"AppName\",\n \"identityCount\": 45,\n \"popularity\": 65.2,\n \"popularityInOrg\": 35.8,\n \"sourceId\": \"2c9180877620c1460176267f336a106f\",\n \"activitySourceState\": \"complete\",\n \"sourceUsagePercent\": 65.6\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "69a8e5bf-77fc-4fb0-afcc-a5dc1f9e2e18", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "excluded-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity**", + "type": "text/plain" + }, + "key": "sorters", + "value": "populariity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6cfa3df7-8988-467b-8944-41adc80b24e7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "excluded-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity**", + "type": "text/plain" + }, + "key": "sorters", + "value": "populariity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "846e0bf2-4c2c-46c6-b73f-93df1e1669ee", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "excluded-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity**", + "type": "text/plain" + }, + "key": "sorters", + "value": "populariity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "821182bb-94b8-4d3e-a92d-56045cb794f4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-sessions", + ":sessionId", + "potential-roles", + ":potentialRoleId", + "excluded-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **popularity**", + "type": "text/plain" + }, + "key": "sorters", + "value": "populariity" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**applicationName**: *sw*\n\n**entitlementRef.name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "applicationName sw \"AD\"" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8871a7c9-a1ec-4eed-adaf-744d5b6aa2fd", + "name": "Retrieves all potential role summaries", + "request": { + "name": "Retrieves all potential role summaries", + "description": { + "content": "Returns all potential role summaries that match the query parameters", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-potential-roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co, ge, gt, le, lt*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq, ge, gt, le, lt*\n\n**scopingMethod**: *eq*\n\n**sessionState**: *eq*\n\n**identityAttribute**: *co*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "acf175da-e3ca-4105-be79-9c05ce13000e", + "name": "Succeeded. Returns all potential role summaries that match the query parameters.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co, ge, gt, le, lt*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq, ge, gt, le, lt*\n\n**scopingMethod**: *eq*\n\n**sessionState**: *eq*\n\n**identityAttribute**: *co*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\",\n \"potentialRoleRef\": {\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\"\n },\n \"identityCount\": 25,\n \"entitlementCount\": 15,\n \"identityGroupStatus\": \"OBTAINED\",\n \"provisionState\": \"PENDING\",\n \"roleId\": \"2a4be6fbcf3c4e66b95a0c15ffd591\",\n \"density\": 90,\n \"freshness\": 70,\n \"quality\": 80,\n \"type\": \"SPECIALIZED\",\n \"createdBy\": {\n \"id\": \"2c918090761a5aac0176215c46a62d58\",\n \"displayName\": \"Ashley.Pierce\"\n },\n \"createdDate\": \"2006-08-14T19:33:41.112Z\",\n \"saved\": true,\n \"description\": \"Ut ut aliqua\",\n \"session\": {\n \"id\": \"9f36f5e5-1e81-4eca-b087-548959d91c71\",\n \"name\": \"Saved RM Session - 07/10\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 5,\n \"saved\": true,\n \"scope\": {\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"criteria\": \"source.name:DataScienceDataset\"\n },\n \"type\": \"SPECIALIZED\",\n \"state\": \"CREATED\",\n \"scopingMethod\": \"MANUAL\"\n }\n },\n {\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\",\n \"potentialRoleRef\": {\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"name\": \"Potential Role - e0cc5d\"\n },\n \"identityCount\": 25,\n \"entitlementCount\": 15,\n \"identityGroupStatus\": \"OBTAINED\",\n \"provisionState\": \"PENDING\",\n \"roleId\": \"2a4be6fbcf3c4e66b95a0c15ffd591\",\n \"density\": 90,\n \"freshness\": 70,\n \"quality\": 80,\n \"type\": \"SPECIALIZED\",\n \"createdBy\": {\n \"id\": \"2c918090761a5aac0176215c46a62d58\",\n \"displayName\": \"Ashley.Pierce\"\n },\n \"createdDate\": \"1976-02-10T05:16:20.019Z\",\n \"saved\": true,\n \"description\": \"ad\",\n \"session\": {\n \"id\": \"9f36f5e5-1e81-4eca-b087-548959d91c71\",\n \"name\": \"Saved RM Session - 07/10\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 5,\n \"saved\": true,\n \"scope\": {\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"criteria\": \"source.name:DataScienceDataset\"\n },\n \"type\": \"SPECIALIZED\",\n \"state\": \"CREATED\",\n \"scopingMethod\": \"MANUAL\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e458058-09bf-4970-9e08-ccc7a69474a5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co, ge, gt, le, lt*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq, ge, gt, le, lt*\n\n**scopingMethod**: *eq*\n\n**sessionState**: *eq*\n\n**identityAttribute**: *co*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e3a184a1-b735-4f14-9f79-97d42d5d0148", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co, ge, gt, le, lt*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq, ge, gt, le, lt*\n\n**scopingMethod**: *eq*\n\n**sessionState**: *eq*\n\n**identityAttribute**: *co*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e787782-26a9-4900-8019-f0baee2fecf8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co, ge, gt, le, lt*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq, ge, gt, le, lt*\n\n**scopingMethod**: *eq*\n\n**sessionState**: *eq*\n\n**identityAttribute**: *co*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49033b0e-ce0e-4074-8bd9-986e056087cb", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co, ge, gt, le, lt*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq, ge, gt, le, lt*\n\n**scopingMethod**: *eq*\n\n**sessionState**: *eq*\n\n**identityAttribute**: *co*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05cd07c2-2bfe-4f94-8972-1f6f26922c16", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality**", + "type": "text/plain" + }, + "key": "sorters", + "value": "createdDate" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**createdById**: *eq, sw, co*\n\n**createdByName**: *eq, sw, co*\n\n**description**: *sw, co*\n\n**endDate**: *le, lt*\n\n**freshness**: *eq, ge, gt, le, lt*\n\n**name**: *eq, sw, co, ge, gt, le, lt*\n\n**quality**: *eq, ge, gt, le, lt*\n\n**startDate**: *ge, gt*\n\n**saved**: *eq*\n\n**type**: *eq, ge, gt, le, lt*\n\n**scopingMethod**: *eq*\n\n**sessionState**: *eq*\n\n**identityAttribute**: *co*", + "type": "text/plain" + }, + "key": "filters", + "value": "(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7a01eff9-674f-43f6-b98d-2785d325b8a3", + "name": "Retrieves a specific potential role", + "request": { + "name": "Retrieves a specific potential role", + "description": { + "content": "This method returns a specific potential role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fcb2dfe0-b503-4b57-8166-a921163b1370", + "name": "Succeeded. Returns a list of potential roles for a role mining session.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"createdBy\": {\n \"id\": \"2c918090761a5aac0176215c46a62d58\",\n \"displayName\": \"Ashley.Pierce\"\n },\n \"density\": 75,\n \"description\": \"Potential Role for Accounting dept\",\n \"entitlementCount\": 25,\n \"excludedEntitlements\": [\n \"07a0b4e2\",\n \"13b4e2a0\"\n ],\n \"freshness\": 75,\n \"identityCount\": 25,\n \"identityDistribution\": [\n {\n \"attributeName\": \"department\",\n \"distribution\": [\n {\n \"proident_f5\": \"esse sed\",\n \"consectetur_3\": \"non ullamco voluptate\",\n \"proident15\": \"n\",\n \"laborum5\": \"ad aliquip laboris\"\n },\n {\n \"non__\": \"reprehenderit proident deserunt\"\n }\n ]\n },\n {\n \"attributeName\": \"department\",\n \"distribution\": [\n {\n \"enim8d5\": \"Ut pariatur non\"\n },\n {\n \"in63e\": \"eu exercitation sit ullamco incididunt\",\n \"tempor_6b\": \"velit nisi magna fugiat\",\n \"exercitatione\": \"quis exercitation cupidatat Ut\"\n }\n ]\n }\n ],\n \"identityIds\": [\n \"07a0b4e2\",\n \"13b4e2a0\"\n ],\n \"name\": \"Saved Potential Role - 07/10\",\n \"provisionState\": \"POTENTIAL\",\n \"quality\": 100,\n \"roleId\": \"07a0b4e2-7a76-44fa-bd0b-c64654b66519\",\n \"saved\": true,\n \"session\": {\n \"id\": \"9f36f5e5-1e81-4eca-b087-548959d91c71\",\n \"name\": \"Saved RM Session - 07/10\",\n \"minNumIdentitiesInPotentialRole\": 20,\n \"pruneThreshold\": 5,\n \"saved\": true,\n \"scope\": {\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"criteria\": \"source.name:DataScienceDataset\"\n },\n \"type\": \"SPECIALIZED\",\n \"state\": \"CREATED\",\n \"scopingMethod\": \"MANUAL\"\n },\n \"type\": \"SPECIALIZED\",\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"createdDate\": \"1951-03-12T05:11:19.098Z\",\n \"modifiedDate\": \"1986-02-13T15:10:14.539Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4b78b04c-c63b-4bac-b0a7-8e0a7c355ce2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f1652842-61a8-4dab-8a31-e41f8604ca36", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ec61e2a-2262-4e00-a43a-48c17c053b43", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7a0a9f0-d967-4a63-8f13-0257adb43bbb", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7de53aa4-3cf4-4e2a-812c-66432e2cffa9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e2b93d7c-b7c3-4b48-9353-9d74871e62f1", + "name": "Update a potential role", + "request": { + "name": "Update a potential role", + "description": { + "content": "The method updates an existing potential role using.\n\nThe following fields can be modified:\n\n* `description`\n\n* `name`\n\n* `saved`\n\n\n>**NOTE: All other fields cannot be modified.**\n", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) The potential role summary id", + "type": "text/plain" + } + }, + { + "disabled": true, + "description": { + "content": "(Required) The role mining session id", + "type": "text/plain" + }, + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "sessionId" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3972972d-df47-46d4-aa9b-bfe1ada4468a", + "name": "Succeeded. Returns the potential role summary based on the potentialRoleId provided.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "056ff8af-3ce1-4e8b-b9a4-7f79ee3a7488", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2e86c662-c7af-4cba-a843-dba2613ca8fd", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d8e314b8-baa0-47c7-ba38-7ad72be0cd35", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "72239bed-c3cc-4d0e-bae5-f050092d77b5", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aaf17ccf-53f4-44d3-87af-92187d5e3cf0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f709f96a-c3dd-410c-b2ef-f285b10d02ac", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"remove\",\n \"path\": \"/description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Acct I - Potential Role\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/saved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/saved\",\n \"value\": \"false\"\n },\n {\n \"op\": \"remove\",\n \"path\": \"/name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Potential Role Accounting\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "16c4f514-589d-4d27-a93b-9b86c5a5605e", + "name": "Retrieves all saved potential roles", + "request": { + "name": "Retrieves all saved potential roles", + "description": { + "content": "This method returns all saved potential roles (draft roles).", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-potential-roles", + "saved" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "0825e016-939d-410b-a835-3bea2f283cd7", + "name": "Succeeded. Returns a list of draft roles for a role mining session.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + "saved" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"Saved RM Session - 07/10\",\n \"description\": \"Person who develops software\",\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"entitlementIds\": [\n \"2c91808a7624751a01762f19d665220d\",\n \"2c91808a7624751a01762f19d67c220e\"\n ],\n \"excludedEntitlements\": [\n \"07a0b4e2\",\n \"13b4e2a0\"\n ],\n \"modified\": \"2020-09-16T18:49:32.150Z\",\n \"type\": \"SPECIALIZED\",\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"createdDate\": \"1979-10-20T08:56:05.825Z\",\n \"modifiedDate\": \"2016-05-24T17:42:06.065Z\"\n },\n {\n \"name\": \"Saved RM Session - 07/10\",\n \"description\": \"Person who develops software\",\n \"identityIds\": [\n \"2c918090761a5aac0176215c46a62d58\",\n \"2c918090761a5aac01722015c46a62d42\"\n ],\n \"entitlementIds\": [\n \"2c91808a7624751a01762f19d665220d\",\n \"2c91808a7624751a01762f19d67c220e\"\n ],\n \"excludedEntitlements\": [\n \"07a0b4e2\",\n \"13b4e2a0\"\n ],\n \"modified\": \"2020-09-16T18:49:32.150Z\",\n \"type\": \"SPECIALIZED\",\n \"id\": \"e0cc5d7d-bf7f-4f81-b2af-8885b09d9923\",\n \"createdDate\": \"1966-12-11T05:46:48.636Z\",\n \"modifiedDate\": \"2014-10-13T11:00:43.863Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "816ff1fe-389c-49cb-b426-005d0c466061", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + "saved" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b7c050a7-2a9f-464e-a560-ea00cb6ef59c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + "saved" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "361e0bdb-58da-4bca-8dad-a261438cbee8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + "saved" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "82142262-7268-46b9-a221-40059e4b0f2a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + "saved" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c0390f77-a2b3-43ef-94cd-d90e5f91d381", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + "saved" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "modified" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5b75cb1a-5e02-4789-be23-b54e4db564df", + "name": "Retrieves potential role source usage", + "request": { + "name": "Retrieves potential role source usage", + "description": { + "content": "This method returns source usageCount (as number of days in the last 90 days) for each identity in a potential role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId", + "sources", + ":sourceId", + "identityUsage" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-usageCount" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923", + "key": "potentialRoleId", + "disabled": true, + "description": { + "content": "(Required) A potential role id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2c9180877620c1460176267f336a106f", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) A source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f8839101-4b7c-4663-96e4-b33e05ed15c8", + "name": "Succeeded. Returns a list of source usage for the identities in a potential role.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId", + "sources", + ":sourceId", + "identityUsage" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-usageCount" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c918089762475180176267f894b54dc\",\n \"displayName\": \"Kirk Koepp\",\n \"email\": \"kirk.koepp@testmail.identitynow.com\",\n \"usageCount\": 25\n },\n {\n \"id\": \"2c918089762475180176267f894b54dc\",\n \"displayName\": \"Kirk Koepp\",\n \"email\": \"kirk.koepp@testmail.identitynow.com\",\n \"usageCount\": 25\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ec30f4f-8409-426e-b4a5-9bdb4ff60bb9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId", + "sources", + ":sourceId", + "identityUsage" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-usageCount" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3bf338d1-d43f-4b14-b5f1-9db7d8790484", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId", + "sources", + ":sourceId", + "identityUsage" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-usageCount" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fd3585c5-09e4-42a0-b1ef-4d99db0996c5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId", + "sources", + ":sourceId", + "identityUsage" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-usageCount" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9a26b622-924e-4efa-b65b-fd5e034d51ea", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId", + "sources", + ":sourceId", + "identityUsage" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-usageCount" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "820997e9-1277-44d4-b558-c624c5d9bf6a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-mining-potential-roles", + ":potentialRoleId", + "sources", + ":sourceId", + "identityUsage" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-usageCount" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Icons", + "description": "Use this API to implement functionality related to object icons (application icons for example). \nWith this functionality in place, administrators can set or remove an icon for specific object type for use throughout Identity Security Cloud.\n", + "item": [ + { + "id": "8f6a14db-40e8-4796-ac24-2fde81b54a84", + "name": "Update an icon", + "request": { + "name": "Update an icon", + "description": { + "content": "This API endpoint updates an icon by object type and object id. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "application", + "key": "objectType", + "disabled": true, + "description": { + "content": "(Required) Object type. Available options ['application']", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "a291e870-48c3-4953-b656-fb5ce2a93169", + "key": "objectId", + "disabled": true, + "description": { + "content": "(Required) Object id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) file with icon. Allowed mime-types ['image/png', 'image/jpeg']", + "type": "text/plain" + }, + "key": "image", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "9379a6fd-f786-4cc1-bcd4-fe2344ed34cd", + "name": "Icon updated", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) file with icon. Allowed mime-types ['image/png', 'image/jpeg']", + "type": "text/plain" + }, + "key": "image", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"icon\": \"\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7850d29-cf8a-4e31-a205-9554c1453fee", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) file with icon. Allowed mime-types ['image/png', 'image/jpeg']", + "type": "text/plain" + }, + "key": "image", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2075deec-982c-4734-8349-61285592c8d5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) file with icon. Allowed mime-types ['image/png', 'image/jpeg']", + "type": "text/plain" + }, + "key": "image", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f280029-8f3d-48df-b458-95a26d1de0d1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) file with icon. Allowed mime-types ['image/png', 'image/jpeg']", + "type": "text/plain" + }, + "key": "image", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ff3adce5-73f0-42d1-958f-7d84f8fc284f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) file with icon. Allowed mime-types ['image/png', 'image/jpeg']", + "type": "text/plain" + }, + "key": "image", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a53f0ec9-0947-42ad-84ab-d6e798cc7aec", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) file with icon. Allowed mime-types ['image/png', 'image/jpeg']", + "type": "text/plain" + }, + "key": "image", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "45c8febc-f923-4ee0-bf9a-99c87e324fde", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) file with icon. Allowed mime-types ['image/png', 'image/jpeg']", + "type": "text/plain" + }, + "key": "image", + "value": "\\x00\\x00\\x00\\x02", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "483715f6-ef5e-4a85-9b4f-aec6412a84c7", + "name": "Delete an icon", + "request": { + "name": "Delete an icon", + "description": { + "content": "This API endpoint delete an icon by object type and object id. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "application", + "key": "objectType", + "disabled": true, + "description": { + "content": "(Required) Object type. Available options ['application']", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "a291e870-48c3-4953-b656-fb5ce2a93169", + "key": "objectId", + "disabled": true, + "description": { + "content": "(Required) Object id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "e74c8ec8-e11f-42fc-b4f6-4578b1459389", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "5d0f7422-ab35-4ec0-b20a-8e452f5ebcc1", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d848bfa1-d52b-4cf6-83cb-7a6670feca48", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af418dbc-d5c6-4c74-bf0b-fefe0aa06643", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e742117b-44c2-414b-869e-2fdaac1868f4", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3c41107-39a8-406d-8867-6a2593514b4b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d01597f-119a-41d3-88b5-cac27badedb9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "icons", + ":objectType", + ":objectId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Identities", + "description": "Use this API to implement identity functionality.\nWith this functionality in place, administrators can synchronize an identity's attributes with its various source attributes.\n\nIdentity Security Cloud uses identities as users' authoritative accounts. Identities can own other accounts, entitlements, and attributes.\n\nAn identity has a variety of attributes, such as an account name, an email address, a job title, and more.\nThese identity attributes can be correlated with different attributes on different sources.\nFor example, the identity John.Smith can own an account in the GitHub source with the account name John-Smith-Org, and Identity Security Cloud knows they are the same person with the same access and attributes.\n\nIn Identity Security Cloud, administrators often set up these synchronizations to get triggered automatically with a change or to run on a schedule.\nTo manually synchronize attributes for an identity, administrators can use the Identities drop-down menu and select Identity List to view the list of identities.\nThey can then select the identity they want to manually synchronize and use the hamburger menu to select 'Synchronize Attributes.'\nDoing so immediately begins the attribute synchronization and analyzes all accounts for the selected identity.\n\nRefer to [Synchronizing Attributes](https://documentation.sailpoint.com/saas/help/provisioning/attr_sync.html) for more information about synchronizing attributes.\n", + "item": [ + { + "id": "4609b9ab-5e0b-4f03-88b3-e4548ea00bf5", + "name": "Attribute synchronization for single identity.", + "request": { + "name": "Attribute synchronization for single identity.", + "description": { + "content": "This end-point performs attribute synchronization for a selected identity. The endpoint can be called once in 10 seconds per identity. A token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities", + ":identityId", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "irure nisi et dolore aliqua", + "key": "identityId", + "disabled": true, + "description": { + "content": "(Required) The Identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "fe0bcad0-9c67-473f-8a34-d255a5b9a164", + "name": "An Identity Sync job", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3dfc\",\n \"status\": \"IN_PROGRESS\",\n \"payload\": {\n \"type\": \"SYNCHRONIZE_IDENTITY_ATTRIBUTES\",\n \"dataJson\": \"{\\\"identityId\\\":\\\"2c918083746f642c01746f990884012a\\\"}\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f23cbb6f-29ed-426e-8822-50be13e43dea", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ded280ac-a005-49da-87a3-1642b36ac8b8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dff9b8bb-5dfe-4a5d-9137-6aa594dfc604", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "009b6bfb-cdf8-4b58-b184-e70bd513e51b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4ec724d5-dcb2-41d2-b2d2-d09a4b2bd072", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74699fb3-ddae-4476-8ecb-64e4b7201c59", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "748ce989-69bc-440f-8696-5ff652270e2c", + "name": "Get ownership details", + "request": { + "name": "Get ownership details", + "description": { + "content": "Use this API to return an identity's owned objects that will cause problems for deleting the identity. \nUse this API as a checklist of objects that you need to reassign to a different identity before you can delete the identity. \nFor a full list of objects owned by an identity, use the [Search API](https://developer.sailpoint.com/docs/api/v3/search-post/). When you search for identities, the returned identities have a property, `owns`, that contains a more comprehensive list of identity's owned objects.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities", + ":identityId", + "ownership" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ff8081814d2a8036014d701f3fbf53fa", + "key": "identityId", + "disabled": true, + "description": { + "content": "(Required) Identity ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5f54def3-fed6-4c9a-90e8-f4686bbb8d6c", + "name": "Identity's ownership association details.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "ownership" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"associationDetails\": {\n \"associationType\": \"ROLE_OWNER\",\n \"entities\": [\n {\n \"id\": \"b660a232f05b4e04812ca974b3011e0f\",\n \"name\": \"Gaston.800ddf9640a\",\n \"type\": \"ROLE\"\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "54290c4d-e328-4349-be5a-a83983dc63ec", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "ownership" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f468390a-9b08-41a8-8b95-44128c0bd6aa", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "ownership" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a1b401ff-c9ad-40c1-b401-f976dc9ca8fe", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "ownership" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2c9724f9-78d7-4524-b7c6-2d45f058c929", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "ownership" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7051ca52-37f9-4e92-a3c0-5881d1887b44", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "ownership" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75509072-4716-400a-a7d2-89f1e469f0c7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "ownership" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8af82a9e-edec-4c18-a25f-c8203451d5d9", + "name": "List Identities", + "request": { + "name": "List Identities", + "description": { + "content": "This API returns a list of identities.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**alias**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*\n\n**email**: *eq, sw*\n\n**cloudStatus**: *eq*\n\n**processingState**: *eq*\n\n**correlated**: *eq*\n\n**protected**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"6c9079b270a266a60170a2779fcb0006\" or correlated eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, alias, cloudStatus**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-cloudStatus" + }, + { + "disabled": true, + "description": { + "content": "Adds additional filter to filters query parameter.\n\nCORRELATED_ONLY adds correlated=true and returns only identities that are correlated.\n\nNONE does not add any and returns all identities that satisfy filters query parameter.", + "type": "text/plain" + }, + "key": "defaultFilter", + "value": "NONE" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "faec7919-ff37-4400-96f2-926132d97233", + "name": "List of identities.", + "originalRequest": { + "url": { + "path": [ + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**alias**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*\n\n**email**: *eq, sw*\n\n**cloudStatus**: *eq*\n\n**processingState**: *eq*\n\n**correlated**: *eq*\n\n**protected**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"6c9079b270a266a60170a2779fcb0006\" or correlated eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, alias, cloudStatus**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-cloudStatus" + }, + { + "disabled": true, + "description": { + "content": "Adds additional filter to filters query parameter.\n\nCORRELATED_ONLY adds correlated=true and returns only identities that are correlated.\n\nNONE does not add any and returns all identities that satisfy filters query parameter.", + "type": "text/plain" + }, + "key": "defaultFilter", + "value": "NONE" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"alias\": \"walter.white\",\n \"emailAddress\": \"sender@example.com\",\n \"processingState\": \"ERROR\",\n \"identityStatus\": \"LOCKED\",\n \"managerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c4180a46faadee4016fb4e018c20626\",\n \"name\": \"Robert Robinson\"\n },\n \"isManager\": true,\n \"lastRefresh\": \"2020-11-22T15:42:31.123Z\",\n \"attributes\": {},\n \"lifecycleState\": {\n \"stateName\": \"active\",\n \"manuallyUpdated\": true\n }\n },\n {\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"alias\": \"walter.white\",\n \"emailAddress\": \"sender@example.com\",\n \"processingState\": \"ERROR\",\n \"identityStatus\": \"LOCKED\",\n \"managerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c4180a46faadee4016fb4e018c20626\",\n \"name\": \"Robert Robinson\"\n },\n \"isManager\": true,\n \"lastRefresh\": \"2020-11-22T15:42:31.123Z\",\n \"attributes\": {},\n \"lifecycleState\": {\n \"stateName\": \"active\",\n \"manuallyUpdated\": true\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "652855a3-19fa-481c-ae1d-9d281ae1c03b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**alias**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*\n\n**email**: *eq, sw*\n\n**cloudStatus**: *eq*\n\n**processingState**: *eq*\n\n**correlated**: *eq*\n\n**protected**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"6c9079b270a266a60170a2779fcb0006\" or correlated eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, alias, cloudStatus**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-cloudStatus" + }, + { + "disabled": true, + "description": { + "content": "Adds additional filter to filters query parameter.\n\nCORRELATED_ONLY adds correlated=true and returns only identities that are correlated.\n\nNONE does not add any and returns all identities that satisfy filters query parameter.", + "type": "text/plain" + }, + "key": "defaultFilter", + "value": "NONE" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "11af7e02-ec45-48dc-ac94-fd89d4c97354", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**alias**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*\n\n**email**: *eq, sw*\n\n**cloudStatus**: *eq*\n\n**processingState**: *eq*\n\n**correlated**: *eq*\n\n**protected**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"6c9079b270a266a60170a2779fcb0006\" or correlated eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, alias, cloudStatus**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-cloudStatus" + }, + { + "disabled": true, + "description": { + "content": "Adds additional filter to filters query parameter.\n\nCORRELATED_ONLY adds correlated=true and returns only identities that are correlated.\n\nNONE does not add any and returns all identities that satisfy filters query parameter.", + "type": "text/plain" + }, + "key": "defaultFilter", + "value": "NONE" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dee5557f-925f-4a51-bbcb-2c6b8de5e370", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**alias**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*\n\n**email**: *eq, sw*\n\n**cloudStatus**: *eq*\n\n**processingState**: *eq*\n\n**correlated**: *eq*\n\n**protected**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"6c9079b270a266a60170a2779fcb0006\" or correlated eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, alias, cloudStatus**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-cloudStatus" + }, + { + "disabled": true, + "description": { + "content": "Adds additional filter to filters query parameter.\n\nCORRELATED_ONLY adds correlated=true and returns only identities that are correlated.\n\nNONE does not add any and returns all identities that satisfy filters query parameter.", + "type": "text/plain" + }, + "key": "defaultFilter", + "value": "NONE" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d761c2c-f57c-4a92-b400-a5a41ce59385", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**alias**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*\n\n**email**: *eq, sw*\n\n**cloudStatus**: *eq*\n\n**processingState**: *eq*\n\n**correlated**: *eq*\n\n**protected**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"6c9079b270a266a60170a2779fcb0006\" or correlated eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, alias, cloudStatus**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-cloudStatus" + }, + { + "disabled": true, + "description": { + "content": "Adds additional filter to filters query parameter.\n\nCORRELATED_ONLY adds correlated=true and returns only identities that are correlated.\n\nNONE does not add any and returns all identities that satisfy filters query parameter.", + "type": "text/plain" + }, + "key": "defaultFilter", + "value": "NONE" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1b3e23fa-aa1a-4d08-aa50-c6154674e494", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**alias**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*\n\n**email**: *eq, sw*\n\n**cloudStatus**: *eq*\n\n**processingState**: *eq*\n\n**correlated**: *eq*\n\n**protected**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"6c9079b270a266a60170a2779fcb0006\" or correlated eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, alias, cloudStatus**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-cloudStatus" + }, + { + "disabled": true, + "description": { + "content": "Adds additional filter to filters query parameter.\n\nCORRELATED_ONLY adds correlated=true and returns only identities that are correlated.\n\nNONE does not add any and returns all identities that satisfy filters query parameter.", + "type": "text/plain" + }, + "key": "defaultFilter", + "value": "NONE" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8b304d49-eecc-4042-b52e-c8e39a7fef77", + "name": "Identity Details", + "request": { + "name": "Identity Details", + "description": { + "content": "This API returns a single identity using the Identity ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Identity Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "75068b53-5829-4e74-8aee-c4fc56f3f968", + "name": "An identity object", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"alias\": \"walter.white\",\n \"emailAddress\": \"sender@example.com\",\n \"processingState\": \"ERROR\",\n \"identityStatus\": \"LOCKED\",\n \"managerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c4180a46faadee4016fb4e018c20626\",\n \"name\": \"Robert Robinson\"\n },\n \"isManager\": true,\n \"lastRefresh\": \"2020-11-22T15:42:31.123Z\",\n \"attributes\": {},\n \"lifecycleState\": {\n \"stateName\": \"active\",\n \"manuallyUpdated\": true\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b4a11ddc-a178-4135-93e2-70ece3d8bcfe", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a06466ee-ebfd-4832-8634-61a17c8ebc87", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce01ab25-77b4-4ff5-acfa-06caae0845ab", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "edad80ae-3f79-4724-98c5-2d4bf60419ef", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05e898d3-4461-4348-b555-a3c878ef0d20", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7e8f3c3-3a3d-4381-8b21-dca68d342dff", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6e6d779b-75f6-48ad-887a-95e111141084", + "name": "Delete identity", + "request": { + "name": "Delete identity", + "description": { + "content": "The API returns successful response if the requested identity was deleted.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Identity Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "772396dd-63e3-4d65-8a89-9698e98b7ed5", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "72f32247-a7ec-414a-9ba0-98c2b35c4377", + "name": "Client Error - Returned if the request is invalid. It may indicate that the specified identity is marked as protected and cannot be deleted.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \"Identity is the owner of following resources\",\n \"associationDetails\": {\n \"associationType\": \"CAMPAIGN_OWNER\",\n \"entities\": [\n {\n \"id\": \"b660a232f05b4e04812ca974b3011e0f\",\n \"name\": \"Gaston.800ddf9640a\",\n \"type\": \"CAMPAIGN_CAMPAIGNER\"\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f1c49dab-4549-46e5-9d80-7556e4d6b9bb", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d143f3c2-37ae-4698-bc0c-415f7acc7542", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "71ed849f-42cd-4003-a49d-8b834b773941", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3fb905eb-703f-42ec-b39b-90dded2c398a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4990bfd6-c23e-494c-814d-9cad8d8722e8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "26c94fd3-e169-463e-bb21-4c9325a8d415", + "name": "Process a list of identityIds", + "request": { + "name": "Process a list of identityIds", + "description": { + "content": "This operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing) and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing) that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized. \n\nThis endpoint will perform the following tasks:\n1. Calculate identity attributes, including applying or running any rules or transforms (e.g. calculate Lifecycle State at a point-in-time it's expected to change).\n2. Evaluate role assignments, leading to assignment of new roles and removal of existing roles.\n3. Enforce provisioning for any assigned accesses that haven't been fulfilled (e.g. failure due to source health).\n4. Recalculate manager relationships.\n5. Potentially clean-up identity processing errors, assuming the error has been resolved.\n\nA token with ORG_ADMIN or HELPDESK authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "identities", + "process" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"ef38f94347e94562b5bb8424a56397d8\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "f904b86c-06b2-401f-b8e9-329d12545f77", + "name": "Object containing the DTO type TASK_RESULT and the job id for the task", + "originalRequest": { + "url": { + "path": [ + "identities", + "process" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"ef38f94347e94562b5bb8424a56397d8\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"TASK_RESULT\",\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"name\": \"null\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b693f19a-ac51-4b88-944e-eee51aafb77b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities", + "process" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"ef38f94347e94562b5bb8424a56397d8\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b1cd4f3-70fa-427a-b469-6a087ca44441", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities", + "process" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"ef38f94347e94562b5bb8424a56397d8\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "87007e39-5b6d-47d9-a1b8-1a6c20262553", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities", + "process" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"ef38f94347e94562b5bb8424a56397d8\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "54ed666a-cad7-4ba9-b4ad-6a2c4d158687", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities", + "process" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"ef38f94347e94562b5bb8424a56397d8\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8b5f0d2d-b71f-4d12-bba6-2c50bec096dc", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities", + "process" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"ef38f94347e94562b5bb8424a56397d8\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f3dbbf02-047d-40e8-af50-50b8e0de0e83", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities", + "process" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityIds\": [\n \"ef38f94347e94562b5bb8424a56397d8\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7da500c6-70e3-44fb-a256-9dfdbce57bd9", + "name": "Reset an identity", + "request": { + "name": "Reset an identity", + "description": { + "content": "Use this endpoint to reset a user's identity if they have forgotten their authentication information like their answers to knowledge-based questions. Resetting an identity de-registers the user and removes any elevated user levels they have.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities", + ":id", + "reset" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "id" + }, + { + "disabled": true, + "description": { + "content": "(Required) Identity Id", + "type": "text/plain" + }, + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "identityId" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "7ce0d079-4b9b-44ea-bb4c-d61ed18642f0", + "name": "Accepted. The reset request accepted and is in progress.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id", + "reset" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "ee7627e8-b3a9-4e6a-86e3-1a02aac2f051", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id", + "reset" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d3fa50a-55f1-4b07-b78a-210b04647154", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id", + "reset" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ecce710-f147-4472-9463-bc985912abab", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id", + "reset" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c562116-8e95-49b1-b40d-9c213716ac11", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id", + "reset" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "80021955-4d6c-4b0a-addb-5fa64fe15549", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id", + "reset" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3de0b170-5d83-4fc6-8866-fa75e022f613", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":id", + "reset" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "91094851-fdc0-4b80-b71d-1118908b1d48", + "name": "List role assignments", + "request": { + "name": "List role assignments", + "description": { + "content": "This returns either a list of Role Assignments when querying with either a Role Id or Role Name, or a list of Role Assignment References if querying with only identity Id.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Role Id to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleId", + "value": "e7697a1e96d04db1ac7b0f4544915d2c" + }, + { + "disabled": true, + "description": { + "content": "Role name to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleName", + "value": "Engineer" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "identityId", + "disabled": true, + "description": { + "content": "(Required) Identity Id to get the role assignments for", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "aa2bcef4-2afe-4a5a-9adf-f946b69c27c5", + "name": "A role assignment object", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Role Id to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleId", + "value": "e7697a1e96d04db1ac7b0f4544915d2c" + }, + { + "disabled": true, + "description": { + "content": "Role name to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleName", + "value": "Engineer" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"1cbb0705b38c4226b1334eadd8874086\",\n \"role\": {\n \"type\": \"ROLE\",\n \"name\": \"Engineer\"\n }\n },\n {\n \"id\": \"1cbb0705b38c4226b1334eadd8874086\",\n \"role\": {\n \"type\": \"ROLE\",\n \"name\": \"Engineer\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bac56f03-0a77-4e08-b507-4f8f7e811118", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Role Id to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleId", + "value": "e7697a1e96d04db1ac7b0f4544915d2c" + }, + { + "disabled": true, + "description": { + "content": "Role name to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleName", + "value": "Engineer" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55b79d9c-2858-47a4-8d45-d6983cf2a530", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Role Id to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleId", + "value": "e7697a1e96d04db1ac7b0f4544915d2c" + }, + { + "disabled": true, + "description": { + "content": "Role name to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleName", + "value": "Engineer" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "efa7f8d3-65b6-4da0-9be6-d556f6be9bf3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Role Id to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleId", + "value": "e7697a1e96d04db1ac7b0f4544915d2c" + }, + { + "disabled": true, + "description": { + "content": "Role name to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleName", + "value": "Engineer" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8a29265-76d3-4858-ae72-1c2bb9f9b608", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Role Id to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleId", + "value": "e7697a1e96d04db1ac7b0f4544915d2c" + }, + { + "disabled": true, + "description": { + "content": "Role name to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleName", + "value": "Engineer" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b8f773a-56b6-4c8d-bdb0-e5dd5ce05f44", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Role Id to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleId", + "value": "e7697a1e96d04db1ac7b0f4544915d2c" + }, + { + "disabled": true, + "description": { + "content": "Role name to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleName", + "value": "Engineer" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8d54f8a-5b69-489a-8dc7-407b4ff57115", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Role Id to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleId", + "value": "e7697a1e96d04db1ac7b0f4544915d2c" + }, + { + "disabled": true, + "description": { + "content": "Role name to filter the role assignments with", + "type": "text/plain" + }, + "key": "roleName", + "value": "Engineer" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ff6e21cd-1d45-462e-90da-5e2c1f56dce2", + "name": "Role assignment details", + "request": { + "name": "Role assignment details", + "description": {}, + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments", + ":assignmentId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "identityId", + "disabled": true, + "description": { + "content": "(Required) Identity Id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "1cbb0705b38c4226b1334eadd8874086", + "key": "assignmentId", + "disabled": true, + "description": { + "content": "(Required) Assignment Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e6f86b5c-66d6-4eb1-aede-1749f17b0959", + "name": "A role assignment object", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments", + ":assignmentId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"1cbb0705b38c4226b1334eadd8874086\",\n \"role\": {\n \"type\": \"ROLE\",\n \"name\": \"Engineer\"\n },\n \"comments\": \"I'm a new Engineer and need this role to do my work\",\n \"assignmentSource\": \"UI\",\n \"assigner\": {\n \"type\": \"IDENTITY\",\n \"name\": \"Jeff Richardson\"\n },\n \"assignedDimensions\": [\n {\n \"type\": \"DIMENSION\",\n \"name\": \"Northeast region\"\n }\n ],\n \"assignmentContext\": {\n \"requested\": {\n \"contextAttributes\": [\n {\n \"attribute\": \"department\",\n \"value\": \"Engineering\",\n \"derived\": false\n }\n ]\n },\n \"matched\": [\n {\n \"type\": \"DIMENSION\",\n \"name\": \"Engineer\"\n }\n ],\n \"computedDate\": \"Wed Feb 14 10:58:42\"\n },\n \"accountTargets\": [\n {\n \"source\": {\n \"type\": \"SOURCE\",\n \"name\": \"Active Directory\"\n },\n \"accountInfo\": {\n \"nativeIdentity\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"displayName\": \"Abby.Smith\",\n \"uuid\": \"{ad9fc391-246d-40af-b248-b6556a2b7c01}\"\n },\n \"roleName\": \"Marketing\"\n },\n {\n \"source\": {\n \"type\": \"SOURCE\",\n \"name\": \"Active Directory\"\n },\n \"accountInfo\": {\n \"nativeIdentity\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"displayName\": \"Abby.Smith\",\n \"uuid\": \"{ad9fc391-246d-40af-b248-b6556a2b7c01}\"\n },\n \"roleName\": \"Marketing\"\n }\n ],\n \"removeDate\": \"Wed Feb 14 10:58:42\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5002ee6e-87ab-4599-be9c-1a1965704110", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments", + ":assignmentId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "755fd2c1-dbde-4db1-9fd8-fa25db9e0dc0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments", + ":assignmentId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "07409447-da3b-4982-bc85-4d831313eb09", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments", + ":assignmentId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8fc9d9e-7d0f-4585-8783-0bce8d298bc7", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments", + ":assignmentId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b943d871-c0b0-4056-902e-d218e0852b5d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments", + ":assignmentId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5198667b-3ef4-4ee3-950a-5b40bcdcaa32", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identityId", + "role-assignments", + ":assignmentId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Identity Attributes", + "description": "", + "item": [ + { + "id": "38bfbc93-dedf-4c23-88a1-24cbc078f4b3", + "name": "List Identity Attributes", + "request": { + "name": "List Identity Attributes", + "description": { + "content": "Use this API to get a collection of identity attributes.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Include 'system' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSystem", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include 'silent' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSilent", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include only 'searchable' attributes in the response.", + "type": "text/plain" + }, + "key": "searchableOnly", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fe64b066-da85-42ea-8085-b93a64566607", + "name": "List of identity attributes.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Include 'system' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSystem", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include 'silent' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSilent", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include only 'searchable' attributes in the response.", + "type": "text/plain" + }, + "key": "searchableOnly", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n },\n {\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c56c299a-33fa-4de1-a095-eca84a6311ec", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Include 'system' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSystem", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include 'silent' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSilent", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include only 'searchable' attributes in the response.", + "type": "text/plain" + }, + "key": "searchableOnly", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5b70c28e-f44c-4d59-9bf2-31798ccc5976", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Include 'system' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSystem", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include 'silent' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSilent", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include only 'searchable' attributes in the response.", + "type": "text/plain" + }, + "key": "searchableOnly", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2768470e-3982-4dd7-a524-e06200379c9b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Include 'system' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSystem", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include 'silent' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSilent", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include only 'searchable' attributes in the response.", + "type": "text/plain" + }, + "key": "searchableOnly", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec835219-2db6-4593-8fdf-772355681046", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Include 'system' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSystem", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include 'silent' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSilent", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include only 'searchable' attributes in the response.", + "type": "text/plain" + }, + "key": "searchableOnly", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f03c82ed-ce59-4b82-ae79-ed5befb7ae47", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Include 'system' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSystem", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include 'silent' attributes in the response.", + "type": "text/plain" + }, + "key": "includeSilent", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Include only 'searchable' attributes in the response.", + "type": "text/plain" + }, + "key": "searchableOnly", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3520a8fa-c3af-420b-9d8b-7f7d7e40d2a2", + "name": "Create Identity Attribute", + "request": { + "name": "Create Identity Attribute", + "description": { + "content": "Use this API to create a new identity attribute.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "ba36f7ec-c2ef-44fe-9981-11e95c73c735", + "name": "The identity attribute was created successfully.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3665088-a7b2-4d1e-969c-d678b53daf2e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a0eae0b-af90-48c2-b6c5-72f5d2e5d288", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6485c26-36cf-4f9e-994f-e0c7caa95331", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8b4e9d2-e24d-4929-bf84-432835bacec0", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3da8fec4-e9a6-4ec0-8e79-05ec64ab3dea", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e74ed42-72c4-444d-a963-48afaad7822b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7ea262b3-44cc-4257-bac0-5063ad5ade80", + "name": "Get Identity Attribute", + "request": { + "name": "Get Identity Attribute", + "description": { + "content": "This gets an identity attribute for a given technical name.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "displayName", + "key": "name", + "disabled": true, + "description": { + "content": "(Required) The attribute's technical name.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f9efb90f-69f6-4f16-9e11-c836ae22bce6", + "name": "The identity attribute with the given name", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9472ceeb-398e-479b-a997-4a54986f7538", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f757f1f8-d691-4a51-97d0-6068e62ad476", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a611c16e-deb9-4d77-b5a3-95e6c9c348aa", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "098da832-0aff-4890-bbb0-900b7520fa92", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "301a0022-3381-469a-a7f0-7add3a58dcdc", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b85a069-d6b1-4c8a-b465-4f0c36815679", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ba5fe024-7e97-4f19-8148-820e14ccc6fb", + "name": "Update Identity Attribute", + "request": { + "name": "Update Identity Attribute", + "description": { + "content": "This updates an existing identity attribute. Making an attribute searchable requires that the `system`, `standard`, and `multi` properties be set to false.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "displayName", + "key": "name", + "disabled": true, + "description": { + "content": "(Required) The attribute's technical name.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "706f83ea-daba-436d-be30-4b1d902fc98f", + "name": "The identity attribute was updated successfully", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8f073b4b-eb69-4c67-a984-febc78ee8c95", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a57af07c-dfa6-40f5-b342-995a41c4a801", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d252ca7d-4081-4cf6-a5f6-a9d78c09308f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "479c046a-d24e-4a6d-93cf-e3de0348455a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1c05558-8628-4170-956a-f3523f35ce89", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8fbad2b3-2586-4c5c-ab9c-32a0c7829637", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"costCenter\",\n \"displayName\": \"Cost Center\",\n \"standard\": false,\n \"type\": \"string\",\n \"multi\": false,\n \"searchable\": false,\n \"system\": false,\n \"sources\": [\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n },\n {\n \"type\": \"rule\",\n \"properties\": {\n \"ruleType\": \"IdentityAttribute\",\n \"ruleName\": \"Cloud Promote Identity Attribute\"\n }\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "72f954cb-6c07-4fa0-8cb4-10707d7bfe6a", + "name": "Delete Identity Attribute", + "request": { + "name": "Delete Identity Attribute", + "description": { + "content": "This deletes an identity attribute with the given name. The `system` and `standard` properties must be set to false before you can delete an identity attribute.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "displayName", + "key": "name", + "disabled": true, + "description": { + "content": "(Required) The attribute's technical name.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "1e65aa68-2e43-483a-908b-e82339ab4a1e", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "bb71903d-795c-4d2b-a784-d0b1fab29fda", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7b3711d1-a703-4db8-bab1-b94b10061ea5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e55bec5d-2e27-45e8-962d-ae9d1dd15d84", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55269fb2-7276-47ff-a534-4dfb8269458c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "58f9d730-6cc2-4d3f-8861-3ddca547729a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8373d663-6253-401a-932c-fdb6117af79e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "29b7a5c8-c6c4-40f8-89d9-a54375b34089", + "name": "Bulk delete Identity Attributes", + "request": { + "name": "Bulk delete Identity Attributes", + "description": { + "content": "Use this API to bulk delete identity attributes for a given set of names. Attributes that are currently mapped in an identity profile cannot be deleted. The `system` and `standard` properties must be set to 'false' before you can delete an identity attribute.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-attributes", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"name\",\n \"displayName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "b586a884-db74-465f-b136-48f8019055fb", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"name\",\n \"displayName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "0c179ec8-51e6-4454-a332-ae9214473460", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"name\",\n \"displayName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e729045-fc36-430a-b1fa-cc6d5070f0cd", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"name\",\n \"displayName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6cbbe004-3b75-4d0d-90e8-1cbf85ed6c1d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"name\",\n \"displayName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e4679a03-c468-4972-bf7e-123fa999d3b9", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"name\",\n \"displayName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b42aab18-8c00-4761-9d23-38aa0d44dc82", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"name\",\n \"displayName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2ccbfb68-4cb8-4d5c-ba76-d2a9c40cdaf4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-attributes", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"name\",\n \"displayName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Identity History", + "description": "", + "item": [ + { + "id": "91b9fb15-78d4-4304-9161-27aa31cce624", + "name": "Lists all the identities", + "request": { + "name": "Lists all the identities", + "description": { + "content": "This gets the list of identities for the customer. This list end point does not support count=true request param. The total count of identities would never be returned even if the count param is specified in the request Requires authorization scope of 'idn:identity-history:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This param is used for starts-with search for first, last and display name of the identity", + "type": "text/plain" + }, + "key": "starts-with-query", + "value": "Ada" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list down deleted identities or not.", + "type": "text/plain" + }, + "key": "is-deleted", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list active or inactive identities.", + "type": "text/plain" + }, + "key": "is-active", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c05d0ecb-c43e-40b3-9f05-d454ff259689", + "name": "List of identities for the customer.", + "originalRequest": { + "url": { + "path": [ + "historical-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This param is used for starts-with search for first, last and display name of the identity", + "type": "text/plain" + }, + "key": "starts-with-query", + "value": "Ada" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list down deleted identities or not.", + "type": "text/plain" + }, + "key": "is-deleted", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list active or inactive identities.", + "type": "text/plain" + }, + "key": "is-active", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Adam Zampa\",\n \"firstName\": \"Adam\",\n \"lastName\": \"Zampa\",\n \"active\": true,\n \"deletedDate\": \"2007-03-01T13:00:00.000Z\"\n },\n {\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Adam Zampa\",\n \"firstName\": \"Adam\",\n \"lastName\": \"Zampa\",\n \"active\": true,\n \"deletedDate\": \"2007-03-01T13:00:00.000Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9a0deba6-7153-4244-b4d9-5779d9415cf1", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This param is used for starts-with search for first, last and display name of the identity", + "type": "text/plain" + }, + "key": "starts-with-query", + "value": "Ada" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list down deleted identities or not.", + "type": "text/plain" + }, + "key": "is-deleted", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list active or inactive identities.", + "type": "text/plain" + }, + "key": "is-active", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a7a4aa6-6b51-43d6-8de6-703c9b202888", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This param is used for starts-with search for first, last and display name of the identity", + "type": "text/plain" + }, + "key": "starts-with-query", + "value": "Ada" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list down deleted identities or not.", + "type": "text/plain" + }, + "key": "is-deleted", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list active or inactive identities.", + "type": "text/plain" + }, + "key": "is-active", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7cabce6a-7460-406b-a55c-5c23f7d9f6c4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This param is used for starts-with search for first, last and display name of the identity", + "type": "text/plain" + }, + "key": "starts-with-query", + "value": "Ada" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list down deleted identities or not.", + "type": "text/plain" + }, + "key": "is-deleted", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list active or inactive identities.", + "type": "text/plain" + }, + "key": "is-active", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e951438c-4717-4f5f-9204-0cce0b8c8e38", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "historical-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This param is used for starts-with search for first, last and display name of the identity", + "type": "text/plain" + }, + "key": "starts-with-query", + "value": "Ada" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list down deleted identities or not.", + "type": "text/plain" + }, + "key": "is-deleted", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list active or inactive identities.", + "type": "text/plain" + }, + "key": "is-active", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9770c512-40f8-4611-9296-26001aa9aeb8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This param is used for starts-with search for first, last and display name of the identity", + "type": "text/plain" + }, + "key": "starts-with-query", + "value": "Ada" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list down deleted identities or not.", + "type": "text/plain" + }, + "key": "is-deleted", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Indicates if we want to only list active or inactive identities.", + "type": "text/plain" + }, + "key": "is-active", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b6bd1aea-5645-476a-89bc-e7f13fb4c0ce", + "name": "Get latest snapshot of identity", + "request": { + "name": "Get latest snapshot of identity", + "description": { + "content": "This method retrieves a specified identity Requires authorization scope of 'idn:identity-history:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "aa6ffccc-6ffc-44a0-bbd8-bbcc7763c17b", + "name": "The identity object.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Adam Zampa\",\n \"snapshot\": \"2007-03-01T13:00:00.000Z\",\n \"deletedDate\": \"2007-03-01T13:00:00.000Z\",\n \"accessItemCount\": {\n \"app\": 0,\n \"role\": 2,\n \"entitlement\": 4,\n \"accessProfile\": 3,\n \"account\": 1\n },\n \"attributes\": {\n \"jobTitle\": \"HR Manager\",\n \"location\": \"NYC\",\n \"firstname\": \"Adam\",\n \"lastname\": \"Zampa\",\n \"department\": \"HR\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8706acae-5ece-4415-9555-65d498ec6259", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64ac5c4b-224e-466a-9058-21af32d19f2a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6ab0c83f-4dee-4a4b-8281-567f1e815245", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "786b6e53-16b9-4c5a-bacd-5f9e7bbfd734", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "888a5c11-ff40-4043-9283-a6350ff2100b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c7b83100-4186-49bb-9fb5-d8e4fb370d91", + "name": "Gets a list of access items for the identity filtered by item type", + "request": { + "name": "Gets a list of access items for the identity filtered by item type", + "description": { + "content": "This method retrieves a list of access item for the identity filtered by the access item type Requires authorization scope of 'idn:identity-history:read' ", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "14d50736-49bb-4ae0-8b2c-306bbd16fb93", + "name": "Access Profile", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"accessType\": \"accessProfile\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"name\": \"sample\",\n \"sourceName\": \"DataScienceDataset\",\n \"sourceId\": \"2793o32dwd\",\n \"description\": \"AccessProfile - Workday/Citizenship access\",\n \"displayName\": \"Dr. Arden Rogahn MD\",\n \"entitlementCount\": 12,\n \"appDisplayName\": \"AppName\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f2abe53f-c813-48f4-b003-e9d03a1e75ca", + "name": "Account", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"accessType\": \"account\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"nativeIdentity\": \"dr.arden.ogahn.d\",\n \"sourceName\": \"DataScienceDataset\",\n \"sourceId\": \"2793o32dwd\",\n \"entitlementCount\": 12,\n \"displayName\": \"Dr. Arden Rogahn MD\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ffcdf602-f5fb-4995-9283-19e26024596f", + "name": "App", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"accessType\": \"app\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"name\": \"appName\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8bcc4b26-0d9a-4247-b23f-874d05d177f2", + "name": "Entitlement", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"accessType\": \"entitlement\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"attribute\": \"groups\",\n \"value\": \"Upward mobility access\",\n \"type\": \"group\",\n \"sourceName\": \"DataScienceDataset\",\n \"sourceId\": \"2793o32dwd\",\n \"description\": \"Entitlement - Workday/Citizenship access\",\n \"displayName\": \"Dr. Arden Rogahn MD\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f87111ad-06e3-41a9-bc7a-229021f82552", + "name": "Role", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"accessType\": \"role\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"name\": \"sample\",\n \"description\": \"Role - Workday/Citizenship access\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "360e6f7f-cbe3-4f4d-ba50-c934f60d5fda", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "24eedaba-9a02-4159-9a5b-32464410b9a6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd02f11f-766a-4297-8b58-167803fda949", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70557761-2475-414f-bee1-e7cc004a2202", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d70993c-742c-420d-b988-c12e750b5559", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The type of access item for the identity. If not provided, it defaults to account", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "44443945-c1f1-4c9c-8001-1ce2c15b40ad", + "name": "Lists all the snapshots for the identity", + "request": { + "name": "Lists all the snapshots for the identity", + "description": { + "content": "This method retrieves all the snapshots for the identity Requires authorization scope of 'idn:identity-history:read' ", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The specified start date", + "type": "text/plain" + }, + "key": "start", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating the range in day or month for the specified interval-name", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "328bc04b-78a2-461b-bc31-74da2c4d067c", + "name": "A list of identity summary for each snapshot.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The specified start date", + "type": "text/plain" + }, + "key": "start", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating the range in day or month for the specified interval-name", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"snapshot\": \"2007-03-01T13:00:00.000Z\"\n },\n {\n \"snapshot\": \"2007-03-01T13:00:00.000Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "98a0f8a1-25ba-4edf-a6db-fa6b227c0b42", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The specified start date", + "type": "text/plain" + }, + "key": "start", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating the range in day or month for the specified interval-name", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a407d06-4326-41ec-b2e3-729082fdd97f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The specified start date", + "type": "text/plain" + }, + "key": "start", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating the range in day or month for the specified interval-name", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ff5ab1b-215e-4ac1-961e-02e0db36b110", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The specified start date", + "type": "text/plain" + }, + "key": "start", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating the range in day or month for the specified interval-name", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5b31ccf-7a3a-4253-aacb-e7a11d7c7f98", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The specified start date", + "type": "text/plain" + }, + "key": "start", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating the range in day or month for the specified interval-name", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b12ad5a-0f7f-4166-b48e-9695cafdd899", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The specified start date", + "type": "text/plain" + }, + "key": "start", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating the range in day or month for the specified interval-name", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "573ff017-5ab2-47c1-86d2-b048da5181aa", + "name": "Gets the summary for the event count for a specific identity", + "request": { + "name": "Gets the summary for the event count for a specific identity", + "description": { + "content": "This method gets the summary for the event count for a specific identity by month/day Requires authorization scope of 'idn:identity-history:read' ", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id", + "snapshot-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The date before which snapshot summary is required", + "type": "text/plain" + }, + "key": "before", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating day or month. Defaults to month if not specified", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "The time zone. Defaults to UTC if not provided", + "type": "text/plain" + }, + "key": "time-zone", + "value": "UTC" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "9c9627fa-62d4-4851-8335-d54c15f27dab", + "name": "A summary list of identity changes in date histogram format.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshot-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The date before which snapshot summary is required", + "type": "text/plain" + }, + "key": "before", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating day or month. Defaults to month if not specified", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "The time zone. Defaults to UTC if not provided", + "type": "text/plain" + }, + "key": "time-zone", + "value": "UTC" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"2021-04-01T00:00:00.000Z\",\n \"value\": 2\n },\n {\n \"name\": \"2021-04-01T00:00:00.000Z\",\n \"value\": 2\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2a195157-1da5-44eb-a74a-aed47e0701cf", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshot-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The date before which snapshot summary is required", + "type": "text/plain" + }, + "key": "before", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating day or month. Defaults to month if not specified", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "The time zone. Defaults to UTC if not provided", + "type": "text/plain" + }, + "key": "time-zone", + "value": "UTC" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d4e57ce-154f-4cb1-be41-2a690d03b5c3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshot-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The date before which snapshot summary is required", + "type": "text/plain" + }, + "key": "before", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating day or month. Defaults to month if not specified", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "The time zone. Defaults to UTC if not provided", + "type": "text/plain" + }, + "key": "time-zone", + "value": "UTC" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a3c10c32-8b14-4870-903d-1a8ae664d3b6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshot-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The date before which snapshot summary is required", + "type": "text/plain" + }, + "key": "before", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating day or month. Defaults to month if not specified", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "The time zone. Defaults to UTC if not provided", + "type": "text/plain" + }, + "key": "time-zone", + "value": "UTC" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f97d02b0-3741-40aa-8369-01fe723c6b11", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshot-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The date before which snapshot summary is required", + "type": "text/plain" + }, + "key": "before", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating day or month. Defaults to month if not specified", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "The time zone. Defaults to UTC if not provided", + "type": "text/plain" + }, + "key": "time-zone", + "value": "UTC" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "557987f9-7956-4de1-a4a4-7472a92b6a63", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshot-summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The date before which snapshot summary is required", + "type": "text/plain" + }, + "key": "before", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The interval indicating day or month. Defaults to month if not specified", + "type": "text/plain" + }, + "key": "interval", + "value": "month" + }, + { + "disabled": true, + "description": { + "content": "The time zone. Defaults to UTC if not provided", + "type": "text/plain" + }, + "key": "time-zone", + "value": "UTC" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a5ea3edf-950b-447b-b949-fe0f0a1c9e3f", + "name": "Gets an identity snapshot at a given date", + "request": { + "name": "Gets an identity snapshot at a given date", + "description": { + "content": "This method retrieves a specified identity snapshot at a given date Requires authorization scope of 'idn:identity-history:read' ", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2007-03-01T13:00:00Z", + "key": "date", + "disabled": true, + "description": { + "content": "(Required) The specified date", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "43f3f2f9-974f-47ee-a684-3be71d4d9c09", + "name": "The identity object.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Adam Zampa\",\n \"snapshot\": \"2007-03-01T13:00:00.000Z\",\n \"deletedDate\": \"2007-03-01T13:00:00.000Z\",\n \"accessItemCount\": {\n \"app\": 0,\n \"role\": 2,\n \"entitlement\": 4,\n \"accessProfile\": 3,\n \"account\": 1\n },\n \"attributes\": {\n \"jobTitle\": \"HR Manager\",\n \"location\": \"NYC\",\n \"firstname\": \"Adam\",\n \"lastname\": \"Zampa\",\n \"department\": \"HR\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "31298169-7398-4610-b359-71e2aa9f68ab", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3237df2b-76be-4a5b-9dbb-d323e6e54650", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "36a99e7f-ba87-4392-b19f-bee7dbaa1b4e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4860ca50-f595-4a49-9e81-6fec20066b37", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ce6a9a8-aabf-43f4-b8cc-0983730777eb", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d1db34de-47e5-4e8c-b18a-ded5095b8ed1", + "name": "Gets the list of identity access items at a given date filterd by item type", + "request": { + "name": "Gets the list of identity access items at a given date filterd by item type", + "description": { + "content": "This method retrieves the list of identity access items at a given date filterd by item type Requires authorization scope of 'idn:identity-history:read' ", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2007-03-01T13:00:00Z", + "key": "date", + "disabled": true, + "description": { + "content": "(Required) The specified date", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "13633ecb-af23-4615-8443-a102916f908a", + "name": "Access Item AccessProfile Response", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"accessProfile\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"name\": \"sample\",\n \"sourceName\": \"DataScienceDataset\",\n \"sourceId\": \"2793o32dwd\",\n \"description\": \"AccessProfile - Workday/Citizenship access\",\n \"displayName\": \"Dr. Arden Rogahn MD\",\n \"entitlementCount\": 12,\n \"appDisplayName\": \"AppName\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2ddb0729-31eb-4fe5-b089-f3bff23425b9", + "name": "Access Item Account Response", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"account\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"nativeIdentity\": \"dr.arden.ogahn.d\",\n \"sourceName\": \"DataScienceDataset\",\n \"sourceId\": \"2793o32dwd\",\n \"entitlementCount\": 12,\n \"displayName\": \"Dr. Arden Rogahn MD\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9ef306fc-5235-43c8-b5b5-805daa8315d1", + "name": "Access Item App Response", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"app\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"name\": \"appName\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "327876a9-4cc0-4b13-999a-45685ce916dc", + "name": "Access Item Entitlement Response", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"entitlement\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"attribute\": \"groups\",\n \"value\": \"Upward mobility access\",\n \"entitlementType\": \"entitlement\",\n \"sourceName\": \"DataScienceDataset\",\n \"sourceId\": \"2793o32dwd\",\n \"description\": \"Entitlement - Workday/Citizenship access\",\n \"displayName\": \"Dr. Arden Rogahn MD\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f10ca42-bc05-41d5-830a-d47bae7c3e92", + "name": "Access Item Role Response", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"role\",\n \"id\": \"2c918087763e69d901763e72e97f006f\",\n \"name\": \"sample\",\n \"description\": \"Role - Workday/Citizenship access\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5cb1d2f4-3e2e-4e08-a9bd-101a1ce39d6f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1d009e41-d926-4806-9412-d018f096bd5e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9639674f-a0a2-4efb-8115-2330a753f8b8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "457031bf-e584-46dd-8209-4b50cb8de66f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fc1c9081-31c7-4a26-9d74-a2b0536f795c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "snapshots", + ":date", + "access-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The access item type", + "type": "text/plain" + }, + "key": "type", + "value": "account" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ec9fd447-ae3b-4e00-a820-2c49e4b5dfcc", + "name": "Lists all events for the given identity", + "request": { + "name": "Lists all events for the given identity", + "description": { + "content": "This method retrieves all access events for the identity Requires authorization scope of 'idn:identity-history:read' ", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessAddedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "entitlement" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fe988fe9-761f-43b5-83b5-ee492c28acad", + "name": "AccessItemAssociated", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"accessItem\": {\n \"id\": \"8c190e6787aa4ed9a90bd9d5344523fb\",\n \"accessType\": \"account\",\n \"nativeIdentity\": 127999,\n \"sourceName\": \"JDBC Entitlements Source\",\n \"entitlementCount\": 0,\n \"displayName\": \"Sample Name\"\n },\n \"eventType\": \"AccessItemAssociated\",\n \"identityId\": \"8a80828f643d484f01643e14202e206f\",\n \"dt\": \"2019-03-08T22:37:33.901Z\",\n \"governanceEvent\": {\n \"name\": \"Access Request 58\",\n \"dt\": \"2019-03-08T22:37:33.901Z\",\n \"type\": \"accessRequest\",\n \"governanceId\": \"2c91808a77ff216301782327a50f09e1\",\n \"owners\": [\n {\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Jon Snow\"\n }\n ],\n \"reviewers\": [\n {\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Jon Snow\"\n }\n ],\n \"decisionMaker\": {\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Jon Snow\"\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f114fd8f-97fb-4c24-8b19-d2b419b17aa4", + "name": "AccessItemRemoved", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"accessItem\": {\n \"id\": \"8c190e6787aa4ed9a90bd9d5344523fb\",\n \"accessType\": \"account\",\n \"nativeIdentity\": 127999,\n \"sourceName\": \"JDBC Entitlements Source\",\n \"entitlementCount\": 0,\n \"displayName\": \"Sample Name\"\n },\n \"eventType\": \"AccessItemRemoved\",\n \"identityId\": \"8a80828f643d484f01643e14202e206f\",\n \"dt\": \"2019-03-08T22:37:33.901Z\",\n \"governanceEvent\": {\n \"name\": \"Manager Certification for Jon Snow\",\n \"dt\": \"2019-03-08T22:37:33.901Z\",\n \"type\": \"certification\",\n \"governanceId\": \"2c91808a77ff216301782327a50f09bf\",\n \"owners\": [\n {\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Jon Snow\"\n }\n ],\n \"reviewers\": [\n {\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Jon Snow\"\n }\n ],\n \"decisionMaker\": {\n \"id\": \"bc693f07e7b645539626c25954c58554\",\n \"displayName\": \"Jon Snow\"\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d318c88-083f-4977-b832-d66a3b0f6948", + "name": "AttributesChanged", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"attributeChanges\": [\n {\n \"name\": \"firstname\",\n \"previousValue\": \"adam\",\n \"newValue\": \"zampa\"\n }\n ],\n \"eventType\": \"AttributesChanged\",\n \"identityId\": \"8a80828f643d484f01643e14202e206f\",\n \"dt\": \"2019-03-08T22:37:33.901Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3cae53a0-cfa1-4606-b266-f3550abc0fa1", + "name": "AccessRequested", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accessRequest\": {\n \"requesterId\": \"2c91808a77ff216301782327a50f09bf\",\n \"requestName\": \"Bing C\",\n \"items\": [\n {\n \"operation\": \"Add\",\n \"accessItemType\": \"role\",\n \"name\": \"Role-1\",\n \"decision\": \"APPROVED\",\n \"description\": \"The role descrition\",\n \"sourceId\": \"8a80828f643d484f01643e14202e206f\",\n \"sourceName\": \"Source1\",\n \"approvalInfos\": [\n {\n \"name\": \"John Snow\",\n \"id\": \"8a80828f643d484f01643e14202e2000\",\n \"status\": \"Approved\"\n }\n ]\n }\n ]\n },\n \"eventType\": \"AccessRequested\",\n \"identityId\": \"8a80828f643d484f01643e14202e206f\",\n \"dt\": \"2019-03-08T22:37:33.901Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b6d806f6-fa9f-479a-b7ed-f661e207876c", + "name": "IdentityCertified", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"certification\": {\n \"id\": \"2c91808a77ff216301782327a50f09bf\",\n \"name\": \"Cert name\",\n \"signedDate\": \"2019-03-08T22:37:33.901Z\",\n \"certifiers\": [\n {\n \"id\": \"8a80828f643d484f01643e14202e206f\",\n \"displayName\": \"John Snow\"\n }\n ],\n \"reviewers\": [\n {\n \"id\": \"8a80828f643d484f01643e14202e206f\",\n \"displayName\": \"Daenerys Targaryen\"\n }\n ],\n \"signer\": {\n \"id\": \"8a80828f643d484f01643e14202e206f\",\n \"displayName\": \"Tyrion Lannister\"\n }\n },\n \"eventType\": \"IdentityCertified\",\n \"identityId\": \"8a80828f643d484f01643e14202e206f\",\n \"dt\": \"2019-03-08T22:37:33.901Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f1087b6-96b4-4e74-9194-496c503d8ca4", + "name": "AccountStatusChanged", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"account\": {\n \"id\": \"2c91808a77ff216301782327a50f09bf\",\n \"nativeIdentity\": 127999,\n \"displayName\": \"Sample Name\",\n \"sourceId\": \"8a80828f643d484f01643e14202e206f\",\n \"sourceName\": \"JDBC Entitlements Source\",\n \"entitlementCount\": 0,\n \"accessType\": \"account\"\n },\n \"statusChange\": {\n \"previousStatus\": \"ENABLED\",\n \"newStatus\": \"DISABLED\"\n },\n \"eventType\": \"AccountStatusChanged\",\n \"identityId\": \"8a80828f643d484f01643e14202e206f\",\n \"dt\": \"2019-03-08T22:37:33.901Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "da7bc91b-133e-4d04-a44c-3b994ed35256", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "54add089-97f9-4ba4-9d7d-3a3347fcf83d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "744a7e0e-947d-43a5-8c76-cb86281e4ab0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6092745c-90c0-44ee-ac31-c26dbc6891a2", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2dd3a72c-7bc3-4476-a709-a00672aca2e6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2af0ebb5-f7a0-4ca7-9b6c-dcb62b1ef5f8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "events" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The optional instant until which access events are returned", + "type": "text/plain" + }, + "key": "from", + "value": "2024-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of event types to return. If null or empty, all events are returned", + "type": "text/plain" + }, + "key": "eventTypes", + "value": "AccessRemovedEvent" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "account" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "af6afe6e-8389-4e89-b389-1df4b29d7423", + "name": "Gets the start date of the identity", + "request": { + "name": "Gets the start date of the identity", + "description": { + "content": "This method retrieves start date of the identity Requires authorization scope of 'idn:identity-history:read' ", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id", + "start-date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "aa15f0c4-a8ba-49ed-ae8f-9930f303ae20", + "name": "The start date of the identity", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "start-date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "2017-03-01T13:00:00.000Z", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "039361cb-d8cd-476c-9e8c-e9bc9817b29a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "start-date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ff0ef968-8f89-4400-b8b9-f4848aad4867", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "start-date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa553415-d926-4a2a-a4b4-dcf190764011", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "start-date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d9ebe17d-1628-471c-9c23-d75a62528196", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "start-date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ffbbcee-56b7-40fd-9306-a0ce836663af", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "start-date" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0c1230f4-96ae-4aae-bd61-2435f1279beb", + "name": "Gets a difference of count for each access item types for the given identity between 2 snapshots", + "request": { + "name": "Gets a difference of count for each access item types for the given identity between 2 snapshots", + "description": { + "content": "This method gets a difference of count for each access item types for the given identity between 2 snapshots Requires authorization scope of 'idn:identity-history:read' ", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id", + "compare" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned ", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "reprehenderit Excepteur dolore eiusmod" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned ", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "p" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "bf0eecfc-e670-48fb-a06b-9ef23b998d53", + "name": "A IdentityCompare object with difference details for each access item type", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned ", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "p" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"accessItemDiff\": {\n \"role\": {\n \"accessAdded\": 2,\n \"accessRemoved\": 3\n },\n \"entitlement\": {\n \"accessAdded\": 4,\n \"accessRemoved\": 0\n },\n \"accessProfile\": {\n \"accessAdded\": 0,\n \"accessRemoved\": 1\n }\n }\n },\n {\n \"accessItemDiff\": {\n \"role\": {\n \"accessAdded\": 2,\n \"accessRemoved\": 3\n },\n \"entitlement\": {\n \"accessAdded\": 4,\n \"accessRemoved\": 0\n },\n \"accessProfile\": {\n \"accessAdded\": 0,\n \"accessRemoved\": 1\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "92b672e1-1b49-4ca8-a99f-b91f9120d618", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned ", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "p" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dac181d0-9061-4a99-8e24-e035c50c4219", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned ", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "p" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a76153b4-7d7b-4b52-815c-a83912634881", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned ", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "p" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "54058444-e979-4705-a7f7-662056457f69", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned ", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "p" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c54945a4-0509-43e7-95ca-afe4caf7cff1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned ", + "type": "text/plain" + }, + "key": "accessItemTypes", + "value": "p" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e9fec77a-de39-4747-9fe5-f08dd0101f16", + "name": "Gets a list of differences of specific accessType for the given identity between 2 snapshots", + "request": { + "name": "Gets a list of differences of specific accessType for the given identity between 2 snapshots", + "description": { + "content": "This method gets a list of differences of specific accessType for the given identity between 2 snapshots Requires authorization scope of 'idn:identity-history:read' ", + "type": "text/plain" + }, + "url": { + "path": [ + "historical-identities", + ":id", + "compare", + ":access-type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed", + "type": "text/plain" + }, + "key": "access-associated", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2009-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The identity id", + "type": "text/plain" + } + }, + { + "type": "any", + "key": "access-type" + }, + { + "disabled": true, + "description": { + "content": "(Required) The specific type which needs to be compared", + "type": "text/plain" + }, + "type": "any", + "value": "role", + "key": "accessType" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ab754e8a-df3f-4ce1-a07f-cd414b32d7ad", + "name": "A list of events for the identity", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare", + ":access-type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed", + "type": "text/plain" + }, + "key": "access-associated", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2009-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"eventType\": \"ADD\",\n \"displayName\": \"Test\",\n \"sourceName\": \"Source\"\n },\n {\n \"eventType\": \"ADD\",\n \"displayName\": \"Test\",\n \"sourceName\": \"Source\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "da2d8375-ead8-4526-b73d-cf6d5cdf5704", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare", + ":access-type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed", + "type": "text/plain" + }, + "key": "access-associated", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2009-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "477a4155-7253-4961-8c42-2fea25d552b7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare", + ":access-type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed", + "type": "text/plain" + }, + "key": "access-associated", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2009-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5aae9d8a-ff85-4f92-ac9f-39f49fe215ae", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare", + ":access-type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed", + "type": "text/plain" + }, + "key": "access-associated", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2009-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e438094f-25c1-480c-826f-a152cfd837ed", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare", + ":access-type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed", + "type": "text/plain" + }, + "key": "access-associated", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2009-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "22c987d4-8097-41b8-bfb3-42449b645d18", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "historical-identities", + ":id", + "compare", + ":access-type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed", + "type": "text/plain" + }, + "key": "access-associated", + "value": "2007-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 1 of identity", + "type": "text/plain" + }, + "key": "snapshot1", + "value": "2008-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "The snapshot 2 of identity", + "type": "text/plain" + }, + "key": "snapshot2", + "value": "2009-03-01T13:00:00Z" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Identity Profiles", + "description": "Use this API to implement identity profile functionality. \nWith this functionality in place, administrators can view identity profiles and their configurations. \n\nIdentity profiles represent the configurations that can be applied to identities as a way of granting them a set of security and access, as well as defining the mappings between their identity attributes and their source attributes. \n\nIn Identity Security Cloud, administrators can use the Identities drop-down menu and select Identity Profiles to view the list of identity profiles. \nThis list shows some details about each identity profile, along with its status. \nThey can select an identity profile to view its settings, its mappings between identity attributes and correlating source account attributes, and its provisioning settings. \n\nRefer to [Creating Identity Profiles](https://documentation.sailpoint.com/saas/help/setup/identity_profiles.html) for more information about identity profiles.\n", + "item": [ + { + "id": "687859af-ca30-46a0-af00-8ce934c094a3", + "name": "Identity Profiles List", + "request": { + "name": "Identity Profiles List", + "description": { + "content": "This returns a list of Identity Profiles based on the specified query parameters.\nA token with ORG_ADMIN or API authority is required to call this API to get a list of Identity Profiles.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne, ge, gt, in, le, lt, isnull, sw*\n\n**name**: *eq, ne, in, le, lt, isnull, sw*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "63bb1da4-1235-476e-873c-7425e55e2723", + "name": "List of identityProfiles.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne, ge, gt, in, le, lt, isnull, sw*\n\n**name**: *eq, ne, in, le, lt, isnull, sw*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n },\n {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2b663a30-f5e4-4087-9f6b-414eb955fa11", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne, ge, gt, in, le, lt, isnull, sw*\n\n**name**: *eq, ne, in, le, lt, isnull, sw*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0aa85544-6e9d-4eba-9bb8-c61618d62851", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne, ge, gt, in, le, lt, isnull, sw*\n\n**name**: *eq, ne, in, le, lt, isnull, sw*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7a1dd1b-18e9-4c11-9978-500d7c385783", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne, ge, gt, in, le, lt, isnull, sw*\n\n**name**: *eq, ne, in, le, lt, isnull, sw*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5b798cc-dcf4-4624-9db9-875104c45e5c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne, ge, gt, in, le, lt, isnull, sw*\n\n**name**: *eq, ne, in, le, lt, isnull, sw*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "439f1768-3d85-4442-bb55-090341f6434c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne, ge, gt, in, le, lt, isnull, sw*\n\n**name**: *eq, ne, in, le, lt, isnull, sw*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9e9164e5-c69a-4915-9b1c-dadccbe91f1b", + "name": "Create an Identity Profile", + "request": { + "name": "Create an Identity Profile", + "description": { + "content": "This creates an Identity Profile.\n\nA token with ORG_ADMIN authority is required to call this API to create an Identity Profile.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "bbf744f2-79e3-4314-8526-2648f8656ab8", + "name": "The created Identity Profile", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "54a7900b-1e51-411f-a635-275512f8fd73", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e77de240-b91a-4456-8bca-df2bfb9cd3de", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e51a29ca-267c-4301-a4e6-7878e4ab5edf", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "109e60bd-8f2c-4f79-8c73-2fdd89fda999", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f68855b-5be4-4506-9f9e-3b8795959530", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7894dfa5-df3b-4007-a0e8-03e766f23f1e", + "name": "Delete Identity Profiles", + "request": { + "name": "Delete Identity Profiles", + "description": { + "content": "This deletes multiple Identity Profiles via a list of supplied IDs.\n\nOn success, this endpoint will return a reference to the bulk delete task result.\n\nA token with ORG_ADMIN authority is required to call this API.\n\nThe following rights are required to access this endpoint: idn:identity-profile:delete", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"2c9180867b2a34e0017b3078d60b0699\",\n \"2c9180867b2a34e0017b3078d60b0698\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "10964750-7eba-4641-9667-ce30d2c70b70", + "name": "Accepted - Returns a TaskResult object referencing the bulk delete job created.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"2c9180867b2a34e0017b3078d60b0699\",\n \"2c9180867b2a34e0017b3078d60b0698\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"ff8081814d977c21014da056804a0af3\",\n \"name\": \"Background Object Terminator c8f030f2-b1a6-4e33-99e8-6935bc18735d\",\n \"description\": \"Generic task for terminating data in the overlay, used by the TerminationService.\",\n \"launcher\": \"support\",\n \"completed\": \"1989-01-26T14:16:02.409Z\",\n \"launched\": \"2022-02-03T07:14:38.323Z\",\n \"completionStatus\": \"Success\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b9d44998-2ed8-48e1-acec-d8ca543bcd1d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"2c9180867b2a34e0017b3078d60b0699\",\n \"2c9180867b2a34e0017b3078d60b0698\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa066003-1533-4896-a5ca-4b729d3fb5f3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"2c9180867b2a34e0017b3078d60b0699\",\n \"2c9180867b2a34e0017b3078d60b0698\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d0592c7a-ef39-414e-90e6-5c269ab041b6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"2c9180867b2a34e0017b3078d60b0699\",\n \"2c9180867b2a34e0017b3078d60b0698\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2e9cfc99-be17-41a2-ac14-b3a4cf450f79", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"2c9180867b2a34e0017b3078d60b0699\",\n \"2c9180867b2a34e0017b3078d60b0698\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b6e52e56-a4c9-49c5-be0d-b93fee804c9c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n \"2c9180867b2a34e0017b3078d60b0699\",\n \"2c9180867b2a34e0017b3078d60b0698\"\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c9197f21-911e-45e1-9331-9c93f84ff79a", + "name": "Export Identity Profiles", + "request": { + "name": "Export Identity Profiles", + "description": { + "content": "This exports existing identity profiles in the format specified by the sp-config service.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne*\n\n**name**: *eq, ne*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7cb9c79f-caeb-4e86-849c-3b8c3ca563d4", + "name": "List of export objects with identity profiles.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne*\n\n**name**: *eq, ne*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n },\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6bcea7eb-e3d1-4e65-9ca0-a4ec8df40ff8", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne*\n\n**name**: *eq, ne*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e4405e16-c056-4193-a11a-5c1f662ac69e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne*\n\n**name**: *eq, ne*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64692d73-6885-4558-8022-afefd009130f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne*\n\n**name**: *eq, ne*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4c0de16f-168f-479a-b0fc-7f810effac74", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne*\n\n**name**: *eq, ne*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d9f32b55-c82c-4f80-9c4e-6a46a0a7c64b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ne*\n\n**name**: *eq, ne*\n\n**priority**: *eq, ne*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"ef38f94347e94562b5bb8424a56397d8\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, priority**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b42b4f30-0cb0-465a-9186-23dae41b91a4", + "name": "Import Identity Profiles", + "request": { + "name": "Import Identity Profiles", + "description": { + "content": "This imports previously exported identity profiles.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n },\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "003dfafc-0dc1-45da-acc0-2a70582aab41", + "name": "The result of importing Identity Profiles.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n },\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"infos\": [\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"details\": \"message details\"\n }\n },\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"details\": \"message details\"\n }\n }\n ],\n \"warnings\": [\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"details\": \"message details\"\n }\n },\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"details\": \"message details\"\n }\n }\n ],\n \"errors\": [\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"details\": \"message details\"\n }\n },\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"details\": \"message details\"\n }\n }\n ],\n \"importedObjects\": [\n {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9f57a6f4-904d-4df2-96a3-0628280c7a13", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n },\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a62d96c-938f-4b9d-9eae-f084b61e7842", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n },\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d4531f86-f3df-481e-9f2d-f1e531eaae96", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n },\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec6af195-d9a8-422f-a0f4-366ba66e2ae1", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n },\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ed8355c6-1986-45b8-a4ef-13c093d7340b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n },\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "52239337-dfad-40f5-8168-fa79f6fbc926", + "name": "Get single Identity Profile", + "request": { + "name": "Get single Identity Profile", + "description": { + "content": "This returns a single Identity Profile based on ID.\n\nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2b838de9-db9b-abcf-e646-d4f274ad4238", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) The Identity Profile ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "3f31d138-9a25-445f-a1f5-bc5d09b74f02", + "name": "An Identity Profile object.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5acc7fda-1e7a-4517-96d0-850f2712cd45", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "880ab61a-18ce-4944-bb70-ab80f1bb005b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec2d07fe-db1f-4dab-ad28-a55af3c4adfd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8ee8259-0cc9-4e82-a518-874ba0424ce2", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "de95d569-c3fe-48b3-9c1a-ef0176c9f582", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "830d2a9b-787f-4255-9051-0a2c5ed90e7e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "45055967-2f01-4b5c-a080-4f828299aea5", + "name": "Delete an Identity Profile", + "request": { + "name": "Delete an Identity Profile", + "description": { + "content": "This deletes an Identity Profile based on ID.\n\nOn success, this endpoint will return a reference to the bulk delete task result.\n\nA token with ORG_ADMIN authority is required to call this API.\n\nThe following rights are required to access this endpoint: idn:identity-profile:delete", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) The Identity Profile ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "ab5e7461-a38e-43d4-9d8e-fb6a779d082c", + "name": "Accepted - Returns a TaskResult object referencing the bulk delete job created.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"ff8081814d977c21014da056804a0af3\",\n \"name\": \"Background Object Terminator c8f030f2-b1a6-4e33-99e8-6935bc18735d\",\n \"description\": \"Generic task for terminating data in the overlay, used by the TerminationService.\",\n \"launcher\": \"support\",\n \"completed\": \"2023-10-24T03:37:17.672Z\",\n \"launched\": \"1982-09-14T01:12:32.304Z\",\n \"completionStatus\": \"Success\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "069809e5-49ae-46e0-b1bd-cffde45f63b5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c3424299-a628-45ab-b6c5-7734f2f495b3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1a1045b-4cba-4b33-8a4b-3c0b119c57a9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb5310be-367a-4167-83ba-1fd2700ee3f9", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9da46ec6-4009-4429-824b-84ad4635b3f5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f4feb5af-2418-4723-9770-b3ac7b6afde1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9bee95c6-e071-4308-b526-6a50082c40e4", + "name": "Update the Identity Profile", + "request": { + "name": "Update the Identity Profile", + "description": { + "content": "This updates the specified Identity Profile.\n\nA token with ORG_ADMIN authority is required to call this API to update the Identity Profile.\n\nSome fields of the Schema cannot be updated. These fields are listed below:\n* id\n* name\n* created\n* modified\n* identityCount\n* identityRefreshRequired\n* Authoritative Source and Identity Attribute Configuration cannot be modified at once.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) The Identity Profile ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/identityAttributeConfig/attributeTransforms/0\",\n \"value\": {\n \"identityAttributeName\": \"location\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"sourceName\": \"Employees\",\n \"attributeName\": \"location\",\n \"sourceId\": \"2c91808878b7d63b0178c66ffcdc4ce4\"\n }\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "b1b21c0f-3c70-4df7-9c40-5e5c137b2924", + "name": "The updated Identity Profile.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/identityAttributeConfig/attributeTransforms/0\",\n \"value\": {\n \"identityAttributeName\": \"location\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"sourceName\": \"Employees\",\n \"attributeName\": \"location\",\n \"sourceId\": \"2c91808878b7d63b0178c66ffcdc4ce4\"\n }\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"authoritativeSource\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"description\": \"My custom flat file profile\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"William Wilson\"\n },\n \"priority\": 10,\n \"identityRefreshRequired\": true,\n \"identityCount\": 8,\n \"identityAttributeConfig\": {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n \"identityExceptionReportReference\": {\n \"taskResultId\": \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"reportName\": \"My annual report\"\n },\n \"hasTimeBasedAttr\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5fa59544-57db-426d-98ab-5cd5fc4b56d6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/identityAttributeConfig/attributeTransforms/0\",\n \"value\": {\n \"identityAttributeName\": \"location\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"sourceName\": \"Employees\",\n \"attributeName\": \"location\",\n \"sourceId\": \"2c91808878b7d63b0178c66ffcdc4ce4\"\n }\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc2bf895-9f04-476f-a869-751ad1cc6f42", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/identityAttributeConfig/attributeTransforms/0\",\n \"value\": {\n \"identityAttributeName\": \"location\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"sourceName\": \"Employees\",\n \"attributeName\": \"location\",\n \"sourceId\": \"2c91808878b7d63b0178c66ffcdc4ce4\"\n }\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7938b8f3-ecec-4c05-bf6e-0f2a38551064", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/identityAttributeConfig/attributeTransforms/0\",\n \"value\": {\n \"identityAttributeName\": \"location\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"sourceName\": \"Employees\",\n \"attributeName\": \"location\",\n \"sourceId\": \"2c91808878b7d63b0178c66ffcdc4ce4\"\n }\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5c96eae4-fdac-485d-b21f-999e01c09e45", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/identityAttributeConfig/attributeTransforms/0\",\n \"value\": {\n \"identityAttributeName\": \"location\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"sourceName\": \"Employees\",\n \"attributeName\": \"location\",\n \"sourceId\": \"2c91808878b7d63b0178c66ffcdc4ce4\"\n }\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "916792ff-d29b-4c57-a0b4-e720fa44ac2f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/identityAttributeConfig/attributeTransforms/0\",\n \"value\": {\n \"identityAttributeName\": \"location\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"sourceName\": \"Employees\",\n \"attributeName\": \"location\",\n \"sourceId\": \"2c91808878b7d63b0178c66ffcdc4ce4\"\n }\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "34c43b88-e663-4246-bd9a-025b8a7143bd", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/identityAttributeConfig/attributeTransforms/0\",\n \"value\": {\n \"identityAttributeName\": \"location\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"sourceName\": \"Employees\",\n \"attributeName\": \"location\",\n \"sourceId\": \"2c91808878b7d63b0178c66ffcdc4ce4\"\n }\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "df5c03f4-01cf-42b9-85e2-5dbcddc7833e", + "name": "Get default Identity Attribute Config", + "request": { + "name": "Get default Identity Attribute Config", + "description": { + "content": "This returns the default identity attribute config.\nA token with ORG_ADMIN authority is required to call this API to get the default identity attribute config.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "default-identity-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2b838de9-db9b-abcf-e646-d4f274ad4238", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) The Identity Profile ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ff0cc113-4846-4473-83d1-ddda274b30eb", + "name": "An Identity Attribute Config object.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "default-identity-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b4460178-70d7-4630-8191-a02c69b996ec", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "default-identity-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "98aa782d-8f34-4b59-b8e0-c9a2b27f2303", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "default-identity-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "46b560e1-e0ec-4671-a179-979afac02364", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "default-identity-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bebca601-4e6a-422d-b050-0b0d526ae56a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "default-identity-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4941dee4-3153-40d3-a48d-8f09af738258", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "default-identity-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2eeeef6a-dc43-403f-87ca-11a2a3e2aa0c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "default-identity-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "53172ef5-46e8-46d2-962c-5e3d8a068ead", + "name": "Process identities under profile", + "request": { + "name": "Process identities under profile", + "description": { + "content": "Process identities under the profile\nThis operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing) and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing) that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized. \nThis should only be run on identity profiles that have the `identityRefreshRequired` attribute set to `true`. If `identityRefreshRequired` is false, then there is no benefit to running this operation. Typically, this operation is performed when a change is made to the identity profile or its related lifecycle states that requires a refresh.\nThis operation will perform the following activities on all identities under the identity profile.\n1. Updates identity attribute according to the identity profile mappings. 2. Determines the identity's correct manager through manager correlation. 3. Updates the identity's access according to their assigned lifecycle state. 4. Updates the identity's access based on role assignment criteria.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "process-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) The Identity Profile ID to be processed", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "a864b143-0da0-4d6e-b1e6-d3aec2722e0e", + "name": "Accepted status after refresh has launched", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "process-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "103899fb-a506-4929-81ce-bb68c780fa55", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "process-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "603d6e5f-0c0f-4fdd-9138-f9543eb1034f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "process-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18a966d3-f5a2-4938-abf8-9d2407e1abf7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "process-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "997dd82b-cedd-4b2e-baab-8446d54f57c0", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "process-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d5579654-ad08-47c1-bea8-781fda1406f6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "process-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "51692756-fa1a-43ed-8021-25dd081241d8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "process-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8603041a-372e-45e5-9495-32116003c108", + "name": "Generate Identity Profile Preview", + "request": { + "name": "Generate Identity Profile Preview", + "description": { + "content": "Use this API to generate a non-persisted preview of the identity object after applying `IdentityAttributeConfig` sent in request body.\nThis API only allows `accountAttribute`, `reference` and `rule` transform types in the `IdentityAttributeConfig` sent in the request body.\nA token with ORG_ADMIN authority is required to call this API to generate an identity preview.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + "identity-preview" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"urn:uuid:029089c6-27a4-cdc2-6496-025c6b434b25\",\n \"identityAttributeConfig\": [\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "f8512aff-8ad5-4a8d-828d-7d6b9c5f6f95", + "name": "A preview of the identity attributes after applying identity attributes config sent in request body.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "identity-preview" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"urn:uuid:029089c6-27a4-cdc2-6496-025c6b434b25\",\n \"identityAttributeConfig\": [\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identity\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"previewAttributes\": [\n {\n \"name\": \"email\",\n \"value\": {},\n \"previousValue\": {},\n \"errorMessages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n },\n {\n \"name\": \"email\",\n \"value\": {},\n \"previousValue\": {},\n \"errorMessages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "08a08ea0-644c-47f0-b513-cf8908f4da97", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "identity-preview" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"urn:uuid:029089c6-27a4-cdc2-6496-025c6b434b25\",\n \"identityAttributeConfig\": [\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57655a88-4bc3-4129-8ce1-725c22460442", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "identity-preview" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"urn:uuid:029089c6-27a4-cdc2-6496-025c6b434b25\",\n \"identityAttributeConfig\": [\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f46c8274-e82e-4d91-b3af-bf03420c9be2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "identity-preview" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"urn:uuid:029089c6-27a4-cdc2-6496-025c6b434b25\",\n \"identityAttributeConfig\": [\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9853a77f-9a89-42ca-b519-c15428f5d158", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "identity-preview" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"urn:uuid:029089c6-27a4-cdc2-6496-025c6b434b25\",\n \"identityAttributeConfig\": [\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4df06c6a-5173-470f-9d76-37e65d67385b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + "identity-preview" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"urn:uuid:029089c6-27a4-cdc2-6496-025c6b434b25\",\n \"identityAttributeConfig\": [\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n },\n {\n \"enabled\": true,\n \"attributeTransforms\": [\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n },\n {\n \"identityAttributeName\": \"email\",\n \"transformDefinition\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"e-mail\",\n \"sourceName\": \"MySource\",\n \"sourceId\": \"2c9180877a826e68017a8c0b03da1a53\"\n }\n }\n }\n ]\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Lifecycle States", + "description": "Use this API to implement and customize lifecycle state functionality.\nWith this functionality in place, administrators can create and configure custom lifecycle states for use across their organizations, which is key to controlling which users have access, when they have access, and the access they have.\n\nA lifecycle state describes a user's status in a company. For example, two lifecycle states come by default with Identity Security Cloud: 'Active' and 'Inactive.' \nWhen an active employee takes an extended leave of absence from a company, his or her lifecycle state may change to 'Inactive,' for security purposes. \nThe inactive employee would lose access to all the applications, sources, and sensitive data during the leave of absence, but when the employee returns and becomes active again, all that access would be restored. \nThis saves administrators the time that would otherwise be spent provisioning the employee's access to each individual tool, reviewing the employee's certification history, etc. \n\nAdministrators can create a variety of custom lifecycle states. Refer to [Planning New Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#planning-new-lifecycle-states) for some custom lifecycle state ideas.\n\nAdministrators must define the criteria for being in each lifecycle state, and they must define how Identity Security Cloud manages users' access to apps and sources for each lifecycle state.\n\nIn Identity Security Cloud, administrators can manage lifecycle states by going to Admin > Identities > Identity Profile, selecting the identity profile whose lifecycle states they want to manage, selecting the 'Provisioning' tab, and using the left panel to either select the lifecycle state they want to modify or create a new lifecycle state. \n\nIn the 'Provisioning' tab, administrators can make the following access changes to an identity profile's lifecycle state: \n\n- Enable/disable the lifecycle state for the identity profile.\n\n- Enable/disable source accounts for the identity profile's lifecycle state.\n\n- Add existing access profiles to grant to the identity profiles in that lifecycle state.\n\n- Create a new access profile to grant to the identity profile in that lifecycle state.\n\nAccess profiles granted in a previous lifecycle state are automatically revoked when the identity moves to a new lifecycle state. \nTo maintain access across multiple lifecycle states, administrators must grant the access profiles in each lifecycle state. \nFor example, if an administrator wants users with the 'HR Employee' identity profile to maintain their building access in both the 'Active' and 'Leave of Absence' lifecycle states, the administrator must grant the access profile for that building access to both lifecycle states.\n\nDuring scheduled refreshes, Identity Security Cloud evaluates lifecycle states to determine whether their assigned identities have the access defined in the lifecycle states' access profiles. \nIf the identities are missing access, Identity Security Cloud provisions that access. \n\nAdministrators can also use the 'Provisioning' tab to configure email notifications for Identity Security Cloud to send whenever an identity with that identity profile has a lifecycle state change. \nRefer to [Configuring Lifecycle State Notifications](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#configuring-lifecycle-state-notifications) for more information on how to do so.\n\nAn identity's lifecycle state can have four different statuses: the lifecycle state's status can be 'Active,' it can be 'Not Set,' it can be 'Not Valid,' or it 'Does Not Match Technical Name Case.' \nRefer to [Moving Identities into Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#moving-identities-into-lifecycle-states) for more information about these different lifecycle state statuses. \n\nRefer to [Setting Up Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html) for more information about lifecycle states.\n", + "item": [ + { + "id": "6e543ea2-215e-46ef-aa2e-5833bbf6067b", + "name": "Set Lifecycle State", + "request": { + "name": "Set Lifecycle State", + "description": { + "content": "Use this API to set/update an identity's lifecycle state to the one provided and update the corresponding identity profile.\nA token with ORG_ADMIN or API authority and the appropriate user context is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "identities", + ":identity-id", + "set-lifecycle-state" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180857893f1290178944561990364", + "key": "identity-id", + "disabled": true, + "description": { + "content": "(Required) ID of the identity to update.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"lifecycleStateId\": \"2c9180877a86e408017a8c19fefe046c\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "b570a9fc-6e2e-4202-8550-4096f300bd24", + "name": "The request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identity-id", + "set-lifecycle-state" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"lifecycleStateId\": \"2c9180877a86e408017a8c19fefe046c\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accountActivityId\": \"2c9180837ab5b716017ab7c6c9ef1e20\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90eec8bf-a4ba-4cf9-9fd6-530af30cdf0c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identity-id", + "set-lifecycle-state" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"lifecycleStateId\": \"2c9180877a86e408017a8c19fefe046c\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fa3249d9-88ed-4129-a8a2-36a223e4fc8d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identity-id", + "set-lifecycle-state" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"lifecycleStateId\": \"2c9180877a86e408017a8c19fefe046c\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5b3ad5ee-d9a8-4a12-a9a3-ad9220c854b6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identity-id", + "set-lifecycle-state" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"lifecycleStateId\": \"2c9180877a86e408017a8c19fefe046c\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "822666e4-517a-45bd-8b44-55e7071c9de0", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identity-id", + "set-lifecycle-state" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"lifecycleStateId\": \"2c9180877a86e408017a8c19fefe046c\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49750cde-0452-43b5-9917-c941dd0b1cdc", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identity-id", + "set-lifecycle-state" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"lifecycleStateId\": \"2c9180877a86e408017a8c19fefe046c\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "758cec52-ceff-491f-880c-94816702806b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identities", + ":identity-id", + "set-lifecycle-state" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"lifecycleStateId\": \"2c9180877a86e408017a8c19fefe046c\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7250e77b-e58d-4320-8777-7810be854f06", + "name": "Lists LifecycleStates", + "request": { + "name": "Lists LifecycleStates", + "description": { + "content": "Use this endpoint to list all lifecycle states by their associated identity profiles. \nA token with API, or ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,modified" + } + ], + "variable": [ + { + "type": "any", + "value": "2b838de9-db9b-abcf-e646-d4f274ad4238", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) Identity profile ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "4a170f6f-794c-40aa-8c7e-76761e91c3a3", + "name": "List of LifecycleState objects.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n },\n {\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "031db516-2993-49ae-bef6-4bd844577b5a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1dc28495-2673-4ba0-863f-aa98610d4263", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18b58558-decd-42a5-b132-e43648e1f54f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f16c441b-ae71-4e9d-b91b-f5cb769f6a1d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0b6d35e6-c8a2-4bab-a6b8-25cbd12dddd6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,modified" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "99c1e76f-a2ae-4046-b859-6479916638c1", + "name": "Create Lifecycle State", + "request": { + "name": "Create Lifecycle State", + "description": { + "content": "Use this endpoint to create a lifecycle state.\nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2b838de9-db9b-abcf-e646-d4f274ad4238", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) Identity profile ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "6839a13b-cfb4-48a2-8f7a-73f96bc337ba", + "name": "Created LifecycleState object.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "311e05a0-3db4-4cc4-9fb0-105c87038078", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b3c3bb0d-ecdd-4897-b683-d08a89eb7721", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cb7210a7-6807-43a2-95fd-1c57ef14c25d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9e0efb3-68ea-4969-8ea1-47a519fc6981", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b5c9bbbe-25f9-4848-aeb2-3c27d68661ba", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3148c0fb-fcb7-471d-bfb5-349b7ee24018", + "name": "Get Lifecycle State", + "request": { + "name": "Get Lifecycle State", + "description": { + "content": "Use this endpoint to get a lifecycle state by its ID and its associated identity profile ID. \nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2b838de9-db9b-abcf-e646-d4f274ad4238", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) Identity profile ID.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "lifecycle-state-id", + "disabled": true, + "description": { + "content": "(Required) Lifecycle state ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a0fe8298-621a-4a79-b7ec-deb72ff6ff98", + "name": "The requested LifecycleState was successfully retrieved.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "828f9544-527a-4ef9-b833-325f9510138e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1721d1f9-3cb0-4cb7-a3a0-b2ead237c676", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bcb9634b-6598-4368-a00d-3da3146bd208", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aeb416b3-dd6c-4df2-800d-4bd4b4adbab0", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bafbe79b-7c24-4596-9d40-91f9ddf1dc02", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d65ec77-edf0-4051-8b0a-0906b6a9b32f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "948e0036-24b5-415b-b889-8aae05ac7ab5", + "name": "Update Lifecycle State", + "request": { + "name": "Update Lifecycle State", + "description": { + "content": "Use this endpoint to update individual lifecycle state fields, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2b838de9-db9b-abcf-e646-d4f274ad4238", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) Identity profile ID.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "lifecycle-state-id", + "disabled": true, + "description": { + "content": "(Required) Lifecycle state ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accessProfileIds\",\n \"value\": [\n \"2c918087742bab150174407a80f3125e\",\n \"2c918087742bab150174407a80f3124f\"\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accountActions\",\n \"value\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c9180846a2f82fb016a481c1b1560c5\",\n \"2c9180846a2f82fb016a481c1b1560cc\"\n ]\n },\n {\n \"action\": \"DISABLE\",\n \"sourceIds\": [\n \"2c91808869a0c9980169a207258513fb\"\n ]\n }\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/emailNotificationOption\",\n \"value\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": false,\n \"notifySpecificUsers\": false,\n \"emailAddressList\": []\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "bc06f9ee-8df8-4781-a459-1ea6fbf8048e", + "name": "The LifecycleState was successfully updated.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accessProfileIds\",\n \"value\": [\n \"2c918087742bab150174407a80f3125e\",\n \"2c918087742bab150174407a80f3124f\"\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accountActions\",\n \"value\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c9180846a2f82fb016a481c1b1560c5\",\n \"2c9180846a2f82fb016a481c1b1560cc\"\n ]\n },\n {\n \"action\": \"DISABLE\",\n \"sourceIds\": [\n \"2c91808869a0c9980169a207258513fb\"\n ]\n }\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/emailNotificationOption\",\n \"value\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": false,\n \"notifySpecificUsers\": false,\n \"emailAddressList\": []\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"aName\",\n \"technicalName\": \"Technical Name\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\",\n \"enabled\": true,\n \"description\": \"Lifecycle description\",\n \"identityCount\": 42,\n \"emailNotificationOption\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": true,\n \"notifySpecificUsers\": true,\n \"emailAddressList\": [\n \"test@test.com\",\n \"test2@test.com\"\n ]\n },\n \"accountActions\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n },\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n }\n ],\n \"accessProfileIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"identityState\": null\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "37307a20-7757-4b50-81c9-50b374e0750d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accessProfileIds\",\n \"value\": [\n \"2c918087742bab150174407a80f3125e\",\n \"2c918087742bab150174407a80f3124f\"\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accountActions\",\n \"value\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c9180846a2f82fb016a481c1b1560c5\",\n \"2c9180846a2f82fb016a481c1b1560cc\"\n ]\n },\n {\n \"action\": \"DISABLE\",\n \"sourceIds\": [\n \"2c91808869a0c9980169a207258513fb\"\n ]\n }\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/emailNotificationOption\",\n \"value\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": false,\n \"notifySpecificUsers\": false,\n \"emailAddressList\": []\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3bb137bd-ba47-48a0-b5d2-ea5b0edda5cb", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accessProfileIds\",\n \"value\": [\n \"2c918087742bab150174407a80f3125e\",\n \"2c918087742bab150174407a80f3124f\"\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accountActions\",\n \"value\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c9180846a2f82fb016a481c1b1560c5\",\n \"2c9180846a2f82fb016a481c1b1560cc\"\n ]\n },\n {\n \"action\": \"DISABLE\",\n \"sourceIds\": [\n \"2c91808869a0c9980169a207258513fb\"\n ]\n }\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/emailNotificationOption\",\n \"value\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": false,\n \"notifySpecificUsers\": false,\n \"emailAddressList\": []\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a78d89d5-cfa1-489e-b05d-cd7c69484101", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accessProfileIds\",\n \"value\": [\n \"2c918087742bab150174407a80f3125e\",\n \"2c918087742bab150174407a80f3124f\"\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accountActions\",\n \"value\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c9180846a2f82fb016a481c1b1560c5\",\n \"2c9180846a2f82fb016a481c1b1560cc\"\n ]\n },\n {\n \"action\": \"DISABLE\",\n \"sourceIds\": [\n \"2c91808869a0c9980169a207258513fb\"\n ]\n }\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/emailNotificationOption\",\n \"value\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": false,\n \"notifySpecificUsers\": false,\n \"emailAddressList\": []\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1bf518e5-7a86-458b-8873-9d2b7a00f6ae", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accessProfileIds\",\n \"value\": [\n \"2c918087742bab150174407a80f3125e\",\n \"2c918087742bab150174407a80f3124f\"\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accountActions\",\n \"value\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c9180846a2f82fb016a481c1b1560c5\",\n \"2c9180846a2f82fb016a481c1b1560cc\"\n ]\n },\n {\n \"action\": \"DISABLE\",\n \"sourceIds\": [\n \"2c91808869a0c9980169a207258513fb\"\n ]\n }\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/emailNotificationOption\",\n \"value\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": false,\n \"notifySpecificUsers\": false,\n \"emailAddressList\": []\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f0ec9ab5-c7d0-4551-8a88-f6a6fdd2c88f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accessProfileIds\",\n \"value\": [\n \"2c918087742bab150174407a80f3125e\",\n \"2c918087742bab150174407a80f3124f\"\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accountActions\",\n \"value\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c9180846a2f82fb016a481c1b1560c5\",\n \"2c9180846a2f82fb016a481c1b1560cc\"\n ]\n },\n {\n \"action\": \"DISABLE\",\n \"sourceIds\": [\n \"2c91808869a0c9980169a207258513fb\"\n ]\n }\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/emailNotificationOption\",\n \"value\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": false,\n \"notifySpecificUsers\": false,\n \"emailAddressList\": []\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "786e7eb6-1f8c-44f9-b2b6-e657de8a59d4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Updated description!\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accessProfileIds\",\n \"value\": [\n \"2c918087742bab150174407a80f3125e\",\n \"2c918087742bab150174407a80f3124f\"\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/accountActions\",\n \"value\": [\n {\n \"action\": \"ENABLE\",\n \"sourceIds\": [\n \"2c9180846a2f82fb016a481c1b1560c5\",\n \"2c9180846a2f82fb016a481c1b1560cc\"\n ]\n },\n {\n \"action\": \"DISABLE\",\n \"sourceIds\": [\n \"2c91808869a0c9980169a207258513fb\"\n ]\n }\n ]\n },\n {\n \"op\": \"replace\",\n \"path\": \"/emailNotificationOption\",\n \"value\": {\n \"notifyManagers\": true,\n \"notifyAllAdmins\": false,\n \"notifySpecificUsers\": false,\n \"emailAddressList\": []\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "345a4901-b0c7-433f-98bf-2255134d9784", + "name": "Delete Lifecycle State", + "request": { + "name": "Delete Lifecycle State", + "description": { + "content": "Use this endpoint to delete the lifecycle state by its ID. \nA token with API, or ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2b838de9-db9b-abcf-e646-d4f274ad4238", + "key": "identity-profile-id", + "disabled": true, + "description": { + "content": "(Required) Identity profile ID.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "lifecycle-state-id", + "disabled": true, + "description": { + "content": "(Required) Lifecycle state ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "8d84f06e-5ab4-4e63-803e-a541f331ad04", + "name": "The request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"LIFECYCLE_STATE\",\n \"id\": \"ea dolore\",\n \"name\": \"Contractor Lifecycle\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14ff0862-6d25-44e4-b6f4-311ed750e66a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b2a9808c-b73f-45fe-b171-bcd4e235c797", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "341e296f-8c79-47e9-9af9-6bb9c39c4694", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f299f451-e363-438c-9a85-62845ad1c672", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8f670a5d-2ab8-4bc5-83d7-4821b3d232f5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3295ba64-cbeb-4a53-a83d-c8a53be67778", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "identity-profiles", + ":identity-profile-id", + "lifecycle-states", + ":lifecycle-state-id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Managed Clients", + "description": "Read and create operations for client data and statuses", + "item": [ + { + "id": "f8ac6bfb-02b1-4978-b9b2-91e97a6b5c72", + "name": "Get Managed Clients", + "request": { + "name": "Get Managed Clients", + "description": { + "content": "Get a list of Managed Clients.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**name**: *eq*\n\n**clientId**: *eq*\n\n**clusterId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"client name\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "45a2eba1-3421-44d0-9465-778a81b4aa5d", + "name": "Responds with a list of ManagedClient based on the query params provided", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**name**: *eq*\n\n**clientId**: *eq*\n\n**clusterId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"client name\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"clientId\": \"00be54a2-bb6d-402f-9159-beb2d5319347\",\n \"clusterId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"description\": \"A short description of the ManagedClient\",\n \"type\": \"VA\",\n \"id\": \"2c9180878eaf4204018eb019c3570003\",\n \"alertKey\": \"CLIENT_STATUS_NOT_CONFIGURED\",\n \"apiGatewayBaseUrl\": \"tempor dolor Lorem velit\",\n \"cookbook\": \"exercitation non cupidatat\",\n \"ccId\": 2248,\n \"ipAddress\": \"123.456.78.90\",\n \"lastSeen\": \"2020-01-01T00:00:00.000000Z\",\n \"name\": \"aName\",\n \"sinceLastSeen\": \"consequat\",\n \"status\": \"NORMAL\",\n \"clusterType\": \"idn\",\n \"vaDownloadUrl\": \"aUrl\",\n \"vaVersion\": \"va-megapod-useast1-610-1621372012\",\n \"secret\": \"ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\",\n \"provisionStatus\": \"PROVISIONED\"\n },\n {\n \"clientId\": \"00be54a2-bb6d-402f-9159-beb2d5319347\",\n \"clusterId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"description\": \"A short description of the ManagedClient\",\n \"type\": \"VA\",\n \"id\": \"2c9180878eaf4204018eb019c3570003\",\n \"alertKey\": \"CLIENT_STATUS_NOT_CONFIGURED\",\n \"apiGatewayBaseUrl\": \"laboris fugiat lab\",\n \"cookbook\": \"id irure sed culpa\",\n \"ccId\": 2248,\n \"ipAddress\": \"123.456.78.90\",\n \"lastSeen\": \"2020-01-01T00:00:00.000000Z\",\n \"name\": \"aName\",\n \"sinceLastSeen\": \"proident aliqua cupidatat\",\n \"status\": \"NORMAL\",\n \"clusterType\": \"idn\",\n \"vaDownloadUrl\": \"aUrl\",\n \"vaVersion\": \"va-megapod-useast1-610-1621372012\",\n \"secret\": \"ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\",\n \"provisionStatus\": \"PROVISIONED\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "619b40bf-5f8a-42d6-b091-8df147aeab5b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**name**: *eq*\n\n**clientId**: *eq*\n\n**clusterId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"client name\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9af48e0c-ea47-4eec-8ba6-c0a1cc2c334c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**name**: *eq*\n\n**clientId**: *eq*\n\n**clusterId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"client name\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "82ea9756-8b5c-4b11-9379-2d39b8d3777d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**name**: *eq*\n\n**clientId**: *eq*\n\n**clusterId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"client name\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8e36457-bfd6-4969-a1b8-49000102d5b4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**name**: *eq*\n\n**clientId**: *eq*\n\n**clusterId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"client name\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d55e95c3-4ade-43c0-b344-a3837e279f02", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**name**: *eq*\n\n**clientId**: *eq*\n\n**clusterId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"client name\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "185035a3-4047-4cf5-b141-c56e6200cd88", + "name": "Create a new Managed Client", + "request": { + "name": "Create a new Managed Client", + "description": { + "content": "Create a new Managed Client.\nThe API returns a result that includes the Managed Client ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"clusterId\": \"aClusterId\",\n \"description\": \"A short description of the ManagedClient\",\n \"name\": \"aName\",\n \"type\": \"VA\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "b5d2acd1-6372-4ad9-82d6-9e4454971c5d", + "name": "The created ManagedClient", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"clusterId\": \"aClusterId\",\n \"description\": \"A short description of the ManagedClient\",\n \"name\": \"aName\",\n \"type\": \"VA\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"clientId\": \"00be54a2-bb6d-402f-9159-beb2d5319347\",\n \"clusterId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"description\": \"A short description of the ManagedClient\",\n \"type\": \"VA\",\n \"id\": \"2c9180878eaf4204018eb019c3570003\",\n \"alertKey\": \"CLIENT_STATUS_NOT_CONFIGURED\",\n \"apiGatewayBaseUrl\": \"velit\",\n \"cookbook\": \"ut ipsum\",\n \"ccId\": 2248,\n \"ipAddress\": \"123.456.78.90\",\n \"lastSeen\": \"2020-01-01T00:00:00.000000Z\",\n \"name\": \"aName\",\n \"sinceLastSeen\": \"dolore deserunt amet fugiat\",\n \"status\": \"NORMAL\",\n \"clusterType\": \"idn\",\n \"vaDownloadUrl\": \"aUrl\",\n \"vaVersion\": \"va-megapod-useast1-610-1621372012\",\n \"secret\": \"ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\",\n \"provisionStatus\": \"PROVISIONED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "603ec4fa-d5e6-4440-bd87-e4842d1321b6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"clusterId\": \"aClusterId\",\n \"description\": \"A short description of the ManagedClient\",\n \"name\": \"aName\",\n \"type\": \"VA\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4879c0e8-8ecc-4d5e-8741-0a6c7cdc64d4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"clusterId\": \"aClusterId\",\n \"description\": \"A short description of the ManagedClient\",\n \"name\": \"aName\",\n \"type\": \"VA\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "177a6a40-4c40-435a-a9ef-2951582b80a8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"clusterId\": \"aClusterId\",\n \"description\": \"A short description of the ManagedClient\",\n \"name\": \"aName\",\n \"type\": \"VA\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fb710978-ad9b-4db2-9546-c5b47cc53389", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"clusterId\": \"aClusterId\",\n \"description\": \"A short description of the ManagedClient\",\n \"name\": \"aName\",\n \"type\": \"VA\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "76baa667-1a1a-4486-8043-e56e159994bb", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"clusterId\": \"aClusterId\",\n \"description\": \"A short description of the ManagedClient\",\n \"name\": \"aName\",\n \"type\": \"VA\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "bac0f89e-c197-476a-bba3-aa782469951c", + "name": "Get a Managed Client", + "request": { + "name": "Get a Managed Client", + "description": { + "content": "Get a Managed Client.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Managed Client ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e413e7a6-5ea3-4718-850f-823f491deb23", + "name": "Responds with a Managed Client", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"clientId\": \"00be54a2-bb6d-402f-9159-beb2d5319347\",\n \"clusterId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"description\": \"A short description of the ManagedClient\",\n \"type\": \"VA\",\n \"id\": \"2c9180878eaf4204018eb019c3570003\",\n \"alertKey\": \"CLIENT_STATUS_NOT_CONFIGURED\",\n \"apiGatewayBaseUrl\": \"velit\",\n \"cookbook\": \"ut ipsum\",\n \"ccId\": 2248,\n \"ipAddress\": \"123.456.78.90\",\n \"lastSeen\": \"2020-01-01T00:00:00.000000Z\",\n \"name\": \"aName\",\n \"sinceLastSeen\": \"dolore deserunt amet fugiat\",\n \"status\": \"NORMAL\",\n \"clusterType\": \"idn\",\n \"vaDownloadUrl\": \"aUrl\",\n \"vaVersion\": \"va-megapod-useast1-610-1621372012\",\n \"secret\": \"ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\",\n \"provisionStatus\": \"PROVISIONED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8b6fa44a-9cfd-4e14-878f-3413e3d2a0e5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a8a6d83-2460-47e4-9731-8a85c1f12b06", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "413ad114-dda1-456e-b899-b3b5c312c40a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f30d001-7357-49d1-a662-27d16c475256", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "19b86a9d-5950-449d-a87a-13b61203e9dd", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e752ed9-6d4b-45a7-8c42-250ec88320f6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "10c1dc4f-6853-4d43-b94a-3b742399e344", + "name": "Update a Managed Client", + "request": { + "name": "Update a Managed Client", + "description": { + "content": "Update an existing Managed Client.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Managed Client ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "bba63c41-1a5e-4834-9364-364c069f3443", + "name": "The updated Managed Client", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"clientId\": \"00be54a2-bb6d-402f-9159-beb2d5319347\",\n \"clusterId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"description\": \"A short description of the ManagedClient\",\n \"type\": \"VA\",\n \"id\": \"2c9180878eaf4204018eb019c3570003\",\n \"alertKey\": \"CLIENT_STATUS_NOT_CONFIGURED\",\n \"apiGatewayBaseUrl\": \"velit\",\n \"cookbook\": \"ut ipsum\",\n \"ccId\": 2248,\n \"ipAddress\": \"123.456.78.90\",\n \"lastSeen\": \"2020-01-01T00:00:00.000000Z\",\n \"name\": \"aName\",\n \"sinceLastSeen\": \"dolore deserunt amet fugiat\",\n \"status\": \"NORMAL\",\n \"clusterType\": \"idn\",\n \"vaDownloadUrl\": \"aUrl\",\n \"vaVersion\": \"va-megapod-useast1-610-1621372012\",\n \"secret\": \"ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\",\n \"provisionStatus\": \"PROVISIONED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6bf87687-9635-4e55-a626-ef327ec8ae87", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "89412ace-664e-4cb5-94ab-4b5f5fbb84ef", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0c73a3af-040d-4903-a3cf-1bef02be9095", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7260923a-829d-4c24-8bec-4da306b3bb2d", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c286e83a-b6e8-47f7-b02b-90a38ef0c13e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af397808-5327-40cf-90b8-c6c75b10f7ce", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "caaceaf5-fcde-4c38-855b-0d330861fde6", + "name": "Delete a Managed Client", + "request": { + "name": "Delete a Managed Client", + "description": { + "content": "Delete an existing Managed Client.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Managed Client ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "9fdc32ca-aaa7-426f-83cc-a93da429add8", + "name": "The Managed Client was successfully deleted.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "1461d75a-0cfe-4483-bff3-01627134df0e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ce99f3b-69cc-407e-98ae-892938496605", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7373c43-876b-47b3-b7ed-b66137540c06", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cccac782-fddb-4666-8846-ed812c779b9c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "256f6964-ae53-4970-b543-1234ce9293f7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "27bfbfcb-5a19-4b60-877b-031f5f82e660", + "name": "Get Managed Client Status.", + "request": { + "name": "Get Managed Client Status.", + "description": { + "content": "Retrieve the Status of a Managed Client by ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clients", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Type of the Managed Client to get Status of", + "type": "text/plain" + }, + "key": "type", + "value": "VA" + } + ], + "variable": [ + { + "type": "any", + "value": "aClientId", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Managed Client to get Status of", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e594f48d-e519-4665-90ec-6ee46edaf487", + "name": "Responds with the Status of the Managed Client with the given ID and Type.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Type of the Managed Client to get Status of", + "type": "text/plain" + }, + "key": "type", + "value": "VA" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"body\": {\n \"alertKey\": \"\",\n \"clusterId\": \"1234\",\n \"ccg_etag\": \"ccg_etag123xyz456\",\n \"ccg_pin\": \"NONE\",\n \"cookbook_etag\": \"20210420125956-20210511144538\",\n \"hostname\": \"megapod-useast1-secret-hostname.sailpoint.com\",\n \"internal_ip\": \"127.0.0.1\",\n \"lastSeen\": \"1620843964604\",\n \"sinceSeen\": \"14708\",\n \"sinceSeenMillis\": \"14708\",\n \"localDev\": false,\n \"stacktrace\": \"\",\n \"state\": null,\n \"status\": \"NORMAL\",\n \"uuid\": null,\n \"product\": \"idn\",\n \"va_version\": null,\n \"platform_version\": \"2\",\n \"os_version\": \"2345.3.1\",\n \"os_type\": \"flatcar\",\n \"hypervisor\": \"unknown\"\n },\n \"status\": \"NORMAL\",\n \"type\": \"CCG\",\n \"timestamp\": \"2020-01-01T00:00:00.000000Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a83645b-70f8-42b7-a0d8-929f4cf086dd", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Type of the Managed Client to get Status of", + "type": "text/plain" + }, + "key": "type", + "value": "VA" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e215912-8ab8-4629-a902-6a069ef3731b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Type of the Managed Client to get Status of", + "type": "text/plain" + }, + "key": "type", + "value": "VA" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55b5d9eb-b23d-416e-8164-45b69897f053", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Type of the Managed Client to get Status of", + "type": "text/plain" + }, + "key": "type", + "value": "VA" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2830ed0f-295a-4ca6-aabb-a6f129837996", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Type of the Managed Client to get Status of", + "type": "text/plain" + }, + "key": "type", + "value": "VA" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "99e74023-bdc3-4747-80fe-fcd0aa66377c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Type of the Managed Client to get Status of", + "type": "text/plain" + }, + "key": "type", + "value": "VA" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d27b5883-b632-4d20-80f2-6f89f85321d6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clients", + ":id", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Type of the Managed Client to get Status of", + "type": "text/plain" + }, + "key": "type", + "value": "VA" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Managed Clusters", + "description": "Read and create pperations for client Clusters, including Log Configuration", + "item": [ + { + "id": "95237261-422c-4630-99de-936bdc84501b", + "name": "Retrieve all Managed Clusters.", + "request": { + "name": "Retrieve all Managed Clusters.", + "description": { + "content": "Retrieve all Managed Clusters for the current Org, based on request context.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**operational**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "operational eq \"operation\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a6b1b69b-a940-4754-bfa1-907863d0ba19", + "name": "Responds with a list of ManagedCluster.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**operational**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "operational eq \"operation\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clientType\": \"CCG\",\n \"ccgVersion\": \"v01\",\n \"name\": \"Managed Cluster Name\",\n \"pod\": \"megapod-useast1\",\n \"org\": \"denali\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clusterType\": \"sqsCluster\",\n \"gmtOffset\": \"-5\"\n },\n \"keyPair\": {\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----\",\n \"publicKeyThumbprint\": \"6CMlaJIV44-xJxcB3CJBjDUUn54\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----\"\n },\n \"attributes\": {\n \"queue\": {\n \"name\": \"megapod-useast1-denali-lwt-cluster-1533\",\n \"region\": \"us-east-1\"\n },\n \"keystore\": \"/u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW\"\n },\n \"description\": \"A short description of the managed cluster.\",\n \"redis\": {\n \"redisHost\": \"megapod-useast1-shared-redis.cloud.sailpoint.com\",\n \"redisPort\": 6379\n },\n \"pinnedConfig\": false,\n \"logConfiguration\": {\n \"durationMinutes\": 120,\n \"rootLevel\": \"TRACE\",\n \"clientId\": \"aClientId\",\n \"expiration\": \"2020-12-15T19:13:36.079Z\",\n \"logLevels\": {\n \"sailpoint.connector.ADLDAPConnector\": \"TRACE\"\n }\n },\n \"operational\": false,\n \"status\": \"NORMAL\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----\",\n \"publicKeyThumbprint\": \"obc6pLiulGbtZ\",\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----\",\n \"alertKey\": \"LIMITED_RESOURCES\",\n \"clientIds\": [\n \"1244\",\n \"1245\"\n ],\n \"serviceCount\": 6,\n \"ccId\": \"1533\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\"\n },\n {\n \"id\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clientType\": \"CCG\",\n \"ccgVersion\": \"v01\",\n \"name\": \"Managed Cluster Name\",\n \"pod\": \"megapod-useast1\",\n \"org\": \"denali\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clusterType\": \"sqsCluster\",\n \"gmtOffset\": \"-5\"\n },\n \"keyPair\": {\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----\",\n \"publicKeyThumbprint\": \"6CMlaJIV44-xJxcB3CJBjDUUn54\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----\"\n },\n \"attributes\": {\n \"queue\": {\n \"name\": \"megapod-useast1-denali-lwt-cluster-1533\",\n \"region\": \"us-east-1\"\n },\n \"keystore\": \"/u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW\"\n },\n \"description\": \"A short description of the managed cluster.\",\n \"redis\": {\n \"redisHost\": \"megapod-useast1-shared-redis.cloud.sailpoint.com\",\n \"redisPort\": 6379\n },\n \"pinnedConfig\": false,\n \"logConfiguration\": {\n \"durationMinutes\": 120,\n \"rootLevel\": \"TRACE\",\n \"clientId\": \"aClientId\",\n \"expiration\": \"2020-12-15T19:13:36.079Z\",\n \"logLevels\": {\n \"sailpoint.connector.ADLDAPConnector\": \"TRACE\"\n }\n },\n \"operational\": false,\n \"status\": \"NORMAL\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----\",\n \"publicKeyThumbprint\": \"obc6pLiulGbtZ\",\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----\",\n \"alertKey\": \"LIMITED_RESOURCES\",\n \"clientIds\": [\n \"1244\",\n \"1245\"\n ],\n \"serviceCount\": 6,\n \"ccId\": \"1533\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b83d2fb1-89ae-4e7e-90ba-cfa8f91afe9f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**operational**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "operational eq \"operation\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe3d1ff0-4bdf-42d0-8674-3a807184aa0f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**operational**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "operational eq \"operation\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d315138-1b65-46bf-97b7-1241dd8bcd60", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**operational**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "operational eq \"operation\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a7a0c24-9b2f-40c6-86fe-9f343ec95d23", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**operational**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "operational eq \"operation\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a95c9b3-7ed5-449b-8082-726487a3c6be", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**operational**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "operational eq \"operation\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0b39c7da-e747-427f-83c5-5b4186067864", + "name": "Create a new Managed Cluster", + "request": { + "name": "Create a new Managed Cluster", + "description": { + "content": "Create a new Managed Cluster.\nThe API returns a result that includes the Managed Cluster ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Managed Cluster Name\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"externalId\",\n \"ccgVersion\": \"77.0.0\"\n },\n \"description\": \"A short description of the managed cluster.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3587d9a8-9a82-4358-8573-caf380cc047e", + "name": "The created ManagedClient", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Managed Cluster Name\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"externalId\",\n \"ccgVersion\": \"77.0.0\"\n },\n \"description\": \"A short description of the managed cluster.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clientType\": \"CCG\",\n \"ccgVersion\": \"v01\",\n \"name\": \"Managed Cluster Name\",\n \"pod\": \"megapod-useast1\",\n \"org\": \"denali\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clusterType\": \"sqsCluster\",\n \"gmtOffset\": \"-5\"\n },\n \"keyPair\": {\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----\",\n \"publicKeyThumbprint\": \"6CMlaJIV44-xJxcB3CJBjDUUn54\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----\"\n },\n \"attributes\": {\n \"queue\": {\n \"name\": \"megapod-useast1-denali-lwt-cluster-1533\",\n \"region\": \"us-east-1\"\n },\n \"keystore\": \"/u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW\"\n },\n \"description\": \"A short description of the managed cluster.\",\n \"redis\": {\n \"redisHost\": \"megapod-useast1-shared-redis.cloud.sailpoint.com\",\n \"redisPort\": 6379\n },\n \"pinnedConfig\": false,\n \"logConfiguration\": {\n \"durationMinutes\": 120,\n \"rootLevel\": \"TRACE\",\n \"clientId\": \"aClientId\",\n \"expiration\": \"2020-12-15T19:13:36.079Z\",\n \"logLevels\": {\n \"sailpoint.connector.ADLDAPConnector\": \"TRACE\"\n }\n },\n \"operational\": false,\n \"status\": \"NORMAL\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----\",\n \"publicKeyThumbprint\": \"obc6pLiulGbtZ\",\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----\",\n \"alertKey\": \"LIMITED_RESOURCES\",\n \"clientIds\": [\n \"1244\",\n \"1245\"\n ],\n \"serviceCount\": 6,\n \"ccId\": \"1533\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "45239761-2ed3-4f12-86ed-56762228cf44", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Managed Cluster Name\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"externalId\",\n \"ccgVersion\": \"77.0.0\"\n },\n \"description\": \"A short description of the managed cluster.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e1ba3518-ab17-41d4-b269-a102965f166d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Managed Cluster Name\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"externalId\",\n \"ccgVersion\": \"77.0.0\"\n },\n \"description\": \"A short description of the managed cluster.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2b5bf157-4661-4770-bc89-6c8d854dddb5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Managed Cluster Name\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"externalId\",\n \"ccgVersion\": \"77.0.0\"\n },\n \"description\": \"A short description of the managed cluster.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bdaff05c-5dd5-4999-bce3-b0dea7d3ee8e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Managed Cluster Name\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"externalId\",\n \"ccgVersion\": \"77.0.0\"\n },\n \"description\": \"A short description of the managed cluster.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2bc4e461-6bc6-42ff-acb2-0cba396085a9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Managed Cluster Name\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"externalId\",\n \"ccgVersion\": \"77.0.0\"\n },\n \"description\": \"A short description of the managed cluster.\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ebfcb17e-bb69-45a5-b64f-ae6e2d6cefc4", + "name": "Get a specified Managed Cluster.", + "request": { + "name": "Get a specified Managed Cluster.", + "description": { + "content": "Retrieve a ManagedCluster by ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180897de347a2017de8859e8c5039", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ManagedCluster ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a24d9385-a04b-43c2-8621-7769a0b14570", + "name": "Responds with ManagedCluster having the given ID.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clientType\": \"CCG\",\n \"ccgVersion\": \"v01\",\n \"name\": \"Managed Cluster Name\",\n \"pod\": \"megapod-useast1\",\n \"org\": \"denali\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clusterType\": \"sqsCluster\",\n \"gmtOffset\": \"-5\"\n },\n \"keyPair\": {\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----\",\n \"publicKeyThumbprint\": \"6CMlaJIV44-xJxcB3CJBjDUUn54\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----\"\n },\n \"attributes\": {\n \"queue\": {\n \"name\": \"megapod-useast1-denali-lwt-cluster-1533\",\n \"region\": \"us-east-1\"\n },\n \"keystore\": \"/u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW\"\n },\n \"description\": \"A short description of the managed cluster.\",\n \"redis\": {\n \"redisHost\": \"megapod-useast1-shared-redis.cloud.sailpoint.com\",\n \"redisPort\": 6379\n },\n \"pinnedConfig\": false,\n \"logConfiguration\": {\n \"durationMinutes\": 120,\n \"rootLevel\": \"TRACE\",\n \"clientId\": \"aClientId\",\n \"expiration\": \"2020-12-15T19:13:36.079Z\",\n \"logLevels\": {\n \"sailpoint.connector.ADLDAPConnector\": \"TRACE\"\n }\n },\n \"operational\": false,\n \"status\": \"NORMAL\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----\",\n \"publicKeyThumbprint\": \"obc6pLiulGbtZ\",\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----\",\n \"alertKey\": \"LIMITED_RESOURCES\",\n \"clientIds\": [\n \"1244\",\n \"1245\"\n ],\n \"serviceCount\": 6,\n \"ccId\": \"1533\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1b26b7cb-e50e-467f-8600-27d4d1911971", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a94db48-99fc-469e-a3b9-7fdca221cc8e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f0caaec9-517a-4f10-bbc0-69a80295fcac", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "96ccd8b4-1daa-46c4-9228-137608652514", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "09810407-b81d-4484-abb6-ff416b1b3054", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0bd95247-6fdb-423d-930b-080650846de8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "98422835-dc8e-4362-9372-7ac7a541e47a", + "name": "Update a Managed Cluster", + "request": { + "name": "Update a Managed Cluster", + "description": { + "content": "Update an existing Managed Cluster.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180897de347a2017de8859e8c5039", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Managed Cluster ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "708822fa-59ac-4aad-8a6f-e2dc96530c13", + "name": "The updated Managed Cluster", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clientType\": \"CCG\",\n \"ccgVersion\": \"v01\",\n \"name\": \"Managed Cluster Name\",\n \"pod\": \"megapod-useast1\",\n \"org\": \"denali\",\n \"type\": \"idn\",\n \"configuration\": {\n \"clusterExternalId\": \"e1ff7bb24c934240bbf55e1aa39e41c5\",\n \"clusterType\": \"sqsCluster\",\n \"gmtOffset\": \"-5\"\n },\n \"keyPair\": {\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----******-----END PUBLIC KEY-----\",\n \"publicKeyThumbprint\": \"6CMlaJIV44-xJxcB3CJBjDUUn54\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----\"\n },\n \"attributes\": {\n \"queue\": {\n \"name\": \"megapod-useast1-denali-lwt-cluster-1533\",\n \"region\": \"us-east-1\"\n },\n \"keystore\": \"/u3+7QAAAAIAAAABAAAAAQAvL3Byb3h5LWNsdXN0ZXIvMmM5MTgwODc3Yjg3MW\"\n },\n \"description\": \"A short description of the managed cluster.\",\n \"redis\": {\n \"redisHost\": \"megapod-useast1-shared-redis.cloud.sailpoint.com\",\n \"redisPort\": 6379\n },\n \"pinnedConfig\": false,\n \"logConfiguration\": {\n \"durationMinutes\": 120,\n \"rootLevel\": \"TRACE\",\n \"clientId\": \"aClientId\",\n \"expiration\": \"2020-12-15T19:13:36.079Z\",\n \"logLevels\": {\n \"sailpoint.connector.ADLDAPConnector\": \"TRACE\"\n }\n },\n \"operational\": false,\n \"status\": \"NORMAL\",\n \"publicKeyCertificate\": \"-----BEGIN CERTIFICATE-----TCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADAuMQ0wCwYDVQQD-----END CERTIFICATE-----\",\n \"publicKeyThumbprint\": \"obc6pLiulGbtZ\",\n \"publicKey\": \"-----BEGIN PUBLIC KEY-----jANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WgnsxP52MDgBTfHR+5n4-----END PUBLIC KEY-----\",\n \"alertKey\": \"LIMITED_RESOURCES\",\n \"clientIds\": [\n \"1244\",\n \"1245\"\n ],\n \"serviceCount\": 6,\n \"ccId\": \"1533\",\n \"createdAt\": \"2023-08-04T20:48:01.865Z\",\n \"updatedAt\": \"2023-08-04T20:48:01.865Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "76d8faa2-a6f7-4bc8-948d-fb0c6ac451da", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cb09473f-90e8-4353-9518-208fb1d3c40e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05d55b13-cd22-45ef-9dae-035ee75c4305", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb4d3674-71a6-4574-a423-ae3a2fa74391", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f1808369-20cc-4301-a270-ac3352ba88f2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5efc1090-445a-41d1-b0ad-52eed69e2114", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"New description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "aab7b6e1-6a92-4e1e-86c6-9dee40cd35fb", + "name": "Delete a Managed Cluster", + "request": { + "name": "Delete a Managed Cluster", + "description": { + "content": "Delete an existing Managed Cluster.", + "type": "text/plain" + }, + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Flag to determine the need to delete a cluster with clients", + "type": "text/plain" + }, + "key": "removeClients", + "value": "false" + } + ], + "variable": [ + { + "type": "any", + "value": "2c9180897de347a2017de8859e8c5039", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Managed Cluster ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "198352e9-d7ab-4bc2-9a1b-0f66d4e803d3", + "name": "The Managed Cluster was successfully deleted.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Flag to determine the need to delete a cluster with clients", + "type": "text/plain" + }, + "key": "removeClients", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "4c9e4ed5-818c-498a-8c4d-a996b5e156f3", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Flag to determine the need to delete a cluster with clients", + "type": "text/plain" + }, + "key": "removeClients", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40f22698-975c-4d71-8c84-bb900c89d724", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Flag to determine the need to delete a cluster with clients", + "type": "text/plain" + }, + "key": "removeClients", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "72748fbc-0f88-4110-b177-848a77fa82b4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Flag to determine the need to delete a cluster with clients", + "type": "text/plain" + }, + "key": "removeClients", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7900c282-730b-4e56-aaa5-6232977e5d7f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Flag to determine the need to delete a cluster with clients", + "type": "text/plain" + }, + "key": "removeClients", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "38210475-5429-4151-bafd-6e109754ce40", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "managed-clusters", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Flag to determine the need to delete a cluster with clients", + "type": "text/plain" + }, + "key": "removeClients", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Manual Discover Applications", + "description": "Use this API to manually upload application names to be correlated to an ISC connector.\n", + "item": [] + }, + { + "name": "Manual Discover Applications Template", + "description": "Use this API to download the CSV template to send to the application discovery service.\n", + "item": [] + }, + { + "name": "MFA Configuration", + "description": "Configure and test multifactor authentication (MFA) methods", + "item": [ + { + "id": "0250234b-0ddb-4393-b248-785b39343f5b", + "name": "Configuration of Okta MFA method", + "request": { + "name": "Configuration of Okta MFA method", + "description": { + "content": "This API returns the configuration of an Okta MFA method. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "db313c68-54d4-4dbb-ab94-6fa98e7cc38d", + "name": "The configuration of an Okta MFA method.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"mfaMethod\": \"okta-verify\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"d******Y\",\n \"identityAttribute\": \"email\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14e37757-035b-4f1e-b7eb-173dd0992d3a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4021c819-3a06-448f-a535-12f5d4c8d050", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7445a6b9-e12d-42ec-8825-62fb62d3bf71", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "56616c83-99ce-41c5-a5eb-47c1f02dfbcd", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0d9264ae-c84e-4d97-a358-97e2bdd8bb4b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8801be01-7f8a-4395-ab9e-01128cda35fc", + "name": "Set Okta MFA configuration", + "request": { + "name": "Set Okta MFA configuration", + "description": { + "content": "This API sets the configuration of an Okta MFA method. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"okta-verify\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"dk778Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "30c82d47-7c0d-46f6-b25c-255ea5e9f17c", + "name": "MFA configuration of an Okta MFA method.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"okta-verify\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"dk778Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"mfaMethod\": \"okta-verify\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"d******Y\",\n \"identityAttribute\": \"email\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3e13747e-2579-419f-955e-c5374b007ee1", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"okta-verify\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"dk778Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a39ed06a-8ecf-40d6-ab3c-77a32ece1a69", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"okta-verify\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"dk778Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "71c93198-2e6c-4f52-a361-7aef69aa8860", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"okta-verify\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"dk778Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57a6e393-641a-44cb-90e4-1c9fa9399852", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"okta-verify\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"dk778Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b60240b2-206a-4570-8b84-d39693080eef", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "okta-verify", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"okta-verify\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"dk778Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "941bde41-cb7d-4c91-8e02-ba0c6d38b2b4", + "name": "Configuration of Duo MFA method", + "request": { + "name": "Configuration of Duo MFA method", + "description": { + "content": "This API returns the configuration of an Duo MFA method. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "61edd21c-df4b-4789-b4da-005473f932f1", + "name": "The configuration of an Duo MFA method.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"mfaMethod\": \"duo-web\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"d******Y\",\n \"identityAttribute\": \"email\",\n \"configProperties\": {\n \"skey\": \"6******B\",\n \"ikey\": \"Q123WE45R6TY7890ZXCV\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2653636f-b80e-4fb0-bc06-bbde94965664", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "981da08f-915d-4a1d-a7e8-a8de8d07d930", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4622eae9-9e6d-4f09-a65a-0e712e63bea4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7fb5ddc-07e2-40a0-b92b-73102cdbee66", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "31cbf805-dd58-4afc-8837-4e8bd9215662", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4f5641aa-e5f8-46ae-a11e-57169f1d8e16", + "name": "Set Duo MFA configuration", + "request": { + "name": "Set Duo MFA configuration", + "description": { + "content": "This API sets the configuration of an Duo MFA method. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"duo-web\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"qw123Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\",\n \"configProperties\": {\n \"skey\": \"12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B\",\n \"ikey\": \"Q123WE45R6TY7890ZXCV\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "57444e5b-c914-490d-9491-2b482896bf09", + "name": "MFA configuration of an Duo MFA method.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"duo-web\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"qw123Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\",\n \"configProperties\": {\n \"skey\": \"12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B\",\n \"ikey\": \"Q123WE45R6TY7890ZXCV\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"mfaMethod\": \"duo-web\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"q******y\",\n \"identityAttribute\": \"email\",\n \"configProperties\": {\n \"skey\": \"1******B\",\n \"ikey\": \"Q123WE45R6TY7890ZXCV\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e73483d6-799f-4d38-a243-7099e03c458b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"duo-web\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"qw123Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\",\n \"configProperties\": {\n \"skey\": \"12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B\",\n \"ikey\": \"Q123WE45R6TY7890ZXCV\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "96362932-f61c-4712-852b-7fd0607406ad", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"duo-web\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"qw123Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\",\n \"configProperties\": {\n \"skey\": \"12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B\",\n \"ikey\": \"Q123WE45R6TY7890ZXCV\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d9a65a13-c9ca-4b4e-9e4d-19bd20b4f78a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"duo-web\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"qw123Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\",\n \"configProperties\": {\n \"skey\": \"12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B\",\n \"ikey\": \"Q123WE45R6TY7890ZXCV\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aef69eaa-6604-429c-839d-ea93cf9833a0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"duo-web\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"qw123Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\",\n \"configProperties\": {\n \"skey\": \"12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B\",\n \"ikey\": \"Q123WE45R6TY7890ZXCV\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bed9aed0-3190-436f-a96c-3c718584246d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "duo-web", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"mfaMethod\": \"duo-web\",\n \"enabled\": true,\n \"host\": \"www.example.com\",\n \"accessKey\": \"qw123Y3QlA5UqocYpdU3rEkzrK2D497y\",\n \"identityAttribute\": \"email\",\n \"configProperties\": {\n \"skey\": \"12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B\",\n \"ikey\": \"Q123WE45R6TY7890ZXCV\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d10652c6-250f-4f6e-9adf-b8c3782fa216", + "name": "Configuration of KBA MFA method", + "request": { + "name": "Configuration of KBA MFA method", + "description": { + "content": "This API returns the KBA configuration for MFA. A token with USER or ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "mfa", + "kba", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicator whether the question text should be returned in all configured languages\n * If true, the question text is returned in all languages that it is configured in.\n * If false, the question text is returned in the user locale if available, else for the default locale. \n * If not passed, it behaves the same way as passing this parameter as false", + "type": "text/plain" + }, + "key": "allLanguages", + "value": "allLanguages=true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f14969ef-34f2-4ba8-b64e-cae044d1d166", + "name": "The configuration for KBA MFA method.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicator whether the question text should be returned in all configured languages\n * If true, the question text is returned in all languages that it is configured in.\n * If false, the question text is returned in the user locale if available, else for the default locale. \n * If not passed, it behaves the same way as passing this parameter as false", + "type": "text/plain" + }, + "key": "allLanguages", + "value": "allLanguages=true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"143cfd3b-c23f-426b-ae5f-d3db06fa5919\",\n \"text\": \"MFA new question -1 ?\",\n \"hasAnswer\": false,\n \"numAnswers\": 0\n },\n {\n \"id\": \"173421\",\n \"text\": \"What is your alphanumeric PIN?\",\n \"hasAnswer\": false,\n \"numAnswers\": 3\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "acd1a968-a3a9-4050-b4a7-2db3024b8f90", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicator whether the question text should be returned in all configured languages\n * If true, the question text is returned in all languages that it is configured in.\n * If false, the question text is returned in the user locale if available, else for the default locale. \n * If not passed, it behaves the same way as passing this parameter as false", + "type": "text/plain" + }, + "key": "allLanguages", + "value": "allLanguages=true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "803683f8-2364-440d-9af5-6693f3daca4d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicator whether the question text should be returned in all configured languages\n * If true, the question text is returned in all languages that it is configured in.\n * If false, the question text is returned in the user locale if available, else for the default locale. \n * If not passed, it behaves the same way as passing this parameter as false", + "type": "text/plain" + }, + "key": "allLanguages", + "value": "allLanguages=true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fefe002d-4a4e-4567-ae7b-b24a0c7e088a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicator whether the question text should be returned in all configured languages\n * If true, the question text is returned in all languages that it is configured in.\n * If false, the question text is returned in the user locale if available, else for the default locale. \n * If not passed, it behaves the same way as passing this parameter as false", + "type": "text/plain" + }, + "key": "allLanguages", + "value": "allLanguages=true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b72a6002-d2df-46c9-859d-03091af0ee13", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicator whether the question text should be returned in all configured languages\n * If true, the question text is returned in all languages that it is configured in.\n * If false, the question text is returned in the user locale if available, else for the default locale. \n * If not passed, it behaves the same way as passing this parameter as false", + "type": "text/plain" + }, + "key": "allLanguages", + "value": "allLanguages=true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7a5934c-c3d6-47b3-9b15-14dedff6021a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicator whether the question text should be returned in all configured languages\n * If true, the question text is returned in all languages that it is configured in.\n * If false, the question text is returned in the user locale if available, else for the default locale. \n * If not passed, it behaves the same way as passing this parameter as false", + "type": "text/plain" + }, + "key": "allLanguages", + "value": "allLanguages=true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b8727726-bf38-431b-9e6d-7bf78ef5b7ea", + "name": "Set MFA KBA configuration", + "request": { + "name": "Set MFA KBA configuration", + "description": { + "content": "This API sets answers to challenge questions. Any configured questions omitted from the request are removed from user KBA configuration.\nA token with USER authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "mfa", + "kba", + "config", + "answers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"173423\",\n \"answer\": \"822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34\"\n },\n {\n \"id\": \"c54fee53-2d63-4fc5-9259-3e93b9994135\",\n \"answer\": \"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "029b0274-51ed-47c9-beff-949ef10eadbb", + "name": "The new KBA configuration for the user.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config", + "answers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"173423\",\n \"answer\": \"822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34\"\n },\n {\n \"id\": \"c54fee53-2d63-4fc5-9259-3e93b9994135\",\n \"answer\": \"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"143cfd3b-c23f-426b-ae5f-d3db06fa5919\",\n \"question\": \"[{\\\"text\\\":\\\"Nouvelle question MFA -1 ?\\\",\\\"locale\\\":\\\"fr\\\"},{\\\"text\\\":\\\"MFA new question -1 ?\\\",\\\"locale\\\":\\\"\\\"}]\",\n \"hasAnswer\": false\n },\n {\n \"id\": \"173421\",\n \"question\": \"[{\\\"text\\\":\\\"What is your alphanumeric PIN?\\\",\\\"locale\\\":\\\"\\\"}]\",\n \"hasAnswer\": true\n },\n {\n \"id\": \"c54fee53-2d63-4fc5-9259-3e93b9994135\",\n \"question\": \"[{\\\"text\\\":\\\"Nouvelle question MFA - 2 ?\\\",\\\"locale\\\":\\\"fr\\\"},{\\\"text\\\":\\\"MFA new question - 2 ?\\\",\\\"locale\\\":\\\"\\\"}]\",\n \"hasAnswer\": true\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d1fe1a2-8d9e-40e7-8ee0-d639c3e4b7aa", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config", + "answers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"173423\",\n \"answer\": \"822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34\"\n },\n {\n \"id\": \"c54fee53-2d63-4fc5-9259-3e93b9994135\",\n \"answer\": \"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "126d4d2d-57b4-42a8-921b-d2b8d22f2cb3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config", + "answers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"173423\",\n \"answer\": \"822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34\"\n },\n {\n \"id\": \"c54fee53-2d63-4fc5-9259-3e93b9994135\",\n \"answer\": \"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "16800ded-81ea-4ff9-977c-065ecf7f18fc", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config", + "answers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"173423\",\n \"answer\": \"822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34\"\n },\n {\n \"id\": \"c54fee53-2d63-4fc5-9259-3e93b9994135\",\n \"answer\": \"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e29a9fc6-f6fb-429f-b448-f45e1e232eb3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config", + "answers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"173423\",\n \"answer\": \"822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34\"\n },\n {\n \"id\": \"c54fee53-2d63-4fc5-9259-3e93b9994135\",\n \"answer\": \"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7c92979-3282-4e85-97bb-c7e82dbca889", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "mfa", + "kba", + "config", + "answers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"id\": \"173423\",\n \"answer\": \"822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34\"\n },\n {\n \"id\": \"c54fee53-2d63-4fc5-9259-3e93b9994135\",\n \"answer\": \"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f6a186d1-f32c-4161-a03a-b81758a98c4e", + "name": "MFA method's test configuration", + "request": { + "name": "MFA method's test configuration", + "description": { + "content": "This API validates that the configuration is valid and will properly authenticate with the MFA provider identified by the method path parameter.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "mfa", + ":method", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "okta-verify", + "key": "method", + "disabled": true, + "description": { + "content": "(Required) The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fbd49877-53e1-4c67-9492-68d773acd4b1", + "name": "The result of configuration test for the MFA provider.", + "originalRequest": { + "url": { + "path": [ + "mfa", + ":method", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"state\": \"SUCCESS\",\n \"error\": null\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "408077e0-46d8-495d-b76c-63a6b7292410", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "mfa", + ":method", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d026ffe0-f24c-41c1-81c7-757f2c174ce3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "mfa", + ":method", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14b09cfe-5105-4c9b-bc0a-f813e64f7e40", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "mfa", + ":method", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "51cc1364-a604-45f5-a439-fb3e71d6b525", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "mfa", + ":method", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "34205390-5c36-4c7b-8bfb-495d1961ff87", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "mfa", + ":method", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "MFA Controller", + "description": "This API used for multifactor authentication functionality belong to gov-multi-auth service. This controller allow you to verify authentication by specified method", + "item": [] + }, + { + "name": "Non-Employee Lifecycle Management", + "description": "Use this API to implement non-employee lifecycle management functionality. \nWith this functionality in place, administrators can create non-employee records and configure them for use in their organizations. \nThis allows organizations to provide secure access to non-employees and control that access. \n\nThe 'non-employee' term refers to any consultant, contractor, intern, or other user in an organization who is not a full-time permanent employee. \nOrganizations can track non-employees' access and activity in Identity Security Cloud by creating and maintaining non-employee sources. \nOrganizations can have a maximum of 50 non-employee sources. \n\nBy using SailPoint's Non-Employee Lifecycle Management functionality, you agree to the following:\n\n- SailPoint is not responsible for storing sensitive data. \nYou may only add account attributes to non-employee identities that are necessary for business operations and are consistent with your contractual limitations on data that may be sent or stored in Identity Security Cloud.\n\n- You are responsible for regularly downloading your list of non-employee accounts for all the sources you create and storing this list of accounts in a managed location to maintain an authoritative system of record and backup data for these accounts.\n\nTo manage non-employees in Identity Security Cloud, administrators must create a non-employee source and add accounts to the source. \n\nTo create a non-employee source in Identity Security Cloud, administrators must use the Admin panel to go to Connections > Sources.\nThey must then specify 'Non-Employee' in the 'Source Type' field. \nRefer to [Creating a Non-Employee Source](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html#creating-a-non-employee-source) for more details about how to create non-employee sources.\n\nTo add accounts to a non-employee source in Identity Security Cloud, administrators can select the non-employee source and add the accounts. \nThey can also use the 'Manage Non-Employees' widget on their user dashboards to reach the list of sources and then select the non-employee source they want to add the accounts to. \n\nAdministrators can either add accounts individually or in bulk. Each non-employee source can have a maximum of 20,000 accounts. \nTo add accounts in bulk, they must select the 'Bulk Upload' option and upload a CSV file. \nRefer to [Adding Accounts](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html#adding-accounts) for more details about how to add accounts to non-employee sources.\n\nOnce administrators have created the non-employee source and added accounts to it, they can create identity profiles to generate identities for the non-employee accounts and manage the non-employee identities the same way they would any other identities. \n\nRefer to [Managing Non-Employee Sources and Accounts](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html) for more information about non-employee lifecycle management.\n", + "item": [ + { + "id": "2e20a35e-6657-49fb-9aff-2d5804b4e1b3", + "name": "Create Non-Employee Record", + "request": { + "name": "Create Non-Employee Record", + "description": { + "content": "This request will create a non-employee record.\nRequires role context of `idn:nesr:create`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "68a741a2-a2af-45f9-869a-ab12a6bccd09", + "name": "Created non-employee record.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"accountName\": \"Abby.Smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"startDate\": \"2019-08-23T18:52:59.162Z\",\n \"endDate\": \"2020-08-23T18:52:59.162Z\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "342e2bb6-40fc-4712-b6a4-7546a5ef73d3", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a5f84867-a971-40e5-812e-2de0ced153da", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6dc11bb6-3ef2-49b2-9101-8ea03d0fd0cc", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "88cf7c69-de8a-43b6-a430-5d935dd60068", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "215e373c-df74-445f-88ed-24af4aa2576a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "33795206-b47f-4f9d-844b-2c8b46abb51f", + "name": "List Non-Employee Records", + "request": { + "name": "List Non-Employee Records", + "description": { + "content": "This gets a list of non-employee records. There are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:read`, in which case they can get a list of all of the non-employees.\n 2. The user is an account manager, in which case they can get a list of the non-employees that they manage.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, accountName, sourceId, manager, firstName, lastName, email, phone, startDate, endDate, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "accountName,sourceId" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "48963e42-eb1b-4a21-a495-9435ca57b7cc", + "name": "Non-Employee record objects", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, accountName, sourceId, manager, firstName, lastName, email, phone, startDate, endDate, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "accountName,sourceId" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"accountName\": \"Abby.Smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"startDate\": \"2019-08-23T18:52:59.162Z\",\n \"endDate\": \"2020-08-23T18:52:59.162Z\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n },\n {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"accountName\": \"Abby.Smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"startDate\": \"2019-08-23T18:52:59.162Z\",\n \"endDate\": \"2020-08-23T18:52:59.162Z\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57721624-28ce-473e-9e2b-36246c576621", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, accountName, sourceId, manager, firstName, lastName, email, phone, startDate, endDate, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "accountName,sourceId" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b5079c36-18b7-42e2-85a8-58f6bf8e7a0f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, accountName, sourceId, manager, firstName, lastName, email, phone, startDate, endDate, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "accountName,sourceId" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fed70f4a-3ae9-4649-b30a-2d7afaf17fb3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, accountName, sourceId, manager, firstName, lastName, email, phone, startDate, endDate, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "accountName,sourceId" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a606b6e1-38c4-45ee-93ce-0b2b50d032bf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, accountName, sourceId, manager, firstName, lastName, email, phone, startDate, endDate, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "accountName,sourceId" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df808c67-cabc-4058-bb7c-16d350e1c709", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, accountName, sourceId, manager, firstName, lastName, email, phone, startDate, endDate, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "accountName,sourceId" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5019e4b1-4ef7-4b86-baa2-cc9ac789d2fe", + "name": "Get a Non-Employee Record", + "request": { + "name": "Get a Non-Employee Record", + "description": { + "content": "This gets a non-employee record.\nRequires role context of `idn:nesr:read`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Non-Employee record id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "50bcf6b7-571f-4e5a-8249-cc75da0ce10d", + "name": "Non-Employee record object", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"accountName\": \"Abby.Smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"startDate\": \"2019-08-23T18:52:59.162Z\",\n \"endDate\": \"2020-08-23T18:52:59.162Z\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a4852218-ac98-41e2-aa0a-cc617c30a8e8", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d751472a-851f-434e-8c03-ea5b326fbd4a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ad42c813-0969-4d65-86c2-c7e763ea9c6c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a42f65e8-0041-43e5-bddf-dde2839bb8a3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ee7f9fe-ee5c-4f0a-b75f-5f216ba52b0b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "63ecf826-18aa-46dc-a795-54f64087a8a6", + "name": "Update Non-Employee Record", + "request": { + "name": "Update Non-Employee Record", + "description": { + "content": "This request will update a non-employee record. There are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:update`, in which case they\nupdate all available fields.\n 2. The user is owner of the source, in this case they can only update the\nend date.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Non-employee record id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "9990cb6b-1163-4e80-b409-6a52b4d6c508", + "name": "An updated non-employee record.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"accountName\": \"Abby.Smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"startDate\": \"2019-08-23T18:52:59.162Z\",\n \"endDate\": \"2020-08-23T18:52:59.162Z\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "95a00da1-631b-4fc5-bd3a-3dbd910b3e32", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6614d2a3-2c0d-49f2-b5d0-a8668250937a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5e3f2648-ce06-4dd6-8a32-2b4c26688015", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c6b05845-6079-42a7-94fc-d4ac4a1eb27c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bdb108d8-4de5-4710-9a28-fe5352b61d7f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9b2590b-c83a-4b37-8026-b503f9fc4d13", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "149cbfa7-3566-4ef8-bb6f-679f93688da7", + "name": "Patch Non-Employee Record", + "request": { + "name": "Patch Non-Employee Record", + "description": { + "content": "This request will patch a non-employee record. There are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:update`, in which case they\nupdate all available fields.\n 2. The user is owner of the source, in this case they can only update the\nend date.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Non-employee record id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/endDate\",\n \"value\": \"2019-08-23T18:40:35.772Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "77d4e055-d7be-4ded-80e9-6d227d0a8792", + "name": "A patched non-employee record.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/endDate\",\n \"value\": \"2019-08-23T18:40:35.772Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"accountName\": \"Abby.Smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"startDate\": \"2019-08-23T18:52:59.162Z\",\n \"endDate\": \"2020-08-23T18:52:59.162Z\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8fa91da-620a-4551-b198-37c9a8481aef", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/endDate\",\n \"value\": \"2019-08-23T18:40:35.772Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a2580053-63b5-4133-8609-4a85b2c96ef2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/endDate\",\n \"value\": \"2019-08-23T18:40:35.772Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4aeed5d7-e07f-4afe-8ac6-594deaef4c24", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/endDate\",\n \"value\": \"2019-08-23T18:40:35.772Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "30c43a8e-b7da-4e99-9a07-072f37acc877", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/endDate\",\n \"value\": \"2019-08-23T18:40:35.772Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c6b089c1-9115-4afd-9726-c1c44e863ba0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/endDate\",\n \"value\": \"2019-08-23T18:40:35.772Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6875e085-431b-48d3-b219-fcf63fc73d23", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/endDate\",\n \"value\": \"2019-08-23T18:40:35.772Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "12d66b16-761b-4491-b3d3-932b9fd4959b", + "name": "Delete Non-Employee Record", + "request": { + "name": "Delete Non-Employee Record", + "description": { + "content": "This request will delete a non-employee record.\nRequires role context of `idn:nesr:delete`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Non-Employee record id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "b1500a87-4f49-4a02-b617-970d2cf550e0", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "8dc5e612-5ad8-4b05-ba80-73a493a23c4b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "acba8749-f469-473b-9a9f-25bf8f48801a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c9bc0a6b-1963-4277-8da5-b07f0b504e4f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb2b682a-ac5a-4451-93e8-c4b333bc0fa6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "04aa7a4b-84c3-44fc-850a-7240f9dbd1f6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4a967a44-44a8-40a0-affa-ce76c16364af", + "name": "Delete Multiple Non-Employee Records", + "request": { + "name": "Delete Multiple Non-Employee Records", + "description": { + "content": "This request will delete multiple non-employee records based on the non-employee ids provided. Requires role context of `idn:nesr:delete`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-records", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"2d838de9-db9b-abcf-e646-d4f274ad4238\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "95e00c03-4f73-4fdc-99bb-21d92290db3f", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"2d838de9-db9b-abcf-e646-d4f274ad4238\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "19c21ad0-e1a3-462f-8ce5-b95dd21b8ced", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"2d838de9-db9b-abcf-e646-d4f274ad4238\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "611dea18-acf5-4ec5-9660-84b4ee40cc58", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"2d838de9-db9b-abcf-e646-d4f274ad4238\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "19b379c4-edb4-4117-8ca1-07f4c4c349e6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"2d838de9-db9b-abcf-e646-d4f274ad4238\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bee6b763-e4f2-4dd8-b20c-36d8961889c5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"2d838de9-db9b-abcf-e646-d4f274ad4238\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b5f52210-0c71-4536-892c-7a5bca558a10", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-records", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"ids\": [\n \"2b838de9-db9b-abcf-e646-d4f274ad4238\",\n \"2d838de9-db9b-abcf-e646-d4f274ad4238\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a9052e0f-1ee6-43b5-98af-16243e4a94bc", + "name": "Create Non-Employee Request", + "request": { + "name": "Create Non-Employee Request", + "description": { + "content": "This request will create a non-employee request and notify the approver. Requires role context of `idn:nesr:create` or the user must own the source.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "05515530-4cdb-49a1-adbf-40b22d8ba1aa", + "name": "Non-Employee request creation object", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"nonEmployeeSource\": {\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\"\n },\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"approvalItems\": [\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n },\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n }\n ],\n \"approvalStatus\": \"APPROVED\",\n \"comment\": \"approved\",\n \"completionDate\": \"2020-03-24T11:11:41.139-05:00\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"modified\": \"2020-03-24T11:11:41.139-05:00\",\n \"created\": \"2020-03-24T11:11:41.139-05:00\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e8ef325b-0aae-4cd0-ae29-94bd8a444030", + "name": "400.1 Bad Request Content", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en\",\n \"localeOrigin\": \"REQUEST\",\n \"text\": \"firstName is required; accountName is required;\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9cb8ae65-7e42-4da3-89fb-3e2a4ccac741", + "name": "400.1.409 Reference conflict", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1.409 Reference conflict\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en\",\n \"localeOrigin\": \"REQUEST\",\n \"text\": \"Unable to create Non-Employee because the accountName \\\"existed\\\" is already being used.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3a40be21-efc9-45e5-8b1f-c1e486550541", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e152b1fa-dfe3-421c-b859-6f66324c6e12", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4faae21f-4844-4e8e-9c4e-7dfb6ce97330", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3650acb1-12b8-42b1-aac1-c16d7d1529b3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"data\": {\n \"description\": \"Auditing\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6a6715cd-4e99-45c8-bbb5-33d889518172", + "name": "List Non-Employee Requests", + "request": { + "name": "List Non-Employee Requests", + "description": { + "content": "This gets a list of non-employee requests. There are two contextual uses for the `requested-for` path parameter:\n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request a list non-employee requests assigned to a particular account manager by passing in that manager's id.\n 2. The current user is an account manager, in which case \"me\" should be\nprovided as the `requested-for` value. This will provide the user with a list of the non-employee requests in the source(s) he or she manages.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "e136567de87e4d029e60b3c3c55db56d" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, approvalStatus, firstName, lastName, email, phone, accountName, startDate, endDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,approvalStatus" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq* ", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "4fc27eb4-38ff-4a65-b5ea-17817b75751e", + "name": "List of non-employee request objects.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "e136567de87e4d029e60b3c3c55db56d" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, approvalStatus, firstName, lastName, email, phone, accountName, startDate, endDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,approvalStatus" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq* ", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"nonEmployeeSource\": {\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\"\n },\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"approvalItems\": [\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n },\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n }\n ],\n \"approvalStatus\": \"APPROVED\",\n \"comment\": \"approved\",\n \"completionDate\": \"2020-03-24T11:11:41.139-05:00\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"modified\": \"2020-03-24T11:11:41.139-05:00\",\n \"created\": \"2020-03-24T11:11:41.139-05:00\"\n },\n {\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"nonEmployeeSource\": {\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\"\n },\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"approvalItems\": [\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n },\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n }\n ],\n \"approvalStatus\": \"APPROVED\",\n \"comment\": \"approved\",\n \"completionDate\": \"2020-03-24T11:11:41.139-05:00\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"modified\": \"2020-03-24T11:11:41.139-05:00\",\n \"created\": \"2020-03-24T11:11:41.139-05:00\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "344a5922-4cf6-44af-9ad4-80e4112cd0f7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "e136567de87e4d029e60b3c3c55db56d" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, approvalStatus, firstName, lastName, email, phone, accountName, startDate, endDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,approvalStatus" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq* ", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1cfe4d49-b39d-41ab-8c0e-cada1d0446fe", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "e136567de87e4d029e60b3c3c55db56d" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, approvalStatus, firstName, lastName, email, phone, accountName, startDate, endDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,approvalStatus" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq* ", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53afb3a4-5bd8-4470-a824-4ab0a2102d29", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "e136567de87e4d029e60b3c3c55db56d" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, approvalStatus, firstName, lastName, email, phone, accountName, startDate, endDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,approvalStatus" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq* ", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "39446508-d82e-4c4d-a64a-8c4b5c91e971", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "e136567de87e4d029e60b3c3c55db56d" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, approvalStatus, firstName, lastName, email, phone, accountName, startDate, endDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,approvalStatus" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq* ", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "13009933-19e7-413e-9769-5032464ffe8d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "e136567de87e4d029e60b3c3c55db56d" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, approvalStatus, firstName, lastName, email, phone, accountName, startDate, endDate**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created,approvalStatus" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**sourceId**: *eq* ", + "type": "text/plain" + }, + "key": "filters", + "value": "sourceId eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a655ac83-9a28-47d3-b1fe-9aa479ac0478", + "name": "Get a Non-Employee Request", + "request": { + "name": "Get a Non-Employee Request", + "description": { + "content": "This gets a non-employee request.\nThere are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:read`, in this case the user\ncan get the non-employee request for any user.\n 2. The user must be the owner of the non-employee request.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ac110005-7156-1150-8171-5b292e3e0084", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Non-Employee request id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "053457b4-9bb9-46d3-9a39-bdbf4250c143", + "name": "Non-Employee request object.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"nonEmployeeSource\": {\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\"\n },\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"approvalItems\": [\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n },\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n }\n ],\n \"approvalStatus\": \"APPROVED\",\n \"comment\": \"approved\",\n \"completionDate\": \"2020-03-24T11:11:41.139-05:00\",\n \"startDate\": \"2020-03-24T00:00:00-05:00\",\n \"endDate\": \"2021-03-25T00:00:00-05:00\",\n \"modified\": \"2020-03-24T11:11:41.139-05:00\",\n \"created\": \"2020-03-24T11:11:41.139-05:00\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aecc0a46-72c1-420a-81ee-468e84246992", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f758aae7-fee4-43ec-9c18-4b045f0940c4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3f7189b-1b44-4c1d-bda1-dc5d3ed52354", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ac63664-cf77-4417-9dcc-e7fa7b3f7eb1", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ef74418c-eed5-4da1-843d-78e0b7929949", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f2cff08f-35d7-422a-9575-1e60f6d984bc", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9bed7184-21bd-415f-9be7-2cd42b20a3f1", + "name": "Delete Non-Employee Request", + "request": { + "name": "Delete Non-Employee Request", + "description": { + "content": "This request will delete a non-employee request. \nRequires role context of `idn:nesr:delete`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ac110005-7156-1150-8171-5b292e3e0084", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Non-Employee request id in the UUID format", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "ba5e64cf-72a4-4048-9f56-7b61418f1c64", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "934fe957-b8d6-42e6-ab75-2e2eba6a89c0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc3d00bc-be14-402c-9218-fc2dc2a8a193", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "72194ada-3187-4a25-9f01-a3021334f408", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a33ee10-0712-4ec7-9726-0070bb5a0f67", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f33cb574-5ca2-42fd-9d6a-b6be5989c3a4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "25eeb4d9-be48-422a-8799-0c7415378fa7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d738f740-9ec6-4f00-8ee4-cbe9f9812c37", + "name": "Get Summary of Non-Employee Requests", + "request": { + "name": "Get Summary of Non-Employee Requests", + "description": { + "content": "This request will retrieve a summary of non-employee requests. There are two contextual uses for the `requested-for` path parameter:\n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request a summary of all non-employee approval requests assigned to a particular account manager by passing in that manager's id.\n 2. The current user is an account manager, in which case \"me\" should be\nprovided as the `requested-for` value. This will provide the user with a summary of the non-employee requests in the source(s) he or she manages.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-requests", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808280430dfb0180431a59440460", + "key": "requested-for", + "disabled": true, + "description": { + "content": "(Required) The identity (UUID) of the non-employee account manager for whom the summary is being retrieved. Use \"me\" instead to indicate the current user.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e4166dbd-0c0d-4424-a2a7-725d50b11cc2", + "name": "Non-Employee request summary object.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"approved\": 2,\n \"rejected\": 2,\n \"pending\": 2,\n \"nonEmployeeCount\": 2\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e86c861f-e1a0-473f-9143-f44b757d486e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "60fec4d1-13d2-44aa-b4c4-7831336a1d7e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d5c025a-1545-4e9a-96d5-3e212ca9efaa", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1972aec0-2355-40f1-b067-452e00d27b80", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3df59ae9-a29b-47f5-9aa5-3ce9fb343eab", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-requests", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2cee7116-8500-4344-a6c6-1efdcaf65d4f", + "name": "Create Non-Employee Source", + "request": { + "name": "Create Non-Employee Source", + "description": { + "content": "This request will create a non-employee source. Requires role context of `idn:nesr:create`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"managementWorkgroup\": \"123299\",\n \"approvers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ],\n \"accountManagers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "6ed8d1d7-8f59-45b2-9fb2-16874c2fca4e", + "name": "Created non-employee source.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"managementWorkgroup\": \"123299\",\n \"approvers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ],\n \"accountManagers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"approvers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"accountManagers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"cloudExternalId\": \"99999\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "872cd0bc-33c7-499f-93dc-3bdd2af10b51", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"managementWorkgroup\": \"123299\",\n \"approvers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ],\n \"accountManagers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40d6e533-c419-45a7-b703-a897934c9e89", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"managementWorkgroup\": \"123299\",\n \"approvers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ],\n \"accountManagers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4bac7958-016a-413f-86af-bd6c7714d83d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"managementWorkgroup\": \"123299\",\n \"approvers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ],\n \"accountManagers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14debabf-2983-411b-aa47-ce0b97acbabe", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"managementWorkgroup\": \"123299\",\n \"approvers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ],\n \"accountManagers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a0f5e32-2c3b-44ac-a0a7-d4e6c2c8caf4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"managementWorkgroup\": \"123299\",\n \"approvers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ],\n \"accountManagers\": [\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n },\n {\n \"id\": \"2c91808570313110017040b06f344ec9\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "76ac5e28-29ee-486f-859c-11b32fbbf315", + "name": "List Non-Employee Sources", + "request": { + "name": "List Non-Employee Sources", + "description": { + "content": "This gets a list of non-employee sources. There are two contextual uses for the requested-for path parameter: \n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request a list sources assigned to a particular account manager by passing in that manager's id.\n 2. The current user is an account manager, in which case \"me\" should be\nprovided as the `requested-for` value. This will provide the user with a list of the sources that he or she owns.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "The flag to determine whether return a non-employee count associate with source.", + "type": "text/plain" + }, + "key": "non-employee-count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, sourceId**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "3e08b173-e623-4a3b-beea-1a64f417510d", + "name": "List of non-employee sources objects.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "The flag to determine whether return a non-employee count associate with source.", + "type": "text/plain" + }, + "key": "non-employee-count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, sourceId**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"approvers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"accountManagers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"nonEmployeeCount\": 120\n },\n {\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"approvers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"accountManagers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"nonEmployeeCount\": 120\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75af7595-6df1-4c74-a2e9-df43e54f8200", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "The flag to determine whether return a non-employee count associate with source.", + "type": "text/plain" + }, + "key": "non-employee-count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, sourceId**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a3cd8891-aa6c-409d-b7a4-581d28fb24a1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "The flag to determine whether return a non-employee count associate with source.", + "type": "text/plain" + }, + "key": "non-employee-count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, sourceId**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9bd231b1-782e-4256-af14-cdab13688471", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "The flag to determine whether return a non-employee count associate with source.", + "type": "text/plain" + }, + "key": "non-employee-count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, sourceId**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e3d30890-a977-4011-a269-76c501a0aa40", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "The flag to determine whether return a non-employee count associate with source.", + "type": "text/plain" + }, + "key": "non-employee-count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, sourceId**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "84b10c8d-192b-40d7-97aa-5141fb15ff11", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "(Required) The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "me" + }, + { + "disabled": true, + "description": { + "content": "The flag to determine whether return a non-employee count associate with source.", + "type": "text/plain" + }, + "key": "non-employee-count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, sourceId**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f8037680-5664-4ab1-9385-9a01e923f6ee", + "name": "Get a Non-Employee Source", + "request": { + "name": "Get a Non-Employee Source", + "description": { + "content": "This gets a non-employee source. There are two contextual uses for the requested-for path parameter: \n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request any source.\n 2. The current user is an account manager, in which case the user can only\nrequest sources that they own.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808b7c28b350017c2a2ec5790aa1", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) Source Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "aa924865-14b7-40f1-97a0-78f841bb6e0d", + "name": "Non-Employee source object.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"approvers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"accountManagers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6aa48a48-f122-4b63-a29d-1af9f253ab16", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "35fa49ee-a33b-4396-94bd-e2a6b4a55a0a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "96afdca8-f2fd-4fb0-8c7d-0fa339abb741", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bf79259a-a9b6-43cd-9b49-bc8cdd587611", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f1beae0-1e1b-4220-85f5-6a86bb0d240d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d00e8d51-754e-45fb-9031-9ec908587fac", + "name": "Patch a Non-Employee Source", + "request": { + "name": "Patch a Non-Employee Source", + "description": { + "content": "patch a non-employee source. (partial update)
Patchable field: **name, description, approvers, accountManagers** Requires role context of `idn:nesr:update`.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "e136567de87e4d029e60b3c3c55db56d", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) Source Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": {\n \"new name\": null\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/approvers\",\n \"value\": [\n \"2c91809f703bb37a017040a2fe8748c7\",\n \"48b1f463c9e8427db5a5071bd81914b8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "9d7b5821-1f75-4549-be72-69dff9843015", + "name": "A patched non-employee source object.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": {\n \"new name\": null\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/approvers\",\n \"value\": [\n \"2c91809f703bb37a017040a2fe8748c7\",\n \"48b1f463c9e8427db5a5071bd81914b8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"approvers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"accountManagers\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n }\n ],\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be7187ed-4cb5-4eee-9fc6-f0fc32fd014a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": {\n \"new name\": null\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/approvers\",\n \"value\": [\n \"2c91809f703bb37a017040a2fe8748c7\",\n \"48b1f463c9e8427db5a5071bd81914b8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e4c6de1e-c5ea-4737-81ae-70de716d52b8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": {\n \"new name\": null\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/approvers\",\n \"value\": [\n \"2c91809f703bb37a017040a2fe8748c7\",\n \"48b1f463c9e8427db5a5071bd81914b8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8709ee6-781d-4359-b7ca-713913fcd624", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": {\n \"new name\": null\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/approvers\",\n \"value\": [\n \"2c91809f703bb37a017040a2fe8748c7\",\n \"48b1f463c9e8427db5a5071bd81914b8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5c78ac21-6be2-447e-8ea8-a4bbcaedbb94", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": {\n \"new name\": null\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/approvers\",\n \"value\": [\n \"2c91809f703bb37a017040a2fe8748c7\",\n \"48b1f463c9e8427db5a5071bd81914b8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4519e8de-59b5-4cb5-a2e8-e376836901fe", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": {\n \"new name\": null\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/approvers\",\n \"value\": [\n \"2c91809f703bb37a017040a2fe8748c7\",\n \"48b1f463c9e8427db5a5071bd81914b8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "055d720b-30e0-41b4-8e09-b8ef59932742", + "name": "Delete Non-Employee Source", + "request": { + "name": "Delete Non-Employee Source", + "description": { + "content": "This request will delete a non-employee source. Requires role context of `idn:nesr:delete`.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "e136567de87e4d029e60b3c3c55db56d", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) Source Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "66a2593d-b489-482d-999a-ac1e1e46ebd0", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "3e1d2529-43bf-49d7-9d48-96663e25b1a7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3281f965-601c-4bdc-b34f-f2289ac60f4c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c640e5e7-6c3a-4753-a785-c9919648f6d4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5e055dcd-b610-49ec-ae5e-f385b6ea1b48", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "56deacad-7fc4-4a41-9a11-41266b9f3f84", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "12921bee-8602-4ae5-bc1e-8fa3c5506f4a", + "name": "Exports Non-Employee Records to CSV", + "request": { + "name": "Exports Non-Employee Records to CSV", + "description": { + "content": "This requests a CSV download for all non-employees from a provided source. Requires role context of `idn:nesr:read`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employees", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "e136567de87e4d029e60b3c3c55db56d", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source Id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fdae2ecf-5f6c-43e6-87be-1e64d98543dd", + "name": "Exported CSV", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employees", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "text/csv" + } + ], + "body": "accountName,firstName,lastName,phone,email,manager,startDate,endDate\nJon.Smith, Jon, Smith, 555-555-5555, jon@jon.doe.nope.com, Jim Smith, 2020-04-05T08:00:00-10:00,2020-08-07T19:00:00-10:00\nWilliam.Chaffin, William, Chaffin, 555-555-5555, william@chaffins.nope.com, Bertram Chaffin, 2020-04-05T08:00:00-10:00,2020-08-07T19:00:00-10:00\n", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "477f3c12-9d44-4059-91d4-9812612a0351", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employees", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05270a0c-ba73-4696-a259-0c7b79a8fc2d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employees", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1b334dee-4f6e-4739-8d98-d6cda1f1cc2e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employees", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "98475fb6-d00b-4d59-b84f-1f536ada6dda", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employees", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "faa12699-561e-4a4d-8a4e-f53c31afb985", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employees", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2c67025f-f929-49bc-b7c2-aa653dff76ec", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employees", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "71766ad0-b267-47e4-919c-a9e4a3f4ee43", + "name": "Imports, or Updates, Non-Employee Records", + "request": { + "name": "Imports, or Updates, Non-Employee Records", + "description": { + "content": "This post will import, or update, Non-Employee records found in the CSV. Requires role context of `idn:nesr:create`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "e136567de87e4d029e60b3c3c55db56d", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source Id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) ", + "type": "text/plain" + }, + "key": "data", + "value": "occaecat consecte", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "d7d58452-4265-4701-a895-bcb9c8c8cee5", + "name": "The CSV was accepted to be bulk inserted now or at a later time.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) ", + "type": "text/plain" + }, + "key": "data", + "value": "occaecat consecte", + "type": "text" + } + ] + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808568c529c60168cca6f90cffff\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"created\": \"2019-08-23T18:52:59.162Z\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"status\": \"PENDING\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "963cf96c-6222-48e6-b962-9e05f81b3419", + "name": "Client Error - Returned if the request body is invalid.\nThe response body will contain the list of specific errors with one on each line.\n", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) ", + "type": "text/plain" + }, + "key": "data", + "value": "occaecat consecte", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8889dcce-74aa-463b-a038-9833c75fc6f3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) ", + "type": "text/plain" + }, + "key": "data", + "value": "occaecat consecte", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d6c9ca7b-acdb-4457-a8d9-e336c941b123", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) ", + "type": "text/plain" + }, + "key": "data", + "value": "occaecat consecte", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "58a6601a-6c10-4690-884d-f94a3dbdb8c8", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) ", + "type": "text/plain" + }, + "key": "data", + "value": "occaecat consecte", + "type": "text" + } + ] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "742979ba-36ec-4150-ae2a-537cbcddacf7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) ", + "type": "text/plain" + }, + "key": "data", + "value": "occaecat consecte", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ee63527e-6e39-486e-8b4f-b61b8ca07304", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) ", + "type": "text/plain" + }, + "key": "data", + "value": "occaecat consecte", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1e84102d-4199-44c1-832d-099f27a8ba13", + "name": "Obtain the status of bulk upload on the source", + "request": { + "name": "Obtain the status of bulk upload on the source", + "description": { + "content": "The nonEmployeeBulkUploadStatus API returns the status of the newest bulk upload job for the specified source.\nRequires role context of `idn:nesr:read`\n", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "e136567de87e4d029e60b3c3c55db56d", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source ID (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "44c017dd-7e61-4c15-b8bd-3862dcd3df9f", + "name": "Status of the newest bulk-upload job, if any.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"status\": \"PENDING\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "33907e78-3749-447b-8164-d46d67fd6ee5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2c9f1f02-4857-4f0b-9e8e-21ec47971eb0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e9c11ebc-9fa3-4054-b71e-08c25639a3ad", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "91f9c019-047d-4966-bbd0-1a2b1ac20cfe", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d2731b1-269d-4f6e-9c54-7eda99811af5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "non-employee-bulk-upload", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f25ad651-ad9a-4141-8fe2-d8000e13457b", + "name": "Exports Source Schema Template", + "request": { + "name": "Exports Source Schema Template", + "description": { + "content": "This requests a download for the Source Schema Template for a provided source. Requires role context of `idn:nesr:read`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":id", + "schema-attributes-template", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source Id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "04430af3-5af8-4c7b-8a86-7adb589db334", + "name": "Exported Source Schema Template", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "schema-attributes-template", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "text/csv" + } + ], + "body": "accountName,firstName,lastName,phone,email,manager,startDate,endDate\n", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "fbadda6e-8803-4b1f-b581-bfed335b9b1f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "schema-attributes-template", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "183d0111-41eb-42a7-b3b1-eee2ff4838c3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "schema-attributes-template", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "67282872-9ef3-4260-ae72-4202e3db4e53", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "schema-attributes-template", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53d81ce9-0b17-479d-b8a6-ae3744f760c2", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "schema-attributes-template", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "279491d1-3ca0-4840-843a-c18fd65c7ce0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "schema-attributes-template", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fdfe7da0-7886-4d08-b131-c813b348e7bc", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":id", + "schema-attributes-template", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1d8a132b-dba5-4e3d-8a2d-fa9560c93d96", + "name": "Get List of Non-Employee Approval Requests", + "request": { + "name": "Get List of Non-Employee Approval Requests", + "description": { + "content": "This gets a list of non-employee approval requests.\nThere are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:read`, in which case they\ncan list the approvals for any approver.\n 2. The user owns the requested approval.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808280430dfb0180431a59440460" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**approvalStatus**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "approvalStatus eq \"Pending\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7b3d8309-4897-47c6-bcea-f9f1293f0582", + "name": "List of approval items.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808280430dfb0180431a59440460" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**approvalStatus**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "approvalStatus eq \"Pending\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"nonEmployeeRequest\": {\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"name\": \"William Smith\"\n }\n }\n },\n {\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"nonEmployeeRequest\": {\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"name\": \"William Smith\"\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "91c4517b-0a70-4017-b7c8-7b932e7ed8af", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808280430dfb0180431a59440460" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**approvalStatus**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "approvalStatus eq \"Pending\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a07286b4-8d0b-4099-8faf-2fe00a23eead", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808280430dfb0180431a59440460" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**approvalStatus**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "approvalStatus eq \"Pending\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe8e521e-83a9-4a51-aa36-c05b68b45c62", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808280430dfb0180431a59440460" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**approvalStatus**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "approvalStatus eq \"Pending\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a5c253bc-c175-459e-8eda-47a728babca4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808280430dfb0180431a59440460" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**approvalStatus**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "approvalStatus eq \"Pending\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "07d9a4df-47d2-4f9a-8c12-af4fa1558d85", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity for whom the request was made. *me* indicates the current user.", + "type": "text/plain" + }, + "key": "requested-for", + "value": "2c91808280430dfb0180431a59440460" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**approvalStatus**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "approvalStatus eq \"Pending\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "782e4f80-e755-4eff-8790-8de124be320d", + "name": "Get a non-employee approval item detail", + "request": { + "name": "Get a non-employee approval item detail", + "description": { + "content": "Gets a non-employee approval item detail. There are two contextual uses for this endpoint:\n 1. The user has the role context of `idn:nesr:read`, in which case they\ncan get any approval.\n 2. The user owns the requested approval.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The object nonEmployeeRequest will not be included detail when set to false. *Default value is true*", + "type": "text/plain" + }, + "key": "include-detail", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "e136567de87e4d029e60b3c3c55db56d", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Non-Employee approval item id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "dea24a76-0608-4357-a0ff-afad2c22d6eb", + "name": "Non-Employee approval item object.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The object nonEmployeeRequest will not be included detail when set to false. *Default value is true*", + "type": "text/plain" + }, + "key": "include-detail", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"nonEmployeeRequest\": {\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"name\": \"William Smith\"\n },\n \"accountName\": \"william.smith\",\n \"firstName\": \"William\",\n \"lastName\": \"Smith\",\n \"email\": \"william.smith@example.com\",\n \"phone\": \"5555555555\",\n \"manager\": \"jane.doe\",\n \"nonEmployeeSource\": {\n \"id\": \"a0303682-5e4a-44f7-bdc2-6ce6112549c1\",\n \"sourceId\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Retail\",\n \"description\": \"Source description\",\n \"schemaAttributes\": [\n {\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"system\": true,\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n },\n {\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"system\": true,\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n }\n ]\n },\n \"data\": {\n \"description\": \"Auditing\"\n },\n \"approvalStatus\": \"APPROVED\",\n \"comment\": \"approved\",\n \"completionDate\": \"2020-03-24T11:11:41.139-05:00\",\n \"startDate\": \"2020-03-24\",\n \"endDate\": \"2021-03-25\",\n \"modified\": \"2020-03-24T11:11:41.139-05:00\",\n \"created\": \"2020-03-24T11:11:41.139-05:00\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c5c44c6-9218-4f2a-97b5-f48813bf9ef5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The object nonEmployeeRequest will not be included detail when set to false. *Default value is true*", + "type": "text/plain" + }, + "key": "include-detail", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "04edea76-3e53-4a89-a794-bb23f617626b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The object nonEmployeeRequest will not be included detail when set to false. *Default value is true*", + "type": "text/plain" + }, + "key": "include-detail", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c731ad41-7d4c-4564-b0d2-239567784961", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The object nonEmployeeRequest will not be included detail when set to false. *Default value is true*", + "type": "text/plain" + }, + "key": "include-detail", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "841a5738-ad13-4806-abd6-9e65e5d582fd", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The object nonEmployeeRequest will not be included detail when set to false. *Default value is true*", + "type": "text/plain" + }, + "key": "include-detail", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "512b42c1-d4d9-4c86-9c27-d99faf9a0703", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The object nonEmployeeRequest will not be included detail when set to false. *Default value is true*", + "type": "text/plain" + }, + "key": "include-detail", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "87b7b19e-bf1b-4668-8fb0-b0366b546229", + "name": "Approve a Non-Employee Request", + "request": { + "name": "Approve a Non-Employee Request", + "description": { + "content": "Approves a non-employee approval request and notifies the next approver. The current user must be the requested approver.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-approvals", + ":id", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "e136567de87e4d029e60b3c3c55db56d", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Non-Employee approval item id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"Approved by manager\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3411de4d-f8ec-4940-99a3-44c67a46b6b9", + "name": "Non-Employee approval item object.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"Approved by manager\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"nonEmployeeRequest\": {\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"name\": \"William Smith\"\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "44d71909-3ad4-4e74-8e54-bb0cae518d5d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"Approved by manager\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fa5b0017-3396-4902-ac6e-cdeceffa6994", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"Approved by manager\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aed538c8-079f-4eb2-8bf7-9a3746b2ab4a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"Approved by manager\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "966f5f3d-f587-4f13-af64-df97c22afc24", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"Approved by manager\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "689717e1-f169-4740-b4b1-ed8794645a35", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "approve" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"Approved by manager\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "aba0baa1-b15c-4cc9-95cf-d3f220e03e18", + "name": "Reject a Non-Employee Request", + "request": { + "name": "Reject a Non-Employee Request", + "description": { + "content": "This endpoint will reject an approval item request and notify user. The current user must be the requested approver.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-approvals", + ":id", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "e136567de87e4d029e60b3c3c55db56d", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Non-Employee approval item id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"approved\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "2cc87f66-c27f-42e4-8e64-ea4c17bf1bc4", + "name": "Non-Employee approval item object.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"approved\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c1e388b-1e55-4b0a-ab5c-897f1204159c\",\n \"approver\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\"\n },\n \"accountName\": \"test.account\",\n \"approvalStatus\": \"APPROVED\",\n \"approvalOrder\": 1,\n \"comment\": \"I approve\",\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"nonEmployeeRequest\": {\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"requester\": {\n \"type\": \"IDENTITY\",\n \"name\": \"William Smith\"\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "516ddc46-a3a0-4199-9e09-0801492cd0a7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"approved\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6bb650a5-63fc-4c5e-92e9-3bc1e7da3f42", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"approved\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "889acfb7-ad0b-4fa4-ad6b-467a8025be5d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"approved\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b9b5d78-6ef3-4c71-b76e-beb4d369b337", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"approved\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba80d7fb-0a02-464f-a49a-8827eab4fdf0", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + ":id", + "reject" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"comment\": \"approved\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "befb63e8-0c03-4ca6-a768-dac92864fa1d", + "name": "Get Summary of Non-Employee Approval Requests", + "request": { + "name": "Get Summary of Non-Employee Approval Requests", + "description": { + "content": "This request will retrieve a summary of non-employee approval requests. There are two contextual uses for the `requested-for` path parameter:\n 1. The user has the role context of `idn:nesr:read`, in which case he or\nshe may request a summary of all non-employee approval requests assigned to a particular approver by passing in that approver's id.\n 2. The current user is an approver, in which case \"me\" should be provided\nas the `requested-for` value. This will provide the approver with a summary of the approval items assigned to him or her.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-approvals", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808280430dfb0180431a59440460", + "key": "requested-for", + "disabled": true, + "description": { + "content": "(Required) The identity (UUID) of the approver for whom for whom the summary is being retrieved. Use \"me\" instead to indicate the current user.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "aab49acc-ad5f-4d9b-842f-693a3e51a2e8", + "name": "summary of non-employee approval requests", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"approved\": 2,\n \"pending\": 2,\n \"rejected\": 2\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2786b304-7a88-41bb-8183-e06be85984c7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9580e904-7ef0-441d-9b7b-81a9da4f298d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "035597ac-63ea-4d42-9ba0-fbf4465cd4b5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "545ead75-10b3-4209-b35b-a02b61df4f4b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3196546d-1006-4649-b669-07e642895a80", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-approvals", + "summary", + ":requested-for" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f5b0a4f2-84da-448d-9768-f12e4e094f88", + "name": "List Schema Attributes Non-Employee Source", + "request": { + "name": "List Schema Attributes Non-Employee Source", + "description": { + "content": "This API gets the list of schema attributes for the specified Non-Employee SourceId. There are 8 mandatory attributes added to each new Non-Employee Source automatically. Additionaly, user can add up to 10 custom attributes. This interface returns all the mandatory attributes followed by any custom attributes. At most, a total of 18 attributes will be returned.\nRequires role context of `idn:nesr:read` or the user must be an account manager of the source.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "9ce0e96e-816d-47f9-bd08-e52e75dcf138", + "name": "A list of Schema Attributes", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"system\": true,\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n },\n {\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"system\": true,\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "113d125b-3e12-453d-b123-eb4faf18bc89", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d90a1fc-5956-41fd-839f-0ee5777b8bef", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e0aef73e-713a-424f-8efe-30c97f87fd68", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c6bb8d32-e86d-45c9-a77c-6a99a94266a4", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c9c971cf-41d3-4b80-8e0f-ef059bdf42f6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b35dfc2c-de68-48e0-96b6-53c6cff60216", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "93977a76-430a-4e88-902c-360f7b0a749e", + "name": "Create a new Schema Attribute for Non-Employee Source", + "request": { + "name": "Create a new Schema Attribute for Non-Employee Source", + "description": { + "content": "This API creates a new schema attribute for Non-Employee Source. The schema technical name must be unique in the source. Attempts to create a schema attribute with an existing name will result in a \"400.1.409 Reference conflict\" response. At most, 10 custom attributes can be created per schema. Attempts to create more than 10 will result in a \"400.1.4 Limit violation\" response.\nRequires role context of `idn:nesr:create`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "98ede53b-81c2-4cea-82b4-d27c23cfa50d", + "name": "Schema Attribute created.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"system\": true,\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b22f7e3-85ce-4ddf-b583-a7ea99c9c075", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2b01c218-7e91-4751-a049-d7baf7dbee68", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6752145f-04b2-437f-940c-5c359f11695a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "42129930-e6b1-486c-acc3-f47e9fcca4cf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f6e5d81-f956-40b2-b388-5970ce22846c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0386f967-84c5-498e-80e3-002c639d945f", + "name": "Delete all custom schema attributes for Non-Employee Source", + "request": { + "name": "Delete all custom schema attributes for Non-Employee Source", + "description": { + "content": "This end-point deletes all custom schema attributes for a non-employee source. Requires role context of `idn:nesr:delete`", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "5702c733-4ca1-4047-90ce-4cc343e1eab0", + "name": "All custon Schema Attributes were successfully deleted.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "cb1e29b8-e872-4545-95a2-3ddbb9377657", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0fdf4c28-47ed-4f6e-b3e4-0c4c389c15fa", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1344c1bd-e7fb-4438-87f2-2c1efd97e45c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "19e63114-5f29-4d6a-b1b1-fe87197220a3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "65eac362-048d-43ce-82da-3cf9593b3eb0", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3fc335d1-df97-4d17-9f92-cefafac01643", + "name": "Get Schema Attribute Non-Employee Source", + "request": { + "name": "Get Schema Attribute Non-Employee Source", + "description": { + "content": "This API gets a schema attribute by Id for the specified Non-Employee SourceId. Requires role context of `idn:nesr:read` or the user must be an account manager of the source.", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "attributeId", + "disabled": true, + "description": { + "content": "(Required) The Schema Attribute Id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e7f55494-d8e8-4c87-a6ce-c38cbbc35aa2", + "name": "The Schema Attribute", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"system\": true,\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f70fca2-5ad0-4370-b52c-d82e23e9c1cc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ee353059-a538-4521-adf9-ddb72676ee4b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df4883be-80b0-4fea-b67d-75f8025abc31", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4c81c12e-0d4d-4313-983a-76deb62bc6bc", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9e991fd3-9084-4981-b9e3-44048d682579", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8e6ad710-f722-4fb2-b03e-3985f6e23fee", + "name": "Patch a Schema Attribute for Non-Employee Source", + "request": { + "name": "Patch a Schema Attribute for Non-Employee Source", + "description": { + "content": "This end-point patches a specific schema attribute for a non-employee SourceId.\nRequires role context of `idn:nesr:update`\n", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "attributeId", + "disabled": true, + "description": { + "content": "(Required) The Schema Attribute Id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/label\",\n \"value\": {\n \"new attribute label\": null\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "01ebaac0-e027-49e4-ada4-4ad42dff2aa3", + "name": "The Schema Attribute was successfully patched.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/label\",\n \"value\": {\n \"new attribute label\": null\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"TEXT\",\n \"technicalName\": \"account.name\",\n \"label\": \"Account Name\",\n \"id\": \"ac110005-7156-1150-8171-5b292e3e0084\",\n \"system\": true,\n \"modified\": \"2019-08-23T18:52:59.162Z\",\n \"created\": \"2019-08-23T18:40:35.772Z\",\n \"helpText\": \"The unique identifier for the account\",\n \"placeholder\": \"Enter a unique user name for this account.\",\n \"required\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f1336ec-563a-4270-b950-c986f2eedd18", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/label\",\n \"value\": {\n \"new attribute label\": null\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "541ef221-13d8-4762-af2e-83698aa1e3c7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/label\",\n \"value\": {\n \"new attribute label\": null\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b0abbf3d-4bc1-444d-9a85-96e8d02b8c42", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/label\",\n \"value\": {\n \"new attribute label\": null\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5ed8016-e893-40f0-963c-4657c038b99e", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/label\",\n \"value\": {\n \"new attribute label\": null\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d97620dd-8ea8-4d0d-86a6-2373cc6ba605", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/label\",\n \"value\": {\n \"new attribute label\": null\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a03f73d9-5faa-468c-9a26-6e40dbfd8eec", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/label\",\n \"value\": {\n \"new attribute label\": null\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5c03b08f-c1b6-4e8b-a4f7-fe21fcc4d623", + "name": "Delete a Schema Attribute for Non-Employee Source", + "request": { + "name": "Delete a Schema Attribute for Non-Employee Source", + "description": { + "content": "This end-point deletes a specific schema attribute for a non-employee source.\nRequires role context of `idn:nesr:delete`\n", + "type": "text/plain" + }, + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "attributeId", + "disabled": true, + "description": { + "content": "(Required) The Schema Attribute Id (UUID)", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "65fc4a70-d189-4354-b504-af9773c47af8", + "name": "The Schema Attribute was successfully deleted.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "20e7be84-07b4-4aa5-b2c7-090551b7da2a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "37bad24a-d5de-42ab-bd11-0da5b495f544", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "138ef950-fbb3-47e0-b9e6-0158b8a961b2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7591142f-1557-40d0-a864-b503af4c7756", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "04961dbd-9c8e-4b58-9eef-2a82ae8f83d5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "non-employee-sources", + ":sourceId", + "schema-attributes", + ":attributeId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Notifications", + "description": "", + "item": [ + { + "id": "78556200-1b83-40ce-9100-b8482b47bc08", + "name": "Change MAIL FROM domain", + "request": { + "name": "Change MAIL FROM domain", + "description": { + "content": "Change the MAIL FROM domain of an AWS SES email identity and provide the MX and TXT records to be placed in the caller's DNS", + "type": "text/plain" + }, + "url": { + "path": [ + "mail-from-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identity\": \"BobSmith@sailpoint.com\",\n \"mailFromDomain\": \"example.sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "42293745-51c3-4735-92ce-a9e29b2354b4", + "name": "MAIL FROM Attributes required to verify the change", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identity\": \"BobSmith@sailpoint.com\",\n \"mailFromDomain\": \"example.sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identity\": \"bob.smith@sailpoint.com\",\n \"mailFromDomain\": \"foo.sailpoint.com\",\n \"mxRecord\": \"10 feedback-smtp.us-east-1.amazonses.com\",\n \"txtRecord\": \"v=spf1 include:amazonses.com ~all\",\n \"mailFromDomainStatus\": \"PENDING\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "04a84d06-5858-4e7a-aa0d-826b1f9b6fd9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identity\": \"BobSmith@sailpoint.com\",\n \"mailFromDomain\": \"example.sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f987616-a69e-449d-9cc0-a0fbf1f17ea6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identity\": \"BobSmith@sailpoint.com\",\n \"mailFromDomain\": \"example.sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a268ccf9-22c4-4147-9758-82a42cda6270", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identity\": \"BobSmith@sailpoint.com\",\n \"mailFromDomain\": \"example.sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dca8d404-f18f-483a-99e4-0573595c578c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identity\": \"BobSmith@sailpoint.com\",\n \"mailFromDomain\": \"example.sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "028fac36-4eb3-48cb-9ad5-b744ea393dbd", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"identity\": \"BobSmith@sailpoint.com\",\n \"mailFromDomain\": \"example.sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "19b1ac1d-524c-46d9-87d7-a22dd86484f6", + "name": "Get MAIL FROM Attributes", + "request": { + "name": "Get MAIL FROM Attributes", + "description": { + "content": "Retrieve MAIL FROM attributes for a given AWS SES identity.", + "type": "text/plain" + }, + "url": { + "path": [ + "mail-from-attributes", + ":identity" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status", + "type": "text/plain" + }, + "key": "id", + "value": "bobsmith@sailpoint.com" + } + ], + "variable": [ + { + "type": "any", + "key": "identity" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e6c73a0b-7b01-4c4b-a940-3a84b0b8f293", + "name": "MAIL FROM Attributes object", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes", + ":identity" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status", + "type": "text/plain" + }, + "key": "id", + "value": "bobsmith@sailpoint.com" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identity\": \"bob.smith@sailpoint.com\",\n \"mailFromDomain\": \"foo.sailpoint.com\",\n \"mxRecord\": \"10 feedback-smtp.us-east-1.amazonses.com\",\n \"txtRecord\": \"v=spf1 include:amazonses.com ~all\",\n \"mailFromDomainStatus\": \"PENDING\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "34fe2ac2-a836-47ba-8a78-5346d71776ad", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes", + ":identity" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status", + "type": "text/plain" + }, + "key": "id", + "value": "bobsmith@sailpoint.com" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d4e43f3-23c0-44f0-8983-9295f1970549", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes", + ":identity" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status", + "type": "text/plain" + }, + "key": "id", + "value": "bobsmith@sailpoint.com" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d010e121-89c4-4796-96da-b6bb774cef65", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes", + ":identity" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status", + "type": "text/plain" + }, + "key": "id", + "value": "bobsmith@sailpoint.com" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e0977d53-e126-4a12-a809-e8454d4246bd", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes", + ":identity" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status", + "type": "text/plain" + }, + "key": "id", + "value": "bobsmith@sailpoint.com" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f30d221-7453-44c2-a3f2-865c721c9568", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "mail-from-attributes", + ":identity" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status", + "type": "text/plain" + }, + "key": "id", + "value": "bobsmith@sailpoint.com" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0757311a-8da7-45f7-9741-6405cc18adcb", + "name": "List Notification Template Defaults", + "request": { + "name": "List Notification Template Defaults", + "description": { + "content": "This lists the default templates used for notifications, such as emails from IdentityNow.", + "type": "text/plain" + }, + "url": { + "path": [ + "notification-template-defaults" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "key eq \"cloud_manual_work_item_summary\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "cc9de63a-df3a-43fb-8951-a2cd3ecb2d6c", + "name": "A list of the default template objects", + "originalRequest": { + "url": { + "path": [ + "notification-template-defaults" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "key eq \"cloud_manual_work_item_summary\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"name\": \"Task Manager Subscription\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"slackTemplate\": {\n \"key\": \"in aliqua pariat\",\n \"text\": \"aute aliquip\",\n \"blocks\": \"amet non ipsum\",\n \"attachments\": \"commodo\",\n \"notificationType\": \"enim ve\",\n \"approvalId\": \"nulla incididunt veniam\",\n \"requestId\": \"ex dolore\",\n \"requestedById\": \"est laborum\",\n \"isSubscription\": true,\n \"autoApprovalData\": {\n \"isAutoApproved\": \"consequat magna\",\n \"itemId\": \"est Duis\",\n \"itemType\": \"sint magna Ut\",\n \"autoApprovalMessageJSON\": \"eiusmod voluptate nulla\",\n \"autoApprovalTitle\": \"anim eiusmod\"\n },\n \"customFields\": {\n \"requestType\": \"ex esse commodo\",\n \"containsDeny\": \"officia ex non\",\n \"campaignId\": \"aliqua et qui\",\n \"campaignStatus\": \"non\"\n }\n },\n \"teamsTemplate\": {\n \"key\": \"nostrud ut Ut veniam\",\n \"title\": \"cillum minim\",\n \"text\": \"qui in veniam\",\n \"messageJSON\": \"cillu\",\n \"isSubscription\": true,\n \"approvalId\": \"magna adipisicing consequat velit\",\n \"requestId\": \"p\",\n \"requestedById\": \"ullamco\",\n \"notificationType\": \"aute commodo cupidatat ullamco\",\n \"autoApprovalData\": {\n \"isAutoApproved\": \"et mollit ea aute anim\",\n \"itemId\": \"consequat nisi sunt esse\",\n \"itemType\": \"ad sint\",\n \"autoApprovalMessageJSON\": \"qui minim\",\n \"autoApprovalTitle\": \"Ut\"\n },\n \"customFields\": {\n \"requestType\": \"mollit consectetur Lorem\",\n \"containsDeny\": \"ad\",\n \"campaignId\": \"anim fugiat mollit sed id\",\n \"campaignStatus\": \"dolore nulla mollit\"\n }\n }\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"name\": \"Task Manager Subscription\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"slackTemplate\": {\n \"key\": \"nulla\",\n \"text\": \"do in sit\",\n \"blocks\": \"proi\",\n \"attachments\": \"ad laborum occaecat exercitation amet\",\n \"notificationType\": \"ullamc\",\n \"approvalId\": \"amet sed ullamco\",\n \"requestId\": \"do laborum aliquip\",\n \"requestedById\": \"veniam eiusmod\",\n \"isSubscription\": false,\n \"autoApprovalData\": {\n \"isAutoApproved\": \"labore ex dolor Lorem\",\n \"itemId\": \"do E\",\n \"itemType\": \"sit labo\",\n \"autoApprovalMessageJSON\": \"ipsum magna pariatur adipisicing\",\n \"autoApprovalTitle\": \"occaecat Excepteur\"\n },\n \"customFields\": {\n \"requestType\": \"nostrud qui in\",\n \"containsDeny\": \"con\",\n \"campaignId\": \"consectetur veniam Excepteur velit\",\n \"campaignStatus\": \"eiusmod\"\n }\n },\n \"teamsTemplate\": {\n \"key\": \"reprehenderit laboris aute Lorem ea\",\n \"title\": \"anim magna\",\n \"text\": \"dolo\",\n \"messageJSON\": \"ullamco eu\",\n \"isSubscription\": false,\n \"approvalId\": \"do\",\n \"requestId\": \"aliqua velit incididunt adipisicing\",\n \"requestedById\": \"dolore Lorem\",\n \"notificationType\": \"cupidatat\",\n \"autoApprovalData\": {\n \"isAutoApproved\": \"tempor velit qui ea sint\",\n \"itemId\": \"culpa qui est\",\n \"itemType\": \"in voluptate\",\n \"autoApprovalMessageJSON\": \"Duis cupidatat labore\",\n \"autoApprovalTitle\": \"dolore ad\"\n },\n \"customFields\": {\n \"requestType\": \"esse et laboru\",\n \"containsDeny\": \"magna proident ullamco mollit\",\n \"campaignId\": \"eiusmod minim anim veniam\",\n \"campaignStatus\": \"irure labore quis ad nulla\"\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c0f270f7-c464-43ff-936c-ed6391f8c84c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "notification-template-defaults" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "key eq \"cloud_manual_work_item_summary\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "99a8eaae-dafb-498f-9155-61b690dca221", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "notification-template-defaults" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "key eq \"cloud_manual_work_item_summary\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b6175d32-a335-45d6-8e5e-708b65305df3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "notification-template-defaults" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "key eq \"cloud_manual_work_item_summary\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5b310391-b0fc-4b89-8723-090128e594c9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "notification-template-defaults" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "key eq \"cloud_manual_work_item_summary\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "35f9eac5-0a4c-494e-8439-8af91d4f08b6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "notification-template-defaults" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "key eq \"cloud_manual_work_item_summary\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "eb3d649d-950b-4e9a-98b4-1c8c1b26a104", + "name": "List Notification Templates", + "request": { + "name": "List Notification Templates", + "description": { + "content": "This lists the templates that you have modified for your site.", + "type": "text/plain" + }, + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "medium eq \"EMAIL\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7cdb7b84-f2d8-4eb1-ba27-0f07385cde02", + "name": "A list of template objects for your site", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "medium eq \"EMAIL\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"est tempor pariatur\",\n \"teamsTemplate\": \"cupidatat Excepteur fugiat ea occaecat\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"ex velit\",\n \"teamsTemplate\": \"deserunt cillum adipisicing aliqua\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ca72212d-c479-463e-b744-6fab81d0a53b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "medium eq \"EMAIL\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d520b35-c4cb-4b2d-af7e-47936845a1ff", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "medium eq \"EMAIL\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "71222b8a-5e91-4712-9076-e8b1892f08bd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "medium eq \"EMAIL\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "88b44979-ec21-4bb7-b287-900ed5d777b6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "medium eq \"EMAIL\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2865018a-5e62-4e98-8f81-4ac69aa5a85d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**key**: *eq, in, sw*\n\n**medium**: *eq, sw*\n\n**locale**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "medium eq \"EMAIL\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5222b818-1e8b-4c3b-9d7a-00b7d52d46cb", + "name": "Create Notification Template", + "request": { + "name": "Create Notification Template", + "description": { + "content": "This creates a template for your site. \n\nYou can also use this endpoint to update a template. First, copy the response body from the [get notification template endpoint](https://developer.sailpoint.com/idn/api/beta/get-notification-template) for a template you wish to update and paste it into the request body for this endpoint. Modify the fields you want to change and submit the POST request when ready.", + "type": "text/plain" + }, + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"officia velit veniam incididunt\",\n \"teamsTemplate\": \"id elit reprehenderit dolore\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7e488125-c7f4-4a37-96cb-849156749f6b", + "name": "A template object for your site", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"officia velit veniam incididunt\",\n \"teamsTemplate\": \"id elit reprehenderit dolore\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"officia velit veniam incididunt\",\n \"teamsTemplate\": \"id elit reprehenderit dolore\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4c8d14a8-64d0-415d-8e6d-3cdbd5199b39", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"officia velit veniam incididunt\",\n \"teamsTemplate\": \"id elit reprehenderit dolore\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53a1e98b-f754-4cb6-8156-6a6caaf66f19", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"officia velit veniam incididunt\",\n \"teamsTemplate\": \"id elit reprehenderit dolore\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59880e96-5579-4b1a-9cef-9b3368f27311", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"officia velit veniam incididunt\",\n \"teamsTemplate\": \"id elit reprehenderit dolore\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a413256e-b6a1-4e80-9410-04660f4aeeab", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"officia velit veniam incididunt\",\n \"teamsTemplate\": \"id elit reprehenderit dolore\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "311b3bcb-ab45-4f7b-a666-8fcf30139ff8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "notification-templates" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"officia velit veniam incididunt\",\n \"teamsTemplate\": \"id elit reprehenderit dolore\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e738e496-ca3c-4c35-98ce-75fe779e0bda", + "name": "Get Notification Template By Id", + "request": { + "name": "Get Notification Template By Id", + "description": { + "content": "This gets a template that you have modified for your site by Id.", + "type": "text/plain" + }, + "url": { + "path": [ + "notification-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the Notification Template", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2afc84de-651c-4f52-8810-75aed251d8ef", + "name": "A template object for your site", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"est tempor pariatur\",\n \"teamsTemplate\": \"cupidatat Excepteur fugiat ea occaecat\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\",\n \"name\": \"Task Manager Subscription\",\n \"subject\": \"You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.\",\n \"header\": null,\n \"body\": \"Please go to the task manager\",\n \"footer\": null,\n \"from\": \"$__global.emailFromAddress\",\n \"replyTo\": \"$__global.emailFromAddress\",\n \"description\": \"Daily digest - sent if number of outstanding tasks for task owner > 0\",\n \"id\": \"c17bea3a-574d-453c-9e04-4365fbf5af0b\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"slackTemplate\": \"ex velit\",\n \"teamsTemplate\": \"deserunt cillum adipisicing aliqua\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e89a7da1-d420-4f70-8387-117c8ed13252", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a523fbb6-c083-42ef-9fda-60e709b4dc99", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "03511632-620a-4acd-9260-6d0c0e77883c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "358b2ae8-a4e5-46c8-a099-35bcdb543de5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1fbbcfd9-3bef-4db9-aaea-2317609475a7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9b5c0831-4047-488f-90d2-bfa320122a88", + "name": "Bulk Delete Notification Templates", + "request": { + "name": "Bulk Delete Notification Templates", + "description": { + "content": "This lets you bulk delete templates that you previously created for your site. Since this is a beta feature, please contact support to enable usage.", + "type": "text/plain" + }, + "url": { + "path": [ + "notification-templates", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "21b4c9cd-32bb-414e-ad86-f8bcb119a62f", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "fb4feb62-acf2-4f97-ab98-6cfbe1bafdd5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d1934c1-9d7b-4717-82c2-38d8965b92f2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f8b30e08-4cfc-4ee1-a011-5e79a4809b1d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "21740f4d-ebc1-4e98-8a27-db1025053626", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b45cff0-8169-433d-b2e7-f89d6ebfab62", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "notification-templates", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"locale\": \"en\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "eb9cc640-1872-45d6-98b5-1cd99b78aac1", + "name": "Get Notification Template Context", + "request": { + "name": "Get Notification Template Context", + "description": { + "content": "The notification service maintains metadata to construct the notification templates or supply any information during the event propagation. The data-store where this information is retrieved is called \"Global Context\" (a.k.a. notification template context). It defines a set of attributes\n that will be available per tenant (organization).", + "type": "text/plain" + }, + "url": { + "path": [ + "notification-template-context" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c10910d5-5914-48a3-b299-18d7e1fc3310", + "name": "Notification template context attributes for a specific tenant.", + "originalRequest": { + "url": { + "path": [ + "notification-template-context" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"attributes\": {\n \"productUrl\": \"https://test-org.identitysoon.com\",\n \"brandingConfigs\": {\n \"default\": {\n \"narrowLogoURL\": null,\n \"productName\": \"SailPoint\",\n \"standardLogoURL\": null,\n \"navigationColor\": 1.1e+65,\n \"actionButtonColor\": \"20B2DE\",\n \"emailFromAddress\": null,\n \"activeLinkColor\": \"20B2DE\",\n \"loginInformationalMessage\": null\n }\n }\n },\n \"created\": \"2020-04-15T16:16:47.525Z\",\n \"modified\": \"2020-04-15T16:16:47.525Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d68a058d-9ad3-4f13-a62f-960f1e55c121", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "notification-template-context" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7262e96-432e-46f5-bc0a-91f7ed89d5dd", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "notification-template-context" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d6cebee7-dbc0-4afa-8841-d6066f8e9b3d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "notification-template-context" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "429aec4c-12ba-4af4-92d7-d9a1b1d4f397", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "notification-template-context" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f10986ce-ec7a-4cbf-a004-40d82d1253c3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "notification-template-context" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6e6c969e-0b9e-4889-889f-e4e7a76a69a6", + "name": "List Notification Preferences for tenant.", + "request": { + "name": "List Notification Preferences for tenant.", + "description": { + "content": "Returns a list of notification preferences for tenant.", + "type": "text/plain" + }, + "url": { + "path": [ + "notification-preferences", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "key" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "050dd44d-083f-4cde-a10d-f3f2c3090d80", + "name": "Return preference for the given notification key.", + "originalRequest": { + "url": { + "path": [ + "notification-preferences", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"mediums\": [\n \"EMAIL\"\n ],\n \"modified\": \"2020-05-15T14:37:06.909Z\"\n },\n {\n \"key\": \"cloud_manual_work_item_summary\",\n \"mediums\": [\n \"EMAIL\"\n ],\n \"modified\": \"2020-05-15T14:37:06.909Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f33a5ac-502d-4e09-8881-c2bf54297c28", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "notification-preferences", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc2d53d5-c7ee-4365-84b2-2d81d06209fc", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "notification-preferences", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9fabbc94-ec92-4df8-8a59-7e7c08a7e5b6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "notification-preferences", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05bca587-316c-4e1c-9fef-4bf3d06ab74f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "notification-preferences", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ef101445-526f-4135-aed9-5b4980d8e5c6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "notification-preferences", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f223ee5-e33c-4c72-97a2-7a1519d0724b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "notification-preferences", + ":key" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7d04e5d2-4d16-4708-877d-9be88dda222f", + "name": "Send Test Notification", + "request": { + "name": "Send Test Notification", + "description": { + "content": "Send a Test Notification", + "type": "text/plain" + }, + "url": { + "path": [ + "send-test-notification" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"context\": {\n \"numberOfPendingTasks\": \"4\",\n \"ownerId\": \"201327fda1c44704ac01181e963d463c\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "e842590d-fafe-4931-be67-6152faa68e7e", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "send-test-notification" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"context\": {\n \"numberOfPendingTasks\": \"4\",\n \"ownerId\": \"201327fda1c44704ac01181e963d463c\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "fb014aea-5b53-495c-8dd8-b19bb21ad34e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "send-test-notification" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"context\": {\n \"numberOfPendingTasks\": \"4\",\n \"ownerId\": \"201327fda1c44704ac01181e963d463c\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dbfad12a-f84e-4dbc-a8ef-1e6600c88f17", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "send-test-notification" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"context\": {\n \"numberOfPendingTasks\": \"4\",\n \"ownerId\": \"201327fda1c44704ac01181e963d463c\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c35a1953-4b8f-485e-a195-085ec737ebb9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "send-test-notification" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"context\": {\n \"numberOfPendingTasks\": \"4\",\n \"ownerId\": \"201327fda1c44704ac01181e963d463c\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "204ab90d-e6ba-4981-ad42-869ba1eefa56", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "send-test-notification" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"context\": {\n \"numberOfPendingTasks\": \"4\",\n \"ownerId\": \"201327fda1c44704ac01181e963d463c\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9c28134-c0f8-406d-b2f8-a1ebca79bc7f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "send-test-notification" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"context\": {\n \"numberOfPendingTasks\": \"4\",\n \"ownerId\": \"201327fda1c44704ac01181e963d463c\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc2a3087-22c0-4d44-a02c-dfa7c80094d7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "send-test-notification" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"key\": \"cloud_manual_work_item_summary\",\n \"medium\": \"EMAIL\",\n \"context\": {\n \"numberOfPendingTasks\": \"4\",\n \"ownerId\": \"201327fda1c44704ac01181e963d463c\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "95daa769-9100-446f-b30c-822baaae3300", + "name": "List From Addresses", + "request": { + "name": "List From Addresses", + "description": { + "content": "Retrieve a list of sender email addresses and their verification statuses", + "type": "text/plain" + }, + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**email**: *eq, ge, le, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "email eq \"john.doe@company.com\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "email" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "0f19480d-b390-4c81-994b-8ca751e3e5a8", + "name": "List of Email Status", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**email**: *eq, ge, le, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "email eq \"john.doe@company.com\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "email" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"esse laborum magna elit officia\",\n \"email\": \"sender@example.com\",\n \"isVerifiedByDomain\": false,\n \"verificationStatus\": \"FAILED\"\n },\n {\n \"id\": \"Ut\",\n \"email\": \"sender@example.com\",\n \"isVerifiedByDomain\": false,\n \"verificationStatus\": \"PENDING\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4dbd6707-df8a-4917-9c36-098ebef5db3a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**email**: *eq, ge, le, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "email eq \"john.doe@company.com\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "email" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "784735a3-e9e4-4d2d-86df-ff7fb6d65cb1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**email**: *eq, ge, le, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "email eq \"john.doe@company.com\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "email" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3684859-eb5d-49df-be2b-acc9d4797628", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**email**: *eq, ge, le, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "email eq \"john.doe@company.com\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "email" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4b34b077-7dcc-4ada-8610-3bcfcb0d83b7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**email**: *eq, ge, le, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "email eq \"john.doe@company.com\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "email" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a4f4644e-a25a-49d5-af03-7a6bd13a5a17", + "name": "Create Verified From Address", + "request": { + "name": "Create Verified From Address", + "description": { + "content": "Create a new sender email address and initiate verification process.", + "type": "text/plain" + }, + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"email\": \"sender@example.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "bf8b1eb1-935b-4202-aa8a-1bb1a82a3f4a", + "name": "New Verified Email Status", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"email\": \"sender@example.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"cillu\",\n \"email\": \"sender@example.com\",\n \"isVerifiedByDomain\": false,\n \"verificationStatus\": \"FAILED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f8e5285f-86f9-4545-8dcf-8a391bab4759", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"email\": \"sender@example.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "85bca85f-1126-43df-b5c2-1954b7b749c2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"email\": \"sender@example.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "23c5534f-2ed3-44fa-98be-96379c15b4f4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"email\": \"sender@example.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "96c44975-7743-42e2-a24c-8bc8d3127116", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"email\": \"sender@example.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f3c9a111-475e-4ae2-8fa4-fa9ba40c6d0b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"email\": \"sender@example.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e427d24c-4f84-4c0d-8283-736bc9f8b040", + "name": "Delete Verified From Address", + "request": { + "name": "Delete Verified From Address", + "description": { + "content": "Delete a verified sender email address", + "type": "text/plain" + }, + "url": { + "path": [ + "verified-from-addresses", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "irure nisi et dolore aliqua", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "c7ec581f-ac7e-4825-9383-276e1c0efe3b", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "25127719-bfc9-4dc1-ad5f-d88f7508fa97", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8724ff66-6376-4955-a3fa-50efd09732dc", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0084fce3-d06b-4746-8194-d490c0d5d88d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "38d31c6a-298d-47b9-bcf4-d3f6c206e027", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "716a31de-1a81-4160-bebc-af0aa9064bd5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f788c647-756a-43ab-898d-9acd41a4c300", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "verified-from-addresses", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1247ec10-da03-485c-9c2a-ca15107c854b", + "name": "Get DKIM Attributes", + "request": { + "name": "Get DKIM Attributes", + "description": { + "content": "Retrieve DKIM (DomainKeys Identified Mail) attributes for all your tenants' AWS SES identities. Limits retrieval to 100 identities per call.", + "type": "text/plain" + }, + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f89ea570-cbd5-49b7-b6bc-6717982ea808", + "name": "List of DKIM Attributes", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"123b45b0-aaaa-bbbb-a7db-123456a56abc\",\n \"address\": \"BobSmith@sailpoint.com\",\n \"dkimEnabled\": true,\n \"dkimTokens\": [\n \"uq1m3jjk25ckd3whl4n7y46c56r5l6aq\",\n \"u7pm38jky9ckdawhlsn7y4dcj6f5lpgq\",\n \"uhpm3jjkjjckdkwhlqn7yw6cjer5tpay\"\n ],\n \"dkimVerificationStatus\": \"Success\"\n },\n {\n \"id\": \"123b45b0-aaaa-bbbb-a7db-123456a56abc\",\n \"address\": \"BobSmith@sailpoint.com\",\n \"dkimEnabled\": true,\n \"dkimTokens\": [\n \"uq1m3jjk25ckd3whl4n7y46c56r5l6aq\",\n \"u7pm38jky9ckdawhlsn7y4dcj6f5lpgq\",\n \"uhpm3jjkjjckdkwhlqn7yw6cjer5tpay\"\n ],\n \"dkimVerificationStatus\": \"Success\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e0f9f62-4a5b-4ac2-a2f1-4cb7f2716076", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8dd6304f-727e-4016-bf16-f034bbc8ccf9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a09a1f6-cb14-4293-8394-29b8821fc5dc", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c6ed0654-ddc7-408d-8d87-71b4ebdbfbb9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1384f5a-db8c-4093-b92e-6194b1d7159d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5df9756a-1283-4a8e-96b1-a3acb1f0b6e5", + "name": "Verify domain address via DKIM", + "request": { + "name": "Verify domain address via DKIM", + "description": { + "content": "Create a domain to be verified via DKIM (DomainKeys Identified Mail)", + "type": "text/plain" + }, + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"domain\": \"sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "791a1587-541c-43b9-ae57-3ad12daef1ee", + "name": "List of DKIM tokens required for the verification process.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"domain\": \"sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"123b45b0-aaaa-bbbb-a7db-123456a56abc\",\n \"domain\": \"sailpoint.com\",\n \"dkimEnabled\": true,\n \"dkimTokens\": [\n \"token1\",\n \"token2\",\n \"token3\"\n ],\n \"dkimVerificationStatus\": \"PENDING\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0074ebc9-237a-4c69-bfa1-fed1d66fa309", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"domain\": \"sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c18e1e54-e512-464f-b72c-f18059e06f69", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"domain\": \"sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ea5f8aa8-4af0-4ec6-81a8-e244ba25ffce", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"domain\": \"sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9410258b-4f8d-42cd-930d-f185d3e50391", + "name": "Method Not Allowed - indicates that the server knows the request method, but the target resource doesn't support this method.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"domain\": \"sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Method Not Allowed", + "code": 405, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"errorName\": \"NotSupportedException\",\n \"errorMessage\": \"Cannot consume content type\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "098dec1f-7221-4fb0-a17e-88a8d8691e0d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"domain\": \"sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ea02f36-2ef8-4ccb-9499-793075de8018", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "verified-domains" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"domain\": \"sailpoint.com\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "OAuth Clients", + "description": "Use this API to implement OAuth client functionality. \nWith this functionality in place, users with the appropriate security scopes can create and configure OAuth clients to use as a way to obtain authorization to use the Identity Security Cloud REST API.\nRefer to [Authentication](https://developer.sailpoint.com/docs/api/authentication/) for more information about OAuth and how it works with the Identity Security Cloud REST API.\n", + "item": [ + { + "id": "e97a02bf-bcae-4cce-a852-14fcded80821", + "name": "List OAuth Clients", + "request": { + "name": "List OAuth Clients", + "description": { + "content": "This gets a list of OAuth clients.", + "type": "text/plain" + }, + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "12a2419d-7be9-4ff0-ba19-3eb2f9a0a952", + "name": "List of OAuth clients.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"enabled\": true,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ],\n \"secret\": \"in mollit eu pariatur\",\n \"metadata\": \"labore sed amet\",\n \"lastUsed\": \"2017-07-11T18:45:37.098Z\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"enabled\": true,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ],\n \"secret\": \"pariatur consequat\",\n \"metadata\": \"eiusmod ut ut nostrud\",\n \"lastUsed\": \"2017-07-11T18:45:37.098Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9a11d883-0d09-42f5-b146-f810a1f54a85", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dad55e71-0099-46b3-802c-762f26eb7972", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "82a8bddc-2c04-48af-8c77-4f5db4ee2a14", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6ba2ace2-d9c1-4f95-97a8-8a2f3702e122", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cea9a7a6-4da7-4fc1-a775-1f84ba9267a2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "fe1d8123-9037-4af2-a17b-689725f110cf", + "name": "Create OAuth Client", + "request": { + "name": "Create OAuth Client", + "description": { + "content": "This creates an OAuth client.", + "type": "text/plain" + }, + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"enabled\": true,\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "69368ff6-eaf5-4aca-a233-35d29a03d7dc", + "name": "Request succeeded.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"enabled\": true,\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"secret\": \"5c32dd9b21adb51c77794d46e71de117a1d0ddb36a7ff941fa28014ab7de2cf3\",\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"enabled\": true,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd0c8640-be69-4ed4-bd0e-1c80cb697a3a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"enabled\": true,\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6fb493b-1add-4963-a7f0-15f50cf2bf3c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"enabled\": true,\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc4d3022-9504-4b3b-93c8-5faa987904ff", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"enabled\": true,\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ee2db40f-93a6-4b5c-b660-6cfc58747ac3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"enabled\": true,\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0bdc9cc1-37d0-449f-b42d-7df2fe0c9b83", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"enabled\": true,\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "248f03f0-ab4c-4da3-86ba-b7983f5c2250", + "name": "Get OAuth Client", + "request": { + "name": "Get OAuth Client", + "description": { + "content": "This gets details of an OAuth client.", + "type": "text/plain" + }, + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The OAuth client id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "4ea6c118-1db1-4e99-b3d4-a5e92bd284d3", + "name": "Request succeeded.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"enabled\": true,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ],\n \"secret\": \"laboris\",\n \"metadata\": \"minim ei\",\n \"lastUsed\": \"2017-07-11T18:45:37.098Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f80a4ae5-3e92-4dc1-924e-a812f5b8417d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7651f744-87c2-4cd7-ae2d-6b1042b0fef6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a1f889f-7f5c-40ab-93bd-1548f5cad019", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6fd279bd-7ffe-42ec-8064-ab23bba1c1de", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ef36a7b8-d7c1-41e8-b6f4-ce8b2b7121b9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e319a77f-10ff-4105-97fc-3d0bcc9f686d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0b39358b-c699-4b45-82ba-d56969743633", + "name": "Delete OAuth Client", + "request": { + "name": "Delete OAuth Client", + "description": { + "content": "This deletes an OAuth client.", + "type": "text/plain" + }, + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The OAuth client id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "507df1aa-8eb1-4451-9477-4004030c252b", + "name": "No content.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "e18121d3-5029-48fd-8814-94d0522fede7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5edd9c3a-c22e-4b34-8391-1d0319669335", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b6328fdc-a101-4f02-99cc-9830d54bea63", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d2b4bd8f-c5fc-40c6-91d7-e644cf17e6f4", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3bdf9328-4b6d-4924-8e5a-7ca8aa57aa43", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ff1695e9-0083-4fb6-aaa0-386d35282337", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d81ca498-36a5-47ec-9d79-9136f9d841a1", + "name": "Patch OAuth Client", + "request": { + "name": "Patch OAuth Client", + "description": { + "content": "This performs a targeted update to the field(s) of an OAuth client.", + "type": "text/plain" + }, + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The OAuth client id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/strongAuthSupported\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/businessName\",\n \"value\": \"acme-solar\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "773f7d75-2e80-4aac-aec7-2319fc931835", + "name": "Indicates the PATCH operation succeeded, and returns the OAuth client's new representation.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/strongAuthSupported\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/businessName\",\n \"value\": \"acme-solar\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"businessName\": \"Acme-Solar\",\n \"homepageUrl\": \"http://localhost:12345\",\n \"name\": \"Demo API Client\",\n \"description\": \"An API client used for the authorization_code, refresh_token, and client_credentials flows\",\n \"accessTokenValiditySeconds\": 750,\n \"refreshTokenValiditySeconds\": 86400,\n \"redirectUris\": [\n \"http://localhost:12345\"\n ],\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\",\n \"CLIENT_CREDENTIALS\",\n \"REFRESH_TOKEN\"\n ],\n \"accessType\": \"OFFLINE\",\n \"type\": \"CONFIDENTIAL\",\n \"internal\": false,\n \"enabled\": true,\n \"strongAuthSupported\": false,\n \"claimsSupported\": false,\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"scope\": [\n \"demo:api-client-scope:first\",\n \"demo:api-client-scope:second\"\n ],\n \"secret\": \"laboris\",\n \"metadata\": \"minim ei\",\n \"lastUsed\": \"2017-07-11T18:45:37.098Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9e2ebac2-c463-4dbc-a5fc-c5bc9ae8648e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/strongAuthSupported\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/businessName\",\n \"value\": \"acme-solar\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "32265524-2a57-4fe5-99c8-61ba709e6e8c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/strongAuthSupported\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/businessName\",\n \"value\": \"acme-solar\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7db4079-4b0f-4d30-be4d-b94eca028585", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/strongAuthSupported\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/businessName\",\n \"value\": \"acme-solar\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a467e86b-b007-4d1a-8344-23948b92d775", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/strongAuthSupported\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/businessName\",\n \"value\": \"acme-solar\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a5b22e2b-82bb-4481-a88d-f8febfa2cff1", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/strongAuthSupported\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/businessName\",\n \"value\": \"acme-solar\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "25070c39-13ec-4d6b-bc05-fc33899de45f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "oauth-clients", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/strongAuthSupported\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/businessName\",\n \"value\": \"acme-solar\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Org Config", + "description": "Operations for managing org configuration settings (eg. time zone)", + "item": [ + { + "id": "4dff8982-dd61-4663-985c-677303989443", + "name": "Get Org configuration settings", + "request": { + "name": "Get Org configuration settings", + "description": { + "content": "Get org configuration with only external (org admin) accessible properties for the current org.", + "type": "text/plain" + }, + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "75e38518-cb39-4837-b362-ea68bcb47129", + "name": "Request succeeded.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"orgName\": \"acme-solar\",\n \"timeZone\": \"America/Toronto\",\n \"lcsChangeHonorsSourceEnableFeature\": false,\n \"armCustomerId\": \"DE38E75A-5FF6-4A65-5DC7-08D64426B09E\",\n \"armSapSystemIdMappings\": \"dolore cillum\",\n \"armAuth\": \"epiYNTRYA2S7swisDWk1Zv4VMNgvqEjiBh5_ufuCWsma2m-5XADijqBg0ijXLby5nS6lxZNXabhGnAPGeDGc4V3jQKrhwV-UHypRLs8ZLgOjiQNus9NimS0uPdKomRW6TFWqXyfnYd-znNgbbVuwUy9GyD9ebDVJSntPastxSx7UcyGuWBqfNZYpuxKRWe_7TVY60qL55jUqyz8N4XUbbdcxdbZ0uik6ut-Bv90MKTbZexBW_PR4qcgIkaEs4kIenLyBxnGziYo7AO0tJ8bGHO8FJRkibCpAQIt7PISLo7Gg_Xf9j10dKq2YDgy4pPTvz3fE2ZHYnXCXvXFSA-vVag==\",\n \"armDb\": \"EU\",\n \"armSsoUrl\": \"https://your-arm-sso-url\",\n \"iaiEnableCertificationRecommendations\": true,\n \"sodReportConfigs\": [\n {\n \"columnName\": \"SOD Business Name\",\n \"required\": true,\n \"included\": false,\n \"order\": 2\n },\n {\n \"columnName\": \"SOD Business Name\",\n \"required\": true,\n \"included\": false,\n \"order\": 2\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e46b90e-5ac3-4c2b-9f17-aca35d70e22a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7eac6043-b39d-4aee-af62-b72e17553312", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40282f85-7416-48e2-8009-3db0f52cc740", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a38b8ed-fe54-4ceb-b83b-83bc45c3f690", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "68aa9745-f0d9-420b-a1d2-20c092f00cb7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "92de3f24-183a-48b7-ae98-13252e371589", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b297ee50-14ad-4a12-800e-3a8f9151e678", + "name": "Patch an Org configuration property", + "request": { + "name": "Patch an Org configuration property", + "description": { + "content": "Patch configuration of the current org using http://jsonpatch.com/ syntax. Commonly used for changing the time zone of an org.", + "type": "text/plain" + }, + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/timeZone\",\n \"value\": \"America/Toronto\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "86a815c2-c622-4dcc-9f5f-b1e32e72582e", + "name": "The Org was successfully patched.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/timeZone\",\n \"value\": \"America/Toronto\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"orgName\": \"acme-solar\",\n \"timeZone\": \"America/Toronto\",\n \"lcsChangeHonorsSourceEnableFeature\": false,\n \"armCustomerId\": \"DE38E75A-5FF6-4A65-5DC7-08D64426B09E\",\n \"armSapSystemIdMappings\": \"dolore cillum\",\n \"armAuth\": \"epiYNTRYA2S7swisDWk1Zv4VMNgvqEjiBh5_ufuCWsma2m-5XADijqBg0ijXLby5nS6lxZNXabhGnAPGeDGc4V3jQKrhwV-UHypRLs8ZLgOjiQNus9NimS0uPdKomRW6TFWqXyfnYd-znNgbbVuwUy9GyD9ebDVJSntPastxSx7UcyGuWBqfNZYpuxKRWe_7TVY60qL55jUqyz8N4XUbbdcxdbZ0uik6ut-Bv90MKTbZexBW_PR4qcgIkaEs4kIenLyBxnGziYo7AO0tJ8bGHO8FJRkibCpAQIt7PISLo7Gg_Xf9j10dKq2YDgy4pPTvz3fE2ZHYnXCXvXFSA-vVag==\",\n \"armDb\": \"EU\",\n \"armSsoUrl\": \"https://your-arm-sso-url\",\n \"iaiEnableCertificationRecommendations\": true,\n \"sodReportConfigs\": [\n {\n \"columnName\": \"SOD Business Name\",\n \"required\": true,\n \"included\": false,\n \"order\": 2\n },\n {\n \"columnName\": \"SOD Business Name\",\n \"required\": true,\n \"included\": false,\n \"order\": 2\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1494a6aa-be9d-4e96-9614-64c4a81637ff", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/timeZone\",\n \"value\": \"America/Toronto\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "35f804a2-071c-4227-abe6-6e8bdf6e1a01", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/timeZone\",\n \"value\": \"America/Toronto\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74d4f973-abba-481b-8e7b-affc526f560f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/timeZone\",\n \"value\": \"America/Toronto\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "729bc5c2-3c46-43b9-a2d5-4930f7b1616f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/timeZone\",\n \"value\": \"America/Toronto\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1bf6e13c-5c98-44de-bd7a-c321bddd1575", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/timeZone\",\n \"value\": \"America/Toronto\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ed5e4f27-1461-416c-8f25-6f4e2ebd3de4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/timeZone\",\n \"value\": \"America/Toronto\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1cd44b97-d46e-422f-9108-fca9180f3351", + "name": "Get list of time zones", + "request": { + "name": "Get list of time zones", + "description": { + "content": "Get a list of valid time zones that can be set in org configurations.", + "type": "text/plain" + }, + "url": { + "path": [ + "org-config", + "valid-time-zones" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "d665d6fb-0c00-4cc2-b379-48af1fbbcd4a", + "name": "Request successful", + "originalRequest": { + "url": { + "path": [ + "org-config", + "valid-time-zones" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n \"Etc/GMT-6\",\n \"Etc/GMT+8\",\n \"EST\",\n \"America/Chicago\",\n \"America/Toronto\",\n \"Asia/Gaza\",\n \"Europe/Brussels\",\n \"Europe/Kiev\"\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "529fea6d-f372-4274-9537-015e4d4fc6e5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "org-config", + "valid-time-zones" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "745bc4fc-5f3d-4790-8c5f-223ffe5bb555", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "org-config", + "valid-time-zones" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5078109-2889-4a0c-be9f-8a2f9f443269", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "org-config", + "valid-time-zones" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f896543a-b583-4f8f-bf49-396988e0557b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "org-config", + "valid-time-zones" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1dc0f227-bab2-412a-a991-2eb8aaaaea05", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "org-config", + "valid-time-zones" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Password Configuration", + "description": "Use this API to implement organization password configuration functionality. \nWith this functionality in place, organization administrators can create organization-specific password configurations. \n\nThese configurations include details like custom password instructions, as well as digit token length and duration. \n\nRefer to [Configuring User Authentication for Password Resets](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html) for more information about organization password configuration functionality.\n", + "item": [ + { + "id": "271faf10-7366-4668-804c-4a99b3510226", + "name": "Get Password Org Config", + "request": { + "name": "Get Password Org Config", + "description": { + "content": "This API returns the password org config . Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:read'", + "type": "text/plain" + }, + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "68ba5df7-2ec4-45bf-9a4c-a0d2a24d62a4", + "name": "Reference to the password org config.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenDurationMinutes\": 9,\n \"digitTokenEnabled\": false,\n \"digitTokenLength\": 6\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7fb897c7-77c2-475a-a7a3-f0f7f2686f52", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3abed30c-0a03-41ce-bc3f-1f81cf0d23ca", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f1a221d-14e6-4c3e-bbcb-d47f00aab698", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c6a14e0b-c816-422f-a7f5-0f26e60531d4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aea5ca1f-afba-4e63-a898-763efbafe130", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8b94a33c-823b-4cc4-badd-11991e974dbd", + "name": "Update Password Org Config", + "request": { + "name": "Update Password Org Config", + "description": { + "content": "This API updates the password org config for specified fields. Other fields will keep original value.\nYou must set the `customInstructionsEnabled` field to \"true\" to be able to use custom password instructions. \nRequires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write'", + "type": "text/plain" + }, + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "464e9fe7-ee70-4c94-b489-f2c28c7f21e4", + "name": "Reference to the password org config.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenDurationMinutes\": 12,\n \"digitTokenEnabled\": true,\n \"digitTokenLength\": 6\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "de72dcfa-3953-44e9-966b-f03548c2d39e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5884161d-4bd8-4bf8-a23c-2273dc07297b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a01c176-50f9-4446-9be8-3b983ac22b25", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f4f6915-6065-405e-8230-c84efbd0962d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fc56b58e-d8b8-48e6-9467-a9b57cb3c612", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8ec0fb75-bf79-4992-b9ed-c0c76d8d035f", + "name": "Create Password Org Config", + "request": { + "name": "Create Password Org Config", + "description": { + "content": "This API creates the password org config. Unspecified fields will use default value.\nTo be able to use the custom password instructions, you must set the `customInstructionsEnabled` field to \"true\".\nRequires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write'", + "type": "text/plain" + }, + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12,\n \"digitTokenLength\": 9\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d51a8809-c6a6-4c0e-9dd3-b58b7b5c5038", + "name": "Reference to the password org config.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12,\n \"digitTokenLength\": 9\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenDurationMinutes\": 9,\n \"digitTokenEnabled\": true,\n \"digitTokenLength\": 12\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "318cb230-e0ca-45b6-a57a-5ae9a274125d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12,\n \"digitTokenLength\": 9\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e545559b-6a66-4668-abff-5524c34d4737", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12,\n \"digitTokenLength\": 9\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "401904c5-19cc-4ad1-830d-8ac190f5fba2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12,\n \"digitTokenLength\": 9\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0c9b5a4a-445a-4a62-bf32-e37a43378414", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12,\n \"digitTokenLength\": 9\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1972ed75-a559-434d-ae16-e3317594bd5e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-org-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"customInstructionsEnabled\": true,\n \"digitTokenEnabled\": true,\n \"digitTokenDurationMinutes\": 12,\n \"digitTokenLength\": 9\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Password Dictionary", + "description": "Use this API to implement password dictionary functionality. \nWith this functionality in place, administrators can create password dictionaries to prevent users from using certain words or characters in their passwords. \n\nA password dictionary is a list of words or characters that users are prevented from including in their passwords. \nThis can help protect users from themselves and force them to create passwords that are not easy to break. \n\nA password dictionary must meet the following requirements to for the API to handle them correctly: \n\n- It must be in .txt format.\n\n- All characters must be UTF-8 characters. \n\n- Each line must contain a single word or character with no spaces or whitespace characters.\n\n- It must contain at least one line other than the locale string.\n\n- Each line must not exceed 128 characters.\n\n- The file must not exceed 2500 lines. \n\nAdministrators should also consider the following when they create their dictionaries: \n\n- Lines starting with a # represent comments.\n\n- All words in the password dictionary are case-insensitive. \nFor example, adding the word \"password\" to the dictionary also disallows the following: PASSWORD, Password, and PassWord.\n\n- The dictionary uses substring matching. \nFor example, adding the word \"spring\" to the dictionary also disallows the following: Spring124, 345SprinG, and 8spring.\nUsers can then select 'Change Password' to update their passwords. \n\nAdministrators must do the following to create a password dictionary: \n\n- Create the text file that will contain the prohibited password values.\n\n- If the dictionary is not in English, they must add a locale string to the top line: locale:`languageCode`_`countryCode`\n\nThe languageCode value refers to the language's 2-letter ISO 639-1 code.\nThe countryCode value refers to the country's 2-letter ISO 3166-1 code.\n\nRefer to this list https://docs.oracle.com/cd/E13214_01/wli/docs92/xref/xqisocodes.html to see all the available ISO 639-1 language codes and ISO 3166-1 country codes.\n\n- Upload the .txt file to Identity Security Cloud with [Update Password Dictionary](https://developer.sailpoint.com/docs/api/v3/put-password-dictionary). Uploading a new file always overwrites the previous dictionary file.\n\nAdministrators can then specify which password policies check new passwords against the password dictionary by doing the following: In the Admin panel, they can use the Password Mgmt dropdown menu to select Policies, select the policy, and select the 'Prevent use of words in this site's password dictionary' checkbox beside it.\n\nRefer to [Configuring Advanced Password Management Options](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html) for more information about password dictionaries.\n", + "item": [ + { + "id": "9ef8e239-bba8-49a6-a323-9bcc0af1855c", + "name": "Get Password Dictionary", + "request": { + "name": "Get Password Dictionary", + "description": { + "content": "This gets password dictionary for the organization.\nA token with ORG_ADMIN authority is required to call this API.\nThe password dictionary file can contain lines that are:\n1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing\n2. empty lines\n3. locale line - the first line that starts with \"locale=\" is considered to be locale line, the rest are treated as normal content lines\n4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed;\n maximum length of the line is 128 Unicode codepoints\n\n\nPassword dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line).\n Password dict file must contain UTF-8 characters only.\n\n# Sample password text file\n\n```\n\n# Password dictionary small test file\n\nlocale=en_US\n\n# Password dictionary prohibited words\n\nqwerty\nabcd\naaaaa\npassword\nqazxsws\n\n```", + "type": "text/plain" + }, + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "text/plain" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c74b9f97-a77d-4e27-b57b-16f48d23ef79", + "name": "A password dictionary response", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "text/plain" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "text/plain" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "7f95e71a-2781-4100-8fab-032d8f88c504", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c758890a-7024-471a-ac4c-a93c6e0f9d31", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8357d1d4-8e97-44f0-a083-dc4afe4a4e98", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7b6b2043-9ea1-4ca9-ab75-ca7485df4da7", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6b94c6c-1295-44d9-99d9-ac31a14b3678", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "98943e37-9efa-416d-b315-27d97434b8eb", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "13204a2f-c6af-4c7c-a336-1cfdc453766a", + "name": "Update Password Dictionary", + "request": { + "name": "Update Password Dictionary", + "description": { + "content": "This updates password dictionary for the organization.\nA token with ORG_ADMIN authority is required to call this API.\nThe password dictionary file can contain lines that are:\n1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing\n2. empty lines\n3. locale line - the first line that starts with \"locale=\" is considered to be locale line, the rest are treated as normal content lines\n4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed;\n maximum length of the line is 128 Unicode codepoints\n\n\nPassword dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line).\n Password dict file must contain UTF-8 characters only.\n\n# Sample password text file\n\n```\n\n# Password dictionary small test file\n\nlocale=en_US\n\n# Password dictionary prohibited words\n\nqwerty\nabcd\naaaaa\npassword\nqazxsws\n\n```", + "type": "text/plain" + }, + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "92084c1a-2f0f-4169-9428-7aca8f466494", + "name": "Successfully updated.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "1d5616b4-aa04-4e54-8a61-e3eef4616bf5", + "name": "Created.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Created", + "code": 201, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "7cc8f8b2-5d90-4f0e-a127-ec21389f12bb", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f12fa35f-76a3-4f98-bd4f-1ba652c21264", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "884be5ee-fa81-427a-9d57-f4d7ba018ccd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b6f24cb6-cdc3-4159-9ceb-fde861bf1241", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "54bf6f35-ae44-4f47-b664-9c92ec3a135a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ff725e49-d653-4183-aca3-1afcdade299f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-dictionary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Password Management", + "description": "Use this API to implement password management functionality. \nWith this functionality in place, users can manage their identity passwords for all their applications.\n\nIn Identity Security Cloud, users can select their names in the upper right corner of the page and use the drop-down menu to select Password Manager. \nPassword Manager lists the user's identity's applications, possibly grouped to share passwords. \nUsers can then select 'Change Password' to update their passwords. \n\nGrouping passwords allows users to update their passwords more broadly, rather than requiring them to update each password individually. \nPassword Manager may list the applications and sources in the following groups:\n\n- Password Group: This refers to a group of applications that share a password. \nFor example, a user can use the same password for Google Drive, Google Mail, and YouTube. \nUpdating the password for the password group updates the password for all its included applications.\n\n- Multi-Application Source: This refers to a source with multiple applications that share a password. \nFor example, a user can have a source, G Suite, that includes the Google Calendar, Google Drive, and Google Mail applications. \nUpdating the password for the multi-application source updates the password for all its included applications. \n\n- Applications: These are applications that do not share passwords with other applications.\n\nAn organization may require some authentication for users to update their passwords. \nUsers may be required to answer security questions or use a third-party authenticator before they can confirm their updates. \n\nRefer to [Managing Passwords](https://documentation.sailpoint.com/saas/user-help/accounts/passwords.html) for more information about password management.\n", + "item": [ + { + "id": "959c2888-4f62-4c4e-b69d-048fe072b959", + "name": "Query Password Info", + "request": { + "name": "Query Password Info", + "description": { + "content": "This API is used to query password related information. \n\nA token with [API authority](https://developer.sailpoint.com/idn/api/authentication#client-credentials-grant-flow) \nis required to call this API. \"API authority\" refers to a token that only has the \"client_credentials\" \ngrant type, and therefore no user context. A [personal access token](https://developer.sailpoint.com/idn/api/authentication#personal-access-tokens) \nor a token generated with the [authorization_code](https://developer.sailpoint.com/idn/api/authentication#authorization-code-grant-flow) \ngrant type will **NOT** work on this endpoint, and a `403 Forbidden` response \nwill be returned.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "query-password-info" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userName\": \"Abby.Smith\",\n \"sourceName\": \"My-AD\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "5bb90174-3705-4979-a464-ea7e328e2bbb", + "name": "Reference to the password info.", + "originalRequest": { + "url": { + "path": [ + "query-password-info" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userName\": \"Abby.Smith\",\n \"sourceName\": \"My-AD\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identityId\": \"2c918085744fec4301746f9a5bce4605\",\n \"sourceId\": \"2c918083746f642c01746f990884012a\",\n \"publicKeyId\": \"N2M1OTJiMGEtMDJlZS00ZWU3LTkyYTEtNjA5YmI5NWE3ZWVh\",\n \"publicKey\": \"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGFkWi2J75TztpbaPKd36bJnIB3J8gZ6UcoS9oSDYsqBzPpTsfZXYaEf4Y4BKGgJIXmE/lwhwuj7mU1itdZ2qTSNFtnXA8Fn75c3UUkk+h+wdZbkuSmqlsJo3R1OnJkwkJggcAy9Jvk9jlcrNLWorpQ1w9raUvxtvfgkSdq153KxotenQ1HciSyZ0nA/Kw0UaucLnho8xdRowZs11afXGXA9IT9H6D8T6zUdtSxm0nAyH+mluma5LdTfaM50W3l/L8q56Vrqmx2pZIiwdx/0+g3Y++jV70zom0ZBkC1MmSoLMrQYG5OICNjr72f78B2PaGXfarQHqARLjKpMVt9YIQIDAQAB\",\n \"accounts\": [\n {\n \"accountId\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"accountName\": \"Abby.Smith\"\n },\n {\n \"accountId\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"accountName\": \"Abby.Smith\"\n }\n ],\n \"policies\": [\n \"passwordRepeatedChar is 3\",\n \"passwordMinAlpha is 1\",\n \"passwordMinLength is 5\",\n \"passwordMinNumeric is 1\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e304c32e-2bd1-4977-98ea-69825f62ac7c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "query-password-info" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userName\": \"Abby.Smith\",\n \"sourceName\": \"My-AD\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "131ee97f-2914-4703-8c16-e30961ec0b46", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "query-password-info" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userName\": \"Abby.Smith\",\n \"sourceName\": \"My-AD\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e74c120-9b5f-49d8-b692-924ee39be7e7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "query-password-info" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userName\": \"Abby.Smith\",\n \"sourceName\": \"My-AD\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "861e9a8d-e07f-4441-8228-78e9e85424ed", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "query-password-info" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userName\": \"Abby.Smith\",\n \"sourceName\": \"My-AD\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59982ac8-e8d3-4fe9-b928-1ad1baa282b1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "query-password-info" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userName\": \"Abby.Smith\",\n \"sourceName\": \"My-AD\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4ad8adf9-d3ad-493a-87ca-4521956be403", + "name": "Set Identity's Password", + "request": { + "name": "Set Identity's Password", + "description": { + "content": "This API is used to set a password for an identity. \n\nAn identity can change their own password (as well as any of their accounts' passwords) if they use a token generated by their ISC user, such as a [personal access token](https://developer.sailpoint.com/idn/api/authentication#personal-access-tokens) or [\"authorization_code\" derived OAuth token](https://developer.sailpoint.com/idn/api/authentication#authorization-code-grant-flow).\n\nA token with [API authority](https://developer.sailpoint.com/idn/api/authentication#client-credentials-grant-flow) can be used to change **any** identity's password or the password of any of the identity's accounts. \n\"API authority\" refers to a token that only has the \"client_credentials\" grant type.\n\n>**Note: If you want to set an identity's source account password, you must enable `PASSWORD` as one of the source's features. You can use the [PATCH Source endpoint](https://developer.sailpoint.com/docs/api/v3/update-source) to add the `PASSWORD` feature.**\n\nYou can use this endpoint to generate an `encryptedPassword` (RSA encrypted using publicKey). \nTo do so, follow these steps:\n\n1. Use [Query Password Info](https://developer.sailpoint.com/idn/api/v3/query-password-info) to get the following information: `identityId`, `sourceId`, `publicKeyId`, `publicKey`, `accounts`, and `policies`. \n\n2. Choose an account from the previous response that you will provide as an `accountId` in your request to set an encrypted password. \n\n3. Use [Set Identity's Password](https://developer.sailpoint.com/idn/api/v3/set-password) and provide the information you got from your earlier query. Then add this code to your request to get the encrypted password:\n\n```java\nimport javax.crypto.Cipher;\nimport java.security.KeyFactory;\nimport java.security.PublicKey;\nimport java.security.spec.X509EncodedKeySpec;\nimport java util.Base64;\n\nString encrypt(String publicKey, String toEncrypt) throws Exception {\n byte[] publicKeyBytes = Base64.getDecoder().decode(publicKey);\n byte[] encryptedBytes = encryptRsa(publicKeyBytes, toEncrypt.getBytes(\"UTF-8\"));\n return Base64.getEncoder().encodeToString(encryptedBytes);\n}\n\nprivate byte[] encryptRsa(byte[] publicKeyBytes, byte[] toEncryptBytes) throws Exception {\n PublicKey key = KeyFactory.getInstance(\"RSA\").generatePublic(new X509EncodedKeySpec(publicKeyBytes));\n String transformation = \"RSA/ECB/PKCS1Padding\";\n Cipher cipher = Cipher.getInstance(transformation);\n cipher.init(1, key);\n return cipher.doFinal(toEncryptBytes);\n}\n``` \n\nIn this example, `toEncrypt` refers to the plain text password you are setting and then encrypting, and the `publicKey` refers to the publicKey you got from the first request you sent. \n\nYou can then use [Get Password Change Request Status](https://developer.sailpoint.com/idn/api/v3/get-password-change-status) to check the password change request status. To do so, you must provide the `requestId` from your earlier request to set the password. \n", + "type": "text/plain" + }, + "url": { + "path": [ + "set-password" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"8a807d4c73c545510173c545f0a002ff\",\n \"encryptedPassword\": \"XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A==\",\n \"publicKeyId\": \"YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2\",\n \"accountId\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"sourceId\": \"8a807d4c73c545510173c545d4b60246\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "5d67b542-40a9-412c-af0d-b69af265188b", + "name": "Reference to the password change.", + "originalRequest": { + "url": { + "path": [ + "set-password" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"8a807d4c73c545510173c545f0a002ff\",\n \"encryptedPassword\": \"XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A==\",\n \"publicKeyId\": \"YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2\",\n \"accountId\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"sourceId\": \"8a807d4c73c545510173c545d4b60246\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"requestId\": \"089899f13a8f4da7824996191587bab9\",\n \"state\": \"IN_PROGRESS\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3bd7648f-dbf4-410f-ba38-1616a6ea1a88", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "set-password" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"8a807d4c73c545510173c545f0a002ff\",\n \"encryptedPassword\": \"XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A==\",\n \"publicKeyId\": \"YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2\",\n \"accountId\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"sourceId\": \"8a807d4c73c545510173c545d4b60246\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "54b1a4ca-5483-4828-bfe7-343789317750", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "set-password" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"8a807d4c73c545510173c545f0a002ff\",\n \"encryptedPassword\": \"XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A==\",\n \"publicKeyId\": \"YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2\",\n \"accountId\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"sourceId\": \"8a807d4c73c545510173c545d4b60246\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a127a952-4a8d-4ea5-96b5-a0d203b77479", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "set-password" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"8a807d4c73c545510173c545f0a002ff\",\n \"encryptedPassword\": \"XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A==\",\n \"publicKeyId\": \"YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2\",\n \"accountId\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"sourceId\": \"8a807d4c73c545510173c545d4b60246\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "440a0534-8c1d-4a61-94a3-433ab48d9269", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "set-password" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"8a807d4c73c545510173c545f0a002ff\",\n \"encryptedPassword\": \"XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A==\",\n \"publicKeyId\": \"YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2\",\n \"accountId\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"sourceId\": \"8a807d4c73c545510173c545d4b60246\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0635487b-d555-4ddb-8def-1b80944965b1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "set-password" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"8a807d4c73c545510173c545f0a002ff\",\n \"encryptedPassword\": \"XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A==\",\n \"publicKeyId\": \"YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2\",\n \"accountId\": \"CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\",\n \"sourceId\": \"8a807d4c73c545510173c545d4b60246\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c70e8a5c-563e-4c5f-8757-571bd83dd331", + "name": "Get Password Change Request Status", + "request": { + "name": "Get Password Change Request Status", + "description": { + "content": "This API returns the status of a password change request. A token with identity owner or trusted API client application authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-change-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "089899f13a8f4da7824996191587bab9", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Password change request ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "3dae0389-5f6b-46a4-86f4-d73df1083a7e", + "name": "Status of the password change request", + "originalRequest": { + "url": { + "path": [ + "password-change-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"requestId\": \"089899f13a8f4da7824996191587bab9\",\n \"state\": \"IN_PROGRESS\",\n \"errors\": [\n \"The password change payload is invalid\"\n ],\n \"sourceIds\": [\n \"2c918083746f642c01746f990884012a\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1c5263df-ff36-4389-ac8a-7e73d7cb814e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-change-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a5ab208-49eb-41e2-bb84-f24deb12ca0b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-change-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01a12e2e-bed4-4549-90f4-52c32de0f356", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-change-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c0007365-1202-4e7e-a4e9-6b322e8387a2", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "password-change-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce4bf0aa-a48c-4ec2-8bb7-ff50303c81a7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-change-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2d2b49fa-8fcc-48ab-9722-f62ec81000a8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-change-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "071462e4-f026-4547-9600-85d6dc4febfe", + "name": "Generate a digit token", + "request": { + "name": "Generate a digit token", + "description": { + "content": "This API is used to generate a digit token for password management. Requires authorization scope of \"idn:password-digit-token:create\".", + "type": "text/plain" + }, + "url": { + "path": [ + "generate-password-reset-token", + "digit" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userId\": \"Abby.Smith\",\n \"length\": 8,\n \"durationMinutes\": 5\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3fb27b68-878c-4d17-a938-d8b901538dbb", + "name": "The digit token for password management.", + "originalRequest": { + "url": { + "path": [ + "generate-password-reset-token", + "digit" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userId\": \"Abby.Smith\",\n \"length\": 8,\n \"durationMinutes\": 5\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"digitToken\": 9087713,\n \"requestId\": \"e1267ecd-fcd9-4c73-9c55-12555efad136\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "37ca3a11-8a3f-41f8-84a4-6a779f05b0f9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "generate-password-reset-token", + "digit" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userId\": \"Abby.Smith\",\n \"length\": 8,\n \"durationMinutes\": 5\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a7dc766-51c5-48ed-8888-8cf9dc975bcb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "generate-password-reset-token", + "digit" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userId\": \"Abby.Smith\",\n \"length\": 8,\n \"durationMinutes\": 5\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e7ae5df-7a9e-4eec-93bc-3fdfd96b18e2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "generate-password-reset-token", + "digit" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"userId\": \"Abby.Smith\",\n \"length\": 8,\n \"durationMinutes\": 5\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Password Policies", + "description": "Use these APIs to implement password policies functionality.\nThese APIs allow you to define the policy parameters for choosing passwords.\n\nIdentityNow comes with a default policy that you can modify to define the password requirements your users must meet to log in to IdentityNow, such as requiring a minimum password length, including special characters, and disallowing certain patterns.\nIf you have licensed Password Management, you can create additional password policies beyond the default one to manage passwords for supported sources in your org.\n\nIn the Identity Security Cloud Admin panel, administrators can use the Password Mgmt dropdown menu to select Sync Groups.\nRefer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/pwd_policies/pwd_policies.html) for more information about password policies.\n", + "item": [ + { + "id": "b7a59d53-a749-47b4-8837-930e52b683d8", + "name": "Get Password Policy by ID", + "request": { + "name": "Get Password Policy by ID", + "description": { + "content": "This API returns the password policy for the specified ID. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ff808081838d9e9d01838da6a03e0005", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of password policy to retrieve.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ebb4fdb5-f98f-47a5-8e5e-ebc9e13bd0eb", + "name": "Reference to the password policy.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"description\": \"Default Password Policy\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Example PP\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": true,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "91ded798-1c63-4c7e-b3fe-88ecc1ffe4bb", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18d18935-5e13-40d4-b2dc-ba1a6ce83d03", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aca7fddc-b3c3-4b97-8628-0e1cd5372bbb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a6f01aac-b825-44b6-a85d-09584a0b0eeb", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "290e7cca-1be2-4a37-9909-f7e53c583cde", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ee5cff6-b5b4-432e-8b26-0929da1eac63", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4ae9d379-17ce-4d81-9ee4-690d47298375", + "name": "Update Password Policy by ID", + "request": { + "name": "Update Password Policy by ID", + "description": { + "content": "This API updates the specified password policy. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ff808081838d9e9d01838da6a03e0007", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of password policy to update.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Password Policy after update.\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Improved Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "1cdc7f99-76fa-406a-84fe-7b9b114135e2", + "name": "Reference to the password policy.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Password Policy after update.\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Improved Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"description\": \"Password Policy after update.\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Improved Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "350e81fa-a0a7-4044-8bd6-13a1ab408934", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Password Policy after update.\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Improved Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9fa3d12d-e74a-4acd-a74a-53940887a4e2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Password Policy after update.\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Improved Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9026a50a-647e-4b19-8425-3aedf6413cc9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Password Policy after update.\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Improved Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c31dee23-36d6-4229-a0b1-7a79dd54d235", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Password Policy after update.\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Improved Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c9a3f4a-c447-470c-af3d-052482b48fba", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Password Policy after update.\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Improved Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c0b4c968-7601-4bfe-835f-29b8654d9bb1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Password Policy after update.\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Improved Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "219488c6-c1ea-4f52-8de7-fb073a22280f", + "name": "Delete Password Policy by ID", + "request": { + "name": "Delete Password Policy by ID", + "description": { + "content": "This API deletes the specified password policy. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ff808081838d9e9d01838da6a03e0002", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of password policy to delete.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "280d6b9a-c08a-40c0-94c3-36a7e10b970d", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "14f541b0-9e94-4a09-861f-4250655b1ec2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "20f5746b-ec31-49ef-b243-e289b3ff7bf3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "07c4cf67-e7fd-4cb0-97c9-9dc42d81b3c5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3684ce00-25fa-4253-8cc8-43aa778a9012", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "83b9afe1-a7c4-4f65-aaa7-dbec2c918ed8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4eae7ef-4a12-49fd-833e-dd5e000bd30d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8d455b45-e4af-4537-974b-71b89f2c3da8", + "name": "Create Password Policy", + "request": { + "name": "Create Password Policy", + "description": { + "content": "This API creates the specified password policy. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"New Password Policy with high requirements to password complexity.\",\n \"id\": null,\n \"name\": \"High security Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "77e43c26-e9a4-41f2-aa29-a4be46413852", + "name": "Reference to the password policy.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"New Password Policy with high requirements to password complexity.\",\n \"id\": null,\n \"name\": \"High security Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"description\": \"Information about the Password Policy\",\n \"name\": \"PasswordPolicy Example\",\n \"dateCreated\": \"2001-11-02T23:13:31.604Z\",\n \"lastUpdated\": \"2012-03-08T22:17:16.938Z\",\n \"firstExpirationReminder\": 45,\n \"accountIdMinWordLength\": 4,\n \"accountNameMinWordLength\": 6,\n \"minAlpha\": 5,\n \"minCharacterTypes\": 5,\n \"maxLength\": 25,\n \"minLength\": 8,\n \"maxRepeatedChars\": 3,\n \"minLower\": 8,\n \"minNumeric\": 8,\n \"minSpecial\": 8,\n \"minUpper\": 8,\n \"passwordExpiration\": 8,\n \"defaultPolicy\": true,\n \"enablePasswdExpiration\": true,\n \"requireStrongAuthn\": true,\n \"requireStrongAuthOffNetwork\": true,\n \"requireStrongAuthUntrustedGeographies\": true,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": false,\n \"validateAgainstAccountName\": true,\n \"created\": \"nostrud sed fugiat aliquip amet\",\n \"modified\": \"enim\",\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2f98808382ffee0b01830de154f12134\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d713de91-41da-4084-80fc-96b36f625ab4", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"New Password Policy with high requirements to password complexity.\",\n \"id\": null,\n \"name\": \"High security Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cd8d9da4-7540-4009-b080-5bfb4830c165", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"New Password Policy with high requirements to password complexity.\",\n \"id\": null,\n \"name\": \"High security Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd78c03f-a326-4c35-8441-574af2615aef", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"New Password Policy with high requirements to password complexity.\",\n \"id\": null,\n \"name\": \"High security Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a5d7923b-c465-4545-939e-c6df0b7771f8", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"New Password Policy with high requirements to password complexity.\",\n \"id\": null,\n \"name\": \"High security Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b7497ec4-b87f-4bfc-854f-15f862c1c0fa", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"New Password Policy with high requirements to password complexity.\",\n \"id\": null,\n \"name\": \"High security Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "025a0b85-76e2-4e21-b85e-d46c6aa58a71", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"New Password Policy with high requirements to password complexity.\",\n \"id\": null,\n \"name\": \"High security Password Policy\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4a08b06e-0361-4be6-bd60-7e642eedef48", + "name": "List Password Policies", + "request": { + "name": "List Password Policies", + "description": { + "content": "This gets list of all Password Policies.\nRequires role of ORG_ADMIN", + "type": "text/plain" + }, + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5e399211-5a74-4131-99fe-d3bcc865eeaa", + "name": "List of all Password Policies.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"description\": \"Example Password Policy\",\n \"id\": \"2c91808e7d976f3b017d9f5ceae440c8\",\n \"name\": \"Example PP\",\n \"dateCreated\": 1639056206564,\n \"lastUpdated\": 1662385430753,\n \"firstExpirationReminder\": 90,\n \"accountIdMinWordLength\": 3,\n \"accountNameMinWordLength\": 3,\n \"maxLength\": 0,\n \"maxRepeatedChars\": 4,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": false,\n \"validateAgainstAccountId\": true,\n \"validateAgainstAccountName\": true,\n \"sourceIds\": [\n \"2c91808382ffee0b01830de154f14034\",\n \"2c91808582ffee0c01830de36511405f\"\n ]\n },\n {\n \"description\": null,\n \"id\": \"2c91808780b8b8430180ff7a093f3bf2\",\n \"name\": \"Password Policy 1 test\",\n \"dateCreated\": 1653553629503,\n \"lastUpdated\": null,\n \"firstExpirationReminder\": null,\n \"accountIdMinWordLength\": -1,\n \"accountNameMinWordLength\": -1,\n \"maxLength\": 0,\n \"maxRepeatedChars\": -1,\n \"minAlpha\": 1,\n \"minCharacterTypes\": -1,\n \"minLength\": 8,\n \"minLower\": 0,\n \"minNumeric\": 1,\n \"minSpecial\": 0,\n \"minUpper\": 0,\n \"passwordExpiration\": 90,\n \"defaultPolicy\": false,\n \"enablePasswdExpiration\": false,\n \"requireStrongAuthn\": false,\n \"requireStrongAuthOffNetwork\": false,\n \"requireStrongAuthUntrustedGeographies\": false,\n \"useAccountAttributes\": false,\n \"useDictionary\": false,\n \"useIdentityAttributes\": true,\n \"validateAgainstAccountId\": false,\n \"validateAgainstAccountName\": false,\n \"sourceIds\": []\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af8aff6e-382b-4301-9b09-06d6d050ae77", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "15c44a94-5b7a-4a52-8de2-f7827ab1cf2d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b972d3bc-1bbc-4277-8fe1-5a8df73ff6ea", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "564e6dbc-85b0-4a9d-b6af-37a9aac6fbd5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "688ccc77-36a7-45ec-8c01-b8acabd04c8e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Password Sync Groups", + "description": "Use this API to implement password sync group functionality. \nWith this functionality in place, administrators can group sources into password sync groups so that all their applications share the same password. \nThis allows users to update the password for all the applications in a sync group if they want, rather than updating each password individually. \n\nA password sync group is a group of applications that shares a password. \nAdministrators create these groups by grouping the applications' sources. \nFor example, an administrator can group the ActiveDirectory, GitHub, and G Suite sources together so that all those sources' applications can also be grouped to share a password. \nA user can then update his or her password for ActiveDirectory, GitHub, Gmail, Google Drive, and Google Calendar all at once, rather then updating each one individually.\n\nThe following are required for administrators to create a password sync group in Identity Security Cloud: \n\n- At least two direct connect sources connected to Identity Security Cloud and configured for Password Management.\n\n- Each authentication source in a sync group must have at least one application. Refer to [Adding and Resetting Application Passwords](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html#adding-and-resetting-application-passwords) for more information about adding applications to sources.\n\n- At least one password policy. Refer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/policies.html) for more information about password policies. \n\nIn the Admin panel in Identity Security Cloud, administrators can use the Password Mgmt dropdown menu to select Sync Groups. \nTo create a sync group, administrators must provide a name, choose a password policy to be enforced across the sources in the sync group, and select the sources to include in the sync group. \n\nAdministrators can also delete sync groups in Identity Security Cloud, but they should know the following before they do: \n\n- Passwords related to the associated sources will become independent, so changing one will not change the others anymore. \n\n- Passwords for the sources' connected applications will also become independent. \n\n- Password policies assigned to the sync group are then assigned directly to the associated sources. \nTo change the password policy for a source, administrators must edit it directly. \n\nOnce the password sync group has been created, users can update the password for the group in Password Manager.\n\nRefer to [Managing Password Sync Groups](https://documentation.sailpoint.com/saas/help/pwd/sync_grps.html) for more information about password sync groups.\n", + "item": [ + { + "id": "9ce3a836-7ea0-44bc-b1de-5da44bbb2ef7", + "name": "Get Password Sync Group List", + "request": { + "name": "Get Password Sync Group List", + "description": { + "content": "This API returns a list of password sync groups. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "834211a3-f90a-4288-b6a1-b399ad3ea839", + "name": "A list of password sync groups.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 1\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"created\": \"2023-03-16T04:00:00Z\",\n \"modified\": \"2023-03-16T04:00:00Z\"\n },\n {\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 1\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ],\n \"created\": \"2023-03-16T04:00:00Z\",\n \"modified\": \"2023-03-16T04:00:00Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "83b3ef07-615a-4e82-95c9-9b2f7fb26c71", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dac51e18-e66c-40fb-8dd0-a1364a71b3ae", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "136ae603-422b-41cf-9be9-31699d2a69f0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c086fd00-5dbe-4b28-8fc0-fe987452e6af", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c53a86a4-5c28-43d7-a016-179590d30f21", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "14dd584f-41b8-4f8f-9df8-e93b1b854c82", + "name": "Create Password Sync Group", + "request": { + "name": "Create Password Sync Group", + "description": { + "content": "This API creates a password sync group based on the specifications provided. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "dc8eb59d-7d69-4173-a612-af06b41383d4", + "name": "Reference to the password sync group.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ee0d07d-ba52-497b-9c60-4c1db410f96c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "054708a1-89da-4944-a167-f7cd3a46eb24", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "080d4161-8fd0-4040-9166-574119d9f060", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2c64936b-ae0e-4e18-840d-5536db9a3ceb", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "667bde86-304b-4ba9-be15-f88d4aa23386", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d1a74283-bd08-49c1-bd02-e0a4bc9a0043", + "name": "Get Password Sync Group by ID", + "request": { + "name": "Get Password Sync Group by ID", + "description": { + "content": "This API returns the sync group for the specified ID. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "6881f631-3bd5-4213-9c75-8e05cc3e35dd", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of password sync group to retrieve.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "3621aa2a-c1c4-4ff1-a5ae-9a7e5af5cee5", + "name": "Reference to the password sync group.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 1\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ad1bcab2-c065-4792-953f-dcb8d0794d72", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7baa219e-a3e4-407f-85ff-b45ae4a5a3ab", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ca5ac436-1962-4e30-9742-a68f51b9429a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "609ec7d3-1a8a-481e-bdd1-c3ea0ec854fb", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d933db14-9559-41b3-a69d-fc6c0fcbdf74", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "12308ddb-0314-44b0-b30b-726dd852e925", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "59c6ea3c-9a64-4b16-89bd-c264348a2f06", + "name": "Update Password Sync Group by ID", + "request": { + "name": "Update Password Sync Group by ID", + "description": { + "content": "This API updates the specified password sync group. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "6881f631-3bd5-4213-9c75-8e05cc3e35dd", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of password sync group to update.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "0bd11309-aaab-4580-89c9-d90f3d79e71f", + "name": "Reference to the password sync group.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "687ffd79-ef87-4135-afcc-68280c14fbcf", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ca87af3-e7fd-46f8-a3e5-a997c1f64fe8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1d7e9eb-d1f1-4fe5-9695-fd6a5845329a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c3d43de7-8ea4-46e6-90df-22ba3655e4b6", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5471c5be-c380-4dae-8732-fe0cf9dacd38", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fa1270bb-d93e-46aa-a1b1-5c120c74ec66", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"6881f631-3bd5-4213-9c75-8e05cc3e35dd\",\n \"name\": \"Password Sync Group 2\",\n \"passwordPolicyId\": \"2c91808d744ba0ce01746f93b6204501\",\n \"sourceIds\": [\n \"2c918084660f45d6016617daa9210584\",\n \"2c918084660f45d6016617daa9210500\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0535a181-2068-418d-bdb2-89ddcd9c9ad6", + "name": "Delete Password Sync Group by ID", + "request": { + "name": "Delete Password Sync Group by ID", + "description": { + "content": "This API deletes the specified password sync group. A token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "6881f631-3bd5-4213-9c75-8e05cc3e35dd", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of password sync group to delete.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "a486c962-5044-48d8-a2d9-efde329c6c8f", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "dfd42337-93d7-4d70-b81e-51913959b482", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4b5b9ff8-3c71-4615-b58a-af27925d6477", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ca6a21ce-30ed-4eaa-89ed-319704494a12", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ec68b97-1ef4-4654-8891-21d370eca2a5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5f3ba7aa-30ee-4860-8b31-ca2542ccda12", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "password-sync-groups", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Personal Access Tokens", + "description": "Use this API to implement personal access token (PAT) functionality. \nWith this functionality in place, users can use PATs as an alternative to passwords for authentication in Identity Security Cloud. \n\nPATs embed user information into the client ID and secret. \nThis replaces the API clients' need to store and provide a username and password to establish a connection, improving Identity Security Cloud organizations' integration security. \n\nIn Identity Security Cloud, users can do the following to create and manage their PATs: Select the dropdown menu under their names, select Preferences, and then select Personal Access Tokens. \nThey must then provide a description about the token's purpose. \nThey can then select 'Create Token' at the bottom of the page to generate and view the Secret and Client ID. \n\nRefer to [Managing Personal Access Tokens](https://documentation.sailpoint.com/saas/help/common/generate_tokens.html) for more information about PATs.\n", + "item": [ + { + "id": "c9aa4ede-38a7-465f-ac06-ab2fa7c276e0", + "name": "List Personal Access Tokens", + "request": { + "name": "List Personal Access Tokens", + "description": { + "content": "This gets a collection of personal access tokens associated with the optional `owner-id`. query parameter. If the `owner-id` query parameter is omitted, all personal access tokens for a tenant will be retrieved, but the caller must have the 'idn:all-personal-access-tokens:read' right.", + "type": "text/plain" + }, + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity ID of the owner whose personal access tokens should be listed. If \"me\", the caller should have the following right: 'idn:my-personal-access-tokens:read'\nIf an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. \nIf the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c9180867b50d088017b554662fb281e" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "63455ee1-ed0d-4cf9-af29-80faa8950eba", + "name": "List of personal access tokens.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity ID of the owner whose personal access tokens should be listed. If \"me\", the caller should have the following right: 'idn:my-personal-access-tokens:read'\nIf an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. \nIf the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c9180867b50d088017b554662fb281e" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"86f1dc6fe8f54414950454cbb11278fa\",\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ],\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"lastUsed\": \"2017-07-11T18:45:37.098Z\",\n \"managed\": false\n },\n {\n \"id\": \"86f1dc6fe8f54414950454cbb11278fa\",\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ],\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"lastUsed\": \"2017-07-11T18:45:37.098Z\",\n \"managed\": false\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "095c5e22-2976-47b1-99dd-8cda8cd83fa5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity ID of the owner whose personal access tokens should be listed. If \"me\", the caller should have the following right: 'idn:my-personal-access-tokens:read'\nIf an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. \nIf the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c9180867b50d088017b554662fb281e" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "868bd02a-c82d-4f64-afcc-60d87f7618c4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity ID of the owner whose personal access tokens should be listed. If \"me\", the caller should have the following right: 'idn:my-personal-access-tokens:read'\nIf an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. \nIf the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c9180867b50d088017b554662fb281e" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ad5d11bd-00a0-4bf7-846b-71b4f885e180", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity ID of the owner whose personal access tokens should be listed. If \"me\", the caller should have the following right: 'idn:my-personal-access-tokens:read'\nIf an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. \nIf the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c9180867b50d088017b554662fb281e" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "61f1ca82-6d36-4522-9e7c-14e0b0f77701", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity ID of the owner whose personal access tokens should be listed. If \"me\", the caller should have the following right: 'idn:my-personal-access-tokens:read'\nIf an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. \nIf the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c9180867b50d088017b554662fb281e" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7f5b240b-2aa5-4b6d-8c4e-363acea70c78", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The identity ID of the owner whose personal access tokens should be listed. If \"me\", the caller should have the following right: 'idn:my-personal-access-tokens:read'\nIf an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. \nIf the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'", + "type": "text/plain" + }, + "key": "owner-id", + "value": "2c9180867b50d088017b554662fb281e" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**lastUsed**: *le, isnull*", + "type": "text/plain" + }, + "key": "filters", + "value": "lastUsed le 2023-02-05T10:59:27.214Z" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "746d085e-730f-4274-b32c-04c0a43a96e2", + "name": "Create Personal Access Token", + "request": { + "name": "Create Personal Access Token", + "description": { + "content": "This creates a personal access token.", + "type": "text/plain" + }, + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "6e00f07e-7b3a-46e9-916b-fb940e135718", + "name": "Created. Note - this is the only time Personal Access Tokens' secret attribute will be displayed.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"86f1dc6fe8f54414950454cbb11278fa\",\n \"secret\": \"1d1bef2b9f426383447f64f69349fc7cac176042578d205c256ba3f37c59adb9\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ],\n \"name\": \"NodeJS Integration\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"created\": \"2017-07-11T18:45:37.098Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "71bf8b1b-633c-4bb7-886f-0f24cd1b7cb2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1bfa637-6cae-42e2-8d35-d9819e41ddb5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14a86380-40a8-40ec-af95-a54d4bb71fc9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7cdb47f6-3bb8-4f42-94ea-6b52490e0643", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4231282a-507d-48d8-9570-c9d9966f3d97", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "dd1f4823-38e4-4714-b865-af45b0e50afa", + "name": "Patch Personal Access Token", + "request": { + "name": "Patch Personal Access Token", + "description": { + "content": "This performs a targeted update to the field(s) of a Personal Access Token.\nChanging scopes for a Personal Access Token does not impact existing bearer tokens. You will need to create a new bearer token to have the new scopes. Please note that it can take up to 20 minutes for scope changes to be seen on new bearer tokens.", + "type": "text/plain" + }, + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The Personal Access Token id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"New name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/scope\",\n \"value\": [\n \"sp:scopes:all\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "b2ddc10c-ec44-4359-9947-a11725b2efa5", + "name": "Indicates the PATCH operation succeeded, and returns the PAT's new representation.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"New name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/scope\",\n \"value\": [\n \"sp:scopes:all\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"86f1dc6fe8f54414950454cbb11278fa\",\n \"name\": \"NodeJS Integration\",\n \"scope\": [\n \"demo:personal-access-token-scope:first\",\n \"demo:personal-access-token-scope:second\"\n ],\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"lastUsed\": \"2017-07-11T18:45:37.098Z\",\n \"managed\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe5af040-c5bc-4877-b5bc-ffb251fdb6bb", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"New name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/scope\",\n \"value\": [\n \"sp:scopes:all\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ce51c4e-7a0c-468e-8c2d-baecc067e09c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"New name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/scope\",\n \"value\": [\n \"sp:scopes:all\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8f5e8f66-a15c-48ac-8b50-fa2ca6f784df", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"New name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/scope\",\n \"value\": [\n \"sp:scopes:all\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17416829-e18f-4c35-9334-95868a89ae5b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"New name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/scope\",\n \"value\": [\n \"sp:scopes:all\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb35fe2a-59a2-4a77-96fc-51eb66ba3d73", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"New name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/scope\",\n \"value\": [\n \"sp:scopes:all\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3cbad38-cee9-4f9d-9cf6-e091bd11ad7f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"New name\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/scope\",\n \"value\": [\n \"sp:scopes:all\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "491782e7-b05a-4f19-bfac-525d2c69383a", + "name": "Delete Personal Access Token", + "request": { + "name": "Delete Personal Access Token", + "description": { + "content": "This deletes a personal access token.", + "type": "text/plain" + }, + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The personal access token id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "10563833-b88c-46c6-b890-f1be44b0ca86", + "name": "No content.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "4b7aa1c2-9ae8-4541-9906-fee9350db6df", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57f8be2c-be13-4362-9461-974e314f667f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "32a17cae-97dd-4bcc-bb1b-7890a008d300", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d2263afc-ce6d-43a6-819a-3d882f8271b0", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c208ac5-ad19-4de7-a0dd-48f5343f3bcf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1fcc70fa-601e-4f44-a31a-370fb9362923", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "personal-access-tokens", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Public Identities", + "description": "Use this API in conjunction with [Public Identites Config](https://developer.sailpoint.com/docs/api/v3/public-identities-config/) to enable non-administrators to view identities' publicly visible attributes. \nWith this functionality in place, non-administrators can view identity attributes other than the default attributes (email, lifecycle state, and manager), depending on which identity attributes their organization administrators have made public. \nThis can be helpful for access approvers, certification reviewers, managers viewing their direct reports' access, and source owners viewing their tasks.\n", + "item": [ + { + "id": "25254886-2fab-47ec-970f-e5660af660f8", + "name": "Get a list of public identities", + "request": { + "name": "Get a list of public identities", + "description": {}, + "url": { + "path": [ + "public-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**alias**: *eq, sw*\n\n**email**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "firstname eq \"John\"" + }, + { + "disabled": true, + "description": { + "content": "If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*:\n - Should be either correlated or protected.\n - Should not be \"spadmin\" or \"cloudadmin\".\n - uid should not be null.\n - lastname should not be null.\n - email should not be null.", + "type": "text/plain" + }, + "key": "add-core-filters", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "1c85b4a7-7248-4e93-9372-cf82875b8853", + "name": "A list of public identity objects.", + "originalRequest": { + "url": { + "path": [ + "public-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**alias**: *eq, sw*\n\n**email**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "firstname eq \"John\"" + }, + { + "disabled": true, + "description": { + "content": "If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*:\n - Should be either correlated or protected.\n - Should not be \"spadmin\" or \"cloudadmin\".\n - uid should not be null.\n - lastname should not be null.\n - email should not be null.", + "type": "text/plain" + }, + "key": "add-core-filters", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180857182305e0171993735622948\",\n \"name\": \"Alison Ferguso\",\n \"alias\": \"alison.ferguso\",\n \"email\": \"alison.ferguso@acme-solar.com\",\n \"status\": \"Active\",\n \"manager\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n },\n \"attributes\": [\n {\n \"key\": \"phone\",\n \"name\": \"Phone\",\n \"value\": \"5125551234\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\",\n \"value\": \"US\"\n }\n ]\n },\n {\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"alias\": \"thomas.edison\",\n \"email\": \"thomas.edison@acme-solar.com\",\n \"status\": \"Active\",\n \"manager\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918086676d3e0601677611dbde220f\",\n \"name\": \"Mister Manager\"\n },\n \"attributes\": [\n {\n \"key\": \"phone\",\n \"name\": \"Phone\",\n \"value\": \"5125554321\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\",\n \"value\": \"US\"\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "61f28f5e-968a-4ad4-b5a4-581120221792", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "public-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**alias**: *eq, sw*\n\n**email**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "firstname eq \"John\"" + }, + { + "disabled": true, + "description": { + "content": "If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*:\n - Should be either correlated or protected.\n - Should not be \"spadmin\" or \"cloudadmin\".\n - uid should not be null.\n - lastname should not be null.\n - email should not be null.", + "type": "text/plain" + }, + "key": "add-core-filters", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a52ecaad-43a3-4300-85f2-e60f42eb877d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "public-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**alias**: *eq, sw*\n\n**email**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "firstname eq \"John\"" + }, + { + "disabled": true, + "description": { + "content": "If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*:\n - Should be either correlated or protected.\n - Should not be \"spadmin\" or \"cloudadmin\".\n - uid should not be null.\n - lastname should not be null.\n - email should not be null.", + "type": "text/plain" + }, + "key": "add-core-filters", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bdc2155a-ecd2-4e03-8de1-41ba82107d33", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "public-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**alias**: *eq, sw*\n\n**email**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "firstname eq \"John\"" + }, + { + "disabled": true, + "description": { + "content": "If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*:\n - Should be either correlated or protected.\n - Should not be \"spadmin\" or \"cloudadmin\".\n - uid should not be null.\n - lastname should not be null.\n - email should not be null.", + "type": "text/plain" + }, + "key": "add-core-filters", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d417830-dad0-4465-8696-4f2d3bbd9f79", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "public-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**alias**: *eq, sw*\n\n**email**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "firstname eq \"John\"" + }, + { + "disabled": true, + "description": { + "content": "If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*:\n - Should be either correlated or protected.\n - Should not be \"spadmin\" or \"cloudadmin\".\n - uid should not be null.\n - lastname should not be null.\n - email should not be null.", + "type": "text/plain" + }, + "key": "add-core-filters", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "166f376f-47e4-4cd6-be30-19a568379632", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "public-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**alias**: *eq, sw*\n\n**email**: *eq, sw*\n\n**firstname**: *eq, sw*\n\n**lastname**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "firstname eq \"John\"" + }, + { + "disabled": true, + "description": { + "content": "If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*:\n - Should be either correlated or protected.\n - Should not be \"spadmin\" or \"cloudadmin\".\n - uid should not be null.\n - lastname should not be null.\n - email should not be null.", + "type": "text/plain" + }, + "key": "add-core-filters", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Public Identities Config", + "description": "Use this API to implement public identity configuration functionality. \nWith this functionality in place, administrators can make up to 5 identity attributes publicly visible so other non-administrator users can see the relevant information they need to make decisions. \nThis can be helpful for approvers making approvals, certification reviewers, managers viewing their direct reports' access, and source owners viewing their tasks.\n\nBy default, non-administrators can select an identity and view the following attributes: email, lifecycle state, and manager. \nHowever, it may be helpful for a non-administrator reviewer to see other identity attributes like department, region, title, etc.\nAdministrators can use this API to make those necessary identity attributes public to non-administrators. \n\nFor example, a non-administrator deciding whether to approve another identity's request for access to the Workday application, whose access may be restricted to members of the HR department, would want to know whether the identity is a member of the HR department. \nIf an administrator has used [Update Public Identity Config](https://developer.sailpoint.com/docs/api/v3/update-public-identity-config/) to make the \"department\" attribute public, the approver can see the department and make a decision without requesting any more information.\n", + "item": [ + { + "id": "5111188e-5164-47cc-9e37-e5e551807b6e", + "name": "Get the Public Identities Configuration", + "request": { + "name": "Get the Public Identities Configuration", + "description": { + "content": "Returns the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns. A token with ORG ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "bd296b10-8098-4a20-a534-2e7c4676c0a1", + "name": "Request succeeded.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"attributes\": [\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n }\n ],\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "867cb745-6530-43bc-9a01-df00eb3b36a3", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b32ecf1-32ce-4fd9-991f-4c28da68c94c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7e5e699-7867-4fd1-8748-53b955497d88", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "19d6b181-feec-4ddc-a140-b0aa66e962ba", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ca1f7c5-5b56-462d-8b52-bc72f4b48523", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2e92b590-9956-4824-8ba2-0782e83bf9cc", + "name": "Update the Public Identities Configuration", + "request": { + "name": "Update the Public Identities Configuration", + "description": { + "content": "Updates the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns. A token with ORG ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": [\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n }\n ],\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "f5eec883-1199-4223-a525-9ea5d420b639", + "name": "Request succeeded.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": [\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n }\n ],\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"attributes\": [\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n }\n ],\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e37be48-8225-42da-9e39-c0b50f7c6e9b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": [\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n }\n ],\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eea721a3-8f74-4cbc-83c1-22d23caf24aa", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": [\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n }\n ],\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fa3b2ca8-8f39-4ec4-b830-58d42397e63a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": [\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n }\n ],\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b715b773-c10d-41e8-9e80-081437ad1cd2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": [\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n }\n ],\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a9f58a2-2f7e-4079-afa5-b3b43798ca0d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "public-identities-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"attributes\": [\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n },\n {\n \"key\": \"country\",\n \"name\": \"Country\"\n }\n ],\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Reports Data Extraction", + "description": "Use this API to implement reports lifecycle managing and monitoring.\nWith this functionality in place, users can run reports, view their results, and cancel reports in progress. \nThis can be potentially helpful for auditing purposes. \n", + "item": [ + { + "id": "31020c48-12a3-4a03-b988-4ee21deda4d3", + "name": "Get Report Result", + "request": { + "name": "Get Report Result", + "description": { + "content": "Get the report results for a report that was run or is running. Returns empty report result in case there are no active task definitions with used in payload task definition name.", + "type": "text/plain" + }, + "url": { + "path": [ + "reports", + ":taskResultId", + "result" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "state of task result to apply ordering when results are fetching from the DB", + "type": "text/plain" + }, + "key": "completed", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "taskResultId", + "disabled": true, + "description": { + "content": "(Required) Unique identifier of the task result which handled report", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b08006cc-fdc3-415f-b402-40adbf1aae3f", + "name": "Details about report that was run or is running.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId", + "result" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "state of task result to apply ordering when results are fetching from the DB", + "type": "text/plain" + }, + "key": "completed", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"taskDefName\": \"Identities Details Report\",\n \"id\": \"1e01d272b8084c4fa12fcf8fa898102d\",\n \"created\": \"2023-09-07T42:14:05.122Z\",\n \"status\": \"SUCCESS\",\n \"duration\": 3681,\n \"rows\": 193,\n \"availableFormats\": [\n \"CSV\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6ebef91-fb1a-4a5f-8de9-6551b8ce63d3", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId", + "result" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "state of task result to apply ordering when results are fetching from the DB", + "type": "text/plain" + }, + "key": "completed", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "169f1741-0fe3-4cb5-a6d4-bd48801ab017", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId", + "result" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "state of task result to apply ordering when results are fetching from the DB", + "type": "text/plain" + }, + "key": "completed", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "31629aff-139b-4f20-9ff2-75680442a68b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId", + "result" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "state of task result to apply ordering when results are fetching from the DB", + "type": "text/plain" + }, + "key": "completed", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aaf070ba-346d-4c0a-9a8d-12fe9ff3521e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId", + "result" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "state of task result to apply ordering when results are fetching from the DB", + "type": "text/plain" + }, + "key": "completed", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec78fbec-1aef-48e6-b811-8976e29fae10", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId", + "result" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "state of task result to apply ordering when results are fetching from the DB", + "type": "text/plain" + }, + "key": "completed", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "88d1967f-5fc6-4523-8780-cb8d6b1c0fe4", + "name": "Run Report", + "request": { + "name": "Run Report", + "description": { + "content": "Runs a report according to input report details. If non-concurrent task is already running then it returns, otherwise new task creates and returns.", + "type": "text/plain" + }, + "url": { + "path": [ + "reports", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"arguments\": {\n \"correlatedOnly\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "22693f80-4d7b-4a04-bd77-a8e2cb4eb08d", + "name": "Identities Details Report task result.", + "originalRequest": { + "url": { + "path": [ + "reports", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"arguments\": {\n \"correlatedOnly\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"taskDefName\": \"Identities Details Report\",\n \"type\": \"QUARTZ\",\n \"id\": \"a248c16fe22222b2bd49615481311111\",\n \"created\": \"2023-09-07T42:14:00.364Z\",\n \"description\": \"A detailed view of the identities in the system.\",\n \"parentName\": \"Audit Report\",\n \"launcher\": \"9832285\",\n \"launched\": \"2023-09-07T42:14:00.521Z\",\n \"completed\": \"2023-09-07T42:14:01.137Z\",\n \"messages\": [],\n \"returns\": [],\n \"attributes\": {\n \"org\": \"an-org\"\n },\n \"progress\": \"Initializing...\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "691142e4-b3a0-4387-b6e1-5b1399879373", + "name": "Identities Details Report task result.", + "originalRequest": { + "url": { + "path": [ + "reports", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"arguments\": {\n \"correlatedOnly\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"reportType\": \"SEARCH_EXPORT\",\n \"taskDefName\": \"Search Export\",\n \"type\": \"QUARTZ\",\n \"id\": \"a248c16fe22222b2bd49615481311111\",\n \"created\": \"2023-09-07T42:14:11.137Z\",\n \"description\": \"Extract query data from ElasticSearch to CSV\",\n \"parentName\": null,\n \"launcher\": \"T05293\",\n \"launched\": \"2020-09-07T42:14:11.137Z\",\n \"completed\": \"2020-09-07T42:14:13.451Z\",\n \"messages\": [],\n \"returns\": [],\n \"attributes\": {\n \"queryHash\": \"5e12cf79c67d92e23d4d8cb3e974f87d164e86d4a48d32ecf89645cacfd3f2\",\n \"org\": \"an-org\",\n \"queryParams\": {\n \"columns\": \"displayName,firstName,lastName,email,created,attributes.cloudLifecycleState,tags,access.spread,apps.pread,accounts.spread\",\n \"indices\": \"identities\",\n \"ownerId\": \"95ecba5c5444439c999aec638ce2a777\",\n \"query\": 700007,\n \"sort\": \"displayName\"\n }\n },\n \"progress\": \"Initializing...\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c782784-3183-4c7b-8a39-910e7b3f23c0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reports", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"arguments\": {\n \"correlatedOnly\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49dfae4f-7ae5-43a3-857b-1a58ca76fbd3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reports", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"arguments\": {\n \"correlatedOnly\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "89454307-9220-4b0e-b61a-c668b2c9d640", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reports", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"arguments\": {\n \"correlatedOnly\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa571756-527c-4dee-ace4-33666eb8cc55", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reports", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"arguments\": {\n \"correlatedOnly\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a76b9ae2-89a6-4042-b0d2-31198a96bb3e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reports", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reportType\": \"IDENTITIES_DETAILS\",\n \"arguments\": {\n \"correlatedOnly\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "90af011d-c162-43f8-b671-97f4952f846e", + "name": "Cancel Report", + "request": { + "name": "Cancel Report", + "description": { + "content": "Cancels a running report.", + "type": "text/plain" + }, + "url": { + "path": [ + "reports", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "a1ed223247144cc29d23c632624b4767", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the running Report to cancel", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "0782d845-ed3b-4464-b27e-348b81ebc4c8", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "b0a81aa2-95e5-41e9-a7e9-4328d24a0b97", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bee93375-a57a-4f1e-bee5-62a351c020ab", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "91b5025e-07e5-4dc1-848b-63fcfe19d0a2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe6e9007-4501-4947-a4ac-fa0fc7f3de39", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0ae9047c-a79d-42bd-81de-8e7f5f780040", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "85afb2ca-7be2-43fb-8274-aeb4cb400f47", + "name": "Get Report File", + "request": { + "name": "Get Report File", + "description": { + "content": "Gets a report in file format.", + "type": "text/plain" + }, + "url": { + "path": [ + "reports", + ":taskResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Output format of the requested report file", + "type": "text/plain" + }, + "key": "fileFormat", + "value": "csv" + }, + { + "disabled": true, + "description": { + "content": "preferred Report file name, by default will be used report name from task result.", + "type": "text/plain" + }, + "key": "name", + "value": "Identities Details Report" + }, + { + "disabled": true, + "description": { + "content": "Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.", + "type": "text/plain" + }, + "key": "auditable", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "taskResultId", + "disabled": true, + "description": { + "content": "(Required) Unique identifier of the task result which handled report", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/csv" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "dad57e1a-3159-432a-ad22-1c0a10a02a23", + "name": "Report file in selected format. CSV by default.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Output format of the requested report file", + "type": "text/plain" + }, + "key": "fileFormat", + "value": "csv" + }, + { + "disabled": true, + "description": { + "content": "preferred Report file name, by default will be used report name from task result.", + "type": "text/plain" + }, + "key": "name", + "value": "Identities Details Report" + }, + { + "disabled": true, + "description": { + "content": "Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.", + "type": "text/plain" + }, + "key": "auditable", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/csv" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/csv" + }, + { + "disabled": true, + "description": { + "content": "The requested report's filename", + "type": "text/plain" + }, + "key": "Content-disposition", + "value": "attachment;filename=\\\"fileName\"" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "d619fe72-6ee6-46cf-9fbe-bcbfa7406c09", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Output format of the requested report file", + "type": "text/plain" + }, + "key": "fileFormat", + "value": "csv" + }, + { + "disabled": true, + "description": { + "content": "preferred Report file name, by default will be used report name from task result.", + "type": "text/plain" + }, + "key": "name", + "value": "Identities Details Report" + }, + { + "disabled": true, + "description": { + "content": "Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.", + "type": "text/plain" + }, + "key": "auditable", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d79e92d-83bf-4bee-b3f0-08ad4c33eded", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Output format of the requested report file", + "type": "text/plain" + }, + "key": "fileFormat", + "value": "csv" + }, + { + "disabled": true, + "description": { + "content": "preferred Report file name, by default will be used report name from task result.", + "type": "text/plain" + }, + "key": "name", + "value": "Identities Details Report" + }, + { + "disabled": true, + "description": { + "content": "Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.", + "type": "text/plain" + }, + "key": "auditable", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c02276ce-f91b-4b75-b7ed-db62e09057e2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Output format of the requested report file", + "type": "text/plain" + }, + "key": "fileFormat", + "value": "csv" + }, + { + "disabled": true, + "description": { + "content": "preferred Report file name, by default will be used report name from task result.", + "type": "text/plain" + }, + "key": "name", + "value": "Identities Details Report" + }, + { + "disabled": true, + "description": { + "content": "Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.", + "type": "text/plain" + }, + "key": "auditable", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cdefb589-5c7c-4e20-a80b-bc3e99460d7a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Output format of the requested report file", + "type": "text/plain" + }, + "key": "fileFormat", + "value": "csv" + }, + { + "disabled": true, + "description": { + "content": "preferred Report file name, by default will be used report name from task result.", + "type": "text/plain" + }, + "key": "name", + "value": "Identities Details Report" + }, + { + "disabled": true, + "description": { + "content": "Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.", + "type": "text/plain" + }, + "key": "auditable", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"

File Not Found - 404 Error

The requested file was not found.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "33495c81-aa9e-4cf1-b362-633f1ffd75a5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Output format of the requested report file", + "type": "text/plain" + }, + "key": "fileFormat", + "value": "csv" + }, + { + "disabled": true, + "description": { + "content": "preferred Report file name, by default will be used report name from task result.", + "type": "text/plain" + }, + "key": "name", + "value": "Identities Details Report" + }, + { + "disabled": true, + "description": { + "content": "Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.", + "type": "text/plain" + }, + "key": "auditable", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "93fdd9f4-8375-4feb-83c4-d8a20abcf65c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reports", + ":taskResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "(Required) Output format of the requested report file", + "type": "text/plain" + }, + "key": "fileFormat", + "value": "csv" + }, + { + "disabled": true, + "description": { + "content": "preferred Report file name, by default will be used report name from task result.", + "type": "text/plain" + }, + "key": "name", + "value": "Identities Details Report" + }, + { + "disabled": true, + "description": { + "content": "Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.", + "type": "text/plain" + }, + "key": "auditable", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Requestable Objects", + "description": "Use this API to implement requestable object functionality. \nWith this functionality in place, administrators can determine which access items can be requested with the [Access Request APIs](https://developer.sailpoint.com/docs/api/v3/access-requests/), along with their statuses. \nThis can be helpful for administrators who are implementing and customizing access request functionality as a way of checking which items are requestable as they are created, assigned, and made available.\n", + "item": [ + { + "id": "3bb0894f-316a-468d-a515-19fd3403c62d", + "name": "Requestable Objects List", + "request": { + "name": "Requestable Objects List", + "description": { + "content": "This endpoint returns a list of acccess items that that can be requested through the Access Request endpoints. Access items are marked with AVAILABLE, PENDING or ASSIGNED with respect to the identity provided using *identity-id* query param.\nAny authenticated token can call this endpoint to see their requestable access items. A token with ORG_ADMIN authority is required to call this endpoint to return a list of all of the requestable access items for the org or for another identity.", + "type": "text/plain" + }, + "url": { + "path": [ + "requestable-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only requestable objects for the specified identity.\n * Admin users can call this with any identity ID value.\n * Non-admin users can only specify *me* or pass their own identity ID value.\n * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "e7eab60924f64aa284175b9fa3309599" + }, + { + "disabled": true, + "description": { + "content": "Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.", + "type": "text/plain" + }, + "key": "types", + "value": "ROLE,ACCESS_PROFILE" + }, + { + "disabled": true, + "description": { + "content": "It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored.", + "type": "text/plain" + }, + "key": "term", + "value": "Finance Role" + }, + { + "disabled": true, + "description": { + "content": "Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.", + "type": "text/plain" + }, + "key": "statuses", + "value": "ASSIGNED,PENDING" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**\n", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ba860915-21ae-4925-a1ea-9d82c9d1aeb4", + "name": "List of requestable objects", + "originalRequest": { + "url": { + "path": [ + "requestable-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only requestable objects for the specified identity.\n * Admin users can call this with any identity ID value.\n * Non-admin users can only specify *me* or pass their own identity ID value.\n * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "e7eab60924f64aa284175b9fa3309599" + }, + { + "disabled": true, + "description": { + "content": "Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.", + "type": "text/plain" + }, + "key": "types", + "value": "ROLE,ACCESS_PROFILE" + }, + { + "disabled": true, + "description": { + "content": "It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored.", + "type": "text/plain" + }, + "key": "term", + "value": "Finance Role" + }, + { + "disabled": true, + "description": { + "content": "Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.", + "type": "text/plain" + }, + "key": "statuses", + "value": "ASSIGNED,PENDING" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**\n", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Applied Research Access\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Access to research information, lab results, and schematics.\",\n \"type\": \"ACCESS_PROFILE\",\n \"requestStatus\": \"AVAILABLE\",\n \"identityRequestId\": null,\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"requestCommentsRequired\": false\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"Applied Research Access\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Access to research information, lab results, and schematics.\",\n \"type\": \"ACCESS_PROFILE\",\n \"requestStatus\": \"AVAILABLE\",\n \"identityRequestId\": null,\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"5168015d32f890ca15812c9180835d2e\",\n \"name\": \"Alison Ferguso\",\n \"email\": \"alison.ferguso@identitysoon.com\"\n },\n \"requestCommentsRequired\": false\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5e38fded-82df-4bfb-bd9d-c7f283218003", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "requestable-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only requestable objects for the specified identity.\n * Admin users can call this with any identity ID value.\n * Non-admin users can only specify *me* or pass their own identity ID value.\n * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "e7eab60924f64aa284175b9fa3309599" + }, + { + "disabled": true, + "description": { + "content": "Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.", + "type": "text/plain" + }, + "key": "types", + "value": "ROLE,ACCESS_PROFILE" + }, + { + "disabled": true, + "description": { + "content": "It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored.", + "type": "text/plain" + }, + "key": "term", + "value": "Finance Role" + }, + { + "disabled": true, + "description": { + "content": "Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.", + "type": "text/plain" + }, + "key": "statuses", + "value": "ASSIGNED,PENDING" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**\n", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "672ee064-8b89-4885-8386-51fd3e8dfce4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "requestable-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only requestable objects for the specified identity.\n * Admin users can call this with any identity ID value.\n * Non-admin users can only specify *me* or pass their own identity ID value.\n * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "e7eab60924f64aa284175b9fa3309599" + }, + { + "disabled": true, + "description": { + "content": "Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.", + "type": "text/plain" + }, + "key": "types", + "value": "ROLE,ACCESS_PROFILE" + }, + { + "disabled": true, + "description": { + "content": "It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored.", + "type": "text/plain" + }, + "key": "term", + "value": "Finance Role" + }, + { + "disabled": true, + "description": { + "content": "Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.", + "type": "text/plain" + }, + "key": "statuses", + "value": "ASSIGNED,PENDING" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**\n", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "414bc32f-b893-4737-bac7-9e8c9e484b37", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "requestable-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only requestable objects for the specified identity.\n * Admin users can call this with any identity ID value.\n * Non-admin users can only specify *me* or pass their own identity ID value.\n * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "e7eab60924f64aa284175b9fa3309599" + }, + { + "disabled": true, + "description": { + "content": "Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.", + "type": "text/plain" + }, + "key": "types", + "value": "ROLE,ACCESS_PROFILE" + }, + { + "disabled": true, + "description": { + "content": "It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored.", + "type": "text/plain" + }, + "key": "term", + "value": "Finance Role" + }, + { + "disabled": true, + "description": { + "content": "Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.", + "type": "text/plain" + }, + "key": "statuses", + "value": "ASSIGNED,PENDING" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**\n", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9ddff683-4acd-46ee-88a5-4c078d6d561f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "requestable-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only requestable objects for the specified identity.\n * Admin users can call this with any identity ID value.\n * Non-admin users can only specify *me* or pass their own identity ID value.\n * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "e7eab60924f64aa284175b9fa3309599" + }, + { + "disabled": true, + "description": { + "content": "Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.", + "type": "text/plain" + }, + "key": "types", + "value": "ROLE,ACCESS_PROFILE" + }, + { + "disabled": true, + "description": { + "content": "It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored.", + "type": "text/plain" + }, + "key": "term", + "value": "Finance Role" + }, + { + "disabled": true, + "description": { + "content": "Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.", + "type": "text/plain" + }, + "key": "statuses", + "value": "ASSIGNED,PENDING" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**\n", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e322e824-5e3d-4936-90ed-3c9e7b6e62e9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "requestable-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If present, the value returns only requestable objects for the specified identity.\n * Admin users can call this with any identity ID value.\n * Non-admin users can only specify *me* or pass their own identity ID value.\n * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.", + "type": "text/plain" + }, + "key": "identity-id", + "value": "e7eab60924f64aa284175b9fa3309599" + }, + { + "disabled": true, + "description": { + "content": "Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.", + "type": "text/plain" + }, + "key": "types", + "value": "ROLE,ACCESS_PROFILE" + }, + { + "disabled": true, + "description": { + "content": "It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored.", + "type": "text/plain" + }, + "key": "term", + "value": "Finance Role" + }, + { + "disabled": true, + "description": { + "content": "Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.", + "type": "text/plain" + }, + "key": "statuses", + "value": "ASSIGNED,PENDING" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"bob\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**\n", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Role Insights", + "description": "", + "item": [ + { + "id": "57255d0e-2f58-4483-a372-ad39915eeb7a", + "name": "Generate insights for roles", + "request": { + "name": "Generate insights for roles", + "description": { + "content": "Submits a create role insights request to the role insights application. At this time there are no parameters. All business roles will be processed for the customer.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-insights", + "requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "a74bb139-8c1d-41df-837f-fef9c43c4abb", + "name": "Submitted a role insights generation request", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"c9aa02f7-86b0-4bc4-84bd-3116a6131e77\",\n \"createdDate\": \"2020-09-16T18:49:32.150Z\",\n \"lastGenerated\": \"2020-09-16T18:49:32.150Z\",\n \"numberOfUpdates\": 0,\n \"roleIds\": [\n \"2c91808e720e94f8017253287c0a44f4\",\n \"2c918087723ac2800172532191540e03\",\n \"2c9180986e4c8592016e6b15eaef447c\"\n ],\n \"status\": \"CREATED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c44f6889-6200-4846-baa0-e273c552f76d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6329cbbd-b548-4589-afe0-050030d3bed4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "63846b8e-ee05-47c5-9865-5291aba9ec38", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "338decd9-85c6-4746-9363-b17ae17cda3f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "392a87ad-80ce-4566-8144-e383fcde273e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "28002306-4cad-449e-bc7a-000ecc1395a2", + "name": "Returns metadata from prior request.", + "request": { + "name": "Returns metadata from prior request.", + "description": { + "content": "This endpoint returns details of a prior role insights request. ", + "type": "text/plain" + }, + "url": { + "path": [ + "role-insights", + "requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The role insights request id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "d17fb2a9-6c07-4482-9571-08a8c7f58e0d", + "name": "Succeeded. Returns details of an earlier role insights request.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"c9aa02f7-86b0-4bc4-84bd-3116a6131e77\",\n \"createdDate\": \"2020-09-16T18:49:32.150Z\",\n \"lastGenerated\": \"2020-09-16T18:49:32.150Z\",\n \"numberOfUpdates\": 0,\n \"roleIds\": [\n \"2c91808e720e94f8017253287c0a44f4\",\n \"2c918087723ac2800172532191540e03\",\n \"2c9180986e4c8592016e6b15eaef447c\"\n ],\n \"status\": \"CREATED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7de52df-a926-46eb-88cf-b42c7f11c498", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9beb643f-e20f-4612-8096-2f69903e2892", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7cf6ff72-0807-4b02-bff6-5d9f9c8faaed", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc70d031-0ac9-403f-a771-7d6c6df5cb50", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2458e60b-69ea-4892-b1be-6a5a0b6e3d31", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "requests", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "71a3b5c0-1744-46e1-a0b5-159b231a55fd", + "name": "Get role insights summary information", + "request": { + "name": "Get role insights summary information", + "description": { + "content": "This method returns high level summary information for role insights for a customer.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-insights", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c731a341-04f0-44f3-8d34-95059fd881f0", + "name": "Succeeded. Returns high level counts.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"numberOfUpdates\": -76808129,\n \"lastGenerated\": \"2020-05-19T13:49:37.385Z\",\n \"entitlementsIncludedInRoles\": 45,\n \"totalNumberOfEntitlements\": 250,\n \"identitiesWithAccessViaRoles\": 550,\n \"totalNumberOfIdentities\": 980\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8699ea29-ed7e-44ec-9ea2-844b5f4dd8f8", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5b05ba94-8ee6-4fac-8ba0-e0feb787fad7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0b6dee30-6bcb-41f5-a8f3-a4923b85e8c0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3d4bc640-03fe-46e6-a569-92de4a008b11", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b7556e8b-57fc-42bc-9a55-f6048a00f15a", + "name": "Get role insights", + "request": { + "name": "Get role insights", + "description": { + "content": "This method returns detailed role insights for each role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-insights" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities**", + "type": "text/plain" + }, + "key": "sorters", + "value": "numberOfUpdates" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**ownerName**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"John\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f461f08a-3a98-4420-b5ad-f554c8d9d971", + "name": "Succeeded. Returns a list of roles with information about insights for each role.", + "originalRequest": { + "url": { + "path": [ + "role-insights" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities**", + "type": "text/plain" + }, + "key": "sorters", + "value": "numberOfUpdates" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**ownerName**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"John\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"1467e61e-f284-439c-ba2d-c6cc11cf0941\",\n \"numberOfUpdates\": 5,\n \"createdDate\": \"1944-10-29T23:54:51.427Z\",\n \"modifiedDate\": \"2020-05-19T13:49:37.385Z\",\n \"role\": {\n \"name\": \"Software Engineer\",\n \"id\": \"1467e61e-f284-439c-ba2d-c6cc11cf0941\",\n \"description\": \"Person who develops software\",\n \"ownerName\": \"Bob\",\n \"ownerId\": \"1467e61e-f284-439c-ba2d-c6cc11cf0941\"\n },\n \"insight\": {\n \"type\": \"ADD\",\n \"identitiesWithAccess\": 850,\n \"identitiesImpacted\": 150,\n \"totalNumberOfIdentities\": 1000,\n \"impactedIdentityNames\": \"culpa magna ea enim consequat\"\n }\n },\n {\n \"id\": \"1467e61e-f284-439c-ba2d-c6cc11cf0941\",\n \"numberOfUpdates\": 5,\n \"createdDate\": \"2010-05-05T17:43:34.962Z\",\n \"modifiedDate\": \"2020-05-19T13:49:37.385Z\",\n \"role\": {\n \"name\": \"Software Engineer\",\n \"id\": \"1467e61e-f284-439c-ba2d-c6cc11cf0941\",\n \"description\": \"Person who develops software\",\n \"ownerName\": \"Bob\",\n \"ownerId\": \"1467e61e-f284-439c-ba2d-c6cc11cf0941\"\n },\n \"insight\": {\n \"type\": \"ADD\",\n \"identitiesWithAccess\": 850,\n \"identitiesImpacted\": 150,\n \"totalNumberOfIdentities\": 1000,\n \"impactedIdentityNames\": \"qui dolor\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b370aa45-378d-48f9-8592-d55e47a67d05", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-insights" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities**", + "type": "text/plain" + }, + "key": "sorters", + "value": "numberOfUpdates" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**ownerName**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"John\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8dbd5bd7-001d-483a-951a-0380d2780a12", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-insights" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities**", + "type": "text/plain" + }, + "key": "sorters", + "value": "numberOfUpdates" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**ownerName**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"John\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7a1c9c4-a8e5-4697-bde0-03a860b94bb5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-insights" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities**", + "type": "text/plain" + }, + "key": "sorters", + "value": "numberOfUpdates" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**ownerName**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"John\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af2bdb6d-1137-4ab8-8a66-3dc3278241b9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-insights" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities**", + "type": "text/plain" + }, + "key": "sorters", + "value": "numberOfUpdates" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**ownerName**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"John\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7a8f9cfd-a4d0-410d-8230-f14451eb71ec", + "name": "Get a single role insight", + "request": { + "name": "Get a single role insight", + "description": { + "content": "This endpoint gets role insights information for a role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-insights", + ":insightId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "insightId", + "disabled": true, + "description": { + "content": "(Required) The role insight id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "1a946b35-b465-4987-b01e-5af82e545fce", + "name": "Succeeded. Returns information about insights for a single role.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"1467e61e-f284-439c-ba2d-c6cc11cf0941\",\n \"numberOfUpdates\": 5,\n \"createdDate\": \"1974-12-22T23:28:11.044Z\",\n \"modifiedDate\": \"2020-05-19T13:49:37.385Z\",\n \"role\": {\n \"name\": \"Software Engineer\",\n \"id\": \"1467e61e-f284-439c-ba2d-c6cc11cf0941\",\n \"description\": \"Person who develops software\",\n \"ownerName\": \"Bob\",\n \"ownerId\": \"1467e61e-f284-439c-ba2d-c6cc11cf0941\"\n },\n \"insight\": {\n \"type\": \"ADD\",\n \"identitiesWithAccess\": 850,\n \"identitiesImpacted\": 150,\n \"totalNumberOfIdentities\": 1000,\n \"impactedIdentityNames\": \"tem\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "83878600-969c-4e58-87bd-2d3c13d8c419", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cd8d9811-151f-4406-9542-b8caf5b23b6a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d0cdea90-5650-47e4-b854-ac400ffc60d4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bab0acf5-93f5-4f58-a86d-aacc7301f69d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "369b7241-e370-4843-b562-e4693cb06a73", + "name": "Get entitlement insights for a role", + "request": { + "name": "Get entitlement insights for a role", + "description": { + "content": "This endpoint returns entitlement insights for a role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Admin\"" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "insightId", + "disabled": true, + "description": { + "content": "(Required) The role insight id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c2424201-0c36-435e-a291-b6cfb217ff57", + "name": "Succeeded. Returns a list of entitlements to be added for a role.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Admin\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"nostrud\",\n \"id\": \"in occaecat exercitation\",\n \"description\": \"in nisi tempor\",\n \"attribute\": \"reprehenderit sed commodo\",\n \"value\": \"quis do ad in officia\",\n \"source\": \"qui\",\n \"insight\": {\n \"type\": \"ADD\",\n \"identitiesWithAccess\": 850,\n \"identitiesImpacted\": 150,\n \"totalNumberOfIdentities\": 1000,\n \"impactedIdentityNames\": \"Lorem\"\n }\n },\n {\n \"name\": \"eu ut reprehenderit eiusmod\",\n \"id\": \"sint nisi\",\n \"description\": \"labore\",\n \"attribute\": \"culpa fugiat tempor\",\n \"value\": \"nisi ipsum consectetur consequat\",\n \"source\": \"aliquip Ut id est anim\",\n \"insight\": {\n \"type\": \"ADD\",\n \"identitiesWithAccess\": 850,\n \"identitiesImpacted\": 150,\n \"totalNumberOfIdentities\": 1000,\n \"impactedIdentityNames\": \"aute et enim labore\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d49b84e9-afaa-419d-8bf9-ae3ba6c73db9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Admin\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6577218f-e725-4516-ad6b-de96fe3815b4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Admin\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d8a6ba18-eeaa-4350-b30a-7729edfa4c75", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Admin\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d849f54-2f44-4576-a4f0-3fb13203e52f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "irure nisi et dolore aliqua" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Admin\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b63ffe1d-e35b-49d1-a271-09d2eb25ce7c", + "name": "Download entitlement insights for a role", + "request": { + "name": "Download entitlement insights for a role", + "description": { + "content": "This endpoint returns the entitlement insights for a role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess**\n\nThe default sort is **identitiesWithAccess** in descending order.", + "type": "text/plain" + }, + "key": "sorters", + "value": "identitiesWithAccess" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "insightId", + "disabled": true, + "description": { + "content": "(Required) The role insight id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "text/csv" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "54021bda-cdfe-4ce4-ac47-da24f49f713f", + "name": "Succeeded. Returns a csv file containing a list of entitlements to be added for a role.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess**\n\nThe default sort is **identitiesWithAccess** in descending order.", + "type": "text/plain" + }, + "key": "sorters", + "value": "identitiesWithAccess" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "text/csv" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "text/csv" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "484ed5b8-986f-4b31-b26b-b6d1035bcdfc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess**\n\nThe default sort is **identitiesWithAccess** in descending order.", + "type": "text/plain" + }, + "key": "sorters", + "value": "identitiesWithAccess" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4b3dace8-6a89-4edc-90e0-88120c5368c5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess**\n\nThe default sort is **identitiesWithAccess** in descending order.", + "type": "text/plain" + }, + "key": "sorters", + "value": "identitiesWithAccess" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b78ee993-67e9-46b5-910e-7cd360392f78", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess**\n\nThe default sort is **identitiesWithAccess** in descending order.", + "type": "text/plain" + }, + "key": "sorters", + "value": "identitiesWithAccess" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eef46791-b00f-47cb-88a3-02bb671fe72a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **identitiesWithAccess**\n\nThe default sort is **identitiesWithAccess** in descending order.", + "type": "text/plain" + }, + "key": "sorters", + "value": "identitiesWithAccess" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "187c9b2d-0896-4cd1-8d7b-66e36c20dc45", + "name": "Get current entitlement for a role", + "request": { + "name": "Get current entitlement for a role", + "description": { + "content": "This endpoint gets the entitlements for a role. The term \"current\" is to distinguish from the entitlement(s) an insight might recommend adding.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-insights", + ":insightId", + "current-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "insightId", + "disabled": true, + "description": { + "content": "(Required) The role insight id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "512c4844-9492-454f-9dc2-1424a597b6c5", + "name": "Succeeded. Returns a list of current or pre-existing entitlements for a role.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "current-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"Administrator\",\n \"description\": \"Full administrative access to IdentityNow\",\n \"source\": \"IdentityNow\",\n \"attribute\": \"assignedGroups\",\n \"value\": \"ORG_ADMIN\"\n },\n {\n \"name\": \"Administrator\",\n \"description\": \"Full administrative access to IdentityNow\",\n \"source\": \"IdentityNow\",\n \"attribute\": \"assignedGroups\",\n \"value\": \"ORG_ADMIN\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a79bf09-79d0-42dd-8443-98b86b7ed465", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "current-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5e01e4bd-350b-4908-81b7-4d220b702e0c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "current-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b00eaaf8-c1e0-4f94-866e-fc8db3420728", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "current-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5b84d408-d5cb-41a9-b1af-b828b152c427", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "current-entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*\n\n**description**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"r\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "dc5d1cb7-3d2e-4226-85b0-75981077679c", + "name": "Get identities for a suggested entitlement (for a role)", + "request": { + "name": "Get identities for a suggested entitlement (for a role)", + "description": { + "content": "Role insights suggests entitlements to be added for a role. This endpoint returns a list of identities in the role, with or without the entitlements, for a suggested entitlement so that the user can see which identities would be affected if the suggested entitlement were to be added to the role.", + "type": "text/plain" + }, + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + ":entitlementId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Identity has this entitlement or not", + "type": "text/plain" + }, + "key": "hasEntitlement", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Jan\"" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "insightId", + "disabled": true, + "description": { + "content": "(Required) The role insight id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "entitlementId", + "disabled": true, + "description": { + "content": "(Required) The entitlement id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a15a9ced-e9fc-4f64-a539-e4157389e70f", + "name": "Succeeded. Returns a list of identities with or without the entitlement.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + ":entitlementId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Identity has this entitlement or not", + "type": "text/plain" + }, + "key": "hasEntitlement", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Jan\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"Adam Smith\",\n \"attributes\": {\n \"department\": \"Human Resources-tah-mgb-dnd\",\n \"firstName\": \"Adam\",\n \"jobTitle\": \"Sales Analyst\",\n \"location\": \"Mexico\"\n }\n },\n {\n \"name\": \"Adam Smith\",\n \"attributes\": {\n \"department\": \"Human Resources-tah-mgb-dnd\",\n \"firstName\": \"Adam\",\n \"jobTitle\": \"Sales Analyst\",\n \"location\": \"Mexico\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bce298d7-9e9d-4655-8aba-2741d051dc7e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + ":entitlementId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Identity has this entitlement or not", + "type": "text/plain" + }, + "key": "hasEntitlement", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Jan\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "84044940-6b84-42c6-ae97-bce2a9559897", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + ":entitlementId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Identity has this entitlement or not", + "type": "text/plain" + }, + "key": "hasEntitlement", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Jan\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "46eebd61-0255-45dc-9a39-f12afd4f289e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + ":entitlementId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Identity has this entitlement or not", + "type": "text/plain" + }, + "key": "hasEntitlement", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Jan\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9d94abbb-13db-4126-822b-a079bd07b085", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "role-insights", + ":insightId", + "entitlement-changes", + ":entitlementId", + "identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Identity has this entitlement or not", + "type": "text/plain" + }, + "key": "hasEntitlement", + "value": "false" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**name**: *sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw \"Jan\"" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Roles", + "description": "Use this API to implement and customize role functionality.\nWith this functionality in place, administrators can create roles and configure them for use throughout Identity Security Cloud. \nIdentity Security Cloud can use established criteria to automatically assign the roles to qualified users. This enables users to get all the access they need quickly and securely and administrators to spend their time on other tasks.\n\nEntitlements represent the most granular level of access in Identity Security Cloud. \nAccess profiles represent the next level and often group entitlements. \nRoles represent the broadest level of access and often group access profiles. \n\nFor example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization.\n\nAn administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement.\n\nAn administrator can then create an even broader set of access in the form of a role grouping the 'AD Developers' access profile with another profile, 'GitHub Developers,' grouping entitlements for the GitHub source.\n\nWhen users only need Active Directory employee access, they can request access to the 'Employees' entitlement.\n\nWhen users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile.\n\nWhen users need both the 'AD Developers' access profile and the 'GitHub Developers' access profile, they can request access to the role grouping both. \n\nRoles often represent positions within organizations. \nFor example, an organization's accountant can access all the tools the organization's accountants need with the 'Accountant' role. \nIf the accountant switches to engineering, a qualified member of the organization can quickly revoke the accountant's 'Accountant' access and grant access to the 'Engineer' role instead, granting access to all the tools the organization's engineers need.\n\nIn Identity Security Cloud, adminstrators can use the Access drop-down menu and select Roles to view, configure, and delete existing roles, as well as create new ones. \nAdministrators can enable and disable the role, and they can also make the following configurations: \n\n- Manage Access: Manage the role's access by adding or removing access profiles.\n\n- Define Assignment: Define the criteria Identity Security Cloud uses to assign the role to identities. \nUse the first option, 'Standard Criteria,' to provide specific criteria for assignment like specific account attributes, entitlements, or identity attributes. \nUse the second, 'Identity List,' to specify the identities for assignment.\n\n- Access Requests: Configure roles to be requestable and establish an approval process for any requests that the role be granted or revoked. \nDo not configure a role to be requestable without establishing a secure access request approval process for that role first. \n\nRefer to [Working with Roles](https://documentation.sailpoint.com/saas/help/access/roles.html) for more information about roles.\n", + "item": [ + { + "id": "1c7fa1ce-2e9e-4aee-a276-3c90c9ff2c2c", + "name": "List Roles", + "request": { + "name": "List Roles", + "description": { + "content": "This API returns a list of Roles.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "5168015d32f890ca15812c9180835d2e" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "requestable eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "9f5f1952-4e67-4622-96de-27a6d476c9fd", + "name": "List of Roles", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "5168015d32f890ca15812c9180835d2e" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "requestable eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"voluptate consectetur\"\n },\n {\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": false,\n \"dimensionRefs\": \"magna veli\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0d49b02d-1c27-48d5-8036-6d45f4b6b2ac", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "5168015d32f890ca15812c9180835d2e" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "requestable eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "13789c48-2eb1-4dab-be5d-baadd9202bd4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "5168015d32f890ca15812c9180835d2e" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "requestable eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "33e3dca9-0602-4419-987d-9a7c61b30bd4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "5168015d32f890ca15812c9180835d2e" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "requestable eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb843621-313e-4a26-829c-705aee516ab0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "5168015d32f890ca15812c9180835d2e" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "requestable eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "616e3b44-6140-408f-83df-352539a9454f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "5168015d32f890ca15812c9180835d2e" + }, + { + "disabled": true, + "description": { + "content": "Note that for this API the maximum value for limit is 50.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "50" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**requestable**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "requestable eq false" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + }, + { + "disabled": true, + "description": { + "content": "If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.\n\nIf segmentation is currently unavailable, specifying this parameter results in an error.", + "type": "text/plain" + }, + "key": "for-segment-ids", + "value": "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" + }, + { + "disabled": true, + "description": { + "content": "Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.", + "type": "text/plain" + }, + "key": "include-unsegmented", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f1653803-fc1b-4ca8-bbcc-5c3be68e1cfd", + "name": "Create a Role", + "request": { + "name": "Create a Role", + "description": { + "content": "This API creates a role.\n\nYou must have a token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority to call this API. \n\nIn addition, a ROLE_SUBADMIN may not create a role including an access profile if that access profile is associated with a source the ROLE_SUBADMIN is not associated with themselves. \n\nThe maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles. However, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.", + "type": "text/plain" + }, + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "e1bbec81-8122-463b-a4f0-42898ab45102", + "name": "Role created", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6acd5037-b91b-4269-93a0-3b314f86e835", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "040240b6-53eb-40a6-b478-604066d75fd2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a4a4601-c13f-4d36-9fc4-e8c83e83f8a7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "33bb4118-56f5-469c-96c5-22ceab0b26f4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "888716b8-2c3a-4f43-85c6-d1c8c107b239", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "roles" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "aba8bc70-4c01-42bf-94ac-2dd45961ae9a", + "name": "Get a Role", + "request": { + "name": "Get a Role", + "description": { + "content": "This API returns a Role by its ID.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.", + "type": "text/plain" + }, + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121e121518", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Role", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "cd06c75d-a84e-4496-9bd5-c1f0a0328d19", + "name": "List of all Roles", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "09991256-1e0e-4254-8937-7c9a6d904731", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "95f1e04b-c2a6-4f45-81b7-e108693305e2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "27c7384a-14be-44ed-8236-c6c0ff56229c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ff163d1-6aa5-4f22-82a7-240a61ed0e83", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "414c508c-90a0-4db8-b9c6-ad6b70026091", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9cbf7a5a-dd16-4a2d-a4f5-0b7b1b18be2b", + "name": "Patch a specified Role", + "request": { + "name": "Patch a specified Role", + "description": { + "content": "This API updates an existing role using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.\n\nThe following fields are patchable:\n\n* name\n* description\n* enabled\n* owner\n* accessProfiles\n* membership\n* requestable\n* accessRequestConfig\n* revokeRequestConfig\n* segments\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.\n\nThe maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.\n\nWhen you use this API to modify a role's membership identities, you can only modify up to a limit of 500 membership identities at a time. ", + "type": "text/plain" + }, + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121e121518", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Role to patch", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "aeba7aee-9191-47c9-bb9f-39674782ad4b", + "name": "Make a Role Requestable and Enable it in One Call", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "68181f32-8602-437a-8792-95fc34ba021c", + "name": "Assign a Role to a Segment", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "580d9b7e-ac4c-4e43-aa05-10eae6a85e91", + "name": "Set the Membership Selection Criteria to a List of Identities", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"IDENTITY_LIST\",\n \"identities\": [\n {\n \"id\": \"2c91808973fe906c0174262092014ed9\"\n },\n {\n \"id\": \"2c918086262092014ed94fb8a47612f3\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8fa6ad58-99b5-41fd-84cc-1c734aa102c4", + "name": "Set the Membership Selection Criteria to a Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"STANDARD\",\n \"criteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ENTITLEMENT\",\n \"property\": \"attribute.memberOf\",\n \"sourceId\": \"2c9180887701fb2014213e122092014e\"\n },\n \"stringValue\": \"Engineering\"\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8261103f-4a86-4aa4-bcd9-00c72777f174", + "name": "Add a New Clause as the Child of an Existing Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/membership/criteria/children/-\",\n \"value\": {\n \"operation\": \"ENDS_WITH\",\n \"key\": {\n \"type\": \"IDENTITY\",\n \"property\": \"attribute.email\"\n },\n \"stringValue\": \"@identitynow.com\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Role 2567\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"id\": \"2c918086749d78830174a1a40e121518\",\n \"created\": \"2021-03-01T22:32:58.104Z\",\n \"modified\": \"2021-03-02T20:22:28.104Z\",\n \"description\": \"Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.\",\n \"accessProfiles\": [\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n },\n {\n \"id\": \"ff808081751e6e129f1518161919ecca\",\n \"type\": \"ACCESS_PROFILE\",\n \"name\": \"Access Profile 2567\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c91809773dee32014e13e122092014e\",\n \"name\": \"CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local\"\n }\n ],\n \"membership\": {\n \"type\": \"IDENTITY_LIST\",\n \"criteria\": {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n },\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ACCOUNT\",\n \"property\": \"attribute.email\",\n \"sourceId\": \"2c9180867427f3a301745aec18211519\"\n },\n \"stringValue\": \"carlee.cert1c9f9b6fd@mailinator.com\"\n }\n ]\n }\n ]\n },\n \"identities\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\",\n \"aliasName\": \"t.edison\"\n }\n ]\n },\n \"legacyMembershipInfo\": {\n \"type\": \"IDENTITY_LIST\"\n },\n \"enabled\": true,\n \"requestable\": true,\n \"accessRequestConfig\": {\n \"commentsRequired\": true,\n \"denialCommentsRequired\": true,\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"46c79819-a69f-49a2-becb-12c971ae66c6\"\n }\n ]\n },\n \"revocationRequestConfig\": null,\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"dimensional\": true,\n \"dimensionRefs\": \"officia ut occaecat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c131b2c-f77a-40ab-b00f-24057a0aec54", + "name": "Make a Role Requestable and Enable it in One Call", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "67f0ba9b-1aef-4545-bbc8-e78b1b21aa6d", + "name": "Assign a Role to a Segment", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e6b45ea-ea2c-410f-a3cf-a2a116bf18a6", + "name": "Set the Membership Selection Criteria to a List of Identities", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"IDENTITY_LIST\",\n \"identities\": [\n {\n \"id\": \"2c91808973fe906c0174262092014ed9\"\n },\n {\n \"id\": \"2c918086262092014ed94fb8a47612f3\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d3f197b-b7c5-45c0-aa0b-8ff3543b14a5", + "name": "Set the Membership Selection Criteria to a Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"STANDARD\",\n \"criteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ENTITLEMENT\",\n \"property\": \"attribute.memberOf\",\n \"sourceId\": \"2c9180887701fb2014213e122092014e\"\n },\n \"stringValue\": \"Engineering\"\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "149919d4-27e8-4c5d-b0ed-2e345ae5a530", + "name": "Add a New Clause as the Child of an Existing Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/membership/criteria/children/-\",\n \"value\": {\n \"operation\": \"ENDS_WITH\",\n \"key\": {\n \"type\": \"IDENTITY\",\n \"property\": \"attribute.email\"\n },\n \"stringValue\": \"@identitynow.com\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bf20e824-4cbd-4be2-8d78-10edc561c789", + "name": "Make a Role Requestable and Enable it in One Call", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "21aa0ab3-aa43-46f9-b819-03ebe7b450be", + "name": "Assign a Role to a Segment", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc699cc4-ff1c-489f-aa00-d847235999c5", + "name": "Set the Membership Selection Criteria to a List of Identities", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"IDENTITY_LIST\",\n \"identities\": [\n {\n \"id\": \"2c91808973fe906c0174262092014ed9\"\n },\n {\n \"id\": \"2c918086262092014ed94fb8a47612f3\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce554362-e97a-4dce-b2d4-3e78bde648a3", + "name": "Set the Membership Selection Criteria to a Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"STANDARD\",\n \"criteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ENTITLEMENT\",\n \"property\": \"attribute.memberOf\",\n \"sourceId\": \"2c9180887701fb2014213e122092014e\"\n },\n \"stringValue\": \"Engineering\"\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b2dd5672-5c38-4479-8ad3-5974feaceb90", + "name": "Add a New Clause as the Child of an Existing Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/membership/criteria/children/-\",\n \"value\": {\n \"operation\": \"ENDS_WITH\",\n \"key\": {\n \"type\": \"IDENTITY\",\n \"property\": \"attribute.email\"\n },\n \"stringValue\": \"@identitynow.com\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3d73eac8-92b8-48b0-870a-6215ab14bf10", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3709caaf-bff2-44db-b80f-10478e3c899a", + "name": "Assign a Role to a Segment", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "78bf234d-5c38-47e7-9c01-157a1b492e9e", + "name": "Set the Membership Selection Criteria to a List of Identities", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"IDENTITY_LIST\",\n \"identities\": [\n {\n \"id\": \"2c91808973fe906c0174262092014ed9\"\n },\n {\n \"id\": \"2c918086262092014ed94fb8a47612f3\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1924369c-0c45-41a8-bad5-089fb4b3c561", + "name": "Set the Membership Selection Criteria to a Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"STANDARD\",\n \"criteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ENTITLEMENT\",\n \"property\": \"attribute.memberOf\",\n \"sourceId\": \"2c9180887701fb2014213e122092014e\"\n },\n \"stringValue\": \"Engineering\"\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4bd09815-0f21-407a-8cc4-1f55825b3c02", + "name": "Add a New Clause as the Child of an Existing Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/membership/criteria/children/-\",\n \"value\": {\n \"operation\": \"ENDS_WITH\",\n \"key\": {\n \"type\": \"IDENTITY\",\n \"property\": \"attribute.email\"\n },\n \"stringValue\": \"@identitynow.com\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "61ae303e-e39b-4c78-9885-acf3c00a99ed", + "name": "Make a Role Requestable and Enable it in One Call", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "245191f8-2caa-4979-bd54-6df7e5f51304", + "name": "Assign a Role to a Segment", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a0eb664-9840-4cde-b32e-7b1410bf4d82", + "name": "Set the Membership Selection Criteria to a List of Identities", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"IDENTITY_LIST\",\n \"identities\": [\n {\n \"id\": \"2c91808973fe906c0174262092014ed9\"\n },\n {\n \"id\": \"2c918086262092014ed94fb8a47612f3\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "97be608a-dc41-4db6-b194-6604b8a7ffec", + "name": "Set the Membership Selection Criteria to a Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"STANDARD\",\n \"criteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ENTITLEMENT\",\n \"property\": \"attribute.memberOf\",\n \"sourceId\": \"2c9180887701fb2014213e122092014e\"\n },\n \"stringValue\": \"Engineering\"\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1054f4e6-3904-4ca4-91e1-60855e450b20", + "name": "Add a New Clause as the Child of an Existing Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/membership/criteria/children/-\",\n \"value\": {\n \"operation\": \"ENDS_WITH\",\n \"key\": {\n \"type\": \"IDENTITY\",\n \"property\": \"attribute.email\"\n },\n \"stringValue\": \"@identitynow.com\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1b4825a-78a8-4fef-8398-f6b9bbaadb28", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/requestable\",\n \"value\": true\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": true\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d4b0b6b8-e6ee-42c6-bef0-f63f84a1460d", + "name": "Assign a Role to a Segment", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/segments/-\",\n \"value\": \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6ed8f9ba-6609-4965-a12c-55468d8f6207", + "name": "Set the Membership Selection Criteria to a List of Identities", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"IDENTITY_LIST\",\n \"identities\": [\n {\n \"id\": \"2c91808973fe906c0174262092014ed9\"\n },\n {\n \"id\": \"2c918086262092014ed94fb8a47612f3\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47dc895f-8b7d-471c-9b99-cdd81a47de4a", + "name": "Set the Membership Selection Criteria to a Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/membership\",\n \"value\": {\n \"type\": \"STANDARD\",\n \"criteria\": {\n \"operation\": \"OR\",\n \"children\": [\n {\n \"operation\": \"EQUALS\",\n \"key\": {\n \"type\": \"ENTITLEMENT\",\n \"property\": \"attribute.memberOf\",\n \"sourceId\": \"2c9180887701fb2014213e122092014e\"\n },\n \"stringValue\": \"Engineering\"\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49f3dc3a-9894-42ba-aab4-10f0999b0c5f", + "name": "Add a New Clause as the Child of an Existing Standard Expression", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/membership/criteria/children/-\",\n \"value\": {\n \"operation\": \"ENDS_WITH\",\n \"key\": {\n \"type\": \"IDENTITY\",\n \"property\": \"attribute.email\"\n },\n \"stringValue\": \"@identitynow.com\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e125ca83-5b3d-44a4-8813-c8f0261e5838", + "name": "Delete a Role", + "request": { + "name": "Delete a Role", + "description": { + "content": "This API deletes a Role by its ID.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.", + "type": "text/plain" + }, + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121e121518", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Role", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "5bc29faf-402b-4347-8514-6f6d008b64dc", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "44ea8f73-b604-4f14-b891-2ecdd8eb3c7d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57dbd6b5-c1af-4d7c-a5e2-6927309d9475", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c86fc37e-414b-4d39-b667-e5dbb03e4df2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be3ccd8c-06ac-430f-b09b-3153d77addf7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "88f4fa46-bdaf-41c2-8b86-96a98a8b0d62", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "97472c90-1cee-4607-a6f0-90cbb2d3f3e9", + "name": "Delete Role(s)", + "request": { + "name": "Delete Role(s)", + "description": { + "content": "This endpoint initiates a bulk deletion of one or more roles.\nWhen the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information. \nThis endpoint can only bulk delete up to a limit of 50 roles per request. \nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this endpoint. In addition, a token with ROLE_SUBADMIN authority can only call this endpoint if all roles included in the request are associated with sources with management workgroups the ROLE_SUBADMIN is a member of.", + "type": "text/plain" + }, + "url": { + "path": [ + "roles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7cdc6a58-8e50-44c8-be61-c6401e2e36dd", + "name": "Returns an object with the id of the task performing the delete operation.", + "originalRequest": { + "url": { + "path": [ + "roles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"TASK_RESULT\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": null\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e17e4205-d6f1-445a-a571-2d60950cc0ef", + "name": "400.1 Bad Request Content", + "originalRequest": { + "url": { + "path": [ + "roles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"1ea1adcb84da4dcb890145e05745774e\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "adea2e3d-a00c-4384-8aef-c51d097f66e9", + "name": "400.1 Role ids limit violation", + "originalRequest": { + "url": { + "path": [ + "roles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"77aa89ac6f0e422dbc588866abc22be9\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"roleIds count exceeded max limit of 50 for bulk-delete.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f1ebd3d2-fe37-4a09-a7b2-0c03fa97d54d", + "name": "400.1.404 Referenced object not found", + "originalRequest": { + "url": { + "path": [ + "roles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1.404 Referenced object not found\",\n \"trackingId\": \"77aa89ac6f0e422dbc588866abc22be9\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"Referenced roleIds [\\\"2c91808876438bb2017668b91919ecca\\\"] was not found.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9c94d958-10b9-4533-b834-70316c8b41e0", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "roles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a75e1099-87cd-4bae-8aac-fd7c73644c62", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "roles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "829246f5-4d64-457c-9df2-94a0b1567830", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "roles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c0abd8c-e278-4d8b-9524-d2d93ed3fcae", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "roles", + "bulk-delete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"roleIds\": [\n \"2c91808876438bb2017668b91919ecca\",\n \"2c91808876438ba801766e129f151816\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "474ea3ec-0740-4ca0-b976-c34759cff5e1", + "name": "List Identities assigned a Role", + "request": { + "name": "List Identities assigned a Role", + "description": {}, + "url": { + "path": [ + "roles", + ":id", + "assigned-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**aliasName**: *eq, sw*\n\n**email**: *eq, sw*\n\n**name**: *eq, sw, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw Joe" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, aliasName, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "aliasName,name" + } + ], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121e121518", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Role for which the assigned Identities are to be listed", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2b386bef-a615-4b91-9b55-11abf14e7220", + "name": "List of Identities assigned the Role", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "assigned-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**aliasName**: *eq, sw*\n\n**email**: *eq, sw*\n\n**name**: *eq, sw, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw Joe" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, aliasName, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "aliasName,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"aliasName\": \"t.edison\",\n \"name\": \"Thomas Edison\",\n \"email\": \"t.edison@identitynow.com\",\n \"roleAssignmentSource\": \"ACCESS_REQUEST\"\n },\n {\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"aliasName\": \"t.edison\",\n \"name\": \"Thomas Edison\",\n \"email\": \"t.edison@identitynow.com\",\n \"roleAssignmentSource\": \"ACCESS_REQUEST\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3a9fe8b6-3318-4475-ab07-d6f5dadbc7e0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "assigned-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**aliasName**: *eq, sw*\n\n**email**: *eq, sw*\n\n**name**: *eq, sw, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw Joe" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, aliasName, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "aliasName,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "006df3ef-707d-4f4c-8b28-199f1c06217c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "assigned-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**aliasName**: *eq, sw*\n\n**email**: *eq, sw*\n\n**name**: *eq, sw, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw Joe" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, aliasName, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "aliasName,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e8d4e80c-6828-4f6b-834b-5f88397cb84e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "assigned-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**aliasName**: *eq, sw*\n\n**email**: *eq, sw*\n\n**name**: *eq, sw, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw Joe" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, aliasName, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "aliasName,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e1982e9d-515b-4db9-861b-c1acc65d9894", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "assigned-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**aliasName**: *eq, sw*\n\n**email**: *eq, sw*\n\n**name**: *eq, sw, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw Joe" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, aliasName, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "aliasName,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a547500f-858e-45d4-8a68-7f9a17e79731", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "assigned-identities" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**aliasName**: *eq, sw*\n\n**email**: *eq, sw*\n\n**name**: *eq, sw, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "name sw Joe" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, aliasName, email**", + "type": "text/plain" + }, + "key": "sorters", + "value": "aliasName,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3d2fed7a-dd50-4a0c-90ba-a9c06b5a269f", + "name": "List role's Entitlements", + "request": { + "name": "List role's Entitlements", + "description": { + "content": "This API lists the Entitlements associated with a given role.\n\nA token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "roles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [ + { + "type": "any", + "value": "2c91808a7813090a017814121919ecca", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the containing role", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e54ee868-931c-4666-9135-3fb6420d46e5", + "name": "List of Entitlements", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c91808874ff91550175097daaec161c\",\n \"name\": \"LauncherTest2\",\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2020-10-08T18:33:52.029Z\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"sourceSchemaObjectType\": \"group\",\n \"privileged\": true,\n \"cloudGoverned\": true,\n \"description\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"requestable\": true,\n \"attributes\": {\n \"fieldName\": \"fieldValue\"\n },\n \"source\": {\n \"id\": \"2c9180827ca885d7017ca8ce28a000eb\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-Source\"\n },\n \"owner\": {\n \"id\": \"2a2fdacca5e345f18bf7970cfbb8fec2\",\n \"name\": \"identity 1\",\n \"type\": \"IDENTITY\"\n },\n \"directPermissions\": [\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n },\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n }\n ],\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"manuallyUpdatedFields\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n },\n \"accessModelMetadata\": {\n \"attributes\": [\n {\n \"key\": \"iscPrivacy\",\n \"name\": \"Privacy\",\n \"multiselect\": false,\n \"status\": \"active\",\n \"type\": \"governance\",\n \"objectTypes\": [\n \"all\"\n ],\n \"description\": \"Specifies the level of privacy associated with an access item.\",\n \"values\": [\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n }\n ]\n }\n ]\n }\n },\n {\n \"id\": \"2c91808874ff91550175097daaec161c\",\n \"name\": \"LauncherTest2\",\n \"created\": \"2020-10-08T18:33:52.029Z\",\n \"modified\": \"2020-10-08T18:33:52.029Z\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"sourceSchemaObjectType\": \"group\",\n \"privileged\": true,\n \"cloudGoverned\": true,\n \"description\": \"CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"requestable\": true,\n \"attributes\": {\n \"fieldName\": \"fieldValue\"\n },\n \"source\": {\n \"id\": \"2c9180827ca885d7017ca8ce28a000eb\",\n \"type\": \"SOURCE\",\n \"name\": \"ODS-AD-Source\"\n },\n \"owner\": {\n \"id\": \"2a2fdacca5e345f18bf7970cfbb8fec2\",\n \"name\": \"identity 1\",\n \"type\": \"IDENTITY\"\n },\n \"directPermissions\": [\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n },\n {\n \"rights\": [\n \"SELECT\",\n \"SELECT\"\n ],\n \"target\": \"SYS.GV_$TRANSACTION\"\n }\n ],\n \"segments\": [\n \"f7b1b8a3-5fed-4fd4-ad29-82014e137e19\",\n \"29cb6c06-1da8-43ea-8be4-b3125f248f2a\"\n ],\n \"manuallyUpdatedFields\": {\n \"DISPLAY_NAME\": true,\n \"DESCRIPTION\": true\n },\n \"accessModelMetadata\": {\n \"attributes\": [\n {\n \"key\": \"iscPrivacy\",\n \"name\": \"Privacy\",\n \"multiselect\": false,\n \"status\": \"active\",\n \"type\": \"governance\",\n \"objectTypes\": [\n \"all\"\n ],\n \"description\": \"Specifies the level of privacy associated with an access item.\",\n \"values\": [\n {\n \"value\": \"public\",\n \"name\": \"Public\",\n \"status\": \"active\"\n }\n ]\n }\n ]\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "031e6ed0-8590-477b-b611-0ec8ddf5ac91", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53cb77a1-240d-45e6-950f-ec4007c76804", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0b50701d-e86e-431c-b44c-bcb9cf556d7b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "08bdc2c5-0eb8-4eb7-b7d2-3e14fb287d5b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a19eb46-28b9-47f9-aec1-fde677023ebe", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "roles", + ":id", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, sw*\n\n**attribute**: *eq, sw*\n\n**value**: *eq, sw*\n\n**created**: *gt, lt, ge, le*\n\n**modified**: *gt, lt, ge, le*\n\n**owner.id**: *eq, in*\n\n**source.id**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "attribute eq \"memberOf\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, attribute, value, created, modified**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name,-modified" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Saved Search", + "description": "Use this API to implement saved search functionality. \nWith saved search functionality in place, users can save search queries and then view those saved searches, as well as rerun them. \n\nSearch queries in Identity Security Cloud can grow very long and specific, which can make reconstructing them difficult or tedious, so it can be especially helpful to save search queries. \nIt also opens the possibility to configure Identity Security Cloud to run the saved queries on a schedule, which is essential to detecting user information and access changes throughout an organization's tenant and across all its sources. \nRefer to [Scheduled Search](https://developer.sailpoint.com/docs/api/v3/scheduled-search/) for more information about running saved searches on a schedule. \n\nIn Identity Security Cloud, users can save searches under a name, and then they can access that saved search and run it again when they want. \n\nRefer to [Managing Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html) for more information about saving searches and using them.\n", + "item": [ + { + "id": "89663e7f-3692-4f4d-b544-dcae8f17eecb", + "name": "Create a saved search", + "request": { + "name": "Create a saved search", + "description": { + "content": "Creates a new saved search.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "e7846397-55de-40c2-9dfe-f2c2014d5e23", + "name": "The persisted saved search.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa341c68-2ae4-4d17-b8d7-89d0a88ece57", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af499692-bbd2-450c-9393-1f4c33828f26", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "69eaf52a-17c1-432e-a857-b77e8d9e5d63", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7625f4c0-7e08-4d9c-8902-a9f7ce03fee8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c7d20b05-6379-40cb-97c3-24519f3a0d20", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "dae284c6-2834-4c08-93ed-83f3c1448e65", + "name": "A list of Saved Searches", + "request": { + "name": "A list of Saved Searches", + "description": { + "content": "Returns a list of saved searches.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "owner.id eq \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c16a82dc-9961-4fd0-a4bf-b7f34031e175", + "name": "The list of requested saved searches.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "owner.id eq \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "[\n {\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n },\n {\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "00cd6d1c-c1d3-4bef-90f7-c42fbb94b8ee", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "owner.id eq \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ca34ae4a-d5cd-46e5-a05a-3db470662209", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "owner.id eq \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1adb0f28-5d57-4ee7-a07a-68ff10776312", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "owner.id eq \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a999ea5-ccc7-4442-8e46-582254a13cdc", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "owner.id eq \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d607f6ac-3c26-47b1-9eae-c22a6f644774", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "saved-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "owner.id eq \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a3d530f7-e857-4914-987f-d55a68aebfd0", + "name": "Updates an existing saved search\n", + "request": { + "name": "Updates an existing saved search\n", + "description": { + "content": "Updates an existing saved search. \n\n>**NOTE: You cannot update the `owner` of the saved search.**\n", + "type": "text/plain" + }, + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808568c529c60168cca6f90c1313", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the requested document.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "ed150e3e-9c65-49f3-b6fe-81192c61b8f5", + "name": "The persisted saved search.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f68eaa3c-f8eb-4928-b043-2ac998ceb759", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1beeaf5c-a608-4c5b-ade6-15d98b423a7e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9c8e9c16-eb7c-40d0-aacc-318ea6c6daa5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6395feab-7104-488e-a183-273bde6b95d5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1b870057-e2f3-46a6-91ad-fde8580bb298", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "257b21c8-fb3b-4c2c-a2ff-a156192d6173", + "name": "Return saved search by ID", + "request": { + "name": "Return saved search by ID", + "description": { + "content": "Returns the specified saved search.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808568c529c60168cca6f90c1313", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the requested document.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "96521de3-0933-4072-8200-7640010ad540", + "name": "The requested saved search.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": \"@accounts(disabled:true)\",\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"ownerId\": \"2c91808568c529c60168cca6f90c1313\",\n \"public\": false,\n \"name\": \"Disabled accounts\",\n \"description\": \"Disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"columns\": {\n \"identity\": [\n {\n \"field\": \"displayName\",\n \"header\": \"Display Name\"\n },\n {\n \"field\": \"e-mail\",\n \"header\": \"Work Email\"\n }\n ]\n },\n \"fields\": [\n \"disabled\"\n ],\n \"orderBy\": {\n \"identity\": [\n \"lastName\",\n \"firstName\"\n ],\n \"role\": [\n \"name\"\n ]\n },\n \"sort\": [\n \"displayName\"\n ],\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n },\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n },\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a553f409-9501-4e9c-a549-66c8ba5d8b0c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "15867566-0132-43cc-8153-91082baef4b1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8138265b-852d-4572-90d0-4d85fb815105", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1f5ff7e4-2620-4561-9ff5-9f633beee053", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c9de5fe3-a613-4154-b4b6-24913eafab0d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "78de8836-f5a9-4e3e-afc0-657e96733977", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4b71556d-e728-46c3-9acd-1ec56ddd4ec8", + "name": "Delete document by ID", + "request": { + "name": "Delete document by ID", + "description": { + "content": "Deletes the specified saved search.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808568c529c60168cca6f90c1313", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the requested document.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "a92c98cb-7fb1-4ece-a507-c32259f72b93", + "name": "No Content - Indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "343012ef-acc4-47d7-a0ff-8d54745afa1d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f186ded9-b177-44e1-b0b2-c4903b0a8c4d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b5fb3a63-ea9d-4220-88cd-80ccd48c1ed0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6daba323-b521-4b30-84f5-cccf314e325e", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "233016ac-cc7c-4ed8-b732-2a48dce185ca", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "545d08a4-f77c-4f2b-8fc9-66be967a59a2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b4f764ac-7ca1-47ec-8eb7-34c9f3ea6f4d", + "name": "Execute a saved search by ID", + "request": { + "name": "Execute a saved search by ID", + "description": { + "content": "Executes the specified saved search.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808568c529c60168cca6f90c1313", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the requested document.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scheduleId\": \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "8bd32e8b-0bbb-4678-b706-18051ef00efb", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scheduleId\": \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "e90fcc14-b87b-4c5f-a0af-ea1756dc358e", + "name": "Triggered by Scheduled Search", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scheduleId\": \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ac9f2e48-244b-4ad2-916f-990610d80703", + "name": "Triggered by UI Test", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "857d6b11-d47c-46a9-b791-b29b94298d1b", + "name": "Triggered by Scheduled Search", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scheduleId\": \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "25a5c667-e264-46c7-bcb7-feb61ca68706", + "name": "Triggered by UI Test", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d3ae672-ece5-4026-925e-1268c15071c4", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scheduleId\": \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9cc3b159-ce0b-430e-9123-705a4d8ff355", + "name": "Triggered by UI Test", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e0c4a623-a6e2-41ee-8022-6a65cf864579", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scheduleId\": \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f21a8805-a05c-404a-9054-28eac90704e5", + "name": "Triggered by UI Test", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "34725883-7300-470d-b6a9-5c38bb7bef36", + "name": "Triggered by Scheduled Search", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scheduleId\": \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9d7bef92-ddc4-4644-8e82-cb13d8032b7c", + "name": "Triggered by UI Test", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a37af645-96ec-435c-8cad-aa71b69da578", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"scheduleId\": \"7a724640-0c17-4ce9-a8c3-4a89738459c8\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d406541f-6e6e-47ea-8b0e-65d5691ab208", + "name": "Triggered by UI Test", + "originalRequest": { + "url": { + "path": [ + "saved-searches", + ":id", + "execute" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Scheduled Search", + "description": "Use this API to implement scheduled search functionality. \nWith scheduled search functionality in place, users can run saved search queries on their tenants on a schedule, and Identity Security Cloud emails them the search results. \nUsers can also share these search results with other users by email by adding those users as subscribers, or those users can subscribe themselves. \n\nOne of the greatest benefits of saving searches is the ability to run those searches on a schedule. \nThis is essential for organizations to constantly detect any changes to user information or access throughout their tenants and across all their sources. \nFor example, the manager Amanda Ross can schedule a saved search \"manager.name:amanda.ross AND attributes.location:austin\" on a schedule to regularly stay aware of changes with the Austin employees reporting to her.\nIdentity Security Cloud emails her the search results when the search runs, so she can work on other tasks instead of actively running this search.\n\nIn Identity Security Cloud, scheduling a search involves a subscription. \nUsers can create a subscription for a saved search and schedule it to run daily, weekly, or monthly (you can only use one schedule option at a time). \nThe user can add other identities as subscribers so when the scheduled search runs, the subscribers and the user all receive emails. \n\nBy default, subscriptions exclude detailed results from the emails, for security purposes. \nIncluding detailed results about user access in an email may expose sensitive information.\nHowever, the subscription creator can choose to include the information in the emails. \n\nBy default, Identity Security Cloud sends emails to the subscribers even when the searches do not return new results. \nHowever, the subscription creator can choose to suppress these empty emails. \n\nUsers can also subscribe to saved searches that already have existing subscriptions so they receive emails when the searches run. \nA saved search can have up to 10 subscriptions configured at a time. \n\nThe subscription creator can enable, disable, or delete the subscription. \n\nRefer to [Subscribing to Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html#subscribing-to-saved-searches) for more information about scheduling searches and subscribing to them.\n", + "item": [ + { + "id": "c79bb67e-bfa6-44ab-a7d2-2d6ad55ef8f3", + "name": "Create a new scheduled search", + "request": { + "name": "Create a new scheduled search", + "description": { + "content": "Creates a new scheduled search.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"DAILY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "aadb1f14-872f-4f93-a450-6a4293bea0db", + "name": "Daily Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"DAILY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6adb08b0-aebd-4957-8dbe-c72768df7273", + "name": "Weekly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"TUE\",\n \"WED\",\n \"THU\",\n \"FRI\",\n \"SAT\",\n \"SUN\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "34eec6a4-360b-41c4-aa5d-8078f6269c7f", + "name": "Monthly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"MONTHLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b02cffb1-44e9-47b0-a6fd-1e0e5c73b6a0", + "name": "Annual Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"ANNUALLY\",\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f4ec38df-60ca-40ac-8ec9-17de9270a08e", + "name": "Calendar Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"CALENDAR\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2023-01-22\",\n \"2023-02-22\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4eda897e-a70b-4b65-80dd-34f631df8844", + "name": "Daily Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"DAILY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e0587f86-1eb7-43e3-b48e-6ebe37e551a7", + "name": "Weekly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"TUE\",\n \"WED\",\n \"THU\",\n \"FRI\",\n \"SAT\",\n \"SUN\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1022443b-7111-4b80-ac74-4a0adde30ebb", + "name": "Monthly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"MONTHLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e03642f6-6224-4cdd-923d-546f28965dfe", + "name": "Annual Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"ANNUALLY\",\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f42d819e-e9c0-4002-9953-9db167f5a3e5", + "name": "Calendar Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"CALENDAR\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2023-01-22\",\n \"2023-02-22\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "450751ab-298f-45d3-80c6-762fbed9cbd8", + "name": "Daily Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"DAILY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f1a0f6c5-06cc-4d75-b3f4-6c296aaf11eb", + "name": "Weekly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"TUE\",\n \"WED\",\n \"THU\",\n \"FRI\",\n \"SAT\",\n \"SUN\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "edadbf3f-4fd5-4b23-984c-1935400878b9", + "name": "Monthly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"MONTHLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "66d0cd18-f354-4006-b3ff-7e8293a8530d", + "name": "Annual Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"ANNUALLY\",\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "07e7ea1a-6f8f-4038-b75f-1bdd283321e7", + "name": "Calendar Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"CALENDAR\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2023-01-22\",\n \"2023-02-22\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5dfc346f-0a48-469b-8fd7-1923b636ee8c", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"DAILY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f11e70b9-d128-4506-a137-69755166388e", + "name": "Weekly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"TUE\",\n \"WED\",\n \"THU\",\n \"FRI\",\n \"SAT\",\n \"SUN\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "078d3aa5-8df1-4dc0-858c-d1aaebac3e6e", + "name": "Monthly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"MONTHLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "24a68db5-9349-4a6c-b7cd-af4576be8d14", + "name": "Annual Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"ANNUALLY\",\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a30deca4-4308-4800-acbf-866c7ef2573e", + "name": "Calendar Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"CALENDAR\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2023-01-22\",\n \"2023-02-22\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c61a2149-e008-477e-b845-c1cb9f92de14", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"DAILY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f83de309-0b9c-4e2c-a5fe-76349572fbe1", + "name": "Weekly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"TUE\",\n \"WED\",\n \"THU\",\n \"FRI\",\n \"SAT\",\n \"SUN\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fb035329-42dc-4557-8bef-a2cf6bca5b32", + "name": "Monthly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"MONTHLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "92453bbf-18df-4b86-b54c-0631c23ddf4e", + "name": "Annual Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"ANNUALLY\",\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a87dfdb-8022-4a41-879d-d89ca1e870a0", + "name": "Calendar Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"CALENDAR\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2023-01-22\",\n \"2023-02-22\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ac3726a1-7504-4d7a-847c-6b7a46e3f5bc", + "name": "Daily Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"DAILY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90ca4af9-bcac-477a-aa7a-35586e872c3a", + "name": "Weekly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"TUE\",\n \"WED\",\n \"THU\",\n \"FRI\",\n \"SAT\",\n \"SUN\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0591ae87-1f6d-46e3-8058-5b0e033dd854", + "name": "Monthly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"MONTHLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "91e7e7d9-18fb-49cb-99e1-f2fb11475567", + "name": "Annual Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"ANNUALLY\",\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ece6f7a6-896b-4497-acc4-702374538479", + "name": "Calendar Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"CALENDAR\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2023-01-22\",\n \"2023-02-22\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a1f9c873-38ae-4fc6-824a-2224bb813735", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"DAILY\",\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2be5df1d-52ac-419a-a21e-3ac315bf82ca", + "name": "Weekly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"TUE\",\n \"WED\",\n \"THU\",\n \"FRI\",\n \"SAT\",\n \"SUN\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0626beca-70be-4548-825c-82e63c79e869", + "name": "Monthly Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"MONTHLY\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c303c513-08c6-40e8-9191-a3176d6270b2", + "name": "Annual Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"ANNUALLY\",\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\"\n ],\n \"interval\": 3\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"1\",\n \"7\",\n \"14\",\n \"L\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "639aa3ac-9cd0-4565-a2a2-b3a0a3c567e0", + "name": "Calendar Search", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"savedSearchId\": \"9c620e13-cd33-4804-a13d-403bd7bcdbad\",\n \"schedule\": {\n \"type\": \"CALENDAR\",\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"2023-01-22\",\n \"2023-02-22\"\n ]\n },\n \"hours\": {\n \"type\": \"LIST\",\n \"values\": [\n \"9\"\n ]\n }\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "657b2a06-c5b7-4a44-b485-3fc3f7646f53", + "name": "List scheduled searches", + "request": { + "name": "List scheduled searches", + "description": { + "content": "Returns a list of scheduled searches.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*\n\n**savedSearchId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "savedSearchId eq \"6cc0945d-9eeb-4948-9033-72d066e1153e\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b9380bd2-cfb6-4ae8-be63-6a0a62ea5fbf", + "name": "The list of requested scheduled searches.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*\n\n**savedSearchId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "savedSearchId eq \"6cc0945d-9eeb-4948-9033-72d066e1153e\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "[\n {\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n },\n {\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b0b53d70-3995-4ede-b146-dad6cbb98f35", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*\n\n**savedSearchId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "savedSearchId eq \"6cc0945d-9eeb-4948-9033-72d066e1153e\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0800d200-19fd-4dd8-9b86-56ca9a658924", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*\n\n**savedSearchId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "savedSearchId eq \"6cc0945d-9eeb-4948-9033-72d066e1153e\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "afc12180-d235-4fca-8d09-80f01275ca0c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*\n\n**savedSearchId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "savedSearchId eq \"6cc0945d-9eeb-4948-9033-72d066e1153e\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c73bc66d-bb24-4cf2-a3fc-094aee76002c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*\n\n**savedSearchId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "savedSearchId eq \"6cc0945d-9eeb-4948-9033-72d066e1153e\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "56cc28e5-c25e-483d-8867-50814069d56a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*\n\n**savedSearchId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "savedSearchId eq \"6cc0945d-9eeb-4948-9033-72d066e1153e\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc53f76c-9466-47aa-8589-376c0d10196b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**owner.id**: *eq*\n\n**savedSearchId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "savedSearchId eq \"6cc0945d-9eeb-4948-9033-72d066e1153e\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "885c733f-1821-4e37-bc45-3a3523f6e090", + "name": "Update an existing Scheduled Search", + "request": { + "name": "Update an existing Scheduled Search", + "description": { + "content": "Updates an existing scheduled search.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808568c529c60168cca6f90c1313", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the requested document.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3d703f66-8ab8-431f-b919-e69ab0c1d5d3", + "name": "The persisted scheduled search.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "414aabd3-8b6e-4120-967e-685350c5b57e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b855d939-7a86-47c8-aaea-06a5b0359dd3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e27fc13-3b89-4673-8e67-25c3db0c93b6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a5c9def7-58d5-49ff-8c1c-fd77ee85e739", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fab307c8-f71d-414a-97e6-fdf4115277af", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e0979bea-2812-417e-b1f6-f05f0383edb7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3143f822-7474-4f3c-a42e-d3790ead7c5d", + "name": "Get a Scheduled Search", + "request": { + "name": "Get a Scheduled Search", + "description": { + "content": "Returns the specified scheduled search.", + "type": "text/plain" + }, + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808568c529c60168cca6f90c1313", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the requested document.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5b13cda4-f4c1-41f9-b991-4d066227b525", + "name": "The requested scheduled search.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0de46054-fe90-434a-b84e-c6b3359d0c64\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n \"ownerId\": \"2c9180867624cbd7017642d8c8c81f67\",\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180867624cbd7017642d8c8c81f67\"\n }\n ],\n \"savedSearchId\": \"554f1511-f0a1-4744-ab14-599514d3e57c\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"name\": \"Daily disabled accounts\",\n \"description\": \"Daily disabled accounts\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"enabled\": false,\n \"emailEmptyResults\": false,\n \"displayQueryDetails\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9bc96e4-f0de-41be-ace7-80b6b2c6b13c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d02f869-4d1e-4498-acf2-2e662a775062", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "63036292-c558-4f5c-b235-5e8292e96a1d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9d4cb46c-210f-452b-849d-7f53f1cf7209", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "11b4cba8-d7f6-4b67-bd3d-67c47eb0240d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9ffa27b8-1eda-49f6-aaf6-894fff43af7b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a2e41eab-a2d1-4de8-b917-63e41fba8b67", + "name": "Delete a Scheduled Search", + "request": { + "name": "Delete a Scheduled Search", + "description": { + "content": "Deletes the specified scheduled search.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808568c529c60168cca6f90c1313", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the requested document.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "27b9a50d-dcff-4582-91f3-efc614bbee4b", + "name": "No Content - Indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "98773cb4-f620-4d0d-be60-21f8daecaf16", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0d3a06e7-a355-4d83-aacb-1170c120e6fb", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59fb5a84-8637-440b-b2cb-37f6aa5c6050", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "54c32b1c-897d-410f-8541-d29a642574ee", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b5a035e4-cb1b-4bb1-8048-406e8e6ba8f0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2a8df421-e7ff-460b-a7bf-296c04d035eb", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f1b2e225-b19e-464b-9cf5-61e2caf936fd", + "name": "Unsubscribe a recipient from Scheduled Search", + "request": { + "name": "Unsubscribe a recipient from Scheduled Search", + "description": { + "content": "Unsubscribes a recipient from the specified scheduled search.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "scheduled-searches", + ":id", + "unsubscribe" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808568c529c60168cca6f90c1313", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the requested document.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "cbaad2c1-a2cb-4af3-b7d4-17748c4b92a5", + "name": "No Content - Indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id", + "unsubscribe" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "5a8d53bb-1ec1-4cce-984e-b070e35af40c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id", + "unsubscribe" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "79515eee-6f78-4583-9f52-97bcb3c8d043", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id", + "unsubscribe" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f16fc39-c09e-4199-af4c-17b88328a78d", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "scheduled-searches", + ":id", + "unsubscribe" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Search", + "description": "Use this API to implement search functionality. \nWith search functionality in place, users can search their tenants for nearly any information from throughout their organizations. \n\nIdentity Security Cloud enables organizations to store user data from across all their connected sources and manage the users' access, so the ability to query and filter that data is essential. \nIts search goes through all those sources and finds the results quickly and specifically. \n\nThe search query is flexible - it can be very broad or very narrow. \nThe search only returns results for searchable objects it is filtering for. \nThe following objects are searchable: identities, roles, access profiles, entitlements, events, and account activities. \nBy default, no filter is applied, so a search for \"Ad\" returns both the identity \"Adam.Archer\" as well as the role \"Administrator.\"\n\nUsers can further narrow their results by using Identity Security Cloud's specific syntax and punctuation to structure their queries. \nFor example, the query \"attributes.location:austin AND NOT manager.name:amanda.ross\" returns all results associated with the Austin location, but it excludes those associated with the manager Amanda Ross.\nRefer to [Building a Search Query](https://documentation.sailpoint.com/saas/help/search/building-query.html) for more information about how to construct specific search queries. \n\nRefer to [Using Search](https://documentation.sailpoint.com/saas/help/search/index.html) for more information about Identity Security Cloud's search and its different possibilities. \n\nThe search feature uses Elasticsearch as a datastore and query engine. \nThe power of Elasticsearch makes this feature suitable for ad-hoc reporting.\nHowever, data from the operational databases (ex. identities, roles, events, etc) has to be ingested into Elasticsearch. \nThis ingestion process introduces a latency from when the operational data is created to when it is available in search. \nDepending on the system load, this can take a few seconds to a few minutes. \nPlease keep this latency in mind when you use search.\n", + "item": [ + { + "id": "23bf3cfa-84fe-43eb-834e-13a509f8116a", + "name": "Perform Search", + "request": { + "name": "Perform Search", + "description": { + "content": "Performs a search with the provided query and returns a matching result collection. By default, you can page a maximum of 10,000 search result records. To page past 10,000 records, you can use searchAfter paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement searchAfter paging. ", + "type": "text/plain" + }, + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"fields\": [\n \"name\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "9f83858b-dab8-4823-88e2-fd431b42cf07", + "name": "A collection of AccessProfiles", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"fields\": [\n \"name\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "30" + } + ], + "body": "[\n {\n \"id\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"name\": \"Cloud Eng\",\n \"_type\": \"accessprofile\",\n \"description\": \"Cloud Eng\",\n \"created\": \"2017-02-24T20:21:23.145Z\",\n \"modified\": \"2019-05-24T20:36:04.312Z\",\n \"synced\": \"2020-02-18T05:30:20.414Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"id\": \"ff8081815757d36a015757d42e56031e\",\n \"name\": \"SailPoint Support\",\n \"type\": \"IDENTITY\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"description\": \"mull\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 1,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "79496f47-5a72-49f3-ac53-97ab36d01b6b", + "name": "A collection of Entitlements", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "30" + } + ], + "body": "[\n {\n \"id\": \"2c9180946ed0c43d016eec1a80892fbd\",\n \"name\": \"entitlement.aa415ae7\",\n \"_type\": \"entitlement\",\n \"description\": \"null\",\n \"attribute\": \"groups\",\n \"value\": \"entitlement.aa415ae7\",\n \"modified\": \"2019-12-09T19:19:50.154Z\",\n \"synced\": \"2020-02-19T04:30:32.906Z\",\n \"displayName\": \"entitlement.aa415ae7\",\n \"source\": {\n \"id\": \"2c91808b6e9e6fb8016eec1a2b6f7b5f\",\n \"name\": \"ODS-HR-Employees\"\n },\n \"privileged\": false,\n \"identityCount\": 68,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f56d20ec-f426-4712-b92b-7a7b9229d2de", + "name": "A collection of Events", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"innerHit\": {\n \"type\": \"access\",\n \"query\": \"source.name:\\\\\\\"Active Directory\\\\\\\"\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "30" + } + ], + "body": "[\n {\n \"id\": \"e092842f-c904-4b59-aac8-2544abeeef4b\",\n \"name\": \"Update Task Schedule Passed\",\n \"_type\": \"event\",\n \"created\": \"2020-02-17T16:23:18.327Z\",\n \"synced\": \"2020-02-17T16:23:18.388Z\",\n \"action\": \"TASK_SCHEDULE_UPDATE_PASSED\",\n \"type\": \"SYSTEM_CONFIG\",\n \"actor\": {\n \"name\": \"MantisTaskScheduler\"\n },\n \"target\": {\n \"name\": \"Perform provisioning activity search delete synchronization\"\n },\n \"stack\": \"tpe\",\n \"trackingNumber\": \"c6b98bc39ece48b080826d16c76b166c\",\n \"ipAddress\": \"207.189.160.158\",\n \"details\": \"null\",\n \"attributes\": {\n \"sourceName\": \"SailPoint\"\n },\n \"objects\": [\n \"TASK\",\n \"SCHEDULE\"\n ],\n \"operation\": \"UPDATE\",\n \"status\": \"PASSED\",\n \"technicalName\": \"TASK_SCHEDULE_UPDATE_PASSED\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d810a2c-467e-4945-9160-a152f9e41e17", + "name": "A collection of Identities", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"name\",\n \"query\": \"Jo\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "30" + } + ], + "body": "[\n {\n \"id\": \"2c9180865c45e7e3015c46c434a80622\",\n \"name\": \"ad.admin\",\n \"_type\": \"identity\",\n \"firstName\": \"AD\",\n \"lastName\": \"Admin\",\n \"displayName\": \"AD Admin\",\n \"email\": \"SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM\",\n \"created\": \"2018-08-22T19:54:54.302Z\",\n \"modified\": \"2018-08-22T19:54:54.302Z\",\n \"synced\": \"2018-08-22T19:54:54.302Z\",\n \"phone\": \"512-942-7578\",\n \"inactive\": false,\n \"protected\": false,\n \"status\": \"UNREGISTERED\",\n \"employeeNumber\": \"O349804\",\n \"manager\": null,\n \"isManager\": false,\n \"identityProfile\": {\n \"id\": \"2c918085605c8d0601606f357cb231e6\",\n \"name\": \"E2E AD\"\n },\n \"source\": {\n \"id\": \"2c9180855c45b230015c46c19b9c0202\",\n \"name\": \"EndToEnd-ADSource\"\n },\n \"attributes\": {\n \"uid\": \"ad.admin\",\n \"firstname\": \"AD\",\n \"cloudAuthoritativeSource\": \"2c9180855c45b230015c46c19b9c0202\",\n \"cloudStatus\": \"UNREGISTERED\",\n \"iplanet-am-user-alias-list\": null,\n \"displayName\": \"AD Admin\",\n \"internalCloudStatus\": \"UNREGISTERED\",\n \"workPhone\": \"512-942-7578\",\n \"email\": \"SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM\",\n \"lastname\": \"Admin\"\n },\n \"processingState\": null,\n \"processingDetails\": null,\n \"accounts\": [\n {\n \"id\": \"2c9180865c45e7e3015c46c434a80623\",\n \"name\": \"ad.admin\",\n \"accountId\": \"CN=AD Admin,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"source\": {\n \"id\": \"2c9180855c45b230015c46c19b9c0202\",\n \"name\": \"EndToEnd-ADSource\",\n \"type\": \"Active Directory - Direct\"\n },\n \"disabled\": false,\n \"locked\": false,\n \"privileged\": false,\n \"manuallyCorrelated\": false,\n \"passwordLastSet\": \"2018-08-22T19:54:54.302Z\",\n \"entitlementAttributes\": {\n \"memberOf\": [\n \"CN=Group Policy Creator Owners,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Domain Guests,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Domain Admins,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Enterprise Admins,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Schema Admins,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Guests,CN=Builtin,DC=TestAutomationAD,DC=local\",\n \"CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local\"\n ]\n },\n \"created\": \"2018-08-22T19:54:54.302Z\"\n },\n {\n \"id\": \"2c918083606d670c01606f35a30a0349\",\n \"name\": \"ad.admin\",\n \"accountId\": \"ad.admin\",\n \"source\": {\n \"id\": \"ff8081815c46b85b015c46b90c7c02a6\",\n \"name\": \"IdentityNow\",\n \"type\": \"IdentityNowConnector\"\n },\n \"disabled\": false,\n \"locked\": false,\n \"privileged\": false,\n \"manuallyCorrelated\": false,\n \"passwordLastSet\": null,\n \"entitlementAttributes\": null,\n \"created\": \"2018-08-22T19:54:54.302Z\"\n }\n ],\n \"accountCount\": 2,\n \"apps\": [\n {\n \"id\": \"22751\",\n \"name\": \"ADP Workforce Now\",\n \"source\": {\n \"id\": \"2c9180855c45b230015c46e2f6a8026a\",\n \"name\": \"Corporate Active Directory\"\n },\n \"account\": {\n \"id\": \"2c9180865c45efa4015c470be0de1606\",\n \"accountId\": \"CN=Bob Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\"\n }\n }\n ],\n \"appCount\": 1,\n \"access\": [\n {\n \"id\": \"2c918083634bc6cb01639808d40270ba\",\n \"name\": \"test [AccessProfile-1527264105448]\",\n \"displayName\": \"test\",\n \"type\": \"ACCESS_PROFILE\",\n \"description\": \"test\",\n \"source\": {\n \"id\": \"2c9180855c45b230015c46c19b9c0202\",\n \"name\": \"EndToEnd-ADSource\"\n },\n \"owner\": {\n \"id\": \"2c9180865c45e7e3015c46c434a80622\",\n \"name\": \"ad.admin\",\n \"displayName\": \"AD Admin\"\n }\n },\n {\n \"id\": \"2c9180865c45e7e3015c46c457c50755\",\n \"name\": \"Administrators\",\n \"displayName\": \"Administrators\",\n \"type\": \"ENTITLEMENT\",\n \"description\": null,\n \"source\": {\n \"id\": \"2c9180855c45b230015c46c19b9c0202\",\n \"name\": \"EndToEnd-ADSource\"\n },\n \"privileged\": false,\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local\",\n \"standalone\": false\n },\n {\n \"id\": \"2c9180865decdaa5015e06598b293108\",\n \"name\": \"test [cloudRole-1503345085223]\",\n \"displayName\": \"test\",\n \"type\": \"ROLE\",\n \"description\": \"test\",\n \"owner\": {\n \"id\": \"2c9180865c45e7e3015c46c5030707a0\",\n \"name\": \"will.albin\",\n \"displayName\": \"Albin Will\"\n },\n \"disabled\": false\n }\n ],\n \"accessCount\": 3,\n \"accessProfileCount\": 1,\n \"entitlementCount\": 1,\n \"roleCount\": 1,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ae7f025-d5b6-4ce6-8412-ab8a08f389a4", + "name": "A collection of Roles", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"source.name\",\n \"nestedType\": \"access\",\n \"query\": \"Work\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "30" + } + ], + "body": "[\n {\n \"id\": \"2c91808c6faadea6016fb4f2bc69077b\",\n \"name\": \"IT Role\",\n \"_type\": \"role\",\n \"description\": \"IT role\",\n \"created\": \"2020-01-17T19:20:15.040Z\",\n \"modified\": null,\n \"synced\": \"2020-02-18T05:30:20.145Z\",\n \"enabled\": true,\n \"requestable\": false,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Cloud Support\",\n \"type\": \"IDENTITY\",\n \"email\": \"thomas.edison@acme-solar.com\"\n },\n \"accessProfiles\": [\n {\n \"id\": \"2c91809c6faade77016fb4f0b63407ae\",\n \"name\": \"Admin Access\"\n }\n ],\n \"accessProfileCount\": 1,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b918a70-347b-4a0d-8d4e-01e9d4166f3c", + "name": "Filter with Exists", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "30" + } + ], + "body": "[\n {\n \"id\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"name\": \"Cloud Eng\",\n \"_type\": \"accessprofile\",\n \"description\": \"Cloud Eng\",\n \"created\": \"2017-02-24T20:21:23.145Z\",\n \"modified\": \"2019-05-24T20:36:04.312Z\",\n \"synced\": \"2020-02-18T05:30:20.414Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"id\": \"ff8081815757d36a015757d42e56031e\",\n \"name\": \"SailPoint Support\",\n \"type\": \"IDENTITY\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"description\": \"mull\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 1,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "08c74b3c-b78c-49e6-9d9a-a2f2abd8f44f", + "name": "Filter with Range", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\",\n \"timeZone\": \"Europe/London\"\n },\n \"filters\": {\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "30" + } + ], + "body": "[\n {\n \"id\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"name\": \"Cloud Eng\",\n \"_type\": \"accessprofile\",\n \"description\": \"Cloud Eng\",\n \"created\": \"2017-02-24T20:21:23.145Z\",\n \"modified\": \"2019-05-24T20:36:04.312Z\",\n \"synced\": \"2020-02-18T05:30:20.414Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"id\": \"ff8081815757d36a015757d42e56031e\",\n \"name\": \"SailPoint Support\",\n \"type\": \"IDENTITY\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"description\": \"mull\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 1,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0fccbcac-994e-4ba0-bd06-c84b62d3a9bc", + "name": "Filter with Terms", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "30" + } + ], + "body": "[\n {\n \"id\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"name\": \"Cloud Eng\",\n \"_type\": \"accessprofile\",\n \"description\": \"Cloud Eng\",\n \"created\": \"2017-02-24T20:21:23.145Z\",\n \"modified\": \"2019-05-24T20:36:04.312Z\",\n \"synced\": \"2020-02-18T05:30:20.414Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"id\": \"ff8081815757d36a015757d42e56031e\",\n \"name\": \"SailPoint Support\",\n \"type\": \"IDENTITY\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"description\": \"mull\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 1,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5915bb10-a595-430f-bb63-9b6b6bc03edc", + "name": "Query with Fields", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"fields\": [\n \"name\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "669155be-005e-4590-a46d-99431dde78bd", + "name": "Query with TimeZone", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e205a829-3395-4161-8769-c2607f7b161d", + "name": "Query with InnerHit", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"innerHit\": {\n \"type\": \"access\",\n \"query\": \"source.name:\\\\\\\"Active Directory\\\\\\\"\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e975195-cd07-44c4-b83e-593d7bdebf05", + "name": "TypeAheadQuery", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"name\",\n \"query\": \"Jo\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7bcbb562-fadc-49fe-94e4-fc8d075d6b94", + "name": "TypeAheadQuery with NestedType", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"source.name\",\n \"nestedType\": \"access\",\n \"query\": \"Work\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "21da2475-7be2-413b-bdb7-f4839acb456e", + "name": "Filter with Exists", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a3c8aee-2911-4472-a5ae-12c34e9cfa10", + "name": "Filter with Range", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\",\n \"timeZone\": \"Europe/London\"\n },\n \"filters\": {\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "85d3d2e4-4844-4fe6-9b75-5dbdb8d31c01", + "name": "Filter with Terms", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74cbf519-baf9-49b7-a35a-4e3c2ec25fd7", + "name": "Query with Fields", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"fields\": [\n \"name\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d9c1408e-349e-4187-abea-fa10b1488870", + "name": "Query with TimeZone", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "428b14f4-4ca0-486f-84b7-e96f84a7ba89", + "name": "Query with InnerHit", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"innerHit\": {\n \"type\": \"access\",\n \"query\": \"source.name:\\\\\\\"Active Directory\\\\\\\"\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e6fb6a1-b2a6-4053-856a-05b3a9164b2c", + "name": "TypeAheadQuery", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"name\",\n \"query\": \"Jo\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1c89caca-d066-4e3e-bb7d-85e9f4141918", + "name": "TypeAheadQuery with NestedType", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"source.name\",\n \"nestedType\": \"access\",\n \"query\": \"Work\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bf887409-d420-4195-905b-85c3c7edbacf", + "name": "Filter with Exists", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "24cd3c0d-f477-450d-ad09-17cb37ef4428", + "name": "Filter with Range", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\",\n \"timeZone\": \"Europe/London\"\n },\n \"filters\": {\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3e6923cf-d3d6-44ab-bf9c-f3a0334b1a1b", + "name": "Filter with Terms", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f4f35ef2-2a5b-435e-800c-320074cd1123", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"fields\": [\n \"name\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d93e3a6e-c7a6-4d8f-a7ae-01955aa1503f", + "name": "Query with TimeZone", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb183b6c-f927-4e42-9ce9-f0dd37379145", + "name": "Query with InnerHit", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"innerHit\": {\n \"type\": \"access\",\n \"query\": \"source.name:\\\\\\\"Active Directory\\\\\\\"\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "909cc37a-f960-4eb9-87c9-1d5146641a98", + "name": "TypeAheadQuery", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"name\",\n \"query\": \"Jo\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fb636652-8408-4157-9df9-df6b466a48aa", + "name": "TypeAheadQuery with NestedType", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"source.name\",\n \"nestedType\": \"access\",\n \"query\": \"Work\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40a571ea-36e1-4689-b499-f37313a25862", + "name": "Filter with Exists", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a749a595-3f34-48ca-bdc3-4d8c32e16c99", + "name": "Filter with Range", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\",\n \"timeZone\": \"Europe/London\"\n },\n \"filters\": {\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d2048596-0294-436b-a7e6-aed479689bef", + "name": "Filter with Terms", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9aa4663c-8cc1-4689-bc93-96213f7b6cc3", + "name": "Query with Fields", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"fields\": [\n \"name\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7042dfc8-12a3-41ee-83ab-33aaa5340ea1", + "name": "Query with TimeZone", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7266f303-2df6-4143-8bfa-dcce08823991", + "name": "Query with InnerHit", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"innerHit\": {\n \"type\": \"access\",\n \"query\": \"source.name:\\\\\\\"Active Directory\\\\\\\"\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3a1f0ee0-2884-469b-a579-b971d1cfa338", + "name": "TypeAheadQuery", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"name\",\n \"query\": \"Jo\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1334e912-cdf7-4343-9fb5-4b0bc710fa99", + "name": "TypeAheadQuery with NestedType", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"source.name\",\n \"nestedType\": \"access\",\n \"query\": \"Work\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "21a82d73-1bc9-42a4-bccc-6319f4b34a54", + "name": "Filter with Exists", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2b65de17-f946-4b8f-bbdc-4e7dd039d29a", + "name": "Filter with Range", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\",\n \"timeZone\": \"Europe/London\"\n },\n \"filters\": {\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd957d58-621b-4709-87d0-b5a4c5e8a945", + "name": "Filter with Terms", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ca278fcd-4305-4857-a430-5ef1aeaa6e61", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"fields\": [\n \"name\"\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2ae082da-2cf9-45da-97c4-a6bd51866635", + "name": "Query with TimeZone", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e3382c50-1ce7-4e8a-8ae9-2ae19283d929", + "name": "Query with InnerHit", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"\\\"John Doe\\\"\",\n \"innerHit\": {\n \"type\": \"access\",\n \"query\": \"source.name:\\\\\\\"Active Directory\\\\\\\"\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55091dcb-0850-4ac7-9cd5-d4862f677fa0", + "name": "TypeAheadQuery", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"name\",\n \"query\": \"Jo\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2d0df900-a0a9-40d4-9aaa-8bd18b8ae903", + "name": "TypeAheadQuery with NestedType", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"queryType\": \"TYPEAHEAD\",\n \"typeAheadQuery\": {\n \"field\": \"source.name\",\n \"nestedType\": \"access\",\n \"query\": \"Work\",\n \"maxExpansions\": 50,\n \"size\": 100,\n \"sort\": \"desc\",\n \"sortByValue\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53cafc04-b29b-4bbf-a5bd-c94e3d6b3ad6", + "name": "Filter with Exists", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"attributes.cloudAuthoritativeSource\": {\n \"type\": \"EXISTS\",\n \"exclude\": true\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f62c5f3-b5f9-4800-bf6e-8dc632d331f9", + "name": "Filter with Range", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\",\n \"timeZone\": \"Europe/London\"\n },\n \"filters\": {\n \"accessCount\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"3\"\n }\n }\n },\n \"created\": {\n \"type\": \"RANGE\",\n \"range\": {\n \"lower\": {\n \"value\": \"2019-12-01\",\n \"inclusive\": true\n },\n \"upper\": {\n \"value\": \"2020-01-01\"\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d38d81d5-a444-468a-b130-bdea8b9043cf", + "name": "Filter with Terms", + "originalRequest": { + "url": { + "path": [ + "search" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "10000" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"attributes.city:London\"\n },\n \"filters\": {\n \"source.name\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"HR Employees\",\n \"Corporate Active Directory\"\n ],\n \"exclude\": true\n },\n \"protected\": {\n \"type\": \"TERMS\",\n \"terms\": [\n \"true\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "77db3f19-b5f6-4f4e-9aa8-699a3be21426", + "name": "Count Documents Satisfying a Query", + "request": { + "name": "Count Documents Satisfying a Query", + "description": { + "content": "Performs a search with a provided query and returns the count of results in the X-Total-Count header.", + "type": "text/plain" + }, + "url": { + "path": [ + "search", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "38e8d840-97c0-4095-94b4-09520284dae8", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "search", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [ + { + "disabled": true, + "description": { + "content": "The total result count.", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "4a655234-404f-4f23-997d-0e564c2e06b9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "search", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18727bae-8a26-45b0-b406-0a812283ba9e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "search", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a4f347e9-6202-4a8b-a160-6ee3bfc5c70b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "search", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a49832eb-65b5-4900-9346-f2dc49984c33", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "search", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "96591427-a1ce-480b-b5d3-219d8a2b6bff", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "search", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"query\": {\n \"query\": \"created: [2022-05-19T19:26:03.351Z TO now]\",\n \"timeZone\": \"America/Los_Angeles\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c8aad4bf-e39b-47da-8294-005e33658e50", + "name": "Perform a Search Query Aggregation", + "request": { + "name": "Perform a Search Query Aggregation", + "description": { + "content": "Performs a search query aggregation and returns the aggregation result. By default, you can page a maximum of 10,000 search result records. To page past 10,000 records, you can use searchAfter paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement searchAfter paging. ", + "type": "text/plain" + }, + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"metric\": {\n \"name\": \"How Many Locations\",\n \"type\": \"UNIQUE_COUNT\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "4c3eb62c-dfbe-4d56-a7c7-4e74d63eee30", + "name": "MetricAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"metric\": {\n \"name\": \"How Many Locations\",\n \"type\": \"UNIQUE_COUNT\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a4b14791-6ef8-4763-ba3a-8e7dd91f3c2e", + "name": "MetricAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"How Many Locations\": {\n \"cardinality\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5bc78408-5343-45ea-af3a-18bfce14fb6a", + "name": "BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55c7b66d-4705-4925-9261-fbb87ed240a7", + "name": "BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9a07b296-2e41-4b43-b2a1-fb00dc8be22b", + "name": "NestedAggregation with BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"bucket\": {\n \"name\": \"Access Source Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.source.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "112b0119-fa2a-4789-80bb-ae74c1d0cc9b", + "name": "NestedAggregation with BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Access Source Name\": {\n \"terms\": {\n \"field\": \"access.source.name.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "84093bc1-ce68-4565-8a70-72ef25171e31", + "name": "NestedAggregation with FilterAggregation and BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"filter\": {\n \"name\": \"Entitlements\",\n \"field\": \"access.type\",\n \"value\": \"ENTITLEMENT\"\n },\n \"bucket\": {\n \"name\": \"Access Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b2a6cc38-fa77-4432-a8b7-67243a16f023", + "name": "NestedAggregation with FilterAggregation and BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Entitlements\": {\n \"filter\": {\n \"term\": {\n \"access.type\": \"ENTITLEMENT\"\n }\n },\n \"aggs\": {\n \"Access Name\": {\n \"terms\": {\n \"field\": \"access.name.exact\"\n }\n }\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0d326d85-b1b9-4d01-badd-94a9df162a44", + "name": "BucketAggregation with SubAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Department\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.department\"\n },\n \"subAggregation\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a4360475-d1bd-4086-849b-3fd82e1f63ba", + "name": "BucketAggregation with SubAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Department\": {\n \"terms\": {\n \"field\": \"attributes.department.exact\"\n },\n \"aggs\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "disabled": true, + "description": { + "content": "The total result count (returned only if the *count* parameter is specified as *true*).", + "type": "text/plain" + }, + "key": "X-Total-Count", + "value": "5" + } + ], + "body": "{\n \"aggregations\": {\n \"Identity Locations\": {\n \"buckets\": [\n {\n \"key\": \"Austin\",\n \"doc_count\": 109\n },\n {\n \"key\": \"London\",\n \"doc_count\": 64\n },\n {\n \"key\": \"San Jose\",\n \"doc_count\": 27\n },\n {\n \"key\": \"Brussels\",\n \"doc_count\": 26\n },\n {\n \"key\": \"Sao Paulo\",\n \"doc_count\": 24\n },\n {\n \"key\": \"Munich\",\n \"doc_count\": 23\n },\n {\n \"key\": \"Singapore\",\n \"doc_count\": 22\n },\n {\n \"key\": \"Tokyo\",\n \"doc_count\": 20\n },\n {\n \"key\": \"Taipei\",\n \"doc_count\": 16\n }\n ]\n }\n },\n \"hits\": [\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n },\n {\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"John Doe\",\n \"_type\": \"accessprofile\",\n \"description\": \"The admin role\",\n \"created\": \"2018-06-25T20:22:28.104Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"synced\": \"2018-06-25T20:22:33.104Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n },\n {\n \"hasPermissions\": false,\n \"description\": \"Cloud engineering\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"schema\": \"group\",\n \"privileged\": false,\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 5,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a653e30-1dbf-46c0-a770-0bf03efdd307", + "name": "MetricAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"metric\": {\n \"name\": \"How Many Locations\",\n \"type\": \"UNIQUE_COUNT\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0566b5ed-808c-482d-a9c3-b4c4cabe01c3", + "name": "MetricAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"How Many Locations\": {\n \"cardinality\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "075177f2-70ff-4484-a939-4a1766284596", + "name": "BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75eee85a-ad46-4619-a0d4-dcadef2eabeb", + "name": "BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8803e69d-0455-43f7-b23b-6fa74a674f0a", + "name": "NestedAggregation with BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"bucket\": {\n \"name\": \"Access Source Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.source.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa38f8a9-7b3a-4c57-9ac1-e87c849cde00", + "name": "NestedAggregation with BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Access Source Name\": {\n \"terms\": {\n \"field\": \"access.source.name.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6c4e8893-c62f-43a6-b586-526d719b0006", + "name": "NestedAggregation with FilterAggregation and BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"filter\": {\n \"name\": \"Entitlements\",\n \"field\": \"access.type\",\n \"value\": \"ENTITLEMENT\"\n },\n \"bucket\": {\n \"name\": \"Access Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a7e264c-1774-46c7-ab24-253539194e8a", + "name": "NestedAggregation with FilterAggregation and BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Entitlements\": {\n \"filter\": {\n \"term\": {\n \"access.type\": \"ENTITLEMENT\"\n }\n },\n \"aggs\": {\n \"Access Name\": {\n \"terms\": {\n \"field\": \"access.name.exact\"\n }\n }\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "af4b1ce6-ec99-4d04-97b1-1d5ad2c48b12", + "name": "BucketAggregation with SubAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Department\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.department\"\n },\n \"subAggregation\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4751695d-abfa-49ee-8f45-04b9d432b467", + "name": "BucketAggregation with SubAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Department\": {\n \"terms\": {\n \"field\": \"attributes.department.exact\"\n },\n \"aggs\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18b804aa-5d1c-47a1-80da-d7edb513ec7b", + "name": "MetricAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"metric\": {\n \"name\": \"How Many Locations\",\n \"type\": \"UNIQUE_COUNT\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7a6c7b2-b2f2-4e2c-b975-9f6fd94f46fd", + "name": "MetricAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"How Many Locations\": {\n \"cardinality\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bbf6044a-c13a-45a3-a38d-9e9d44e51feb", + "name": "BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "214fb757-49c4-4113-976a-de65878d4293", + "name": "BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f706e752-ec62-4048-8416-7d695af82dbc", + "name": "NestedAggregation with BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"bucket\": {\n \"name\": \"Access Source Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.source.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f01e8ed3-d45a-49cc-b40e-ebdb79b792ff", + "name": "NestedAggregation with BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Access Source Name\": {\n \"terms\": {\n \"field\": \"access.source.name.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4880e64b-c091-4dfb-9599-e4bd04025859", + "name": "NestedAggregation with FilterAggregation and BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"filter\": {\n \"name\": \"Entitlements\",\n \"field\": \"access.type\",\n \"value\": \"ENTITLEMENT\"\n },\n \"bucket\": {\n \"name\": \"Access Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "16d69607-56b8-487f-a2c2-b5ec0d4dd9be", + "name": "NestedAggregation with FilterAggregation and BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Entitlements\": {\n \"filter\": {\n \"term\": {\n \"access.type\": \"ENTITLEMENT\"\n }\n },\n \"aggs\": {\n \"Access Name\": {\n \"terms\": {\n \"field\": \"access.name.exact\"\n }\n }\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8502be22-9603-4536-a7a9-215c1f2dc7cb", + "name": "BucketAggregation with SubAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Department\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.department\"\n },\n \"subAggregation\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ebcf70a9-71ad-44d9-bdf8-1ad7788abf9d", + "name": "BucketAggregation with SubAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Department\": {\n \"terms\": {\n \"field\": \"attributes.department.exact\"\n },\n \"aggs\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f6433c1-e2fc-401a-8649-46ef6617a3f3", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"metric\": {\n \"name\": \"How Many Locations\",\n \"type\": \"UNIQUE_COUNT\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "87551d39-8196-4fa7-afed-f38ebe4450a0", + "name": "MetricAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"How Many Locations\": {\n \"cardinality\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "458c0f3d-5c20-4c09-af07-fef7e8c5e156", + "name": "BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f516cb0a-7c75-4ad6-82f9-16ac40771a32", + "name": "BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "87c6501a-e999-487d-82f4-94bb89ffa023", + "name": "NestedAggregation with BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"bucket\": {\n \"name\": \"Access Source Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.source.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e52e759-dcfb-468f-a5cc-2543c0fae09f", + "name": "NestedAggregation with BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Access Source Name\": {\n \"terms\": {\n \"field\": \"access.source.name.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e8378cc5-04b3-4bbb-b55d-503f68e65728", + "name": "NestedAggregation with FilterAggregation and BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"filter\": {\n \"name\": \"Entitlements\",\n \"field\": \"access.type\",\n \"value\": \"ENTITLEMENT\"\n },\n \"bucket\": {\n \"name\": \"Access Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a4f99b2-c8a5-44ca-b0af-558e0727831c", + "name": "NestedAggregation with FilterAggregation and BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Entitlements\": {\n \"filter\": {\n \"term\": {\n \"access.type\": \"ENTITLEMENT\"\n }\n },\n \"aggs\": {\n \"Access Name\": {\n \"terms\": {\n \"field\": \"access.name.exact\"\n }\n }\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c43b1523-b25d-49fa-a57f-4d12856934af", + "name": "BucketAggregation with SubAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Department\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.department\"\n },\n \"subAggregation\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3484e6dd-a5d1-4c0c-b08c-6f187888bdac", + "name": "BucketAggregation with SubAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Department\": {\n \"terms\": {\n \"field\": \"attributes.department.exact\"\n },\n \"aggs\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2bb4e5e4-c3f7-4043-9b70-5892cd5d0922", + "name": "MetricAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"metric\": {\n \"name\": \"How Many Locations\",\n \"type\": \"UNIQUE_COUNT\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "811735a4-112b-48b5-bcec-a2a6885f8bd3", + "name": "MetricAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"How Many Locations\": {\n \"cardinality\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6ae8f4d8-a641-4668-a13a-c0d55259ddd0", + "name": "BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9a21bfca-4c86-4ff8-97ea-e6cadea953d5", + "name": "BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9df4312a-ec91-4708-8c17-d74486591ab2", + "name": "NestedAggregation with BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"bucket\": {\n \"name\": \"Access Source Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.source.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "79a74f19-2761-41cc-b688-9f5e91e8f60d", + "name": "NestedAggregation with BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Access Source Name\": {\n \"terms\": {\n \"field\": \"access.source.name.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "794bb315-1876-426b-b9c3-ad0fede8d60a", + "name": "NestedAggregation with FilterAggregation and BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"filter\": {\n \"name\": \"Entitlements\",\n \"field\": \"access.type\",\n \"value\": \"ENTITLEMENT\"\n },\n \"bucket\": {\n \"name\": \"Access Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aac62817-6722-4c5b-80df-e590828691de", + "name": "NestedAggregation with FilterAggregation and BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Entitlements\": {\n \"filter\": {\n \"term\": {\n \"access.type\": \"ENTITLEMENT\"\n }\n },\n \"aggs\": {\n \"Access Name\": {\n \"terms\": {\n \"field\": \"access.name.exact\"\n }\n }\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8ce2854c-1281-4882-8452-39556b9aa4e0", + "name": "BucketAggregation with SubAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Department\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.department\"\n },\n \"subAggregation\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ff3e543e-9a57-428f-b4c6-f632dc414b19", + "name": "BucketAggregation with SubAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Department\": {\n \"terms\": {\n \"field\": \"attributes.department.exact\"\n },\n \"aggs\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "060f13ed-43e7-4f90-89d1-9da4c0122114", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"metric\": {\n \"name\": \"How Many Locations\",\n \"type\": \"UNIQUE_COUNT\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a13463d-c480-40ae-8acf-bab858f4fad8", + "name": "MetricAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"How Many Locations\": {\n \"cardinality\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3dc67475-e9a1-43de-a08e-6e02a6573b9d", + "name": "BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "22659486-95b7-447d-9573-6bae8a8082ef", + "name": "BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0083b5c7-864e-420d-89ba-b5c3c3de4072", + "name": "NestedAggregation with BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"bucket\": {\n \"name\": \"Access Source Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.source.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3810739a-ab45-4036-8fed-527e1e0e696c", + "name": "NestedAggregation with BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Access Source Name\": {\n \"terms\": {\n \"field\": \"access.source.name.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "48f1e1d4-e2d6-4f48-b72a-74f8924ce9ea", + "name": "NestedAggregation with FilterAggregation and BucketAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"nested\": {\n \"name\": \"Access\",\n \"field\": \"access\",\n \"type\": \"TERMS\"\n },\n \"filter\": {\n \"name\": \"Entitlements\",\n \"field\": \"access.type\",\n \"value\": \"ENTITLEMENT\"\n },\n \"bucket\": {\n \"name\": \"Access Name\",\n \"type\": \"TERMS\",\n \"field\": \"access.name\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "03ebda8a-892e-49a1-a1ee-a95fa0e1d308", + "name": "NestedAggregation with FilterAggregation and BucketAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"access\": {\n \"nested\": {\n \"path\": \"access\"\n },\n \"aggs\": {\n \"Entitlements\": {\n \"filter\": {\n \"term\": {\n \"access.type\": \"ENTITLEMENT\"\n }\n },\n \"aggs\": {\n \"Access Name\": {\n \"terms\": {\n \"field\": \"access.name.exact\"\n }\n }\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0f1fc96c-50a2-4536-93a6-e072756fd415", + "name": "BucketAggregation with SubAggregation", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"SAILPOINT\",\n \"aggregations\": {\n \"bucket\": {\n \"name\": \"Identity Department\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.department\"\n },\n \"subAggregation\": {\n \"bucket\": {\n \"name\": \"Identity Locations\",\n \"type\": \"TERMS\",\n \"field\": \"attributes.city\"\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5e414454-6939-4363-a6f2-041af21eb5eb", + "name": "BucketAggregation with SubAggregation using DSL", + "originalRequest": { + "url": { + "path": [ + "search", + "aggregate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"indices\": [\n \"identities\"\n ],\n \"aggregationType\": \"DSL\",\n \"aggregationsDsl\": {\n \"Identity Department\": {\n \"terms\": {\n \"field\": \"attributes.department.exact\"\n },\n \"aggs\": {\n \"Identity Locations\": {\n \"terms\": {\n \"field\": \"attributes.city.exact\"\n }\n }\n }\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7e92e382-5717-436a-98dc-56503f15f00f", + "name": "Get a Document by ID", + "request": { + "name": "Get a Document by ID", + "description": { + "content": "Fetches a single document from the specified index, using the specified document ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "accounts", + "key": "index", + "disabled": true, + "description": { + "content": "(Required) The index from which to fetch the specified document.\n\nThe currently supported index names are: *accessprofiles*, *accountactivities*, *entitlements*, *events*, *identities*, and *roles*.\n", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2c91808568c529c60168cca6f90c1313", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the requested document.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c5e46110-3201-4fae-8a61-0a29a60455bb", + "name": "AccessProfile", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"name\": \"Cloud Eng\",\n \"description\": \"Cloud Eng\",\n \"created\": \"2017-02-24T20:21:23.145Z\",\n \"modified\": \"2019-05-24T20:36:04.312Z\",\n \"synced\": \"2020-02-18T05:30:20.414Z\",\n \"enabled\": true,\n \"requestable\": true,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"id\": \"ff8081815757d36a015757d42e56031e\",\n \"name\": \"SailPoint Support\",\n \"type\": \"IDENTITY\",\n \"email\": \"cloud-support@sailpoint.com\"\n },\n \"source\": {\n \"id\": \"ff8081815757d4fb0157588f3d9d008f\",\n \"name\": \"Employees\"\n },\n \"entitlements\": [\n {\n \"id\": \"2c918084575812550157589064f33b89\",\n \"name\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\",\n \"description\": \"mull\",\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Cloud Engineering,DC=sailpoint,DC=COM\"\n }\n ],\n \"entitlementCount\": 1,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e5e8990a-dd6e-40be-a4f9-66ff99659ed3", + "name": "Entitlement", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180946ed0c43d016eec1a80892fbd\",\n \"name\": \"entitlement.aa415ae7\",\n \"description\": \"null\",\n \"attribute\": \"groups\",\n \"value\": \"entitlement.aa415ae7\",\n \"modified\": \"2019-12-09T19:19:50.154Z\",\n \"created\": \"2018-12-07T01:07:48Z\",\n \"synced\": \"2020-02-19T04:30:32.906Z\",\n \"displayName\": \"entitlement.aa415ae7\",\n \"source\": {\n \"id\": \"2c91808b6e9e6fb8016eec1a2b6f7b5f\",\n \"name\": \"ODS-HR-Employees\"\n },\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180858315595501831958427e5424\",\n \"name\": \"Addie Lee\"\n },\n \"privileged\": false,\n \"identityCount\": 68,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a37702cd-a31f-4699-93c0-92b578293e2f", + "name": "Event", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"e092842f-c904-4b59-aac8-2544abeeef4b\",\n \"name\": \"Update Task Schedule Passed\",\n \"created\": \"2020-02-17T16:23:18.327Z\",\n \"synced\": \"2020-02-17T16:23:18.388Z\",\n \"action\": \"TASK_SCHEDULE_UPDATE_PASSED\",\n \"type\": \"SYSTEM_CONFIG\",\n \"actor\": {\n \"name\": \"MantisTaskScheduler\"\n },\n \"target\": {\n \"name\": \"Perform provisioning activity search delete synchronization\"\n },\n \"stack\": \"tpe\",\n \"trackingNumber\": \"c6b98bc39ece48b080826d16c76b166c\",\n \"ipAddress\": \"207.189.160.158\",\n \"details\": \"null\",\n \"attributes\": {\n \"sourceName\": \"SailPoint\"\n },\n \"objects\": [\n \"TASK\",\n \"SCHEDULE\"\n ],\n \"operation\": \"UPDATE\",\n \"status\": \"PASSED\",\n \"technicalName\": \"TASK_SCHEDULE_UPDATE_PASSED\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0c948b36-d2dd-4103-8118-682f60054d6f", + "name": "Identity", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180865c45e7e3015c46c434a80622\",\n \"name\": \"ad.admin\",\n \"firstName\": \"AD\",\n \"lastName\": \"Admin\",\n \"displayName\": \"AD Admin\",\n \"email\": \"SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM\",\n \"created\": \"2018-08-22T19:54:54.302Z\",\n \"modified\": \"2018-08-22T19:54:54.302Z\",\n \"synced\": \"2018-08-22T19:54:54.302Z\",\n \"phone\": \"512-942-7578\",\n \"inactive\": false,\n \"protected\": false,\n \"status\": \"UNREGISTERED\",\n \"employeeNumber\": \"O349804\",\n \"manager\": null,\n \"isManager\": false,\n \"identityProfile\": {\n \"id\": \"2c918085605c8d0601606f357cb231e6\",\n \"name\": \"E2E AD\"\n },\n \"source\": {\n \"id\": \"2c9180855c45b230015c46c19b9c0202\",\n \"name\": \"EndToEnd-ADSource\"\n },\n \"attributes\": {\n \"uid\": \"ad.admin\",\n \"firstname\": \"AD\",\n \"cloudAuthoritativeSource\": \"2c9180855c45b230015c46c19b9c0202\",\n \"cloudStatus\": \"UNREGISTERED\",\n \"iplanet-am-user-alias-list\": null,\n \"displayName\": \"AD Admin\",\n \"internalCloudStatus\": \"UNREGISTERED\",\n \"workPhone\": \"512-942-7578\",\n \"email\": \"SLPT.CLOUD.SAILPOINT.TEST+AD-ADMIN@GMAIL.COM\",\n \"lastname\": \"Admin\"\n },\n \"processingState\": null,\n \"processingDetails\": null,\n \"accounts\": [\n {\n \"id\": \"2c9180865c45e7e3015c46c434a80623\",\n \"name\": \"ad.admin\",\n \"accountId\": \"CN=AD Admin,OU=slpt-automation,DC=TestAutomationAD,DC=local\",\n \"source\": {\n \"id\": \"2c9180855c45b230015c46c19b9c0202\",\n \"name\": \"EndToEnd-ADSource\",\n \"type\": \"Active Directory - Direct\"\n },\n \"disabled\": false,\n \"locked\": false,\n \"privileged\": false,\n \"manuallyCorrelated\": false,\n \"passwordLastSet\": \"2018-08-22T19:54:54.302Z\",\n \"entitlementAttributes\": {\n \"memberOf\": [\n \"CN=Group Policy Creator Owners,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Domain Guests,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Domain Admins,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Enterprise Admins,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Schema Admins,CN=Users,DC=TestAutomationAD,DC=local\",\n \"CN=Guests,CN=Builtin,DC=TestAutomationAD,DC=local\",\n \"CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local\"\n ]\n },\n \"created\": \"2018-08-22T19:54:54.302Z\"\n },\n {\n \"id\": \"2c918083606d670c01606f35a30a0349\",\n \"name\": \"ad.admin\",\n \"accountId\": \"ad.admin\",\n \"source\": {\n \"id\": \"ff8081815c46b85b015c46b90c7c02a6\",\n \"name\": \"IdentityNow\",\n \"type\": \"IdentityNowConnector\"\n },\n \"disabled\": false,\n \"locked\": false,\n \"privileged\": false,\n \"manuallyCorrelated\": false,\n \"passwordLastSet\": null,\n \"entitlementAttributes\": null,\n \"created\": \"2018-08-22T19:54:54.302Z\"\n }\n ],\n \"accountCount\": 2,\n \"apps\": [\n {\n \"id\": \"22751\",\n \"name\": \"ADP Workforce Now\",\n \"source\": {\n \"id\": \"2c9180855c45b230015c46e2f6a8026a\",\n \"name\": \"Corporate Active Directory\"\n },\n \"account\": {\n \"id\": \"2c9180865c45efa4015c470be0de1606\",\n \"accountId\": \"CN=Bob Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com\"\n }\n }\n ],\n \"appCount\": 1,\n \"access\": [\n {\n \"id\": \"2c918083634bc6cb01639808d40270ba\",\n \"name\": \"test [AccessProfile-1527264105448]\",\n \"displayName\": \"test\",\n \"type\": \"ACCESS_PROFILE\",\n \"description\": \"test\",\n \"source\": {\n \"id\": \"2c9180855c45b230015c46c19b9c0202\",\n \"name\": \"EndToEnd-ADSource\"\n },\n \"owner\": {\n \"id\": \"2c9180865c45e7e3015c46c434a80622\",\n \"name\": \"ad.admin\",\n \"displayName\": \"AD Admin\"\n }\n },\n {\n \"id\": \"2c9180865c45e7e3015c46c457c50755\",\n \"name\": \"Administrators\",\n \"displayName\": \"Administrators\",\n \"type\": \"ENTITLEMENT\",\n \"description\": null,\n \"source\": {\n \"id\": \"2c9180855c45b230015c46c19b9c0202\",\n \"name\": \"EndToEnd-ADSource\"\n },\n \"privileged\": false,\n \"attribute\": \"memberOf\",\n \"value\": \"CN=Administrators,CN=Builtin,DC=TestAutomationAD,DC=local\",\n \"standalone\": false\n },\n {\n \"id\": \"2c9180865decdaa5015e06598b293108\",\n \"name\": \"test [cloudRole-1503345085223]\",\n \"displayName\": \"test\",\n \"type\": \"ROLE\",\n \"description\": \"test\",\n \"owner\": {\n \"id\": \"2c9180865c45e7e3015c46c5030707a0\",\n \"name\": \"will.albin\",\n \"displayName\": \"Albin Will\"\n },\n \"disabled\": false\n }\n ],\n \"accessCount\": 3,\n \"accessProfileCount\": 1,\n \"entitlementCount\": 1,\n \"roleCount\": 1,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "06a7ee07-284e-4031-af2c-b56bfcaac0da", + "name": "Role", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808c6faadea6016fb4f2bc69077b\",\n \"name\": \"IT Role\",\n \"description\": \"IT role\",\n \"created\": \"2020-01-17T19:20:15.040Z\",\n \"modified\": null,\n \"synced\": \"2020-02-18T05:30:20.145Z\",\n \"enabled\": true,\n \"requestable\": false,\n \"requestCommentsRequired\": false,\n \"owner\": {\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Cloud Support\",\n \"type\": \"IDENTITY\",\n \"email\": \"thomas.edison@acme-solar.com\"\n },\n \"accessProfiles\": [\n {\n \"id\": \"2c91809c6faade77016fb4f0b63407ae\",\n \"name\": \"Admin Access\"\n }\n ],\n \"accessProfileCount\": 1,\n \"segments\": [\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"description\": \"This segment represents xyz\"\n }\n ],\n \"segmentCount\": 1,\n \"entitlements\": [\n {\n \"id\": \"2c91809c6faade77016fb4f0b63407ae\",\n \"name\": \"Admin Access\",\n \"description\": \"Access to everything\",\n \"privileged\": true,\n \"hasPermissions\": true\n }\n ],\n \"entitlementCount\": 1,\n \"tags\": [\n \"TAG_1\",\n \"TAG_2\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01fb90fd-23df-44da-a5e5-15e93557056a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fcf08eb0-7d0b-4ca7-a32f-fee8336439ce", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "faf85e2c-3203-4ff7-9156-5100741d8deb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "942c5ed3-8526-4eb5-a261-8399311251cc", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "11701b16-04be-4693-ba1e-4722f4ba8960", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f88ba964-b75b-4061-bf07-64c7cb75ac21", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "search", + ":index", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Search Attribute Configuration", + "description": "", + "item": [ + { + "id": "cb51dced-6205-45ff-8631-8eeee6a59a67", + "name": "Configure/create search attributes in IdentityNow.", + "request": { + "name": "Configure/create search attributes in IdentityNow.", + "description": { + "content": "This API accepts an attribute name, an attribute display name and a list of name/value pair associates of application IDs to attribute names. It will then validate the inputs and configure/create and attribute promotion configuration in the Link ObjectConfig.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c9180866166b5b0016167c32ef31a66\": \"mail\",\n \"2c9180866166b5b0016167c32ef31a67\": \"mail\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "0fc78e0d-6588-4038-8321-daee65360735", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c9180866166b5b0016167c32ef31a66\": \"mail\",\n \"2c9180866166b5b0016167c32ef31a67\": \"mail\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "814fd7e8-d467-4411-a65d-d5bdd447e470", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c9180866166b5b0016167c32ef31a66\": \"mail\",\n \"2c9180866166b5b0016167c32ef31a67\": \"mail\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2a9cdcd4-f4ca-402a-9132-aa1b5c0311f2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c9180866166b5b0016167c32ef31a66\": \"mail\",\n \"2c9180866166b5b0016167c32ef31a67\": \"mail\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce1e2169-f5c7-42e0-92ee-8c77fe1b98cc", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c9180866166b5b0016167c32ef31a66\": \"mail\",\n \"2c9180866166b5b0016167c32ef31a67\": \"mail\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be29b4e6-6289-4ad1-a63d-8e9952e0b417", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c9180866166b5b0016167c32ef31a66\": \"mail\",\n \"2c9180866166b5b0016167c32ef31a67\": \"mail\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e914c7e5-42c7-465b-9d1c-acab027231c4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c9180866166b5b0016167c32ef31a66\": \"mail\",\n \"2c9180866166b5b0016167c32ef31a67\": \"mail\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7df050dd-abd3-45a5-9941-5960c83cd2ea", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c9180866166b5b0016167c32ef31a66\": \"mail\",\n \"2c9180866166b5b0016167c32ef31a67\": \"mail\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ba4893db-ce4d-439d-8c1b-0db62b9245e7", + "name": "Retrieve attribute list in IdentityNow.", + "request": { + "name": "Retrieve attribute list in IdentityNow.", + "description": { + "content": "This API retrieves a list of extended search attribute/application associates currently configured in IdentityNow.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2d0845a9-985f-4abf-bc9f-16089b0982e7", + "name": "List of attribute configurations in IdentityNow.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\",\n \"2c91808b79fd2422017a0b36008f396b\": \"employeeNumber\"\n }\n },\n {\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\",\n \"2c91808b79fd2422017a0b36008f396b\": \"employeeNumber\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3af48b56-1484-4490-90d7-a196a5c44aa3", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74e415b1-005a-4678-b060-2c00b98f8dd2", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ece764eb-bce0-481e-822e-d364e8aa5ba4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6dd10f6f-a87a-4c02-a15f-c732e6aad50f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f0b4d950-1990-4bcd-9343-490c444bc486", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f8dfe857-d587-4523-81de-eec4d28ed4ca", + "name": "Get specific attribute in IdentityNow.", + "request": { + "name": "Get specific attribute in IdentityNow.", + "description": { + "content": "This API accepts an extended search attribute name and retrieves the corresponding extended attribute configuration.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "newMailAttribute", + "key": "name", + "disabled": true, + "description": { + "content": "(Required) Name of the extended search attribute configuration to retrieve.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "4937097a-c733-436f-beee-cd146b9a1037", + "name": "Specific attribute configuration in IdentityNow.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\",\n \"2c91808b79fd2422017a0b36008f396b\": \"employeeNumber\"\n }\n },\n {\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\",\n \"2c91808b79fd2422017a0b36008f396b\": \"employeeNumber\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7073b4b-ea7d-476f-b6b8-5fd8a12d6e2d", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "f0e8adca-dfc8-433f-886a-5fceee9c53e6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "556b5626-38c8-401e-9984-7fd46a42857e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e9102253-d528-4e0e-a797-7dc76ef59cd0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "11f19fb4-61c5-404a-811f-dd520000774a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7fa0e11-29d2-4d9a-969c-74994a27caa3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b82e96e8-ab29-4c53-a352-a18e80a84a2e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "79156bad-e097-45b4-9baf-b2e2d13d13e9", + "name": "Delete search attribute in IdentityNow.", + "request": { + "name": "Delete search attribute in IdentityNow.", + "description": { + "content": "This API accepts an extended search attribute name and deletes the corresponding extended attribute configuration.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "newMailAttribute", + "key": "name", + "disabled": true, + "description": { + "content": "(Required) Name of the extended search attribute configuration to delete.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "7a6028f1-6443-4956-97b2-20d2980b9b83", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "6eb29d2f-e9ea-4dc9-a4a4-8f3ee392b78b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cec7b03c-c819-4d4e-b0c0-cec73302d646", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7dd0ce2-ad55-4b43-ac38-40eeb4d443f1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17f98bec-a931-4ce2-b127-8689388988c2", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3afff4fa-25cf-44b6-80e9-e825827b9ffd", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3efda329-bc50-4055-b6b4-5adb0e5e66b3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b697e1be-4aae-403e-a569-92d7968a8a98", + "name": "Update search attribute in IdentityNow.", + "request": { + "name": "Update search attribute in IdentityNow.", + "description": { + "content": "This API updates an existing Search Attribute Configuration. The following fields are patchable:\n**name**, **displayName**, **applicationAttributes**\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "promotedMailAttribute", + "key": "name", + "disabled": true, + "description": { + "content": "(Required) Name of the Search Attribute Configuration to patch.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"newAttributeName\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/displayName\",\n \"value\": \"new attribute display name\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/applicationAttributes\",\n \"value\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "ffd1e5fd-9ac6-4ad0-a37c-bc5867e258ae", + "name": "Responds with the Search Attribute Configuration as updated.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"newAttributeName\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/displayName\",\n \"value\": \"new attribute display name\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/applicationAttributes\",\n \"value\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"newMailAttribute\",\n \"displayName\": \"New Mail Attribute\",\n \"applicationAttributes\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\",\n \"2c91808b79fd2422017a0b36008f396b\": \"employeeNumber\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3de0731b-3a24-4454-bc9d-1d7695196de9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"newAttributeName\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/displayName\",\n \"value\": \"new attribute display name\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/applicationAttributes\",\n \"value\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ebc15eb6-08ab-4219-9453-64f363e0c2c4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"newAttributeName\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/displayName\",\n \"value\": \"new attribute display name\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/applicationAttributes\",\n \"value\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2a9c6968-6de5-4f76-a304-4b215f18c3cd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"newAttributeName\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/displayName\",\n \"value\": \"new attribute display name\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/applicationAttributes\",\n \"value\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "78b9bc3f-8794-4d48-89ec-c6d5070c4852", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"newAttributeName\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/displayName\",\n \"value\": \"new attribute display name\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/applicationAttributes\",\n \"value\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "685de66e-e234-4dea-b478-98da3e1832ce", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"newAttributeName\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/displayName\",\n \"value\": \"new attribute display name\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/applicationAttributes\",\n \"value\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b85e21fe-afe3-4523-a36c-a4b401c48ac4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "accounts", + "search-attribute-config", + ":name" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"newAttributeName\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/displayName\",\n \"value\": \"new attribute display name\"\n },\n {\n \"op\": \"add\",\n \"path\": \"/applicationAttributes\",\n \"value\": {\n \"2c91808b79fd2422017a0b35d30f3968\": \"employeeNumber\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Segments", + "description": "Use this API to implement and customize access request segment functionality. \nWith this functionality in place, administrators can create and manage access request segments. \nSegments provide organizations with a way to make the access their users have even more granular - this can simply the access request process for the organization's users and improves security by reducing the risk of overprovisoning access. \n\nSegments represent sets of identities, all grouped by specified identity attributes, who are only able to see and access the access items associated with their segments.\nFor example, administrators could group all their organization's London office employees into one segment, \"London Office Employees,\" by their shared location. \nThe administrators could then define the access items the London employees would need, and the identities in the \"London Office Employees\" would then only be able to see and access those items.\n\nIn Identity Security Cloud, administrators can use the 'Access' drop-down menu and select 'Segments' to reach the 'Access Requests Segments' page. \nThis page lists all the existing access request segments, along with their statuses, enabled or disabled. \nAdministrators can use this page to create, edit, enable, disable, and delete segments. \nTo create a segment, an administrator must provide a name, define the identities grouped in the segment, and define the items the identities in the segment can access.\nThese items can be access profiles, roles, or entitlements. \n\nWhen administrators use the API to create and manage segments, they use a JSON expression in the `visibilityCriteria` object to define the segment's identities and access items. \n\nRefer to [Managing Access Request Segments](https://documentation.sailpoint.com/saas/help/requests/segments.html) for more information about segments in Identity Security Cloud.\n", + "item": [ + { + "id": "0f7baae1-d6a2-42fa-9613-0f76035ba308", + "name": "Create Segment", + "request": { + "name": "Create Segment", + "description": { + "content": "This API creates a segment. \n>**Note:** Segment definitions may take time to propagate to all identities.\nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d1466287-b97a-4976-8568-8a0cd92e2527", + "name": "Segment created", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cd43f9af-5687-4f7e-b5bf-3f65b1f283db", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a1d838c-cad8-4707-952e-5a1bb8d7b13f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90a00ad4-0202-4c50-b223-ad8d8afc159a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f9e08724-fa6f-443f-9310-c356985569bf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d36ca08-b045-408a-a4ab-2b49707f98c5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0158c56b-3415-488d-8346-a4f597c854f5", + "name": "List Segments", + "request": { + "name": "List Segments", + "description": { + "content": "This API returns a list of all segments. \nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "9cc2989b-7516-4a64-897d-0d533e7ca073", + "name": "List of all segments", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n },\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b824b18b-1461-4d4a-a9bc-4d48217814f6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b76b719b-1888-4fa7-be98-a5300a231ef4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e7e17ed-a2ed-4231-b357-0e4bc2b1c822", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5990f927-272f-4217-923f-136b1db33075", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c9311d26-7da2-4dc8-8ba1-3e3e75233fc6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "segments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c0b87ac2-d81b-4c29-95ba-4a2269464e65", + "name": "Get Segment by ID", + "request": { + "name": "Get Segment by ID", + "description": { + "content": "This API returns the segment specified by the given ID.\nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The segment ID to retrieve.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c4c39c71-f44f-4df1-ac6b-cc52880c0c24", + "name": "Segment", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "85b7e4b5-da95-45f7-8edf-446d4a54f60f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "92f1bc85-e198-4a58-a610-c6b08d3c85e4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f8fc869b-c8d8-4af3-8060-7e56c236ac33", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c249adef-e266-4747-bda4-403e67b20563", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e976847-1f1b-46bd-9d89-cc87c9de1b60", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4c0bf52-d763-48b1-ad41-240bf94893e6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a98f47c7-0231-4156-a1f7-986b2d9eed2d", + "name": "Delete Segment by ID", + "request": { + "name": "Delete Segment by ID", + "description": { + "content": "This API deletes the segment specified by the given ID.\n>**Note:** that segment deletion may take some time to become effective.\nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The segment ID to delete.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "01007001-1c69-474c-824e-06fb48ae53e2", + "name": "No content.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "23f20504-e3b5-4988-ad38-29f3bb949a22", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7172f4f-7643-48ee-9ee3-49c49ca5b73f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc546cd2-dd46-4af8-ab03-ff6e91bbd74a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "43756260-6afc-479a-a240-06a620ccaf1e", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8531654e-c3bc-4eef-991a-5eb22a8e7013", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "29934157-0e0d-403b-9277-e0336445635d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ab4fb0f5-2bc5-4998-a7b2-a627855f6000", + "name": "Update Segment", + "request": { + "name": "Update Segment", + "description": { + "content": "Use this API to update segment fields by using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n>**Note:** Changes to a segment may take some time to propagate to all identities.\nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The segment ID to modify.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/visibilityCriteria\",\n \"value\": {\n \"expression\": {\n \"operator\": \"AND\",\n \"children\": [\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Philadelphia\"\n }\n },\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"department\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"HR\"\n }\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7aa50b2e-ff63-4ad9-963c-23737b15607b", + "name": "Indicates the PATCH operation succeeded, and returns the segment's new representation.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/visibilityCriteria\",\n \"value\": {\n \"expression\": {\n \"operator\": \"AND\",\n \"children\": [\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Philadelphia\"\n }\n },\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"department\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"HR\"\n }\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"segment-xyz\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This segment represents xyz\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"support\"\n },\n \"visibilityCriteria\": {\n \"expression\": {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Austin\"\n }\n }\n },\n \"active\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ebe512f3-5e47-4b78-9b92-d7d85ff4ceab", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/visibilityCriteria\",\n \"value\": {\n \"expression\": {\n \"operator\": \"AND\",\n \"children\": [\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Philadelphia\"\n }\n },\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"department\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"HR\"\n }\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "574b8c78-5989-4c3a-ac70-67884e5c95d9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/visibilityCriteria\",\n \"value\": {\n \"expression\": {\n \"operator\": \"AND\",\n \"children\": [\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Philadelphia\"\n }\n },\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"department\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"HR\"\n }\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0551e710-2b41-4717-8868-2d64c8da3fc8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/visibilityCriteria\",\n \"value\": {\n \"expression\": {\n \"operator\": \"AND\",\n \"children\": [\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Philadelphia\"\n }\n },\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"department\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"HR\"\n }\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5cc822c5-d4ac-428a-88f6-b64dc62415d2", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/visibilityCriteria\",\n \"value\": {\n \"expression\": {\n \"operator\": \"AND\",\n \"children\": [\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Philadelphia\"\n }\n },\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"department\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"HR\"\n }\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "feebfde6-ffdc-4637-b188-c97e4f1b4f77", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/visibilityCriteria\",\n \"value\": {\n \"expression\": {\n \"operator\": \"AND\",\n \"children\": [\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Philadelphia\"\n }\n },\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"department\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"HR\"\n }\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d6eaf117-31c1-4884-af7e-db4e62205819", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "segments", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/visibilityCriteria\",\n \"value\": {\n \"expression\": {\n \"operator\": \"AND\",\n \"children\": [\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"location\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"Philadelphia\"\n }\n },\n {\n \"operator\": \"EQUALS\",\n \"attribute\": \"department\",\n \"value\": {\n \"type\": \"STRING\",\n \"value\": \"HR\"\n }\n }\n ]\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Service Desk Integration", + "description": "Use this API to build an integration between Identity Security Cloud and a service desk ITSM (IT service management) solution. \nOnce an administrator builds this integration between Identity Security Cloud and a service desk, users can use Identity Security Cloud to raise and track tickets that are synchronized between Identity Security Cloud and the service desk. \n\nIn Identity Security Cloud, administrators can create a service desk integration (sometimes also called an SDIM, or Service Desk Integration Module) by going to Admin > Connections > Service Desk and selecting 'Create.'\n\nTo create a Generic Service Desk integration, for example, administrators must provide the required information on the General Settings page, the Connectivity and Authentication information, Ticket Creation information, Status Mapping information, and Requester Source information on the Configure page. \nRefer to [Integrating SailPoint with Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html) for more information about the process of setting up a Generic Service Desk in Identity Security Cloud.\n\nAdministrators can create various service desk integrations, all with their own nuances. \nThe following service desk integrations are available: \n\n- [Atlassian Cloud Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_cloud/help/integrating_jira_cloud_sd/introduction.html)\n\n- [Atlassian Server Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_server/help/integrating_jira_server_sd/introduction.html)\n\n- [BMC Helix ITSM Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_ITSM_sd/help/integrating_bmc_helix_itsm_sd/intro.html)\n\n- [BMC Helix Remedyforce Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_remedyforce_sd/help/integrating_bmc_helix_remedyforce_sd/intro.html)\n\n- [Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html)\n\n- [ServiceNow Service Desk](https://documentation.sailpoint.com/connectors/servicenow/sdim/help/integrating_servicenow_sdim/intro.html)\n\n- [Zendesk Service Desk](https://documentation.sailpoint.com/connectors/zendesk/help/integrating_zendesk_sd/introduction.html)\n", + "item": [ + { + "id": "9d11349b-4579-4ac6-8982-09ebe3b28b5f", + "name": "List existing Service Desk Integrations", + "request": { + "name": "List existing Service Desk Integrations", + "description": { + "content": "Get a list of ServiceDeskIntegrationDto for existing Service Desk Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq*\n\n**type**: *eq, in*\n\n**cluster**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"John Doe\"" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c3fc90f6-e052-4bef-b20e-833b2214ae2f", + "name": "List of ServiceDeskIntegrationDto", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq*\n\n**type**: *eq, in*\n\n**cluster**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"John Doe\"" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n },\n {\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba4959ef-35fd-4c77-9ed1-4a91983a5830", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq*\n\n**type**: *eq, in*\n\n**cluster**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"John Doe\"" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8ab6d67-3125-4599-b008-c3ef34a6a5a3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq*\n\n**type**: *eq, in*\n\n**cluster**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"John Doe\"" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "110097af-fc6d-44e4-afa7-32a7d7f3748c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq*\n\n**type**: *eq, in*\n\n**cluster**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"John Doe\"" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d339d023-da2e-4ab1-a451-71f6458fda80", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq*\n\n**type**: *eq, in*\n\n**cluster**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"John Doe\"" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "80bb2d0e-0592-4a53-ba3c-8e8e28c35004", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq*\n\n**type**: *eq, in*\n\n**cluster**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"John Doe\"" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70b310f0-873d-4166-9d43-0de432966a15", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq*\n\n**type**: *eq, in*\n\n**cluster**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"John Doe\"" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "38c9df65-5814-410a-af75-b92184e6f8d3", + "name": "Create new Service Desk integration", + "request": { + "name": "Create new Service Desk integration", + "description": { + "content": "Create a new Service Desk Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "afe92026-6c3d-4a13-bfc6-60da488b95b7", + "name": "details of the created integration", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba1d20e4-701d-4662-8bf3-7afccac0c1a8", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e1cba1f-6023-48d6-b7ac-42ac2f970916", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7405691b-7b43-4764-8100-5896b51a83bd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4cf35fb8-9afb-4651-904d-0459b318106c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aafc0363-10fa-4899-8c0a-83de8c2eabc2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9e46ac06-5af5-4077-929d-d09baf1cc26e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1207a91b-04db-4648-9f6d-5a6a5a462ff3", + "name": "Get a Service Desk integration", + "request": { + "name": "Get a Service Desk integration", + "description": { + "content": "Get an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "anId", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Service Desk integration to get", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "137da151-75ae-468a-a0b7-e516638aa741", + "name": "ServiceDeskIntegrationDto with the given ID", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "43153c12-dfd0-41e3-8a86-d8463a6c13e5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "810fcafd-6ab8-45ac-b8d6-f6eaddd79280", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "123a47ab-9de8-4bdc-a25b-5b01d517faeb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ff8b2513-c980-4dbb-9bc1-6f7c27ed9da2", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6ae456b-6049-4342-ab19-ac98d53aeb18", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6e8c2fdb-c175-40c7-b541-a460d2ca970f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "500bf4fe-d655-4de3-ac7c-6f79437e9873", + "name": "Update a Service Desk integration", + "request": { + "name": "Update a Service Desk integration", + "description": { + "content": "Update an existing Service Desk integration by ID with updated value in JSON form as the request body. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "anId", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Service Desk integration to update", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "55232fcc-b92a-4b2b-a771-9218c7bbaf02", + "name": "ServiceDeskIntegrationDto as updated", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7f8092d5-b43c-401a-a557-f518a4711d35", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1d9c0427-dd18-4c6a-be6f-5c279982d1f7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "011d90dc-abb2-490c-91e7-9967c549b5fb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a72b0a9-2a43-4535-a70c-bd1e0145418d", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aaebe530-0e1e-4e3e-a0c6-7d4b0d6e45f3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "56846ba5-628e-4930-807b-8e9fe6891644", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "117a36b7-933d-40bd-98ff-3c55f46cc187", + "name": "Delete a Service Desk integration", + "request": { + "name": "Delete a Service Desk integration", + "description": { + "content": "Delete an existing Service Desk integration by ID. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "anId", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of Service Desk integration to delete", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "3e6d6a77-ab37-4a95-998e-cbc4193df143", + "name": "Service Desk integration with the given ID successfully deleted", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "4772afd8-5917-434f-af76-62b3abf61e33", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1f923f39-972d-4cc0-a099-19cff4c7676b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f241380d-df8c-4aa4-9181-7e115385dbd2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be580995-8d32-4bf7-b884-5a68e64e05a7", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f5eba733-9a1e-460d-b86a-5a3c418c090f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "41d8aecd-5b77-4591-ac3d-ae6ce4baefb9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1f56ec81-8f87-4441-93c1-229c4ba65550", + "name": "Service Desk Integration Update PATCH", + "request": { + "name": "Service Desk Integration Update PATCH", + "description": { + "content": "Update an existing ServiceDeskIntegration by ID with a PATCH request.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "anId", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Service Desk integration to update", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/ownerRef\",\n \"value\": {\n \"id\": \"2c9180867d05b227017d09921a205b4d\",\n \"type\": \"IDENTITY\",\n \"name\": \"Angelo2 tester\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "fb57dca3-4afe-4c30-b35e-ad0c56d21f31", + "name": "ServiceDeskIntegrationDto as updated", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/ownerRef\",\n \"value\": {\n \"id\": \"2c9180867d05b227017d09921a205b4d\",\n \"type\": \"IDENTITY\",\n \"name\": \"Angelo2 tester\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"id\": \"62945a496ef440189b1f03e3623411c8\",\n \"created\": \"2024-01-17T18:45:25.994Z\",\n \"modified\": \"2024-02-18T18:45:25.994Z\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a0ce170-8115-42ba-9d93-be2770ae9b2c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/ownerRef\",\n \"value\": {\n \"id\": \"2c9180867d05b227017d09921a205b4d\",\n \"type\": \"IDENTITY\",\n \"name\": \"Angelo2 tester\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "38df8d26-7de2-4eb5-9187-d9a739dbbc79", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/ownerRef\",\n \"value\": {\n \"id\": \"2c9180867d05b227017d09921a205b4d\",\n \"type\": \"IDENTITY\",\n \"name\": \"Angelo2 tester\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01cafee4-2646-4383-9d4a-bdc7c461010d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/ownerRef\",\n \"value\": {\n \"id\": \"2c9180867d05b227017d09921a205b4d\",\n \"type\": \"IDENTITY\",\n \"name\": \"Angelo2 tester\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6a9ce23-370f-49e9-b2e7-5358ae71d5d1", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/ownerRef\",\n \"value\": {\n \"id\": \"2c9180867d05b227017d09921a205b4d\",\n \"type\": \"IDENTITY\",\n \"name\": \"Angelo2 tester\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0736d6f0-3b82-425e-b6fe-409101a6415f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/ownerRef\",\n \"value\": {\n \"id\": \"2c9180867d05b227017d09921a205b4d\",\n \"type\": \"IDENTITY\",\n \"name\": \"Angelo2 tester\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f74fea65-2052-4070-aba4-0d3d012cc3e7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/ownerRef\",\n \"value\": {\n \"id\": \"2c9180867d05b227017d09921a205b4d\",\n \"type\": \"IDENTITY\",\n \"name\": \"Angelo2 tester\"\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "debb2d9b-b32b-4786-9216-55324f8f52b9", + "name": "Service Desk Integration Types List.", + "request": { + "name": "Service Desk Integration Types List.", + "description": { + "content": "This API endpoint returns the current list of supported Service Desk integration types. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "252a0a77-5793-421c-860a-a6378067879f", + "name": "Responds with an array of the currently supported Service Desk integration types.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"aType\",\n \"scriptName\": \"aScriptName\",\n \"name\": \"aName\"\n },\n {\n \"type\": \"aType\",\n \"scriptName\": \"aScriptName\",\n \"name\": \"aName\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ecacc321-2e2a-438f-a711-bc3939001a6a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c48f34a7-31d8-44e5-9b97-73f65b3a9c95", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1accf835-bb43-4fd9-b300-77bcee463ea2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f2f5c410-a6c9-42e9-8118-86c045f7a395", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "906b914a-57ef-4648-a496-ba82191fc2c6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a37c31d-8ba7-492d-aaad-2dd409f02c3f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6e580f90-5bd5-4129-85dd-f2c48d011ecb", + "name": "Service Desk integration template by scriptName.", + "request": { + "name": "Service Desk integration template by scriptName.", + "description": { + "content": "This API endpoint returns an existing Service Desk integration template by scriptName. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations", + "templates", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "aScriptName", + "key": "scriptName", + "disabled": true, + "description": { + "content": "(Required) The scriptName value of the Service Desk integration template to get", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a35101d9-bb6f-44ac-b1ec-6bdaec539b65", + "name": "Responds with the ServiceDeskIntegrationTemplateDto with the specified scriptName.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "templates", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"name\": \"aName\",\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"type\": \"Web Service SDIM\",\n \"id\": \"id12345\",\n \"created\": \"2015-05-28T14:07:17Z\",\n \"modified\": \"2015-05-28T14:07:17Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9ed9a5fc-5512-4a2f-979d-b08676867b93", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "templates", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ab2b8ed-c11c-4d88-a539-04cdc00c54f5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "templates", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "398db1b0-c784-46bb-83f0-84b68e184b52", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "templates", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ab3aa44-7192-454e-9c41-a531f2f507cb", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "templates", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "06947565-2a51-45c1-80ff-d8d90b7c8c6f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "templates", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e6486bf-952d-4576-b36b-67912ef603a1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "templates", + ":scriptName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "aef94415-b35e-464c-aa41-61799fa2b7ab", + "name": "Get the time check configuration", + "request": { + "name": "Get the time check configuration", + "description": { + "content": "Get the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "4cf6fd50-c92d-4fbd-b37c-f374ae6d16b6", + "name": "QueuedCheckConfigDetails containing the configured values", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "326a36b4-7f5c-48a0-abf8-3cdbd5f7f830", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a469ec36-9b12-42ad-98a6-1a00dd9479ac", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cfb0964d-66c7-4155-9810-333ac7d4f95e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "111b05db-66b5-4084-9ede-9a8102084e28", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5f739eb7-290e-48b8-92c7-e180d292735d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e5691fc3-97ee-4de9-bc7a-9caf1d2d0c87", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d726929e-d979-477b-9753-9b6115b6704f", + "name": "Update the time check configuration", + "request": { + "name": "Update the time check configuration", + "description": { + "content": "Update the time check configuration of queued SDIM tickets. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "f83c828d-10b7-4486-a4c7-92d3d3f41716", + "name": "QueuedCheckConfigDetails as updated", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "89b7a457-9571-42d1-8fc5-14a70cb74310", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e82647b2-8e30-49c1-9b9b-8a5aaa0af991", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b337d7b7-477b-4494-8f39-e7c44f3f144b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "150bfea1-21ee-4f88-8f79-8e10e9c7817a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47c7eea4-ed90-443e-aa21-c7ba590a3f2e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b39ddc39-7915-4c45-a40f-94835ba282a7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "service-desk-integrations", + "status-check-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"provisioningStatusCheckIntervalMinutes\": \"30\",\n \"provisioningMaxStatusCheckDays\": \"2\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "SIM Integrations", + "description": "Use this API to administer IdentityNow's Service Integration Module, or SIM integration with ServiceNow, so that it converts IdentityNow provisioning actions into tickets in ServiceNow.\n\nServiceNow is a software platform that supports IT service management and automates common business processes for requesting and fulfilling service requests across a business enterprise.\n\nYou must have an IdentityNow ServiceNow ServiceDesk license to use this integration. Contact your Customer Success Manager for more information.\n\nService Desk integration for IdentityNow and in deprecation - not available for new implementation, as of July 21st, 2021. As per SailPoint’s [support policy](https://community.sailpoint.com/t5/Connector-Directory/SailPoint-Support-Policy-for-Connectivity/ta-p/79422), all existing SailPoint IdentityNow customers using this legacy integration will be supported until July 2022.\n", + "item": [ + { + "id": "00903823-cfcc-4f0e-9322-dbb8f135d576", + "name": "Update an existing SIM integration", + "request": { + "name": "Update an existing SIM integration", + "description": { + "content": "Update an existing SIM integration. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "12345", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The id of the integration.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "12ac0f7d-e835-4c86-8ee4-38ac3ed1981d", + "name": "details of the updated integration", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "41bf47e7-9427-4cf8-8d47-fb9c0213c0ae", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3dee8041-a02c-4dcb-9aa0-4691e5268dbe", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec353e43-cf32-4c47-a525-ca31bdae98e7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e14d9a1c-60a6-4740-a416-7ccd342d1375", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "786aad4a-9962-4cc3-9a83-86498f433671", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce979b32-cfab-414e-b40e-362f58b857b7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b3b35e38-32f0-4124-847a-8fe4ae7e528c", + "name": "Get a SIM integration details.", + "request": { + "name": "Get a SIM integration details.", + "description": { + "content": "Get the details of a SIM integration. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "12345", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The id of the integration.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5d16c125-0ec3-4fc8-a28c-ae9c7e788e82", + "name": "The DTO containing the details of the SIM integration", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4c040d2c-7cf2-4f7f-8cc0-12464c935b74", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "357fb25e-4e84-4df1-abe1-77a5da47173f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "db34b484-1e39-42d2-af7e-44623da1b92a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9c995fe0-5eb5-4596-b591-7957428ee4aa", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f96a3dd3-f964-4cee-a488-2c097b1fbebf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5b6af62a-c4c6-4d07-ad20-4ccdcde8868a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f60ce25c-d39c-44a1-a0ac-ca3e0e5759d4", + "name": "Delete a SIM integration", + "request": { + "name": "Delete a SIM integration", + "description": { + "content": "Get the details of a SIM integration. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "12345", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The id of the integration to delete.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "3abd479b-d912-44f9-8fd7-2093662b9669", + "name": "No content response", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "20ced6bc-1d4b-4f8d-a8fe-6b57afa5b860", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df9d46e0-0e4d-4d79-974e-aa1b4617edcd", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "caa3d613-e018-4a06-8283-80c01b0535f1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4106e278-d980-48d1-b11f-ac8a15156810", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f32a36e-4348-4735-a312-aa571f0b76c6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8a5a992-821a-40fb-bc1b-e8753f261094", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9aff4272-2847-4ef3-9915-dc5a86efbdda", + "name": "Patch a SIM attribute.", + "request": { + "name": "Patch a SIM attribute.", + "description": { + "content": "Patch a SIM attribute given a JsonPatch object. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "12345", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) SIM integration id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "91e3cccf-3141-4dfe-9008-1a163439cd69", + "name": "The updated DTO containing the details of the SIM integration.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d61c2d91-a531-4d3f-9fc8-6cdf44e2b654", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "94b0f66c-6570-4a34-bbb3-62c01b4cc562", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f850887b-0c6d-4fea-9abf-e286e06d6489", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f12a6df9-e7ca-4df1-af7c-0f673afb5773", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6dd123dd-ed02-451e-a3e9-3d7d4c271566", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c6934a2-df3f-4288-9902-6e8fbb6cac60", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8becd797-5afb-4290-acd0-8e564468ab40", + "name": "Patch a SIM beforeProvisioningRule attribute.", + "request": { + "name": "Patch a SIM beforeProvisioningRule attribute.", + "description": { + "content": "Patch a SIM beforeProvisioningRule attribute given a JsonPatch object. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "sim-integrations", + ":id", + "beforeProvisioningRule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "12345", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) SIM integration id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "edc3f8a6-3d18-4253-8770-4731e9c9338f", + "name": "The updated DTO containing the details of the SIM integration.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id", + "beforeProvisioningRule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eeeab2d4-1cb6-4fe6-a3a5-de323c6bc073", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id", + "beforeProvisioningRule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e4a887b5-19c8-4a6d-a8e5-b4f41033739e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id", + "beforeProvisioningRule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "769d6c0b-cdc4-458a-b447-3d764473db5c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id", + "beforeProvisioningRule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "94f9a7bb-7fa5-45c7-99af-14d6bf1d1641", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id", + "beforeProvisioningRule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9daf03ce-2696-437e-ad87-762d97c5c90e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id", + "beforeProvisioningRule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a770e01-2eab-42d1-a49e-acef315a81f7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations", + ":id", + "beforeProvisioningRule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n\t \"op\": \"replace\",\n\t \"path\": \"/description\",\n\t \"value\": \"A new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1f2a2bfe-b7cc-45cd-9538-f532c5470db0", + "name": "List the existing SIM integrations.", + "request": { + "name": "List the existing SIM integrations.", + "description": { + "content": "List the existing SIM integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c02a0a85-3ccc-430b-89c5-bd84160f62a4", + "name": "The DTO containing the details of the SIM integration", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "15c1147a-f4cb-4deb-bedd-8a799feb1ade", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0bd3dbab-a816-454f-99ed-32c574601ea4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "460d0399-904e-463c-9d90-c46d7475b193", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "582c7a65-ae91-4f1a-8901-8729b2877a6f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ac62b500-f525-44a3-8b35-104674671f54", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3610dcc2-0bf7-4aba-a78d-8919441c2df8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b2e0a447-cff5-4c01-9f06-13e558d60802", + "name": "Create new SIM integration", + "request": { + "name": "Create new SIM integration", + "description": { + "content": "Create a new SIM Integrations. A token with Org Admin or Service Desk Admin authority is required to access this endpoint.", + "type": "text/plain" + }, + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3eed75da-4835-4096-9027-5561a5af35e5", + "name": "details of the created integration", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Service Desk Integration Name\",\n \"description\": \"A very nice Service Desk integration\",\n \"type\": \"ServiceNowSDIM\",\n \"attributes\": {\n \"property\": \"value\",\n \"key\": \"value\"\n },\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Support\"\n },\n \"clusterRef\": {\n \"type\": \"CLUSTER\",\n \"id\": \"2c9180847a7fccdd017aa5896f9f4f6f\",\n \"name\": \"Training VA\"\n },\n \"cluster\": \"xyzzy999\",\n \"managedSources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"provisioningConfig\": {\n \"universalManager\": true,\n \"managedResourceRefs\": [\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 1\"\n },\n {\n \"type\": \"SOURCE\",\n \"name\": \"My Source 2\"\n }\n ],\n \"planInitializerScript\": {\n \"source\": \"\\\\r\\\\n\\\\r\\\\n\\\\r\\\\n Before Provisioning Rule which changes disables and enables to a modify.\\\\r\\\\n \\n\"\n },\n \"noProvisioningRequests\": true,\n \"provisioningRequestExpiration\": 7\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"048eb3d55c5a4758bd07dccb87741c78\",\n \"name\": \"Before Provisioning Airtable Rule\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c84b25bf-c17d-4eee-b4d2-54b1b22a3a78", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e1d12076-abd7-4dfd-9a74-f587a32192e1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1a76281-7159-4ba2-b69f-1c55a2ac7637", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0faaca37-72e0-436b-8d47-f67a6d703369", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7c4e54d-0ca5-4a8b-83de-043d7f01f16d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d7efbe8-ff84-4510-ba38-f76dd1e741a1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sim-integrations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"aName\",\n \"id\": \"id12345\",\n \"created\": \"2023-01-03T21:16:22.432Z\",\n \"modified\": \"2023-01-03T21:16:22.432Z\",\n \"description\": \"Integration description\",\n \"type\": \"ServiceNow Service Desk\",\n \"attributes\": {},\n \"sources\": [\n \"2c9180835d191a86015d28455b4a2329\",\n \"2c5680835d191a85765d28455b4a9823\"\n ],\n \"cluster\": \"xyzzy999\",\n \"statusMap\": {\n \"closed_cancelled\": \"Failed\",\n \"closed_complete\": \"Committed\",\n \"closed_incomplete\": \"Failed\",\n \"closed_rejected\": \"Failed\",\n \"in_process\": \"Queued\",\n \"requested\": \"Queued\"\n },\n \"request\": {\n \"description\": \"SailPoint Access Request,\",\n \"req_description\": \"The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,\",\n \"req_short_description\": \"SailPoint New Access Request Created from IdentityNow,\",\n \"short_description\": \"SailPoint Access Request $!plan.arguments.identityRequestId\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "SOD Policies", + "description": "Use this API to implement and manage \"separation of duties\" (SOD) policies. \nWith SOD policy functionality in place, administrators can organize the access in their tenants to prevent individuals from gaining conflicting or excessive access. \n\n\"Separation of duties\" refers to the concept that people shouldn't have conflicting sets of access - all their access should be configured in a way that protects your organization's assets and data. \nFor example, people who record monetary transactions shouldn't be able to issue payment for those transactions.\nAny changes to major system configurations should be approved by someone other than the person requesting the change. \n\nOrganizations can use \"separation of duties\" (SOD) policies to enforce and track their internal security rules throughout their tenants.\nThese SOD policies limit each user's involvement in important processes and protects the organization from individuals gaining excessive access. \n\nTo create SOD policies in Identity Security Cloud, administrators use 'Search' and then access 'Policies'.\nTo create a policy, they must configure two lists of access items. Each access item can only be added to one of the two lists.\nThey can search for the entitlements they want to add to these access lists.\n\n>Note: You can have a maximum of 500 policies of any type (including general policies) in your organization. In each access-based SOD policy, you can have a maximum of 50 entitlements in each access list. \n\nOnce a SOD policy is in place, if an identity has access items on both lists, a SOD violation will trigger. \nThese violations are included in SOD violation reports that other users will see in emails at regular intervals if they're subscribed to the SOD policy.\nThe other users can then better help to enforce these SOD policies. \n\nTo create a subscription to a SOD policy in Identity Security Cloud, administrators use 'Search' and then access 'Layers'.\nThey can create a subscription to the policy and schedule it to run at a regular interval. \n\nRefer to [Managing Policies](https://documentation.sailpoint.com/saas/help/sod/manage-policies.html) for more information about SOD policies. \n\nRefer to [Subscribe to a SOD Policy](https://documentation.sailpoint.com/saas/help/sod/policy-violations.html#subscribe-to-an-sod-policy) for more information about SOD policy subscriptions.\n", + "item": [ + { + "id": "de224c1e-1bed-4527-8347-09f9f308b1df", + "name": "Create SOD policy", + "request": { + "name": "Create SOD policy", + "description": { + "content": "This creates both General and Conflicting Access Based policy, with a limit of 50 entitlements for each (left & right) criteria for Conflicting Access Based SOD policy.\nRequires role of ORG_ADMIN.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "fc228e2a-b7b7-4961-80c6-366c4a5035af", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Conflicting-Policy-Name\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"policyQuery\": \"@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "490c6063-9bc0-4647-889b-d2a897b7893f", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"name\": \"General-Policy-Name\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"description\": \"Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d37dd010-615f-4558-840b-e2e3b48431bb", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a78bcbe7-5926-4e7c-bd20-76d27930d3f1", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"name\": \"General-Policy-Name\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a4ae6ab0-cb7c-4769-9cff-6f4a3ad09821", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "98696733-9f08-42e2-b2c4-0e46b92e1a8e", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"name\": \"General-Policy-Name\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17a2e1c7-1ce5-4398-9bd3-8bd397ad6e60", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b74873f6-2a3e-458b-886f-3dfe6121d85b", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"name\": \"General-Policy-Name\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90f2e6c2-dd83-4480-9e2b-7c9e314b1578", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df56de51-3618-49ef-bda5-ef1eeaf6cc63", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"name\": \"General-Policy-Name\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "15b6af25-2ca0-4b7d-b83f-19efcda3c924", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "964d7141-7714-4b24-beb0-ba130366cd0d", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"name\": \"General-Policy-Name\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "610f3020-840d-4e26-90e1-7b743bbdb9d9", + "name": "List SOD policies", + "request": { + "name": "List SOD policies", + "description": { + "content": "This gets list of all SOD policies.\nRequires role of ORG_ADMIN", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in*\n\n**state**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"bc693f07e7b645539626c25954c58554\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "72ffe6f0-5044-4849-963f-82b891c17ba8", + "name": "List of all SOD policies.", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in*\n\n**state**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"bc693f07e7b645539626c25954c58554\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Conflicting-Policy-Name\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"policyQuery\": \"@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n },\n {\n \"description\": \"Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c536f51c-80fc-4e04-a199-15cf5d4c7265", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in*\n\n**state**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"bc693f07e7b645539626c25954c58554\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba7246bc-c066-4b3d-bc04-0226acff78c7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in*\n\n**state**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"bc693f07e7b645539626c25954c58554\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57fb67e5-277b-41e8-8a4c-7297c34a4e02", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in*\n\n**state**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"bc693f07e7b645539626c25954c58554\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49f82b3a-0edb-4c50-885d-9c218cd9a414", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in*\n\n**state**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"bc693f07e7b645539626c25954c58554\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "15d64ab8-f4bb-42ba-a73b-0ab1b45a55e2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in*\n\n**state**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"bc693f07e7b645539626c25954c58554\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name, created, modified, description**", + "type": "text/plain" + }, + "key": "sorters", + "value": "id,name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2fdcf4ed-86c4-4cb0-a805-97761960c694", + "name": "Get SOD policy by ID", + "request": { + "name": "Get SOD policy by ID", + "description": { + "content": "This gets specified SOD policy.\nRequires role of ORG_ADMIN.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f943-47e9-4562-b5bb-8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the SOD Policy to retrieve.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c8a1ea44-3122-4891-ae27-d923b92655f1", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Conflicting-Policy-Name\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"This policy ensures compliance of xyz\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"policyQuery\": \"@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "115775c5-3686-43a4-99a0-ebf1223000ad", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"description\": \"Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53dc8c51-853a-491e-aa85-ae1743523c20", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "53a2879f-d955-4003-9340-e9ac657bd919", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2415dfa0-3be4-4cec-bce5-590d96192d48", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5dedded1-2544-4fc9-964e-b23b3ba8888e", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "24cbe388-523d-4828-832c-e550b3dd1d50", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "11f90e6a-0380-4163-bd1f-1d3178a6d5da", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "56ab8dfc-e3b9-4a7b-8b0a-c43f08bc507a", + "name": "Update SOD policy by ID", + "request": { + "name": "Update SOD policy by ID", + "description": { + "content": "This updates a specified SOD policy.\nRequires role of ORG_ADMIN.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f943-47e9-4562-b5bb-8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the SOD policy to update.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"Modified Description\",\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "97666ee0-453d-4c69-b2d5-a25e9d63154d", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"Modified Description\",\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Conflicting-Policy-Name\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Modified description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"policyQuery\": \"@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c9180866166b5b0016167c32ef31a68 OR id:2c9180866166b5b0016167c32ef31a69)\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90065713-bc32-4f0a-b350-df939e2633f3", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Modified Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"description\": \"Modified Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "594ffcfe-13a3-4312-9017-46716d319723", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"Modified Description\",\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "005a5029-729d-45ff-8a63-7d593646e6d8", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Modified Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "779567d1-acba-44ea-a57a-d7913359053a", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"Modified Description\",\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d609d9bf-13a1-4891-bc61-04ae27090da2", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Modified Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b6f88fef-d7a2-4974-9e77-5d95f90abe08", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"Modified Description\",\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "19aae588-f1b2-4417-b4d5-8436aa2bc3ed", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Modified Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5271f205-7094-47a6-bab5-a90aab0dc14b", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"Modified Description\",\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "295f187e-1f05-45a5-b6f3-ea9f7cd3817f", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Modified Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e9f7d16d-dd5a-43c6-819f-167ccc3f237f", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"Modified Description\",\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4076a926-98e8-4ab8-baa4-308169047e16", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Modified Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d0ba65f-3d1c-4070-8223-586699f84d64", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Conflicting-Policy-Name\",\n \"description\": \"Modified Description\",\n \"externalPolicyReference\": \"XYZ policy\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a68\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a69\"\n }\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "259c513b-bbfe-455a-9d60-c18d1bb76304", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Modified Description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4330a77f-9b53-409f-8298-6359c75053cb", + "name": "Delete SOD policy by ID", + "request": { + "name": "Delete SOD policy by ID", + "description": { + "content": "This deletes a specified SOD policy.\nRequires role of ORG_ADMIN.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.", + "type": "text/plain" + }, + "key": "logical", + "value": "true" + } + ], + "variable": [ + { + "type": "any", + "value": "ef38f943-47e9-4562-b5bb-8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the SOD Policy to delete.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "3b1f658f-5783-48c5-b583-3aef74527ebd", + "name": "No content.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.", + "type": "text/plain" + }, + "key": "logical", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "d31f5315-6992-4946-ac58-6695234baf15", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.", + "type": "text/plain" + }, + "key": "logical", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec15acc9-326b-4712-aa6e-a5228b913e01", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.", + "type": "text/plain" + }, + "key": "logical", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a125a965-0fa0-407d-8d7d-e4ff4e670442", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.", + "type": "text/plain" + }, + "key": "logical", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e343ab3e-ef95-4ff5-add6-d375b0279239", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.", + "type": "text/plain" + }, + "key": "logical", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1a57b7e-18aa-4b42-a4e7-98d887d7b6f9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.", + "type": "text/plain" + }, + "key": "logical", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3d7e17ed-8384-4b38-bd5b-75cd2a8a2bef", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.", + "type": "text/plain" + }, + "key": "logical", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "75e69ee7-ce37-48df-89ff-a3169645e55c", + "name": "Patch SOD policy by ID", + "request": { + "name": "Patch SOD policy by ID", + "description": { + "content": "Allows updating SOD Policy fields other than [\"id\",\"created\",\"creatorId\",\"policyQuery\",\"type\"] using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\nRequires role of ORG_ADMIN.\nThis endpoint can only patch CONFLICTING_ACCESS_BASED type policies. Do not use this endpoint to patch general policies - doing so will build an API exception. ", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c918083-5d19-1a86-015d-28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the SOD policy being modified.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/leftCriteria/name\",\n \"value\": \"money-in-modified\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/rightCriteria\",\n \"value\": {\n \"name\": \"money-out-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d1ee6a3e-2ae3-494c-a7a1-0ec52e3252d5", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/leftCriteria/name\",\n \"value\": \"money-in-modified\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/rightCriteria\",\n \"value\": {\n \"name\": \"money-out-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Conflicting-Policy-Name\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Modified description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"XYZ policy\",\n \"policyQuery\": \"@access(id:2c9180866166b5b0016167c32ef31a66 OR id:2c9180866166b5b0016167c32ef31a67) AND @access(id:2c918087682f9a86016839c0509c1ab2)\",\n \"compensatingControls\": \"Have a manager review the transaction decisions for their \\\"out of compliance\\\" employee\",\n \"correctionAdvice\": \"Based on the role of the employee, managers should remove access that is not required for their job function.\",\n \"state\": \"ENFORCED\",\n \"tags\": [\n \"string\"\n ],\n \"creatorId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"modifierId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"violationOwnerAssignmentConfig\": {\n \"assignmentRule\": \"MANAGER\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"Violation Owner Name\"\n }\n },\n \"scheduled\": true,\n \"type\": \"CONFLICTING_ACCESS_BASED\",\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"name\": \"money-in-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c9180866166b5b0016167c32ef31a67\"\n }\n ]\n },\n \"rightCriteria\": {\n \"name\": \"money-out-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\"\n }\n ]\n }\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a459993-759f-4fe1-a0ae-9e73f2f7de78", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"description\": \"Modified description\",\n \"ownerRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c918087682f9a86016839c05e8f1aff\",\n \"name\": \"Owner Name\"\n },\n \"externalPolicyReference\": \"New policy\",\n \"policyQuery\": \"policy query implementation\",\n \"compensatingControls\": \"Compensating controls\",\n \"correctionAdvice\": \"Correction advice\",\n \"tags\": [],\n \"state\": \"ENFORCED\",\n \"scheduled\": false,\n \"creatorId\": \"2c918087682f9a86016839c05e8f1aff\",\n \"modifierId\": null,\n \"violationOwnerAssignmentConfig\": null,\n \"type\": \"GENERAL\",\n \"conflictingAccessCriteria\": null,\n \"id\": \"52c11db4-733e-4c31-949a-766c95ec95f1\",\n \"name\": \"General-Policy-Name\",\n \"created\": \"2020-05-12T19:47:38Z\",\n \"modified\": \"2020-05-12T19:47:38Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9fee9e7c-91a4-4035-a977-0a21e41a331d", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/leftCriteria/name\",\n \"value\": \"money-in-modified\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/rightCriteria\",\n \"value\": {\n \"name\": \"money-out-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55c922ab-3bd1-4bd9-b3c8-b4890dc6e910", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ee238a4e-6821-4ec3-8cc1-f300704b950b", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/leftCriteria/name\",\n \"value\": \"money-in-modified\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/rightCriteria\",\n \"value\": {\n \"name\": \"money-out-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec62ffa9-e0a8-4e13-8a3b-5690a5593926", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "372c1573-d774-422c-874b-3e77a50a3fb3", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/leftCriteria/name\",\n \"value\": \"money-in-modified\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/rightCriteria\",\n \"value\": {\n \"name\": \"money-out-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b5f55257-310e-4e37-938a-e433c17d04e7", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "29f651fb-02aa-4c0a-a99c-587f74fe7978", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/leftCriteria/name\",\n \"value\": \"money-in-modified\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/rightCriteria\",\n \"value\": {\n \"name\": \"money-out-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8beaf4a0-79ce-463e-9f46-5be5da5ebb1c", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9469cf1-dbb6-4452-b4ad-47546994e7dd", + "name": "Conflicting Access Based Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/leftCriteria/name\",\n \"value\": \"money-in-modified\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/rightCriteria\",\n \"value\": {\n \"name\": \"money-out-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a32ca6ad-3206-4ab6-b670-dd102ae53bd4", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c786ebff-11f3-47c4-a702-98513d9bc875", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/leftCriteria/name\",\n \"value\": \"money-in-modified\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/conflictingAccessCriteria/rightCriteria\",\n \"value\": {\n \"name\": \"money-out-modified\",\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\"\n }\n ]\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "07fe6fd4-7f6d-4c03-9a40-0329b986ba37", + "name": "General Policy", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Modified description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "15a583c0-e8e3-489f-b736-28e0938fcbbd", + "name": "Evaluate one policy by ID", + "request": { + "name": "Evaluate one policy by ID", + "description": { + "content": "Runs the scheduled report for the policy retrieved by passed policy ID. The report schedule is fetched from the policy retrieved by ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id", + "evaluate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f943-47e9-4562-b5bb-8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The SOD policy ID to run.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "28435269-88b4-4ed6-80be-c26c791a7c7e", + "name": "Reference to the violation report run task.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "evaluate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"status\": \"PENDING\",\n \"type\": \"REPORT_RESULT\",\n \"id\": \"37b3b32a-f394-46f8-acad-b5223969fa68\",\n \"name\": \"Multi Query Report\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8f118747-c176-41b4-8167-3de8b7753470", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "evaluate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "095f0016-1252-410e-8987-6b04a091277e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "evaluate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cb43d88d-61ae-4480-88ef-e2fb685d8ab3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "evaluate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "81ced494-8ef1-4fc5-8d42-3088eb7a20df", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "evaluate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "854d4036-a1f4-4324-a6f4-1c17e7f1476c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "evaluate" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d10122a9-413c-4200-a4f0-cb645656498d", + "name": "Get SOD policy schedule", + "request": { + "name": "Get SOD policy schedule", + "description": { + "content": "This endpoint gets a specified SOD policy's schedule.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f943-47e9-4562-b5bb-8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the SOD policy schedule to retrieve.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "93f16271-d1cf-44de-ac77-1a2e7cdd8867", + "name": "SOD policy schedule.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"SCH-1584312283015\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Schedule for policy xyz\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n }\n ],\n \"emailEmptyResults\": false,\n \"creatorId\": \"0f11f2a47c944bf3a2bd742580fe3bde\",\n \"modifierId\": \"0f11f2a47c944bf3a2bd742580fe3bde\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6371a665-9235-4a5d-9894-679077c2461b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "600b4947-0890-42d2-9a35-cd4d8068d84e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "96587d88-b838-4852-b49a-25d389783309", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f85501b-9dfb-42dd-a032-802797929714", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3537b7e1-b923-4124-a9dc-4c9f72b33bc5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5bbc6e09-bf6b-487a-9e4f-605a1d5bd08d", + "name": "Update SOD Policy schedule", + "request": { + "name": "Update SOD Policy schedule", + "description": { + "content": "This updates schedule for a specified SOD policy.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f943-47e9-4562-b5bb-8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the SOD policy to update its schedule.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"SCH-1584312283015\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Schedule for policy xyz\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n }\n ],\n \"emailEmptyResults\": false,\n \"creatorId\": \"0f11f2a47c944bf3a2bd742580fe3bde\",\n \"modifierId\": \"0f11f2a47c944bf3a2bd742580fe3bde\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7436c8ea-4a15-4a26-91ab-005e56d54415", + "name": "Created or updated SOD policy schedule.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"SCH-1584312283015\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Schedule for policy xyz\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n }\n ],\n \"emailEmptyResults\": false,\n \"creatorId\": \"0f11f2a47c944bf3a2bd742580fe3bde\",\n \"modifierId\": \"0f11f2a47c944bf3a2bd742580fe3bde\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"SCH-1584312283015\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Schedule for policy xyz\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n }\n ],\n \"emailEmptyResults\": false,\n \"creatorId\": \"0f11f2a47c944bf3a2bd742580fe3bde\",\n \"modifierId\": \"0f11f2a47c944bf3a2bd742580fe3bde\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a26e8a99-d0ea-48a4-b710-c04e13f50319", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"SCH-1584312283015\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Schedule for policy xyz\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n }\n ],\n \"emailEmptyResults\": false,\n \"creatorId\": \"0f11f2a47c944bf3a2bd742580fe3bde\",\n \"modifierId\": \"0f11f2a47c944bf3a2bd742580fe3bde\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "acd52baa-20c5-48e1-b5b1-6c1f6f2d7212", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"SCH-1584312283015\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Schedule for policy xyz\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n }\n ],\n \"emailEmptyResults\": false,\n \"creatorId\": \"0f11f2a47c944bf3a2bd742580fe3bde\",\n \"modifierId\": \"0f11f2a47c944bf3a2bd742580fe3bde\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e9f18ee9-0a04-45a6-b7d7-998627ddecbb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"SCH-1584312283015\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Schedule for policy xyz\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n }\n ],\n \"emailEmptyResults\": false,\n \"creatorId\": \"0f11f2a47c944bf3a2bd742580fe3bde\",\n \"modifierId\": \"0f11f2a47c944bf3a2bd742580fe3bde\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5834b6d9-d664-4712-b9cb-b13943d94da9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"SCH-1584312283015\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Schedule for policy xyz\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n }\n ],\n \"emailEmptyResults\": false,\n \"creatorId\": \"0f11f2a47c944bf3a2bd742580fe3bde\",\n \"modifierId\": \"0f11f2a47c944bf3a2bd742580fe3bde\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe795a61-d379-40c7-973b-c9500b453d62", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"SCH-1584312283015\",\n \"created\": \"2020-01-01T00:00:00.000000Z\",\n \"modified\": \"2020-01-01T00:00:00.000000Z\",\n \"description\": \"Schedule for policy xyz\",\n \"schedule\": {\n \"type\": \"WEEKLY\",\n \"hours\": {\n \"type\": \"RANGE\",\n \"values\": [\n \"9\",\n \"18\"\n ],\n \"interval\": 3\n },\n \"months\": {\n \"type\": \"LIST\",\n \"values\": [\n \"3\",\n \"6\",\n \"9\",\n \"12\"\n ]\n },\n \"days\": {\n \"type\": \"LIST\",\n \"values\": [\n \"MON\",\n \"WED\",\n \"FRI\"\n ]\n },\n \"expiration\": \"2018-06-25T20:22:28.104Z\",\n \"timeZoneId\": \"America/Chicago\"\n },\n \"recipients\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n }\n ],\n \"emailEmptyResults\": false,\n \"creatorId\": \"0f11f2a47c944bf3a2bd742580fe3bde\",\n \"modifierId\": \"0f11f2a47c944bf3a2bd742580fe3bde\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "85b53bba-9472-4a58-81be-17ad01bb8d8f", + "name": "Delete SOD policy schedule", + "request": { + "name": "Delete SOD policy schedule", + "description": { + "content": "This deletes schedule for a specified SOD policy by ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f943-47e9-4562-b5bb-8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the SOD policy the schedule must be deleted for.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "f35af141-f694-4e94-a60e-3df2b6473b2b", + "name": "No content response.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "23cefe08-e4ac-42fc-8b4c-3089ff12442e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "98ea993c-97b2-4eaa-918b-c1fe244884fd", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0f8ed29f-16dd-4998-a1a8-57bf18d3b5fe", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "547162f0-73b8-4d45-977e-debffefa0b84", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "524315cc-b8bb-4721-9eeb-2816df036333", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "93c65f86-b295-47c0-a1c3-cf712b9e4411", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "schedule" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "254511b8-0ba3-4dab-a4ce-cecbc6b789d5", + "name": "Runs SOD policy violation report", + "request": { + "name": "Runs SOD policy violation report", + "description": { + "content": "This invokes processing of violation report for given SOD policy. If the policy reports more than 5000 violations, the report returns with violation limit exceeded message.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f943-47e9-4562-b5bb-8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The SOD policy ID to run.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "eaebd99c-f2cf-4125-995e-dd5da27a682a", + "name": "Reference to the violation report run task.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"status\": \"PENDING\",\n \"type\": \"REPORT_RESULT\",\n \"id\": \"2e8d8180-24bc-4d21-91c6-7affdb473b0d\",\n \"name\": \"policy-xyz\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c976458c-1659-4cec-b5ed-8e781f6391df", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0232e41e-51e1-42b8-a9f4-753d83179f30", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b225c705-c4b5-4511-b0b3-03be57ffb562", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa77e5b0-3b60-4c25-883f-c683f4c970fd", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "14bc121d-ff5e-47bc-8440-84044942dbac", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "912e5a8d-38ab-4eeb-930f-0329d28f1c45", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2f9ecb08-7895-47ef-9027-fcf04da948ba", + "name": "Get SOD violation report status", + "request": { + "name": "Get SOD violation report status", + "description": { + "content": "This gets the status for a violation report run task that has already been invoked.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f943-47e9-4562-b5bb-8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the violation report to retrieve status for.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a66937d9-4e59-465e-9bc4-6472b0f6b205", + "name": "Status of the violation report run task.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"status\": \"SUCCESS\",\n \"type\": \"REPORT_RESULT\",\n \"id\": \"2e8d8180-24bc-4d21-91c6-7affdb473b0d\",\n \"name\": \"policy-xyz\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17f90f6f-7adc-4e49-871a-506a4612ef8d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d2564162-ba70-473a-8eef-11d60ce3407c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e11f426-3aec-4345-a452-c44886391be6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "229f8110-c7f0-4d40-9250-ed3a6775d360", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "93084490-99dc-4ac0-a7b5-43d40f94b55e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d5bf093a-ef48-49ec-8cb7-c27d6fa9c761", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + ":id", + "violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5b2d93bf-0dbb-4c1f-ad9d-78c1f18a2e05", + "name": "Get violation report run status", + "request": { + "name": "Get violation report run status", + "description": { + "content": "This gets the status for a violation report run task that has already been invoked.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-policies", + "sod-violation-report-status", + ":reportResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2e8d8180-24bc-4d21-91c6-7affdb473b0d", + "key": "reportResultId", + "disabled": true, + "description": { + "content": "(Required) The ID of the report reference to retrieve.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7ddac404-fb78-41a2-bdd3-4e52c14d8b11", + "name": "Status of the violation report run task.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + "sod-violation-report-status", + ":reportResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"status\": \"SUCCESS\",\n \"type\": \"REPORT_RESULT\",\n \"id\": \"2e8d8180-24bc-4d21-91c6-7affdb473b0d\",\n \"name\": \"policy-xyz\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a00b524-87b8-45b2-8b6e-6c7be1614df5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + "sod-violation-report-status", + ":reportResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f1c2cfdf-22f0-4818-933e-b7014786c5e3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + "sod-violation-report-status", + ":reportResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18edc894-0513-4540-aba4-b8351a35839c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + "sod-violation-report-status", + ":reportResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b3f9d45d-24a2-46ad-950d-b12d150b37a9", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + "sod-violation-report-status", + ":reportResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59a88b29-ce88-4d97-9085-45a957f148a5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + "sod-violation-report-status", + ":reportResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9e1dc6f3-a145-4a45-bd8d-4a61ae0310f4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-policies", + "sod-violation-report-status", + ":reportResultId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e0499f7c-ae2b-4842-938d-0f0bea05b4a1", + "name": "Runs all policies for org", + "request": { + "name": "Runs all policies for org", + "description": { + "content": "Runs multi-policy report for the org. If a policy reports more than 5000 violations, the report mentions that the violation limit was exceeded for that policy. If the request is empty, the report runs for all policies. Otherwise, the report runs for only the filtered policy list provided.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"filteredPolicyList\": [\n \"b868cd40-ffa4-4337-9c07-1a51846cfa94\",\n \"63a07a7b-39a4-48aa-956d-50c827deba2a\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "11ef4313-b625-451c-a9ba-3123a67429a6", + "name": "Reference to the violation report run task.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"filteredPolicyList\": [\n \"b868cd40-ffa4-4337-9c07-1a51846cfa94\",\n \"63a07a7b-39a4-48aa-956d-50c827deba2a\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"status\": \"PENDING\",\n \"type\": \"REPORT_RESULT\",\n \"id\": \"37b3b32a-f394-46f8-acad-b5223969fa68\",\n \"name\": \"Multi Query Report\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7000dddc-572f-43b4-af09-fc92a61d3c80", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"filteredPolicyList\": [\n \"b868cd40-ffa4-4337-9c07-1a51846cfa94\",\n \"63a07a7b-39a4-48aa-956d-50c827deba2a\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e0ae804b-11d0-4938-81f0-ab94355ef004", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"filteredPolicyList\": [\n \"b868cd40-ffa4-4337-9c07-1a51846cfa94\",\n \"63a07a7b-39a4-48aa-956d-50c827deba2a\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d9dcc551-b7fa-40fe-a57d-900ef7da1939", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"filteredPolicyList\": [\n \"b868cd40-ffa4-4337-9c07-1a51846cfa94\",\n \"63a07a7b-39a4-48aa-956d-50c827deba2a\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f725b73a-1fc1-41f1-b4fe-779641df5d03", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"filteredPolicyList\": [\n \"b868cd40-ffa4-4337-9c07-1a51846cfa94\",\n \"63a07a7b-39a4-48aa-956d-50c827deba2a\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5c616eb7-82e9-4603-be53-d17c2b7e295e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + "run" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"filteredPolicyList\": [\n \"b868cd40-ffa4-4337-9c07-1a51846cfa94\",\n \"63a07a7b-39a4-48aa-956d-50c827deba2a\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c6fd3a79-be0a-4ed8-ba6c-38d571d22d8b", + "name": "Get multi-report run task status", + "request": { + "name": "Get multi-report run task status", + "description": { + "content": "This endpoint gets the status for a violation report for all policy run.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "403529de-2e1e-4255-b556-4c30b252cad9", + "name": "Status of the violation report run task for all policy run.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"status\": \"SUCCESS\",\n \"type\": \"REPORT_RESULT\",\n \"id\": \"37b3b32a-f394-46f8-acad-b5223969fa68\",\n \"name\": \"Multi Query Report\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3857fb45-c715-47e2-a7fb-63bd9c967a39", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e214fa78-8471-4340-920d-39d3d1941333", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6e6f86ed-724e-4a32-8271-9e84235e4698", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b97f24b-c52a-40a6-8d29-dd981067d8d7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e6b86157-ba80-4207-95ac-416fdbac0777", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "afda0a7d-5bbb-4c4e-96ae-f4f7cb36e3d6", + "name": "Download violation report", + "request": { + "name": "Download violation report", + "description": { + "content": "This allows to download a violation report for a given report reference.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "reportResultId", + "disabled": true, + "description": { + "content": "(Required) The ID of the report reference to download.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/zip" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ae104e42-8e48-4b64-ae92-5a6220cf2634", + "name": "Returns the PolicyReport.zip that contains the violation report file.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/zip" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/zip" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "eca64669-633a-4ad8-8113-94d166c17692", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a1f14c8-3507-4d50-97d8-f3c5c285e1c3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0b37d792-6938-4db3-bc61-0ade7b8a3ad6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "192912b5-5665-4482-b5f1-89554da47fef", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6534f78f-c54d-4686-899b-a1176f31ba5a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b87973eb-3cbd-4cb1-bcd0-5f897d2feb24", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c4965109-0228-4d0e-8338-2c66986bf61c", + "name": "Download custom violation report", + "request": { + "name": "Download custom violation report", + "description": { + "content": "This allows to download a specified named violation report for a given report reference.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download", + ":fileName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "reportResultId", + "disabled": true, + "description": { + "content": "(Required) The ID of the report reference to download.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "custom-name", + "key": "fileName", + "disabled": true, + "description": { + "content": "(Required) Custom Name for the file.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/zip" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "82f61ec4-71e2-46a5-82b8-c7d4fd45679c", + "name": "Returns the zip file with given custom name that contains the violation report file.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download", + ":fileName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/zip" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/zip" + } + ], + "body": "irure nisi et dolore aliqua", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "db8f2238-62bc-45b0-8130-7aea53d05108", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download", + ":fileName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "89d7d343-6508-4b25-8608-6952a4173e5f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download", + ":fileName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5abfe080-64d0-4c55-a0b6-8ed845bd3a4d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download", + ":fileName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8aaa3e46-1070-4c7f-bfde-b372cf355af1", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download", + ":fileName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0cdb4989-6465-422a-9e36-210e9d46daaa", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download", + ":fileName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f5eb8d4-d2d4-477b-9e83-840a350b2507", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-violation-report", + ":reportResultId", + "download", + ":fileName" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "SOD Violations", + "description": "Use this API to check for current \"separation of duties\" (SOD) policy violations as well as potential future SOD policy violations. \nWith SOD violation functionality in place, administrators can get information about current SOD policy violations and predict whether an access change will trigger new violations, which helps to prevent them from occurring at all. \n\n\"Separation of duties\" refers to the concept that people shouldn't have conflicting sets of access - all their access should be configured in a way that protects your organization's assets and data. \nFor example, people who record monetary transactions shouldn't be able to issue payment for those transactions.\nAny changes to major system configurations should be approved by someone other than the person requesting the change. \n\nOrganizations can use \"separation of duties\" (SOD) policies to enforce and track their internal security rules throughout their tenants.\nThese SOD policies limit each user's involvement in important processes and protects the organization from individuals gaining excessive access. \n\nOnce a SOD policy is in place, if an identity has conflicting access items, a SOD violation will trigger. \nThese violations are included in SOD violation reports that other users will see in emails at regular intervals if they're subscribed to the SOD policy.\nThe other users can then better help to enforce these SOD policies.\n\nAdministrators can use the SOD violations APIs to check a set of identities for any current SOD violations, and they can use them to check whether adding an access item would potentially trigger a SOD violation. \nThis second option is a good way to prevent SOD violations from triggering at all. \n\nRefer to [Handling Policy Violations](https://documentation.sailpoint.com/saas/help/sod/policy-violations.html) for more information about SOD policy violations. \n", + "item": [ + { + "id": "74a60f08-5782-4750-9e65-877f2f3c1b1b", + "name": "Predict SOD violations for identity.", + "request": { + "name": "Predict SOD violations for identity.", + "description": { + "content": "This API is used to check if granting some additional accesses would cause the subject to be in violation of any SOD policies. Returns the violations that would be caused.\n\nA token with ORG_ADMIN or API authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-violations", + "predict" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "f7463a6e-a628-424b-9363-27464e42c88d", + "name": "Violation Contexts", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "predict" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"violationContexts\": [\n {\n \"policy\": {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"existing\": true\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"existing\": false\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"existing\": true\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"existing\": false\n }\n ]\n }\n }\n },\n {\n \"policy\": {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Business SOD Policy\"\n },\n \"conflictingAccessCriteria\": {\n \"leftCriteria\": {\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"existing\": true\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"existing\": false\n }\n ]\n },\n \"rightCriteria\": {\n \"criteriaList\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"existing\": true\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"existing\": false\n }\n ]\n }\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c81d8655-3137-4ee7-b044-3499a4de1855", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "predict" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fa6bff2b-37a0-404d-aefa-fe435aa9fd03", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "predict" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d411ef2f-c414-4d77-b863-8ec252e438c7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "predict" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b5d242e5-a61f-44c9-920f-478d6dd363ae", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "predict" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "03777cfe-2072-427f-8f33-744d7067dd01", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "predict" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7f48cc2e-9075-4994-8257-1a2ee0fdfe02", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "predict" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e7e07a6f-96b2-4d02-b737-b102bea6d298", + "name": "Check SOD violations", + "request": { + "name": "Check SOD violations", + "description": { + "content": "This API initiates a SOD policy verification asynchronously.\n\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sod-violations", + "check" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ],\n \"clientMetadata\": {\n \"additionalProp1\": \"string\",\n \"additionalProp2\": \"string\",\n \"additionalProp3\": \"string\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "b69bda4d-8f47-4658-97e6-fa8dbf62a2c8", + "name": "Request ID with a timestamp.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "check" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ],\n \"clientMetadata\": {\n \"additionalProp1\": \"string\",\n \"additionalProp2\": \"string\",\n \"additionalProp3\": \"string\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"requestId\": \"089899f13a8f4da7824996191587bab9\",\n \"created\": \"2020-01-01T00:00:00.000000Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7053acb-9ef5-4d81-a567-2fed2fb42398", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "check" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ],\n \"clientMetadata\": {\n \"additionalProp1\": \"string\",\n \"additionalProp2\": \"string\",\n \"additionalProp3\": \"string\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05c8b548-1538-4017-b622-df32c569691e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "check" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ],\n \"clientMetadata\": {\n \"additionalProp1\": \"string\",\n \"additionalProp2\": \"string\",\n \"additionalProp3\": \"string\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "68e929d7-130f-4197-9032-e18786f90e80", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "check" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ],\n \"clientMetadata\": {\n \"additionalProp1\": \"string\",\n \"additionalProp2\": \"string\",\n \"additionalProp3\": \"string\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "22590cdd-ab39-499f-8154-94cc81632e03", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "check" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ],\n \"clientMetadata\": {\n \"additionalProp1\": \"string\",\n \"additionalProp2\": \"string\",\n \"additionalProp3\": \"string\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4c08e2b3-edb6-453c-acd7-4436c15a0a3d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "check" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ],\n \"clientMetadata\": {\n \"additionalProp1\": \"string\",\n \"additionalProp2\": \"string\",\n \"additionalProp3\": \"string\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb2bc6d4-abdd-4a4e-a9c1-d4aa3d5b2f5e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sod-violations", + "check" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"identityId\": \"2c91808568c529c60168cca6f90c1313\",\n \"accessRefs\": [\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c050861ab1\",\n \"name\": \"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local\"\n },\n {\n \"type\": \"ENTITLEMENT\",\n \"id\": \"2c918087682f9a86016839c0509c1ab2\",\n \"name\": \"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local\"\n }\n ],\n \"clientMetadata\": {\n \"additionalProp1\": \"string\",\n \"additionalProp2\": \"string\",\n \"additionalProp3\": \"string\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Source Usages", + "description": "Use this API to implement source usage insight functionality.\nWith this functionality in place, administrators can gather information and insights about how their tenants' sources are being used.\nThis allows organizations to get the information they need to start optimizing and securing source usage.\n", + "item": [ + { + "id": "cdb27c41-970d-463f-bbe5-6b77b496dd7d", + "name": "Finds status of source usage", + "request": { + "name": "Finds status of source usage", + "description": { + "content": "This API returns the status of the source usage insights setup by IDN source ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "source-usages", + ":sourceId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) ID of IDN source", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "087150aa-cf5d-48df-b005-2bc6b8c17d4f", + "name": "Status of the source usage insights setup by IDN source ID.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"status\": \"COMPLETE\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "98cceee0-fec4-435f-b5c1-793192bd4366", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb043417-f95a-4ced-9896-a81fe4f89308", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "30c93074-3ef0-4709-b339-3603026615e5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6ecce1a0-f484-4ce6-867b-a651c033ad85", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f1d61e1-b289-4617-9742-54bfd842eccc", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7ac1f733-3a41-4c90-99cb-4bc6c6ba670e", + "name": "Returns source usage insights", + "request": { + "name": "Returns source usage insights", + "description": { + "content": "This API returns a summary of source usage insights for past 12 months.", + "type": "text/plain" + }, + "url": { + "path": [ + "source-usages", + ":sourceId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) ID of IDN source", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "03deadc6-d385-4a87-b62b-c99cd129155c", + "name": "Summary of source usage insights for past 12 months.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"date\": \"2023-04-21\",\n \"count\": 10.45\n },\n {\n \"date\": \"2023-04-21\",\n \"count\": 10.45\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1acc6740-3363-497f-a806-da885b6ce318", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7b83fc9-5c48-4f68-924f-3b7e6a030eb5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2795fb18-ca6f-4a0e-8618-5d53ebc0b24c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a06b089-8316-4b90-9c7e-e1a00a04f40d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "322a2d68-3158-4860-8722-225f7343aa88", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "source-usages", + ":sourceId", + "summaries" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **date**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-date" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Sources", + "description": "Use this API to implement and customize source functionality. \nWith source functionality in place, organizations can use Identity Security Cloud to connect their various sources and user data sets and manage access across all those different sources in a secure, scalable way. \n\n[Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) refer to the Identity Security Cloud representations for external applications, databases, and directory management systems that maintain their own sets of users, like Dropbox, GitHub, and Workday, for example.\nOrganizations may use hundreds, if not thousands, of different source systems, and any one employee within an organization likely has a different user record on each source, often with different permissions on many of those records. \nConnecting these sources to Identity Security Cloud makes it possible to manage user access across them all.\nThen, if a new hire starts at an organization, Identity Security Cloud can grant the new hire access to all the sources they need.\nIf an employee moves to a new department and needs access to new sources but no longer needs access to others, Identity Security Cloud can grant the necessary access and revoke the unnecessary access for all the employee's various sources. \nIf an employee leaves the company, Identity Security Cloud can revoke access to all the employee's various source accounts immediately. \nThese are just a few examples of the many ways that source functionality makes identity governance easier, more efficient, and more secure. \n\nIn Identity Security Cloud, administrators can create configure, manage, and edit sources, and they can designate other users as source admins to be able to do so.\nThey can also designate users as source sub-admins, who can perform the same source actions but only on sources associated with their governance groups.\nAdmins go to Connections > Sources to see a list of the existing source representations in their organizations. \nThey can create new sources or select existing ones. \n\nTo create a new source, the following must be specified: Source Name, Description, Source Owner, and Connection Type.\nRefer to [Configuring a Source](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html#configuring-a-source) for more information about the source configuration process. \n\nIdentity Security Cloud connects with its sources either by a direct communication with the source server (connection information specific to the source must be provided) or a flat file feed, a CSV file containing all the relevant information about the accounts to be loaded in.\nDifferent sources use different connectors to share data with Identity Security Cloud, and each connector's setup process is specific to that connector. \nSailPoint has built a number of connectors to come out of the box and connect to the most common sources, and SailPoint actively maintains these connectors.\nRefer to [Identity Security Cloud Connectors](https://documentation.sailpoint.com/connectors/identitynow/landingpages/help/landingpages/identitynow_connectivity_landing.html) for more information about these SailPoint supported connectors. \nRefer to the following links for more information about two useful connectors: \n\n- [JDBC Connector](https://documentation.sailpoint.com/connectors/jdbc/help/integrating_jdbc/introduction.html): This customizable connector an directly connect to databases that support JDBC (Java Database Connectivity).\n\n- [Web Services Connector](https://documentation.sailpoint.com/connectors/webservices/help/integrating_webservices/introduction.html): This connector can directly connect to databases that support Web Services. \n\nRefer to [SaaS Connectivity](https://developer.sailpoint.com/docs/connectivity/saas-connectivity/) for more information about SailPoint's new connectivity framework that makes it easy to build and manage custom connectors to SaaS sources. \n\nWhen admins select existing sources, they can view the following information about the source:\n\n- Associated connections (any associated identity profiles, apps, or references to the source in a transform).\n\n- Associated user accounts. These accounts are linked to their identities - this provides a more complete picture of each user's access across sources.\n\n- Associated entitlements (sets of access rights on sources).\n\n- Associated access profiles (groupings of entitlements). \n\nThe user account data and the entitlements update with each data aggregation from the source. \nOrganizations generally run scheduled, automated data aggregations to ensure that their data is always in sync between their sources and their Identity Security Cloud tenants so an access change on a source is detected quickly in Identity Security Cloud.\nAdmins can view a history of these aggregations, and they can also run manual imports. \nRefer to [Loading Account Data](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html) for more information about manual and scheduled aggregations. \n\nAdmins can also make changes to determine which user account data Identity Security Cloud collects from the source and how it correlates that account data with identity data. \nTo define which account attributes the source shares with Identity Security Cloud, admins can edit the account schema on the source.\nRefer to [Managing Source Account Schemas](https://documentation.sailpoint.com/saas/help/accounts/schema.html) for more information about source account schemas and how to edit them. \nTo define the mapping between the source account attributes and their correlating identity attributes, admins can edit the correlation configuration on the source. \nRefer to [Assigning Source Accounts to Identities](https://documentation.sailpoint.com/saas/help/accounts/correlation.html) for more information about this correlation process between source accounts and identities.\n\nAdmins can also delete sources, but they must first ensure that the sources no longer have any active connections: the source must not be associated with any identity profile or any app, and it must not be referenced by any transform.\nRefer to [Deleting Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html#deleting-sources) for more information about deleting sources. \n\nWell organized, mapped out connections between sources and Identity Security Cloud are essential to achieving comprehensive identity access governance across all the source systems organizations need. \nRefer to [Managing Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) for more information about all the different things admins can do with sources once they are connected.\n", + "item": [ + { + "id": "bc54c491-2b00-4538-b968-806b0e66cd59", + "name": "Lists all sources in IdentityNow.", + "request": { + "name": "Lists all sources in IdentityNow.", + "description": { + "content": "This end-point lists all the sources in IdentityNow.\nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or ROLE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**name**: *co, eq, in, sw, ge, gt, ne, isnull*\n\n**type**: *eq, in, ge, gt, ne, isnull, sw*\n\n**owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**features**: *ca, co*\n\n**created**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**description**: *eq, sw*\n\n**authoritative**: *eq, ne, isnull*\n\n**healthy**: *isnull*\n\n**status**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**connectorName**: *eq, ge, gt, in, ne, isnull, sw*\n\n**category**: *co, eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Employees\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user.\nSubadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b663c47d-aac6-4035-841b-723f0943576f", + "name": "List of Source objects", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**name**: *co, eq, in, sw, ge, gt, ne, isnull*\n\n**type**: *eq, in, ge, gt, ne, isnull, sw*\n\n**owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**features**: *ca, co*\n\n**created**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**description**: *eq, sw*\n\n**authoritative**: *eq, ne, isnull*\n\n**healthy**: *isnull*\n\n**status**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**connectorName**: *eq, ge, gt, in, ne, isnull, sw*\n\n**category**: *co, eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Employees\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user.\nSubadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n },\n {\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0faeb055-83b1-4429-ad3b-22675da3749e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**name**: *co, eq, in, sw, ge, gt, ne, isnull*\n\n**type**: *eq, in, ge, gt, ne, isnull, sw*\n\n**owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**features**: *ca, co*\n\n**created**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**description**: *eq, sw*\n\n**authoritative**: *eq, ne, isnull*\n\n**healthy**: *isnull*\n\n**status**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**connectorName**: *eq, ge, gt, in, ne, isnull, sw*\n\n**category**: *co, eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Employees\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user.\nSubadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cea347e1-29a1-4e0b-9778-060243fa5d63", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**name**: *co, eq, in, sw, ge, gt, ne, isnull*\n\n**type**: *eq, in, ge, gt, ne, isnull, sw*\n\n**owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**features**: *ca, co*\n\n**created**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**description**: *eq, sw*\n\n**authoritative**: *eq, ne, isnull*\n\n**healthy**: *isnull*\n\n**status**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**connectorName**: *eq, ge, gt, in, ne, isnull, sw*\n\n**category**: *co, eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Employees\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user.\nSubadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1d12b73e-95d1-4d4b-bb95-545014c63ffb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**name**: *co, eq, in, sw, ge, gt, ne, isnull*\n\n**type**: *eq, in, ge, gt, ne, isnull, sw*\n\n**owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**features**: *ca, co*\n\n**created**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**description**: *eq, sw*\n\n**authoritative**: *eq, ne, isnull*\n\n**healthy**: *isnull*\n\n**status**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**connectorName**: *eq, ge, gt, in, ne, isnull, sw*\n\n**category**: *co, eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Employees\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user.\nSubadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c8d9d8b6-1f08-4672-ab89-2fc63b91e4cd", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**name**: *co, eq, in, sw, ge, gt, ne, isnull*\n\n**type**: *eq, in, ge, gt, ne, isnull, sw*\n\n**owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**features**: *ca, co*\n\n**created**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**description**: *eq, sw*\n\n**authoritative**: *eq, ne, isnull*\n\n**healthy**: *isnull*\n\n**status**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**connectorName**: *eq, ge, gt, in, ne, isnull, sw*\n\n**category**: *co, eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Employees\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user.\nSubadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7a96530-571f-4805-a536-153604119254", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**name**: *co, eq, in, sw, ge, gt, ne, isnull*\n\n**type**: *eq, in, ge, gt, ne, isnull, sw*\n\n**owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**features**: *ca, co*\n\n**created**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**description**: *eq, sw*\n\n**authoritative**: *eq, ne, isnull*\n\n**healthy**: *isnull*\n\n**status**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**connectorName**: *eq, ge, gt, in, ne, isnull, sw*\n\n**category**: *co, eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Employees\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user.\nSubadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be467a4c-4f24-4191-9a8a-90dfd3ff58c8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**name**: *co, eq, in, sw, ge, gt, ne, isnull*\n\n**type**: *eq, in, ge, gt, ne, isnull, sw*\n\n**owner.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**features**: *ca, co*\n\n**created**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**modified**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**managementWorkgroup.id**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**description**: *eq, sw*\n\n**authoritative**: *eq, ne, isnull*\n\n**healthy**: *isnull*\n\n**status**: *eq, in, ge, gt, le, lt, ne, isnull, sw*\n\n**connectionType**: *eq, ge, gt, in, le, lt, ne, isnull, sw*\n\n**connectorName**: *eq, ge, gt, in, ne, isnull, sw*\n\n**category**: *co, eq, ge, gt, in, le, lt, ne, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Employees\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **type, created, modified, name, owner.name, healthy, status, id, description, owner.id, accountCorrelationConfig.id, accountCorrelationConfig.name, managerCorrelationRule.type, managerCorrelationRule.id, managerCorrelationRule.name, authoritative, managementWorkgroup.id, connectorName, connectionType**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + }, + { + "disabled": true, + "description": { + "content": "Filter the returned list of sources for the identity specified by the parameter, which is the id of an identity with the role SOURCE_SUBADMIN. By convention, the value **me** indicates the identity id of the current user.\nSubadmins may only view Sources which they are able to administer; all other Sources will be filtered out when this parameter is set. If the current user is a SOURCE_SUBADMIN but fails to pass a valid value for this parameter, a 403 Forbidden is returned.", + "type": "text/plain" + }, + "key": "for-subadmin", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "29d217cb-efc5-41c9-ae4a-f470b9c6b28d", + "name": "Creates a source in IdentityNow.", + "request": { + "name": "Creates a source in IdentityNow.", + "description": { + "content": "This creates a specific source with a full source JSON representation. Any passwords are submitted as plain-text and encrypted upon receipt in IdentityNow.\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this parameter is `true`, it configures the source as a Delimited File (CSV) source. Setting this to `true` will automatically set the `type` of the source to `DelimitedFile`. You must use this query parameter to create a Delimited File source as you would in the UI. If you don't set this query parameter and you attempt to set the `type` attribute directly, the request won't correctly generate the source. ", + "type": "text/plain" + }, + "key": "provisionAsCsv", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "9506056c-3cbb-418b-a499-bf95d4ead943", + "name": "Created Source object. Any passwords will only show the the encrypted cipher-text, as they are not decrypt-able in IdentityNow cloud-based services, per IdentityNow security design.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this parameter is `true`, it configures the source as a Delimited File (CSV) source. Setting this to `true` will automatically set the `type` of the source to `DelimitedFile`. You must use this query parameter to create a Delimited File source as you would in the UI. If you don't set this query parameter and you attempt to set the `type` attribute directly, the request won't correctly generate the source. ", + "type": "text/plain" + }, + "key": "provisionAsCsv", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "87f24573-086e-47cb-9df6-b00d3d43117d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this parameter is `true`, it configures the source as a Delimited File (CSV) source. Setting this to `true` will automatically set the `type` of the source to `DelimitedFile`. You must use this query parameter to create a Delimited File source as you would in the UI. If you don't set this query parameter and you attempt to set the `type` attribute directly, the request won't correctly generate the source. ", + "type": "text/plain" + }, + "key": "provisionAsCsv", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8fe19f7d-1590-42ea-8f13-0fdd7a2a4f48", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this parameter is `true`, it configures the source as a Delimited File (CSV) source. Setting this to `true` will automatically set the `type` of the source to `DelimitedFile`. You must use this query parameter to create a Delimited File source as you would in the UI. If you don't set this query parameter and you attempt to set the `type` attribute directly, the request won't correctly generate the source. ", + "type": "text/plain" + }, + "key": "provisionAsCsv", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7648c882-d408-4582-909e-f5684f03caee", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this parameter is `true`, it configures the source as a Delimited File (CSV) source. Setting this to `true` will automatically set the `type` of the source to `DelimitedFile`. You must use this query parameter to create a Delimited File source as you would in the UI. If you don't set this query parameter and you attempt to set the `type` attribute directly, the request won't correctly generate the source. ", + "type": "text/plain" + }, + "key": "provisionAsCsv", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "edc11b03-4baf-412f-b8cf-885e3a9afd23", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this parameter is `true`, it configures the source as a Delimited File (CSV) source. Setting this to `true` will automatically set the `type` of the source to `DelimitedFile`. You must use this query parameter to create a Delimited File source as you would in the UI. If you don't set this query parameter and you attempt to set the `type` attribute directly, the request won't correctly generate the source. ", + "type": "text/plain" + }, + "key": "provisionAsCsv", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "076c79e3-7a92-47bd-8922-265c110b8026", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this parameter is `true`, it configures the source as a Delimited File (CSV) source. Setting this to `true` will automatically set the `type` of the source to `DelimitedFile`. You must use this query parameter to create a Delimited File source as you would in the UI. If you don't set this query parameter and you attempt to set the `type` attribute directly, the request won't correctly generate the source. ", + "type": "text/plain" + }, + "key": "provisionAsCsv", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4bed3d92-7ab9-41e0-a19c-943adf21ab33", + "name": "Get Source by ID", + "request": { + "name": "Get Source by ID", + "description": { + "content": "Use this API to get a source by a specified ID in Identity Security Cloud (ISC).\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "31325266-920b-45e8-81a3-fdf773e167d7", + "name": "Source object.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b04ddb43-7857-4286-822c-c409d8eeee0a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "31bd8414-9605-4446-a85f-340b75d73682", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6166c8b7-8dbe-4651-a1b9-d2faa51b0abb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74d81917-4b57-4961-af6c-34a295a50ed8", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ba381ff2-4d06-41e5-9f37-997b4dc8c5c8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "208aaaea-cdbb-43ed-b688-fbabd46810ff", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "910d7da7-6be7-4050-a5b6-b98288c469c4", + "name": "Update Source (Full)", + "request": { + "name": "Update Source (Full)", + "description": { + "content": "Use this API to update a source in Identity Security Cloud (ISC), using a full object representation. This means that when you use this API, it completely replaces the existing source configuration.\n\nThese fields are immutable, so they cannot be changed:\n\n* id\n* type\n* authoritative\n* connector\n* connectorClass\n* passwordPolicies\n\nAttempts to modify these fields will result in a 400 error.\n\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "218eb7f2-6aa7-4e0d-abe8-d76a24976456", + "name": "Updated Source object. Any passwords will only show the the encrypted cipher-text so that they aren't decryptable in Identity Security Cloud (ISC) cloud-based services, per ISC security design.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cace1be6-093e-4495-b9c2-2eb6aadd9c09", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "51e20ff1-1799-430e-8d2c-6b26c2352e3d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4119a969-9a05-4dc0-9b46-ca1d0957b2c9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "859c2a81-d7b8-4dc1-9c08-6c2d42c0df81", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9c96007e-581e-428c-b21e-66679893d941", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f06bfcee-3b55-4371-b88f-b885898cf8e4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4ee069b1-a358-4417-9344-e833fe5e34f7", + "name": "Update Source (Partial)", + "request": { + "name": "Update Source (Partial)", + "description": { + "content": "Use this API to partially update a source in Identity Security Cloud (ISC), using a list of patch operations according to the\n[JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\n\nThese fields are immutable, so they cannot be changed:\n\n* id\n* type\n* authoritative\n* created\n* modified\n* connector\n* connectorClass\n* passwordPolicies\n\nAttempts to modify these fields will result in a 400 error.\n\nA token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or API authority is required to call this API.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "9401bd4b-8523-45c4-a18f-8450bd46bc27", + "name": "Edit the source description", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "39a75e0e-8317-41ca-84e7-2ee03231b3e3", + "name": "Edit the source cluster", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "887e0c36-7259-4437-affb-6520947ca19b", + "name": "Edit source features", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/features\",\n \"value\": [\n \"PASSWORD\",\n \"PROVISIONING\",\n \"ENABLE\",\n \"AUTHENTICATE\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a00f8fc-4d87-4888-a54e-08e34f7a8a70", + "name": "Change a source description and cluster in one call", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49605006-03bf-4a91-ab39-92bbf509a53c", + "name": "Add a filter string to the connector", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/connectorAttributes/filterString\",\n \"value\": \"!( id.contains( \\\"m\\\" ) ) || !( id.contains( \\\"d\\\" ) )\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be93f7e3-c52f-4543-b99c-cb570c4721bf", + "name": "Update connector attribute for specific operation type", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/connectionParameters/2/operationType\",\n \"value\": \"Group Aggregation-test\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1eaabc9d-75ab-4150-81f3-c3e99620fcd9", + "name": "Enable notifications for new account provisioning on a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/accountCreateNotification\",\n \"value\": {\n \"notifyList\": [\n \"Distribution.list@demo.com\"\n ],\n \"notifyAccountOwner\": true,\n \"enabled\": true,\n \"notifyAccountOwnerAltEmail\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0197e695-99b5-4e5a-a95b-48defbcf17e0", + "name": "Edit the source description", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74c2a6a0-2f13-41e6-af45-d431b8337548", + "name": "Edit the source cluster", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "264e27ac-7e03-4251-b263-a7d5c690ec0e", + "name": "Edit source features", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/features\",\n \"value\": [\n \"PASSWORD\",\n \"PROVISIONING\",\n \"ENABLE\",\n \"AUTHENTICATE\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f5c6f16-fc01-4174-a817-a5ee8a7d02d6", + "name": "Change a source description and cluster in one call", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb806e47-015f-4427-b943-41403f3f0bcc", + "name": "Add a filter string to the connector", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/connectorAttributes/filterString\",\n \"value\": \"!( id.contains( \\\"m\\\" ) ) || !( id.contains( \\\"d\\\" ) )\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd1bc7b7-759a-48eb-a7b1-37d9d7bb56d8", + "name": "Update connector attribute for specific operation type", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/connectionParameters/2/operationType\",\n \"value\": \"Group Aggregation-test\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b75a1221-9dac-4ce7-b3aa-18923c7b806a", + "name": "Enable notifications for new account provisioning on a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/accountCreateNotification\",\n \"value\": {\n \"notifyList\": [\n \"Distribution.list@demo.com\"\n ],\n \"notifyAccountOwner\": true,\n \"enabled\": true,\n \"notifyAccountOwnerAltEmail\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1db88c87-ed7b-469a-8a62-1fa2853c1068", + "name": "Edit the source description", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a1958f16-f84e-4edf-8298-2dff1c616db8", + "name": "Edit the source cluster", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b968ac0-bd25-4d18-8cb2-ee9d5eaaa0eb", + "name": "Edit source features", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/features\",\n \"value\": [\n \"PASSWORD\",\n \"PROVISIONING\",\n \"ENABLE\",\n \"AUTHENTICATE\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b070351c-899e-4710-a87e-5b24a9e5c5fc", + "name": "Change a source description and cluster in one call", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d8336b60-ef36-44e8-af9f-94a1ebcf7677", + "name": "Add a filter string to the connector", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/connectorAttributes/filterString\",\n \"value\": \"!( id.contains( \\\"m\\\" ) ) || !( id.contains( \\\"d\\\" ) )\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8509585-fa2a-4c8a-ba5a-9f27300e8185", + "name": "Update connector attribute for specific operation type", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/connectionParameters/2/operationType\",\n \"value\": \"Group Aggregation-test\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b0f6a931-53bd-492c-b6d7-d5e55ba70169", + "name": "Enable notifications for new account provisioning on a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/accountCreateNotification\",\n \"value\": {\n \"notifyList\": [\n \"Distribution.list@demo.com\"\n ],\n \"notifyAccountOwner\": true,\n \"enabled\": true,\n \"notifyAccountOwnerAltEmail\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e7657573-8941-4334-b71a-5c45a914c4f6", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f9139ab0-174e-4961-a446-52697ef2b8db", + "name": "Edit the source cluster", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9a806ca5-7b88-46ce-a434-e2a8924e2a88", + "name": "Edit source features", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/features\",\n \"value\": [\n \"PASSWORD\",\n \"PROVISIONING\",\n \"ENABLE\",\n \"AUTHENTICATE\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "30c6328c-4f4e-4d8c-810d-7e81d242a56d", + "name": "Change a source description and cluster in one call", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2bf97310-788f-4505-aae3-a4750d261379", + "name": "Add a filter string to the connector", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/connectorAttributes/filterString\",\n \"value\": \"!( id.contains( \\\"m\\\" ) ) || !( id.contains( \\\"d\\\" ) )\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9724e8bb-be9e-4486-bc07-dcd8373e4aea", + "name": "Update connector attribute for specific operation type", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/connectionParameters/2/operationType\",\n \"value\": \"Group Aggregation-test\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5d4e7808-a773-4b01-8e4e-b07f3166635c", + "name": "Enable notifications for new account provisioning on a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/accountCreateNotification\",\n \"value\": {\n \"notifyList\": [\n \"Distribution.list@demo.com\"\n ],\n \"notifyAccountOwner\": true,\n \"enabled\": true,\n \"notifyAccountOwnerAltEmail\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "112a9cf9-dbcf-4f7f-87f6-76c59bc65f22", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f03b67cf-5d0b-4047-907c-2f4e24c62425", + "name": "Edit the source cluster", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f786cb4-441b-4c70-818e-595bed90ce4e", + "name": "Edit source features", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/features\",\n \"value\": [\n \"PASSWORD\",\n \"PROVISIONING\",\n \"ENABLE\",\n \"AUTHENTICATE\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "24230504-1cfc-431b-875d-cc002e86c492", + "name": "Change a source description and cluster in one call", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ed95124a-8832-401a-b340-afc0bc3395b5", + "name": "Add a filter string to the connector", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/connectorAttributes/filterString\",\n \"value\": \"!( id.contains( \\\"m\\\" ) ) || !( id.contains( \\\"d\\\" ) )\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c38587cc-349f-49c8-9b6c-508047109ef7", + "name": "Update connector attribute for specific operation type", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/connectionParameters/2/operationType\",\n \"value\": \"Group Aggregation-test\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1fa05ae9-751e-429b-8180-d0dd278a6acd", + "name": "Enable notifications for new account provisioning on a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/accountCreateNotification\",\n \"value\": {\n \"notifyList\": [\n \"Distribution.list@demo.com\"\n ],\n \"notifyAccountOwner\": true,\n \"enabled\": true,\n \"notifyAccountOwnerAltEmail\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "78d7b0d1-0272-459f-8b08-76b785707555", + "name": "Edit the source description", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c511f703-f353-429b-b463-87ffbe4395ef", + "name": "Edit the source cluster", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d3fe8d7-1daa-40b1-991d-efb04cb6b670", + "name": "Edit source features", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/features\",\n \"value\": [\n \"PASSWORD\",\n \"PROVISIONING\",\n \"ENABLE\",\n \"AUTHENTICATE\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4f22b3b-a626-4125-900f-f2c428ad25ed", + "name": "Change a source description and cluster in one call", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "87a3066b-302c-452b-8671-28db523f4049", + "name": "Add a filter string to the connector", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/connectorAttributes/filterString\",\n \"value\": \"!( id.contains( \\\"m\\\" ) ) || !( id.contains( \\\"d\\\" ) )\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9088ecfc-6280-46ad-b6f0-c27e1b23ca5c", + "name": "Update connector attribute for specific operation type", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/connectionParameters/2/operationType\",\n \"value\": \"Group Aggregation-test\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4c5f37f2-0c15-4776-9ded-d5c7e38d439d", + "name": "Enable notifications for new account provisioning on a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/accountCreateNotification\",\n \"value\": {\n \"notifyList\": [\n \"Distribution.list@demo.com\"\n ],\n \"notifyAccountOwner\": true,\n \"enabled\": true,\n \"notifyAccountOwnerAltEmail\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f76472b8-2cb7-43a1-922a-4ac0623698e4", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a017f22-fdb0-4538-9cb1-80a75020bb70", + "name": "Edit the source cluster", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "075518fe-673b-4743-a523-8daf350f5743", + "name": "Edit source features", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/features\",\n \"value\": [\n \"PASSWORD\",\n \"PROVISIONING\",\n \"ENABLE\",\n \"AUTHENTICATE\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0455f7e8-590a-40da-847c-43859baea794", + "name": "Change a source description and cluster in one call", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/cluster/id\",\n \"value\": \"2c918087813a902001813f3f85736b45\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cbfb1d2a-fd70-482f-aaf6-6fd2dafe61a6", + "name": "Add a filter string to the connector", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/connectorAttributes/filterString\",\n \"value\": \"!( id.contains( \\\"m\\\" ) ) || !( id.contains( \\\"d\\\" ) )\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47c9ff17-9225-44f2-8317-522521a7dcdc", + "name": "Update connector attribute for specific operation type", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/connectionParameters/2/operationType\",\n \"value\": \"Group Aggregation-test\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e74104ca-78d9-4041-9fc1-72641892359e", + "name": "Enable notifications for new account provisioning on a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/connectorAttributes/accountCreateNotification\",\n \"value\": {\n \"notifyList\": [\n \"Distribution.list@demo.com\"\n ],\n \"notifyAccountOwner\": true,\n \"enabled\": true,\n \"notifyAccountOwnerAltEmail\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "02a7e737-98d3-4475-bf96-5764e5da263f", + "name": "Delete Source by ID", + "request": { + "name": "Delete Source by ID", + "description": { + "content": "Use this API to delete a specific source in Identity Security Cloud (ISC).\nThe API removes all the accounts on the source first, and then it deletes the source. You can retrieve the actual task execution status with this method: GET `/task-status/{id}`\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "81a8b3aa-3e05-4b54-ba27-1e24173059f2", + "name": "Accepted - Returned if the request was successfully accepted into the system.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"TASK_RESULT\",\n \"id\": \"2c91808779ecf55b0179f720942f181a\",\n \"name\": null\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7131d59-393c-4cdd-a4fb-347ecfbc288c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "24766328-2157-43a3-9f4f-5eaba4a89062", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "94d98f87-3a71-48f3-b52e-d883055f1cbb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f841ad2d-ba33-452c-9f51-022fe6510e98", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c29ce7a-b66b-4a93-8fde-67f6f6c90114", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fc3c2c81-bc17-488f-ad60-764d31fde756", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9d426443-0059-4dd5-bf37-1e486cde8175", + "name": "Lists ProvisioningPolicies", + "request": { + "name": "Lists ProvisioningPolicies", + "description": { + "content": "This end-point lists all the ProvisioningPolicies in IdentityNow.\nA token with API, or ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7165bf71-72d2-4094-ad7f-46975d55abd1", + "name": "List of ProvisioningPolicyDto objects", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3929d01d-699f-452b-986b-360993303b73", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d06560f0-c541-4ef1-a529-dff477414ffa", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1cb2ad8c-60a1-407e-87c0-4dc64d93980c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d58a31a1-5726-4341-a442-07392354d5f6", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c42a002-2e39-4030-91ab-ed1d1b83d66d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b45f2cf9-a779-4fe6-8e03-ea9b7e7d8eed", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f249b83b-39b8-4d7a-8b56-1badfb3d7fc7", + "name": "Create Provisioning Policy", + "request": { + "name": "Create Provisioning Policy", + "description": { + "content": "This API generates a create policy/template based on field value transforms. This API is intended for use when setting up JDBC Provisioning type sources, but it will also work on other source types.\nTransforms can be used in the provisioning policy to create a new attribute that you only need during provisioning.\nRefer to [Transforms in Provisioning Policies](https://developer.sailpoint.com/idn/docs/transforms/guides/transforms-in-provisioning-policies) for more information.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Account\",\n \"description\": \"Account Provisioning Policy\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"displayName\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"displayName\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"distinguishedName\",\n \"transform\": {\n \"type\": \"usernameGenerator\",\n \"attributes\": {\n \"sourceCheck\": true,\n \"patterns\": [\n \"CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\"\n ],\n \"fn\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"ln\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"lastname\"\n }\n },\n \"fi\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 1\n }\n },\n \"fti\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 2\n }\n }\n }\n },\n \"attributes\": {\n \"cloudMaxUniqueChecks\": \"5\",\n \"cloudMaxSize\": \"100\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"description\",\n \"transform\": {\n \"type\": \"static\",\n \"attributes\": {\n \"value\": \"\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "bd27dfbe-e248-4ec0-828b-fa45d0031e6e", + "name": "Created ProvisioningPolicyDto object", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Account\",\n \"description\": \"Account Provisioning Policy\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"displayName\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"displayName\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"distinguishedName\",\n \"transform\": {\n \"type\": \"usernameGenerator\",\n \"attributes\": {\n \"sourceCheck\": true,\n \"patterns\": [\n \"CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\"\n ],\n \"fn\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"ln\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"lastname\"\n }\n },\n \"fi\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 1\n }\n },\n \"fti\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 2\n }\n }\n }\n },\n \"attributes\": {\n \"cloudMaxUniqueChecks\": \"5\",\n \"cloudMaxSize\": \"100\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"description\",\n \"transform\": {\n \"type\": \"static\",\n \"attributes\": {\n \"value\": \"\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "63768aee-455d-4aaf-964c-589cfb174ab9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Account\",\n \"description\": \"Account Provisioning Policy\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"displayName\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"displayName\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"distinguishedName\",\n \"transform\": {\n \"type\": \"usernameGenerator\",\n \"attributes\": {\n \"sourceCheck\": true,\n \"patterns\": [\n \"CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\"\n ],\n \"fn\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"ln\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"lastname\"\n }\n },\n \"fi\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 1\n }\n },\n \"fti\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 2\n }\n }\n }\n },\n \"attributes\": {\n \"cloudMaxUniqueChecks\": \"5\",\n \"cloudMaxSize\": \"100\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"description\",\n \"transform\": {\n \"type\": \"static\",\n \"attributes\": {\n \"value\": \"\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc24a6ea-57cb-4128-a784-a54f6fd7e53a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Account\",\n \"description\": \"Account Provisioning Policy\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"displayName\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"displayName\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"distinguishedName\",\n \"transform\": {\n \"type\": \"usernameGenerator\",\n \"attributes\": {\n \"sourceCheck\": true,\n \"patterns\": [\n \"CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\"\n ],\n \"fn\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"ln\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"lastname\"\n }\n },\n \"fi\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 1\n }\n },\n \"fti\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 2\n }\n }\n }\n },\n \"attributes\": {\n \"cloudMaxUniqueChecks\": \"5\",\n \"cloudMaxSize\": \"100\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"description\",\n \"transform\": {\n \"type\": \"static\",\n \"attributes\": {\n \"value\": \"\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1b9f049-c7b0-4c0f-9c9e-460f39f4373d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Account\",\n \"description\": \"Account Provisioning Policy\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"displayName\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"displayName\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"distinguishedName\",\n \"transform\": {\n \"type\": \"usernameGenerator\",\n \"attributes\": {\n \"sourceCheck\": true,\n \"patterns\": [\n \"CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\"\n ],\n \"fn\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"ln\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"lastname\"\n }\n },\n \"fi\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 1\n }\n },\n \"fti\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 2\n }\n }\n }\n },\n \"attributes\": {\n \"cloudMaxUniqueChecks\": \"5\",\n \"cloudMaxSize\": \"100\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"description\",\n \"transform\": {\n \"type\": \"static\",\n \"attributes\": {\n \"value\": \"\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "66dd6f30-593a-4c99-818c-55178f5540aa", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Account\",\n \"description\": \"Account Provisioning Policy\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"displayName\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"displayName\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"distinguishedName\",\n \"transform\": {\n \"type\": \"usernameGenerator\",\n \"attributes\": {\n \"sourceCheck\": true,\n \"patterns\": [\n \"CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\"\n ],\n \"fn\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"ln\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"lastname\"\n }\n },\n \"fi\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 1\n }\n },\n \"fti\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 2\n }\n }\n }\n },\n \"attributes\": {\n \"cloudMaxUniqueChecks\": \"5\",\n \"cloudMaxSize\": \"100\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"description\",\n \"transform\": {\n \"type\": \"static\",\n \"attributes\": {\n \"value\": \"\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "23e1e47a-64e6-457a-ad6f-8b6cbbfb3da8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Account\",\n \"description\": \"Account Provisioning Policy\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"displayName\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"displayName\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"distinguishedName\",\n \"transform\": {\n \"type\": \"usernameGenerator\",\n \"attributes\": {\n \"sourceCheck\": true,\n \"patterns\": [\n \"CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\"\n ],\n \"fn\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"ln\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"lastname\"\n }\n },\n \"fi\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 1\n }\n },\n \"fti\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 2\n }\n }\n }\n },\n \"attributes\": {\n \"cloudMaxUniqueChecks\": \"5\",\n \"cloudMaxSize\": \"100\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"description\",\n \"transform\": {\n \"type\": \"static\",\n \"attributes\": {\n \"value\": \"\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3014f69a-5f6c-4831-bd57-7f9cde2a3776", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Account\",\n \"description\": \"Account Provisioning Policy\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"displayName\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"displayName\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"distinguishedName\",\n \"transform\": {\n \"type\": \"usernameGenerator\",\n \"attributes\": {\n \"sourceCheck\": true,\n \"patterns\": [\n \"CN=$fi $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fti $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn $ln,OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\",\n \"CN=$fn$ln${uniqueCounter},OU=zzUsers,OU=Demo,DC=seri,DC=sailpointdemo,DC=com\"\n ],\n \"fn\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"ln\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"lastname\"\n }\n },\n \"fi\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 1\n }\n },\n \"fti\": {\n \"type\": \"substring\",\n \"attributes\": {\n \"input\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"firstname\"\n }\n },\n \"begin\": 0,\n \"end\": 2\n }\n }\n }\n },\n \"attributes\": {\n \"cloudMaxUniqueChecks\": \"5\",\n \"cloudMaxSize\": \"100\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"description\",\n \"transform\": {\n \"type\": \"static\",\n \"attributes\": {\n \"value\": \"\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f43d568d-6fdd-45e2-9743-549e180e0073", + "name": "Get Provisioning Policy by UsageType", + "request": { + "name": "Get Provisioning Policy by UsageType", + "description": { + "content": "This end-point retrieves the ProvisioningPolicy with the specified usage on the specified Source in IdentityNow.\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source ID.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "CREATE", + "key": "usageType", + "disabled": true, + "description": { + "content": "(Required) The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. ", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fa1a8cfe-bebd-4d3a-891d-c912574452ee", + "name": "The requested ProvisioningPolicyDto was successfully retrieved.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9ea0c8b9-706d-463b-9679-ceb0cc03850d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75d8e137-7337-40a1-b917-ecbe6e0b3fb6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2e87993b-17f6-4a19-a3a6-dcf795fac984", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5863137b-37de-4c99-ab7b-e2f732ea62b7", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b9ad8947-b7fa-42ee-8308-6064ef9aeadf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f02593f8-a683-411e-877d-20070151960d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b6596e4a-5f7b-4c60-8635-7746ccda0337", + "name": "Update Provisioning Policy by UsageType", + "request": { + "name": "Update Provisioning Policy by UsageType", + "description": { + "content": "This end-point updates the provisioning policy with the specified usage on the specified source in IdentityNow.\nTransforms can be used in the provisioning policy to create a new attribute that you only need during provisioning.\nRefer to [Transforms in Provisioning Policies](https://developer.sailpoint.com/idn/docs/transforms/guides/transforms-in-provisioning-policies) for more information.\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source ID.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "CREATE", + "key": "usageType", + "disabled": true, + "description": { + "content": "(Required) The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. ", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "a8c0f9ab-4e3f-420f-b10e-e7c2b48bb200", + "name": "The ProvisioningPolicyDto was successfully replaced.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9da8f234-a9f1-4322-b1d7-66378df65241", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6ec5bb26-b72f-4e8b-8cce-9cae12752f65", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "141c7e40-b4df-428a-95db-e3e5e6bf37c2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1fec5da1-4965-4319-addb-fb19ac0fee1d", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47e02e0d-d17a-44e2-bce8-4205c7d11106", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b3a15b78-44c5-4d55-818a-677bd3e6de9d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a57ebcd0-5e33-4f07-b838-6c5697aaa1f7", + "name": "Partial update of Provisioning Policy", + "request": { + "name": "Partial update of Provisioning Policy", + "description": { + "content": "This API selectively updates an existing Provisioning Policy using a JSONPatch payload.\nTransforms can be used in the provisioning policy to create a new attribute that you only need during provisioning.\nRefer to [Transforms in Provisioning Policies](https://developer.sailpoint.com/idn/docs/transforms/guides/transforms-in-provisioning-policies) for more information.\nA token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "CREATE", + "key": "usageType", + "disabled": true, + "description": { + "content": "(Required) The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. ", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/fields/0\",\n \"value\": {\n \"name\": \"email\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"email\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "ba9b8837-f2eb-4d30-b87e-e156d6704131", + "name": "The ProvisioningPolicyDto was successfully updated.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/fields/0\",\n \"value\": {\n \"name\": \"email\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"email\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f64e0a2a-7de0-41d0-a2f6-fa1783ca0ae9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/fields/0\",\n \"value\": {\n \"name\": \"email\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"email\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "20b1aded-7c4b-462c-9b17-68c6c1efdb6d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/fields/0\",\n \"value\": {\n \"name\": \"email\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"email\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f43fa9cd-092c-4f88-bc6d-04d61de9960e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/fields/0\",\n \"value\": {\n \"name\": \"email\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"email\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2941f632-30af-4134-bc1d-20113cdd84be", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/fields/0\",\n \"value\": {\n \"name\": \"email\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"email\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "098292e3-89f6-4f69-855e-0869455125f9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/fields/0\",\n \"value\": {\n \"name\": \"email\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"email\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "28c9fc46-9afc-4607-960e-271e36d42a3c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/fields/0\",\n \"value\": {\n \"name\": \"email\",\n \"transform\": {\n \"type\": \"identityAttribute\",\n \"attributes\": {\n \"name\": \"email\"\n }\n },\n \"attributes\": {},\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "91a75a8c-1113-4822-8fbe-47580f53854c", + "name": "Delete Provisioning Policy by UsageType", + "request": { + "name": "Delete Provisioning Policy by UsageType", + "description": { + "content": "Deletes the provisioning policy with the specified usage on an application.\nA token with API, or ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source ID.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "CREATE", + "key": "usageType", + "disabled": true, + "description": { + "content": "(Required) The type of provisioning policy usage. \nIn IdentityNow, a source can support various provisioning operations. For example, when a joiner is added to a source, this may trigger both CREATE and UPDATE provisioning operations. Each usage type is considered a provisioning policy. A source can have any number of these provisioning policies defined. \nThese are the common usage types: \nCREATE - This usage type relates to 'Create Account Profile', the provisioning template for the account to be created. For example, this would be used for a joiner on a source. \nUPDATE - This usage type relates to 'Update Account Profile', the provisioning template for the 'Update' connector operations. For example, this would be used for an attribute sync on a source.\nENABLE - This usage type relates to 'Enable Account Profile', the provisioning template for the account to be enabled. For example, this could be used for a joiner on a source once the joiner's account is created. \nDISABLE - This usage type relates to 'Disable Account Profile', the provisioning template for the account to be disabled. For example, this could be used when a leaver is removed temporarily from a source. \nYou can use these four usage types for all your provisioning policy needs. ", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "82f15f99-1d0b-4ee0-b093-130fea867629", + "name": "The ProvisioningPolicyDto was successfully deleted.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "d9d0dc08-9c04-4416-8066-ea64c8554434", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "95e9f994-c819-4a3a-8ce6-e69019e081c5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9d271251-fa08-448e-a1cc-4d4b5d7c6bb2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a661a49b-a6b7-435f-9019-adca251aa09c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "293b5960-aec0-46f8-8947-6ff6cadcc28a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1cb5731-8151-476b-bedc-a2ff010f33af", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + ":usageType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "100ad170-aaa7-4036-9afe-03518b4d5634", + "name": "Bulk Update Provisioning Policies", + "request": { + "name": "Bulk Update Provisioning Policies", + "description": { + "content": "This end-point updates a list of provisioning policies on the specified source in IdentityNow.\nA token with API, or ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "5183d34f-3b0e-4aee-b56b-869ea23eb24e", + "name": "A list of the ProvisioningPolicyDto was successfully replaced.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a11119a-7aa2-4e03-9cb6-46bb5d7be87c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "768d6306-0ab4-4c8f-b70f-d9b1e37828df", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "509d5727-31ec-406f-8fd5-fe48bb71cfc6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "124b979e-0b8a-4623-9568-3ba771a14386", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c550363-957c-4a17-b5f4-69a3a8dc6438", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d323395-7e8b-4477-b425-6e90dd075ac5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "provisioning-policies", + "bulk-update" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n },\n {\n \"name\": \"example provisioning policy for inactive identities\",\n \"description\": \"this provisioning policy creates access based on an identity going inactive\",\n \"usageType\": \"CREATE\",\n \"fields\": [\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n },\n {\n \"name\": \"userName\",\n \"transform\": {\n \"type\": \"rule\",\n \"attributes\": {\n \"name\": \"Create Unique LDAP Attribute\"\n }\n },\n \"attributes\": {\n \"template\": \"${firstname}.${lastname}${uniqueCounter}\",\n \"cloudMaxUniqueChecks\": \"50\",\n \"cloudMaxSize\": \"20\",\n \"cloudRequired\": \"true\"\n },\n \"isRequired\": false,\n \"type\": \"string\",\n \"isMultiValued\": false\n }\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c99d860f-e27c-4fb7-a150-cc61b641795d", + "name": "List Schemas on Source", + "request": { + "name": "List Schemas on Source", + "description": { + "content": "Use this API to list the schemas that exist on the specified source in Identity Security Cloud (ISC).\n", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ", + "type": "text/plain" + }, + "key": "include-types", + "value": "group" + } + ], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) Source ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c475166e-910f-461a-84aa-0edb5e1a0ab3", + "name": "The schemas were successfully retrieved.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ", + "type": "text/plain" + }, + "key": "include-types", + "value": "group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n },\n {\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a32dc409-30e9-41fd-90e5-a90a6e46d8bc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ", + "type": "text/plain" + }, + "key": "include-types", + "value": "group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4513db64-a17a-4548-b672-294aa5c973c9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ", + "type": "text/plain" + }, + "key": "include-types", + "value": "group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c0ee10b9-9fa1-4030-89ee-e9a2f64e8071", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ", + "type": "text/plain" + }, + "key": "include-types", + "value": "group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "944bf8ba-04b9-4128-9cde-fcd8ce4ed323", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ", + "type": "text/plain" + }, + "key": "include-types", + "value": "group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "971c51af-7bb1-4415-87ae-44613b7bbea3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ", + "type": "text/plain" + }, + "key": "include-types", + "value": "group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a1aa9e5-8940-4515-9643-0c9880eed64f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "If this is set to `group`, the API filters the account schema and only returns only group schemas. If this is set to `user`, the API returns the account schema for the source. ", + "type": "text/plain" + }, + "key": "include-types", + "value": "group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ecccbb8e-5f63-4de9-a6bf-3d76f65159ab", + "name": "Create Schema on Source", + "request": { + "name": "Create Schema on Source", + "description": { + "content": "Use this API to create a new schema on the specified source in Identity Security Cloud (ISC).\n", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) Source ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "1081f1dd-b8d2-4ef8-9ef3-66825bbf1f82", + "name": "The schema was successfully created on the specified source.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0bb95770-f8c0-4fe7-b65d-292bb7b2b0a8", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a8d8e18-6d50-4e5d-8222-bdb359fd0b95", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4c691a6-8fcb-41bd-ac8f-9cc9d92d1bee", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18e6bff9-9121-4eba-b581-5059b60d5a59", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ed11125-5557-450b-a673-3e305b506013", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2495cef3-e9bd-4381-90cf-9b7e05ef3b45", + "name": "Get Source Schema by ID", + "request": { + "name": "Get Source Schema by ID", + "description": { + "content": "Get the Source Schema by ID in IdentityNow.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "schemaId", + "disabled": true, + "description": { + "content": "(Required) The Schema id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f01a596d-c514-490c-8ad3-a26113e3bf93", + "name": "The requested Schema was successfully retrieved.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7f541d71-08e6-42d1-bbc6-884e4ce6cc95", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a35aa8b0-3d6c-4518-a723-f4a0d6bfe4d3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "66302fde-625f-4b22-b9b2-e496ba8817eb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7769655-b3e5-48c0-925f-0b47838e1732", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "07ca64f0-38fa-413a-a9f8-6ce6533b6def", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b84e345-ff4b-43de-a8e2-fb0fac15f24a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ccf16f2e-da57-455a-b7a6-ead3f692854f", + "name": "Update Source Schema (Full)", + "request": { + "name": "Update Source Schema (Full)", + "description": { + "content": "This API will completely replace an existing Schema with the submitted payload. Some fields of the Schema cannot be updated. These fields are listed below.\n\n* id\n* name\n* created\n* modified\n\nAny attempt to modify these fields will result in an error response with a status code of 400.\n\n> `id` must remain in the request body, but it cannot be changed. If `id` is omitted from the request body, the result will be a 400 error.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "schemaId", + "disabled": true, + "description": { + "content": "(Required) The Schema id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "e976d067-3ddd-4519-8147-d3d55b8f12ff", + "name": "The Schema was successfully replaced.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7f004123-7619-4278-89e3-958eb94f3a97", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d88823a6-a5c4-4c30-86c8-3e665c2c8387", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e38e023-eaf3-42db-ba60-268028d58939", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f4eeacea-1a71-4fda-ab76-ee5b8a478c31", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d379603c-18b1-4bef-9134-bb51296eb370", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ec6a33e-c44c-4129-a2e8-660ede855f91", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "67f0e614-c76c-48c3-b34a-e7651936f2f6", + "name": "Update Source Schema (Partial)", + "request": { + "name": "Update Source Schema (Partial)", + "description": { + "content": "Use this API to selectively update an existing Schema using a JSONPatch payload. \n\nThe following schema fields are immutable and cannot be updated:\n\n- id\n- name\n- created\n- modified\n\n\nTo switch an account attribute to a group entitlement, you need to have the following in place:\n\n- `isEntitlement: true`\n- Must define a schema for the group and [add it to the source](https://developer.sailpoint.com/idn/api/v3/create-source-schema) before updating the `isGroup` flag. For example, here is the `group` account attribute referencing a schema that defines the group:\n```json\n{\n \"name\": \"groups\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"id\": \"2c9180887671ff8c01767b4671fc7d60\",\n \"name\": \"group\"\n },\n \"description\": \"The groups, roles etc. that reference account group objects\",\n \"isMulti\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n}\n```\n", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "schemaId", + "disabled": true, + "description": { + "content": "(Required) The Schema id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/-\",\n \"value\": {\n \"name\": \"location\",\n \"type\": \"STRING\",\n \"schema\": null,\n \"description\": \"Employee location\",\n \"isMulti\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "b57b42b3-33b5-42a8-87b4-600700a6d492", + "name": "The Schema was successfully updated.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/-\",\n \"value\": {\n \"name\": \"location\",\n \"type\": \"STRING\",\n \"schema\": null,\n \"description\": \"Employee location\",\n \"isMulti\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05f38c18-2599-4e8c-b2ab-d52304ac3839", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/-\",\n \"value\": {\n \"name\": \"location\",\n \"type\": \"STRING\",\n \"schema\": null,\n \"description\": \"Employee location\",\n \"isMulti\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f554e6c8-678a-45c1-891b-a458694afd72", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/-\",\n \"value\": {\n \"name\": \"location\",\n \"type\": \"STRING\",\n \"schema\": null,\n \"description\": \"Employee location\",\n \"isMulti\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "65ae2d79-517a-4752-ad65-fd4a359a2247", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/-\",\n \"value\": {\n \"name\": \"location\",\n \"type\": \"STRING\",\n \"schema\": null,\n \"description\": \"Employee location\",\n \"isMulti\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd8693c3-a4c5-4949-bca2-0744d8462f27", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/-\",\n \"value\": {\n \"name\": \"location\",\n \"type\": \"STRING\",\n \"schema\": null,\n \"description\": \"Employee location\",\n \"isMulti\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "650bd63a-f4a6-4e0f-ab7d-79f15e6eab0c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/-\",\n \"value\": {\n \"name\": \"location\",\n \"type\": \"STRING\",\n \"schema\": null,\n \"description\": \"Employee location\",\n \"isMulti\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "66aa329c-2e49-4082-8bdd-b7b8db886714", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"add\",\n \"path\": \"/attributes/-\",\n \"value\": {\n \"name\": \"location\",\n \"type\": \"STRING\",\n \"schema\": null,\n \"description\": \"Employee location\",\n \"isMulti\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "eed8e372-d91c-45d5-8172-0cb5a0682a46", + "name": "Delete Source Schema by ID", + "request": { + "name": "Delete Source Schema by ID", + "description": {}, + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "schemaId", + "disabled": true, + "description": { + "content": "(Required) The Schema id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "2849bc33-3833-406c-b9b7-a4c9b205c008", + "name": "The Schema was successfully deleted.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "619d7952-7583-4481-bd7e-0c9e851e37a1", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d37265fe-0ec8-4b56-902a-1d97d3238d2c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "242b37fd-dd79-46f7-a54c-f643d5eb284e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7cd09124-d957-4c25-85be-2fe08f937fcc", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8602d9a2-c92f-453e-8e8c-dd5841d86df9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ad512848-69b0-4c3b-83d4-f58e4d0fcb6c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "schemas", + ":schemaId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7c2c0216-35ed-4fdb-80ab-b28f53095a67", + "name": "Fetches source health by id", + "request": { + "name": "Fetches source health by id", + "description": { + "content": "This endpoint fetches source health by source's id", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "source-health" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "8ca4dbbf-dce9-413b-87ef-f1b587d4ee6b", + "name": "Fetched source health successfully", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "source-health" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"type\": \"OpenLDAP - Direct\",\n \"name\": \"Source1234\",\n \"org\": \"denali-cjh\",\n \"isAuthoritative\": false,\n \"isCluster\": false,\n \"hostname\": \"megapod-useast1-secret-hostname.sailpoint.com\",\n \"pod\": \"megapod-useast1\",\n \"iqServiceVersion\": \"iqVersion123\",\n \"status\": \"SOURCE_STATE_UNCHECKED_SOURCE\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f47a69cf-d7da-4e42-a466-066b2b6b8a9a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "source-health" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "77024998-e826-484a-9092-7d3239cce6cf", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "source-health" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "56150cee-5de1-4904-8952-b1bb1eac2843", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "source-health" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7d2b4a5-b877-415a-bb94-1df26e593c09", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "source-health" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b137a343-0b80-4c6f-8612-339079a805da", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "source-health" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "299b5036-e2c7-4631-bd1f-d3acf6a11d4a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "source-health" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f371dc02-c73b-460c-acf9-9f7d0f273ca8", + "name": "Downloads source accounts schema template", + "request": { + "name": "Downloads source accounts schema template", + "description": { + "content": "This API downloads the CSV schema that defines the account attributes on a source.\n>**NOTE: This API is designated only for Delimited File sources.**", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "978a9fc5-ec09-4267-861e-ee5d8dd28b58", + "name": "Successfully downloaded the file", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "text/csv" + } + ], + "body": "id,name,givenName,familyName,e-mail,location,manager,groups,startDate,endDate", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "69cb24a6-83e8-4928-bd62-564f8b8dd8cc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9e1df624-d51b-4366-922f-ea9214380888", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "42611f2d-5e4e-45ea-9549-7734d55f22f2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be5452d3-240f-455c-8bab-13f3125cbaf4", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b81af1b1-2edf-41d0-bed8-6e249d73ce55", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bfa95a73-bd15-4601-bb7d-92f446cb5549", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8a32988e-a74a-4233-a43f-613ccd13dee7", + "name": "Uploads source accounts schema template", + "request": { + "name": "Uploads source accounts schema template", + "description": { + "content": "This API uploads a source schema template file to configure a source's account attributes.\n\nTo retrieve the file to modify and upload, log into Identity Now. \n\nClick **Admin** -> **Connections** -> **Sources** -> **`{SourceName}`** -> **Import Data** -> **Account Schema** -> **Options** -> **Download Schema**\n\n>**NOTE: This API is designated only for Delimited File sources.**", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "84fa50eb-f6ed-4435-924a-f4caad99680b", + "name": "Successfully uploaded the file", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8e8809e-472c-4925-a932-f04cd9a86738", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f18d679d-e2a8-46a6-a074-88123967e5f8", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3440c38f-fe78-4737-9e3b-5665dcce59cd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18b0b0fa-72fb-4227-b541-c41d98b34747", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1ed83592-a77c-49ce-b296-7804100eddb1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "56ccad5e-733c-49d8-9636-3d8a00b3a683", + "name": "Downloads source entitlements schema template", + "request": { + "name": "Downloads source entitlements schema template", + "description": { + "content": "This API downloads the CSV schema that defines the entitlement attributes on a source.\n\n>**NOTE: This API is designated only for Delimited File sources.**", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ce9f3f31-4166-437e-8f6d-67e94de214f4", + "name": "Successfully downloaded the file", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "text/csv" + } + ], + "body": "id,name,displayName,created,description,modified,entitlements,groups,permissions", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "39ae4540-9004-4767-ba20-c5be7fee7ff5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc7b35c3-1695-4938-a739-6416a9e627bb", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1924a296-6790-497d-a1e1-6682335c09c3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "38fdfe8c-3a4e-4c77-9717-688f97b2c24b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "042b18be-5831-417d-8344-f7a4b1921e24", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18f24ee7-e640-4654-b940-5e565607f7a5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "67a0bbc1-2537-4134-a2c0-bee16af3cffb", + "name": "Uploads source entitlements schema template", + "request": { + "name": "Uploads source entitlements schema template", + "description": { + "content": "This API uploads a source schema template file to configure a source's entitlement attributes.\n\nTo retrieve the file to modify and upload, log into Identity Now. \n\nClick **Admin** -> **Connections** -> **Sources** -> **`{SourceName}`** -> **Import Data** -> **Import Entitlements** -> **Download**\n\n>**NOTE: This API is designated only for Delimited File sources.**", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [ + { + "type": "any", + "value": "8c190e6787aa4ed9a90bd9d5344523fb", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "2407ce76-a923-4518-a42e-81d1616d743d", + "name": "Successfully uploaded the file", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d191a86015d28455b4a2329\",\n \"name\": \"account\",\n \"nativeObjectType\": \"User\",\n \"identityAttribute\": \"sAMAccountName\",\n \"displayAttribute\": \"distinguishedName\",\n \"hierarchyAttribute\": \"memberOf\",\n \"includePermissions\": false,\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"configuration\": {\n \"groupMemberAttribute\": \"member\"\n },\n \"attributes\": [\n {\n \"name\": \"sAMAccountName\",\n \"type\": \"STRING\",\n \"isMultiValued\": false,\n \"isEntitlement\": false,\n \"isGroup\": false\n },\n {\n \"name\": \"memberOf\",\n \"type\": \"STRING\",\n \"schema\": {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n },\n \"description\": \"Group membership\",\n \"isMultiValued\": true,\n \"isEntitlement\": true,\n \"isGroup\": true\n }\n ],\n \"created\": \"2019-12-24T22:32:58.104Z\",\n \"modified\": \"2019-12-31T20:22:28.104Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "81e62ebf-050a-41b7-8fb7-5a268b67fcc9", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b7b44fd9-f628-4f1e-aa77-cac53bd98598", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c42d86b0-94c5-46c8-8379-0f5454caea0e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f51e4104-9f25-41d9-9c38-3ba2fb871067", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9de9099d-46ec-4233-a969-fe1e2cf0c714", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "schemas", + "entitlements" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Name of entitlement schema", + "type": "text/plain" + }, + "key": "schemaName", + "value": "?schemaName=group" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "256b6999-5614-40a7-a3b4-fbd21960846b", + "name": "Upload connector file to source", + "request": { + "name": "Upload connector file to source", + "description": { + "content": "This uploads a supplemental source connector file (like jdbc driver jars) to a source's S3 bucket. This also sends ETS and Audit events.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "upload-connector-file" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The Source id.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "87c1e5e9-cecc-4954-91a1-8c3482919e14", + "name": "Uploaded the file successfully and sent all post-upload events", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "upload-connector-file" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"My Source\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"MyName\"\n },\n \"connector\": \"active-directory\",\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"description\": \"This is the corporate directory.\",\n \"cluster\": {\n \"name\": \"Corporate Cluster\",\n \"id\": \"2c9180866166b5b0016167c32ef31a66\",\n \"type\": \"CLUSTER\"\n },\n \"accountCorrelationConfig\": {\n \"type\": \"ACCOUNT_CORRELATION_CONFIG\",\n \"id\": \"2c9180855d191c59015d28583727245a\",\n \"name\": \"Directory [source-62867] Account Correlation\"\n },\n \"accountCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"managerCorrelationMapping\": {\n \"accountAttributeName\": \"manager\",\n \"identityAttributeName\": \"manager\"\n },\n \"managerCorrelationRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"beforeProvisioningRule\": {\n \"type\": \"RULE\",\n \"id\": \"2c918085708c274401708c2a8a760001\",\n \"name\": \"Example Rule\"\n },\n \"schemas\": [\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"account\"\n },\n {\n \"type\": \"CONNECTOR_SCHEMA\",\n \"name\": \"group\"\n }\n ],\n \"passwordPolicies\": [\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Corporate Password Policy\"\n },\n {\n \"type\": \"PASSWORD_POLICY\",\n \"name\": \"Vendor Password Policy\"\n }\n ],\n \"features\": [\n \"PROVISIONING\",\n \"NO_PERMISSIONS_PROVISIONING\",\n \"GROUPS_HAVE_MEMBERS\"\n ],\n \"type\": \"OpenLDAP - Direct\",\n \"connectorClass\": \"sailpoint.connector.LDAPConnector\",\n \"connectorAttributes\": {\n \"healthCheckTimeout\": 30,\n \"authSearchAttributes\": [\n \"cn\",\n \"uid\",\n \"mail\"\n ]\n },\n \"deleteThreshold\": 10,\n \"authoritative\": false,\n \"managementWorkgroup\": {\n \"type\": \"GOVERNANCE_GROUP\",\n \"id\": \"2c91808568c529c60168cca6f90c2222\",\n \"name\": \"My Management Workgroup\"\n },\n \"healthy\": true,\n \"status\": \"SOURCE_STATE_HEALTHY\",\n \"since\": \"2021-09-28T15:48:29.380Z\",\n \"connectorId\": \"active-directory\",\n \"connectorName\": \"Active Directory\",\n \"connectionType\": \"file\",\n \"connectorImplementationId\": \"delimited-file\",\n \"created\": \"2022-02-08T14:50:03.827Z\",\n \"modified\": \"2024-01-23T18:08:50.897Z\",\n \"credentialProviderEnabled\": false,\n \"category\": \"CredentialProvider\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6ca89e61-a4c2-4e26-bf4d-e486891e1140", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "upload-connector-file" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0a7fa18f-41e0-4208-9168-2cb4fb7e2598", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "upload-connector-file" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "31913dbc-2f9f-4b2e-a891-d272d16dab69", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "upload-connector-file" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be176902-1bad-4532-b567-8a2f2181dd18", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "upload-connector-file" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "51d7a9c0-96d1-4782-a4f1-9907745562ce", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "upload-connector-file" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0712ce72-abf0-460f-9abf-4c81a126ca3e", + "name": "Attribute Sync Config", + "request": { + "name": "Attribute Sync Config", + "description": { + "content": "This API returns the existing attribute synchronization configuration for a source specified by the given ID. The response contains all attributes, regardless of whether they enabled or not.\nA token with ORG_ADMIN or HELPDESK authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b63c47e7-17de-4474-8d9a-91a5c88eb57b", + "name": "Attribute synchronization configuration for a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "07280508-414a-415c-90d3-5e9fe0b6513a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc81a72a-b5d2-4a81-a1c4-23ad31ab99f6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "04a63a28-f91b-402a-8043-7f1fdb05ad4e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ee8c3220-e7b9-4522-abdf-eac086e2934f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01154695-4343-4ccf-8de1-2e4af2119700", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b98bd293-564d-4474-939e-d4ad5854e40c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "63ff2a0b-8f02-4492-8816-8e55a5c68e19", + "name": "Update Attribute Sync Config", + "request": { + "name": "Update Attribute Sync Config", + "description": { + "content": "Replaces the attribute synchronization configuration for the source specified by the given ID with the configuration provided in the request body. Only the \"enabled\" field of the values in the \"attributes\" array is mutable. Attempting to change other attributes or add new values to the \"attributes\" array will result in an error.\n \nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "5917515c-2b67-4235-be75-833adf53df6d", + "name": "Updated attribute synchronization configuration for a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "654f1744-287b-4739-936d-2dc92b519900", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2a9c1575-d6e5-4edd-b494-e3d2035c54d9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe7d6e82-6103-404e-9a08-80b71357991e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4797386c-8588-4512-a00e-cbe75d094027", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "36101125-d00e-4730-b319-a85fbadb1bb8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "db1b79ce-b09e-4fa7-92a3-cc85d7a93f2f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "attribute-sync-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"source\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"attributes\": [\n {\n \"name\": \"email\",\n \"displayName\": \"Email\",\n \"enabled\": true,\n \"target\": \"mail\"\n },\n {\n \"name\": \"firstname\",\n \"displayName\": \"First Name\",\n \"enabled\": false,\n \"target\": \"givenName\"\n }\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3e599463-1442-4486-89e1-de8b3ca4891f", + "name": "Check connection for source connector.", + "request": { + "name": "Check connection for source connector.", + "description": { + "content": "This endpoint validates that the configured credentials are valid and will properly authenticate with the source identified by the sourceId path parameter.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "check-connection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "cef3ee201db947c5912551015ba0c679", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The ID of the Source.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "e97bbb53-25f2-4bf4-ac3b-c38f2f4e88c9", + "name": "The result of checking connection to the source connector with response from it.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "check-connection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"ODS-AD-Test [source-999999]\",\n \"status\": \"SUCCESS\",\n \"elapsedMillis\": 1000,\n \"details\": {\n \"useTLSForIQService\": false,\n \"IQService\": {\n \"TLS Port\": 0,\n \".NET CLR Version\": \"4.0.30319.42000\",\n \"SecondaryServiceStatus\": \"Running\",\n \"Port\": 5050,\n \"Host\": \"AUTOMATION-AD\",\n \"Name\": \"IQService\",\n \"IQServiceStatus\": \"Running\",\n \"SecondaryService\": \"IQService-Instance1-Secondary\",\n \"Version\": \"IQService Sep-2020\",\n \"secondaryPort\": 5051,\n \"OS Architecture\": \"AMD64\",\n \"Operating System\": \"Microsoft Windows Server 2012 R2 Standard\",\n \"highestDotNetVersion\": \"4.8 or later\",\n \"Build Time\": \"09/22/2020 06:34 AM -0500\"\n },\n \"IQServiceClientAuthEnabled\": false,\n \"requestProcessedOn\": \"1/19/2021 1:47:14 PM\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "81f91913-0841-4806-abd0-e8264f5c691f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "check-connection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2faf8649-c8eb-46e8-bb7c-bd6decfe300f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "check-connection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be5d23e3-e8bd-4497-ae17-afe833f194d2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "check-connection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a1379eae-be33-462f-a88f-ffc52598e808", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "check-connection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cefdaee2-a5ba-4847-b1f2-1a53a8cd2ffb", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "check-connection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b47b661-1ecb-44f9-97e6-bcc48b8ea98a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "check-connection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6f63d45a-a9c6-4706-902e-bc9cbe979c71", + "name": "Peek source connector's resource objects", + "request": { + "name": "Peek source connector's resource objects", + "description": { + "content": "Retrieves a sample of data returned from account and group aggregation requests.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "peek-resource-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "cef3ee201db947c5912551015ba0c679", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The ID of the Source", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"resource\",\n \"maxCount\": 50\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "0aa61144-06ec-49d3-bb16-143a3b91b74e", + "name": "List of resource objects that was fetched from the source connector.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "peek-resource-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"resource\",\n \"maxCount\": 50\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"ODS-AD-Test [source-999999]\",\n \"objectCount\": 25,\n \"elapsedMillis\": 1055,\n \"resourceObjects\": [\n {\n \"instance\": \"deserunt\",\n \"identity\": \"CN=Aaron Carr,OU=test1,DC=test2,DC=test\",\n \"uuid\": \"{abf7bd9b-68b4-4d21-9b70-870c58ebf844}\",\n \"previousIdentity\": \"voluptate Excepteur\",\n \"name\": \"Aaron Carr\",\n \"objectType\": \"account\",\n \"incomplete\": false,\n \"incremental\": false,\n \"delete\": false,\n \"remove\": false,\n \"missing\": [\n \"missFieldOne\",\n \"missFieldTwo\"\n ],\n \"attributes\": {\n \"telephoneNumber\": \"12-(345)678-9012\",\n \"mail\": \"example@test.com\",\n \"displayName\": \"Aaron Carr\"\n },\n \"finalUpdate\": false\n },\n {\n \"instance\": \"reprehenderit ex\",\n \"identity\": \"CN=Aaron Carr,OU=test1,DC=test2,DC=test\",\n \"uuid\": \"{abf7bd9b-68b4-4d21-9b70-870c58ebf844}\",\n \"previousIdentity\": \"ut non sunt ut magna\",\n \"name\": \"Aaron Carr\",\n \"objectType\": \"account\",\n \"incomplete\": false,\n \"incremental\": false,\n \"delete\": false,\n \"remove\": false,\n \"missing\": [\n \"missFieldOne\",\n \"missFieldTwo\"\n ],\n \"attributes\": {\n \"telephoneNumber\": \"12-(345)678-9012\",\n \"mail\": \"example@test.com\",\n \"displayName\": \"Aaron Carr\"\n },\n \"finalUpdate\": false\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c32ecfce-c68c-45d9-8722-aa080cbd4bcd", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "peek-resource-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"resource\",\n \"maxCount\": 50\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eca79511-e66d-43d7-9c64-33160450ab2f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "peek-resource-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"resource\",\n \"maxCount\": 50\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "565807ae-b23d-46b7-aaa5-c032de2b43b2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "peek-resource-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"resource\",\n \"maxCount\": 50\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "446ba0e0-5179-45c9-88d4-173a773bf2dd", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "peek-resource-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"resource\",\n \"maxCount\": 50\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "38f2ebbb-8277-4c9b-b15b-490642158302", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "peek-resource-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"resource\",\n \"maxCount\": 50\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6542a0e3-9075-4908-b140-3ae0a6ccf2a8", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "peek-resource-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectType\": \"resource\",\n \"maxCount\": 50\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "71f3475e-3cda-4fa4-aff0-107963bf0562", + "name": "Ping cluster for source connector", + "request": { + "name": "Ping cluster for source connector", + "description": { + "content": "This endpoint validates that the cluster being used by the source is reachable from IdentityNow.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "ping-cluster" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "cef3ee201db947c5912551015ba0c679", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The ID of the Source", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "87a74635-f914-410a-995e-c01a63dfc898", + "name": "The result of pinging connection with the source connector.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "ping-cluster" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"ODS-AD-Test [source-999999]\",\n \"status\": \"SUCCESS\",\n \"elapsedMillis\": 1000,\n \"details\": {\n \"useTLSForIQService\": false,\n \"IQService\": {\n \"TLS Port\": 0,\n \".NET CLR Version\": \"4.0.30319.42000\",\n \"SecondaryServiceStatus\": \"Running\",\n \"Port\": 5050,\n \"Host\": \"AUTOMATION-AD\",\n \"Name\": \"IQService\",\n \"IQServiceStatus\": \"Running\",\n \"SecondaryService\": \"IQService-Instance1-Secondary\",\n \"Version\": \"IQService Sep-2020\",\n \"secondaryPort\": 5051,\n \"OS Architecture\": \"AMD64\",\n \"Operating System\": \"Microsoft Windows Server 2012 R2 Standard\",\n \"highestDotNetVersion\": \"4.8 or later\",\n \"Build Time\": \"09/22/2020 06:34 AM -0500\"\n },\n \"IQServiceClientAuthEnabled\": false,\n \"requestProcessedOn\": \"1/19/2021 1:47:14 PM\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d650089d-844b-4f8d-941d-a4508d76dd1f", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "ping-cluster" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "58a777cc-8a26-47ab-a031-aefb24f3807b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "ping-cluster" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "80450de4-e218-4a1d-868e-1ecc78c421a0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "ping-cluster" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9bd435bf-8ee8-47fa-b582-6ee44231b78b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "ping-cluster" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d862d73f-3fd4-4876-ada5-a1c692bc72cf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "ping-cluster" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b136d101-136c-46a7-9645-2d52451cef77", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "ping-cluster" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4e49231e-d674-4543-af04-bd996c2693b8", + "name": "Test configuration for source connector", + "request": { + "name": "Test configuration for source connector", + "description": { + "content": "This endpoint performs a more detailed validation of the source's configuration that can take longer than the lighter weight credential validation performed by the checkConnection API.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "test-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "cef3ee201db947c5912551015ba0c679", + "key": "sourceId", + "disabled": true, + "description": { + "content": "(Required) The ID of the Source", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "10660d45-c138-422a-b4fd-520394a75750", + "name": "The result of testing source connector configuration with response from it.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "test-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"ODS-AD-Test [source-999999]\",\n \"status\": \"SUCCESS\",\n \"elapsedMillis\": 1000,\n \"details\": {\n \"useTLSForIQService\": false,\n \"IQService\": {\n \"TLS Port\": 0,\n \".NET CLR Version\": \"4.0.30319.42000\",\n \"SecondaryServiceStatus\": \"Running\",\n \"Port\": 5050,\n \"Host\": \"AUTOMATION-AD\",\n \"Name\": \"IQService\",\n \"IQServiceStatus\": \"Running\",\n \"SecondaryService\": \"IQService-Instance1-Secondary\",\n \"Version\": \"IQService Sep-2020\",\n \"secondaryPort\": 5051,\n \"OS Architecture\": \"AMD64\",\n \"Operating System\": \"Microsoft Windows Server 2012 R2 Standard\",\n \"highestDotNetVersion\": \"4.8 or later\",\n \"Build Time\": \"09/22/2020 06:34 AM -0500\"\n },\n \"IQServiceClientAuthEnabled\": false,\n \"requestProcessedOn\": \"1/19/2021 1:47:14 PM\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c6d79d6c-dc6d-46f2-b4ac-8715e347e9a2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "test-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7b1ada3f-3640-4409-ae46-66c9a00c0b96", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "test-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "34d5246e-2870-46eb-ab10-4afc92a18ecd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "test-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "06f4cabc-090e-4ef6-89a7-9e25584d3b26", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "test-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49073669-6b64-468f-a7a0-d2ec8aa4c4c2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "test-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3cef54ab-2457-4506-a3d4-d7326027d0d1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "connector", + "test-configuration" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c4706a56-5cc2-4c67-8bcb-7f0d7ab7a3d9", + "name": "Gets source config with language translations", + "request": { + "name": "Gets source config with language translations", + "description": { + "content": "Looks up and returns the source config for the requested source id after populating the source config values and applying language translations.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "connectors", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "false" + } + ], + "variable": [ + { + "type": "any", + "value": "irure nisi et dolore aliqua", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c157095c-8022-407f-83ad-1d809eef745a", + "name": "A Connector Detail object", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "connectors", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"JDBC\",\n \"sourceConfigXml\": \"
\\n\\t
\",\n \"sourceConfig\": \"ex consectetur\",\n \"directConnect\": true,\n \"fileUpload\": false,\n \"uploadedFiles\": \"est officia\",\n \"connectorMetadata\": {\n \"supportedUI\": \"EXTJS\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb7f3425-b360-46d5-8374-97b4a43f31f9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "connectors", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ebb53aa4-cac6-4f50-af59-2cbd741d294c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "connectors", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "da4b2d6c-d33d-476a-8e40-0aa3dc5a316e", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "connectors", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b1cf69e-3967-44ee-a031-cb100950f754", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "connectors", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "37ccf506-e07d-47f3-bd7a-5831098fd6a7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "connectors", + "source-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The locale to apply to the config. If no viable locale is given, it will default to \"en\"", + "type": "text/plain" + }, + "key": "locale", + "value": "false" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6e20bd17-728a-46f6-89db-ee1ec895c409", + "name": "Native Change Detection Configuration", + "request": { + "name": "Native Change Detection Configuration", + "description": { + "content": "This API returns the existing native change detection configuration for a source specified by the given ID.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "sourceId" + }, + { + "disabled": true, + "description": { + "content": "(Required) The source id", + "type": "text/plain" + }, + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e65e440a-c5b8-451a-84b0-cef00fec405c", + "name": "Native change detection configuration for a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1ee9bad-aee9-44ba-8b0a-6c344940bb64", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a97dbd6-4560-4bf4-8085-0ddd45e5a3f1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "da95bbc2-8f63-4907-a7e5-3d2ce7ab57ec", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c6984db-acf0-49b0-a8f5-07ff3763f39c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3292f29-318e-47ce-b8fc-2e57ad3f779b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a5869b34-3bdc-4b18-85d1-75981f24c637", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "0b2fe2e3-1901-4fab-b952-7d522cec9039", + "name": "Update Native Change Detection Configuration", + "request": { + "name": "Update Native Change Detection Configuration", + "description": { + "content": "Replaces the native change detection configuration for the source specified by the given ID with the configuration provided in the request body.\n \nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "sourceId" + }, + { + "disabled": true, + "description": { + "content": "(Required) The source id", + "type": "text/plain" + }, + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "6b0725c1-a29c-4e6f-a1b7-e697148cf405", + "name": "Updated native change detection configuration for a source", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "abcad6f8-6729-461e-a979-d904f94e3669", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "464f53f2-fb9b-4c7e-a773-ad511b129e40", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "79171ff2-2e54-4322-b579-a10d72e7cced", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47dec763-db0e-4468-af79-8047c05976b0", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "58f6346c-bbf3-4519-99e6-7e4b4fe69603", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5323ba67-9115-4a2f-aa39-fa5be73ada1a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"enabled\": true,\n \"operations\": [\n \"ACCOUNT_UPDATED\",\n \"ACCOUNT_DELETED\"\n ],\n \"allEntitlements\": false,\n \"allNonEntitlementAttributes\": false,\n \"selectedEntitlements\": [\n \"memberOf\",\n \"memberOfSharedMailbox\"\n ],\n \"selectedNonEntitlementAttributes\": [\n \"lastName\",\n \"phoneNumber\",\n \"objectType\",\n \"servicePrincipalName\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "593e9c74-68df-4212-9eb8-1a44a5fc07e5", + "name": "Delete Native Change Detection Configuration", + "request": { + "name": "Delete Native Change Detection Configuration", + "description": { + "content": "Deletes the native change detection configuration for the source specified by the given ID.\nA token with API, or ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "sourceId" + }, + { + "disabled": true, + "description": { + "content": "(Required) The source id", + "type": "text/plain" + }, + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "a3abeb6d-d694-43b4-b773-d79a79056c28", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "d5d3ba97-5fcb-497d-8fc0-6264c85b6b10", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ca5030d6-19a3-42c3-92ec-6cb43d904d7b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c15f790a-3e61-462a-801d-bbee7994032a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "09283c90-0b96-4ae5-8d49-17477f428f85", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b9fff42-9f67-49e8-834a-9ececd409724", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "59431c22-d36a-461f-8d43-3906c12a4926", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":sourceId", + "native-change-detection-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7a3799cb-2931-4e9d-a51e-12d412ca5978", + "name": "Remove All Accounts in a Source", + "request": { + "name": "Remove All Accounts in a Source", + "description": { + "content": "Use this endpoint to remove all accounts from the system without provisioning changes to the source. Accounts that are removed could be re-created during the next aggregation.\n\nThis endpoint is good for:\n* Removing accounts that no longer exist on the source.\n* Removing accounts that won't be aggregated following updates to the source configuration.\n* Forcing accounts to be re-created following the next aggregation to re-run account processing, support testing, etc.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "remove-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ebbf35756e1140699ce52b233121384a", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "e260f23d-b3c4-4e2d-b3e1-0bbb6ed7a491", + "name": "Accepted. Returns task result details of removal request.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "remove-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"type\": \"TASK_RESULT\",\n \"id\": \"464ae7bf791e49fdb74606a2e4a89635\",\n \"name\": null\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fd8a3da7-5486-40e9-92a8-2cc6a528f5c7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "remove-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "532da6e1-886d-4b73-b149-2b77b9c65c95", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "remove-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7037189e-b328-4ab2-ac4c-10174c7a5f3a", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "remove-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "81c688c0-3ac5-41eb-8c3a-56ade0684c9c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "remove-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c59b8745-7c69-4ce9-8e06-7e80f9cbc4db", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "remove-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "7cc04d95-0d2c-49f3-8186-5398d4c4c2f0", + "name": "Synchronize single source attributes.", + "request": { + "name": "Synchronize single source attributes.", + "description": { + "content": "This end-point performs attribute synchronization for a selected source.\nA token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "irure nisi et dolore aliqua", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The Source id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "ecf08db1-2c2e-449b-ae04-6cbcd9254842", + "name": "A Source Sync job", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"status\": \"IN_PROGRESS\",\n \"payload\": {\n \"type\": \"SYNCHRONIZE_SOURCE_ATTRIBUTES\",\n \"dataJson\": \"{\\\"sourceId\\\":\\\"2c918083746f642c01746f990884012a\\\"}\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c058e12a-c8bb-41a4-93e0-fb01a0b20933", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8ac5d5a3-25ed-4b53-b332-21055db74c55", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc3e3ccc-ebe6-4a25-b0d8-dbf6a3103ac9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eaa37c3b-42f8-40d5-b6d9-906cd26de55c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17bb4238-049f-4ccc-8913-8613c30bf220", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1fa8458-5648-4c56-a313-f47d2d1a4a12", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "synchronize-attributes" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "48d9a32b-ab27-4a7b-9045-80f1aba7fa4e", + "name": "Get Source Entitlement Request Configuration", + "request": { + "name": "Get Source Entitlement Request Configuration", + "description": { + "content": "This API gets the current entitlement request configuration for a source. This source-level configuration should apply for all the entitlements in the source.\n\nAccess request to any entitlements in the source should follow this configuration unless a separate entitlement-level configuration is defined.\n- During access request, this source-level entitlement request configuration overrides the global organization-level configuration.\n- However, the entitlement-level configuration (if defined) overrides this source-level configuration.\n\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "f9b5f482-e5fd-4dd2-9276-fcfac2787c00", + "name": "Get default config", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [],\n \"requestCommentRequired\": false,\n \"denialCommentRequired\": false\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d6afc09-8649-487a-939e-b2316135c297", + "name": "Get config with one approval", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverId\": null,\n \"approverType\": \"SOURCE_OWNER\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f7e5e64-05bb-4847-8684-c888d1cda6c7", + "name": "Get config with multiple approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverId\": null,\n \"approverType\": \"ENTITLEMENT_OWNER\"\n },\n {\n \"approverId\": null,\n \"approverType\": \"SOURCE_OWNER\"\n },\n {\n \"approverId\": \"95e538a3-30c1-433a-af05-4bed973bbc22\",\n \"approverType\": \"GOVERNANCE_GROUP\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "47221507-d26e-4581-b170-173feff4e8cb", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "254870f8-1c0a-4332-ab96-d301231d313a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "030f7d0f-f774-4ec3-b8bd-6b267c4a0646", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b6b74162-a35e-49f5-a8a3-6ecbc3b2e6c6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c7ba88f9-bf24-411a-a051-3f137ef62133", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "443a98ea-b687-470b-8177-c058793e988c", + "name": "Update Source Entitlement Request Configuration", + "request": { + "name": "Update Source Entitlement Request Configuration", + "description": { + "content": "This API replaces the current entitlement request configuration for a source. This source-level configuration should apply for all the entitlements in the source.\n\nAccess request to any entitlements in the source should follow this configuration unless a separate entitlement-level configuration is defined.\n- During access request, this source-level entitlement request configuration overrides the global organization-level configuration.\n- However, the entitlement-level configuration (if defined) overrides this source-level configuration.\n\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": []\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "cb9505a0-f1f1-4e7f-8760-d1713a6ec647", + "name": "Set config with no approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": []\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "203b5434-e756-454b-b55a-5abe924bbb66", + "name": "Set config with one approval", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"SOURCE_OWNER\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "252b89cb-d243-4c4f-95ed-72d49e720be5", + "name": "Set config with multiple approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"ENTITLEMENT_OWNER\"\n },\n {\n \"approverType\": \"SOURCE_OWNER\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"95e538a3-30c1-433a-af05-4bed973bbc22\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"e3eab852-8315-467f-9de7-70eda97f63c8\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d47c93fe-666f-4c29-9cc6-a216037edd49", + "name": "Set config with no approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": []\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a4f09a2d-0a54-4e2e-a556-5979a829beee", + "name": "Set config with one approval", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"SOURCE_OWNER\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "63f7d6ae-96b8-440b-b77e-cd544cc2b1fc", + "name": "Set config with multiple approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"ENTITLEMENT_OWNER\"\n },\n {\n \"approverType\": \"SOURCE_OWNER\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"95e538a3-30c1-433a-af05-4bed973bbc22\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "056d5f90-bd1e-42a4-a29c-f9eb9d234013", + "name": "Set config with no approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": []\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e7a6ddd8-d33c-4f30-872d-0e9f788e06aa", + "name": "Set config with one approval", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"SOURCE_OWNER\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3be84a90-a8c8-4e13-b25f-a746cd2fa407", + "name": "Set config with multiple approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"ENTITLEMENT_OWNER\"\n },\n {\n \"approverType\": \"SOURCE_OWNER\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"95e538a3-30c1-433a-af05-4bed973bbc22\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4fea11f9-b095-4231-9f8e-c246ccece626", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": []\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "48f28f1c-9c46-44ba-946a-8f57d5bee1b3", + "name": "Set config with one approval", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"SOURCE_OWNER\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b000055f-89ab-447b-b6c9-da66dbcfcdf0", + "name": "Set config with multiple approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"ENTITLEMENT_OWNER\"\n },\n {\n \"approverType\": \"SOURCE_OWNER\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"95e538a3-30c1-433a-af05-4bed973bbc22\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5cfa10d0-4292-4711-8751-6fc6b0fa698d", + "name": "Set config with no approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": []\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b6e5f21-735b-444c-9956-4ab59aa09733", + "name": "Set config with one approval", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"SOURCE_OWNER\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e8530cf3-0253-47b3-b868-91e0c3bb9c59", + "name": "Set config with multiple approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"ENTITLEMENT_OWNER\"\n },\n {\n \"approverType\": \"SOURCE_OWNER\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"95e538a3-30c1-433a-af05-4bed973bbc22\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d045589d-0c87-43fd-a1b0-53cb630ebd49", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": []\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "34c28f9e-41f8-42b5-b9e9-1e01718932fe", + "name": "Set config with one approval", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"SOURCE_OWNER\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "466f5406-6aca-4da2-a797-d6ca10625ed0", + "name": "Set config with multiple approvals", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "entitlement-request-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"accessRequestConfig\": {\n \"approvalSchemes\": [\n {\n \"approverType\": \"ENTITLEMENT_OWNER\"\n },\n {\n \"approverType\": \"SOURCE_OWNER\"\n },\n {\n \"approverType\": \"GOVERNANCE_GROUP\",\n \"approverId\": \"95e538a3-30c1-433a-af05-4bed973bbc22\"\n }\n ],\n \"requestCommentRequired\": true,\n \"denialCommentRequired\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b462bb7d-c43b-45a0-a996-1302816716b1", + "name": "Account Aggregation", + "request": { + "name": "Account Aggregation", + "description": { + "content": "Starts an account aggregation on the specified source. \nIf the target source is a delimited file source, then the CSV file needs to be included in the request body.\nYou will also need to set the Content-Type header to `multipart/form-data`.\nA token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "load-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source accounts to aggregate.", + "type": "text/plain" + }, + "key": "file", + "value": "anim", + "type": "text" + }, + { + "description": { + "content": "Use this flag to reprocess every account whether or not the data has changed.", + "type": "text/plain" + }, + "key": "disableOptimization", + "value": "true", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "aaac98a9-a2ed-4324-8f3d-add96aca25f5", + "name": "Aggregate Accounts Task", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source accounts to aggregate.", + "type": "text/plain" + }, + "key": "file", + "value": "anim", + "type": "text" + }, + { + "description": { + "content": "Use this flag to reprocess every account whether or not the data has changed.", + "type": "text/plain" + }, + "key": "disableOptimization", + "value": "true", + "type": "text" + } + ] + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"success\": \"true\",\n \"task\": {\n \"id\": \"ef38f94347e94562b5bb8424a56397d8\",\n \"type\": \"QUARTZ\",\n \"name\": \"Cloud Account Aggregation\",\n \"description\": \"Aggregate from the specified application\",\n \"launcher\": \"John Doe\",\n \"created\": \"1962-05-06T11:07:04.644Z\",\n \"launched\": \"2004-01-17T17:11:34.981Z\",\n \"completed\": \"1956-04-01T17:22:06.516Z\",\n \"completionStatus\": \"WARNING\",\n \"parentName\": \"Audit Report\",\n \"progress\": \"Initializing...\",\n \"attributes\": {\n \"appId\": \"c31386cb18bb403cbb6df4c86294ff82\",\n \"optimizedAggregation\": \"enabled\"\n },\n \"returns\": [\n {\n \"displayLabel\": \"TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS\",\n \"attributeName\": \"applications\"\n },\n {\n \"displayLabel\": \"TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS\",\n \"attributeName\": \"applications\"\n }\n ]\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b4beef0-81c5-449c-a078-59d6d119ad7d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source accounts to aggregate.", + "type": "text/plain" + }, + "key": "file", + "value": "anim", + "type": "text" + }, + { + "description": { + "content": "Use this flag to reprocess every account whether or not the data has changed.", + "type": "text/plain" + }, + "key": "disableOptimization", + "value": "true", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a1ab5bf-4d34-4fd8-aa16-da54e4547147", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source accounts to aggregate.", + "type": "text/plain" + }, + "key": "file", + "value": "anim", + "type": "text" + }, + { + "description": { + "content": "Use this flag to reprocess every account whether or not the data has changed.", + "type": "text/plain" + }, + "key": "disableOptimization", + "value": "true", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e4a879df-4d98-466d-9ae2-b8e45b56f5b9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source accounts to aggregate.", + "type": "text/plain" + }, + "key": "file", + "value": "anim", + "type": "text" + }, + { + "description": { + "content": "Use this flag to reprocess every account whether or not the data has changed.", + "type": "text/plain" + }, + "key": "disableOptimization", + "value": "true", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fea8aa01-74c4-477c-a556-c5c53c081fc0", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source accounts to aggregate.", + "type": "text/plain" + }, + "key": "file", + "value": "anim", + "type": "text" + }, + { + "description": { + "content": "Use this flag to reprocess every account whether or not the data has changed.", + "type": "text/plain" + }, + "key": "disableOptimization", + "value": "true", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40264db1-f32e-41d1-bc4a-a6c8b7b3ace3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "The CSV file containing the source accounts to aggregate.", + "type": "text/plain" + }, + "key": "file", + "value": "anim", + "type": "text" + }, + { + "description": { + "content": "Use this flag to reprocess every account whether or not the data has changed.", + "type": "text/plain" + }, + "key": "disableOptimization", + "value": "true", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "894e47f4-6040-4336-bb79-4edd12a77ce8", + "name": "Process Uncorrelated Accounts", + "request": { + "name": "Process Uncorrelated Accounts", + "description": { + "content": "File is required for upload. You will also need to set the Content-Type header to `multipart/form-data`", + "type": "text/plain" + }, + "url": { + "path": [ + "sources", + ":id", + "load-uncorrelated-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "75dbec1ebe154d5785da27b95e1dd5d7", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Source Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "decde73d-3e31-47d0-ad2a-abef54e838fa", + "name": "Uncorrelated Accounts Task", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-uncorrelated-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"success\": \"true\",\n \"task\": {\n \"id\": \"90b83a6bb737489494794f84cd3a51e6\",\n \"type\": \"QUARTZ\",\n \"name\": \"Cloud Process Uncorrelated Accounts\",\n \"description\": \"Processes uncorrelated accounts for the specified application.\",\n \"launcher\": \"John Doe\",\n \"created\": \"1973-08-22T15:59:19.878Z\",\n \"launched\": \"1975-02-18T14:13:16.473Z\",\n \"completed\": \"1974-12-21T19:33:54.043Z\",\n \"completionStatus\": \"TEMP_ERROR\",\n \"parentName\": \"Audit Report\",\n \"progress\": \"Initializing...\",\n \"attributes\": {\n \"qpocJobId\": \"5d303d46-fc51-48cd-9c6d-4e211e3ab63c\",\n \"taskStartDelay\": \"\"\n },\n \"returns\": {}\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5c0b1842-f4bb-40c0-aa09-1ff031acfaf7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-uncorrelated-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e6c82b88-08f0-4fad-aba8-c70cdb520118", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-uncorrelated-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d426ee41-0274-4158-99e5-c235b7b5aa2b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-uncorrelated-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55cc18f0-ed47-4c0a-87cc-7499d4787823", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-uncorrelated-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05d30594-3387-46d9-892f-cdcb583a1a04", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sources", + ":id", + "load-uncorrelated-accounts" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "file", + "value": "enim sunt culpa cillum", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "SP-Config", + "description": "Import and export configuration for some objects between tenants.", + "item": [ + { + "id": "e13d0ac3-2008-40b3-9a23-ecb9bf32ad91", + "name": "Initiates configuration objects export job", + "request": { + "name": "Initiates configuration objects export job", + "description": { + "content": "This post will export objects from the tenant to a JSON configuration file.\nFor more information about the object types that currently support export functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).", + "type": "text/plain" + }, + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export all available objects\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"ACCESS_PROFILE\",\n \"ACCESS_REQUEST_CONFIG\",\n \"ATTR_SYNC_SOURCE_CONFIG\",\n \"AUTH_ORG\",\n \"CAMPAIGN_FILTER\",\n \"FORM_DEFINITION\",\n \"GOVERNANCE_GROUP\",\n \"IDENTITY_OBJECT_CONFIG\",\n \"IDENTITY_PROFILE\",\n \"LIFECYCLE_STATE\",\n \"NOTIFICATION_TEMPLATE\",\n \"PASSWORD_POLICY\",\n \"PASSWORD_SYNC_GROUP\",\n \"PUBLIC_IDENTITIES_CONFIG\",\n \"ROLE\",\n \"RULE\",\n \"SEGMENT\",\n \"SERVICE_DESK_INTEGRATION\",\n \"SOD_POLICY\",\n \"SOURCE\",\n \"TAG\",\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\",\n \"WORKFLOW\"\n ],\n \"objectOptions\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "c6c7198a-6880-4703-910c-f1ea94ef5d22", + "name": "Export all objects available", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export all available objects\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"ACCESS_PROFILE\",\n \"ACCESS_REQUEST_CONFIG\",\n \"ATTR_SYNC_SOURCE_CONFIG\",\n \"AUTH_ORG\",\n \"CAMPAIGN_FILTER\",\n \"FORM_DEFINITION\",\n \"GOVERNANCE_GROUP\",\n \"IDENTITY_OBJECT_CONFIG\",\n \"IDENTITY_PROFILE\",\n \"LIFECYCLE_STATE\",\n \"NOTIFICATION_TEMPLATE\",\n \"PASSWORD_POLICY\",\n \"PASSWORD_SYNC_GROUP\",\n \"PUBLIC_IDENTITIES_CONFIG\",\n \"ROLE\",\n \"RULE\",\n \"SEGMENT\",\n \"SERVICE_DESK_INTEGRATION\",\n \"SOD_POLICY\",\n \"SOURCE\",\n \"TAG\",\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\",\n \"WORKFLOW\"\n ],\n \"objectOptions\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"2021-05-11T22:23:16Z\",\n \"description\": \"ETS configuration objects from Acme-Solar sandbox\",\n \"expiration\": \"2021-05-11T22:23:16Z\",\n \"jobId\": \"3469b87d-48ca-439a-868f-2160001da8c1\",\n \"modified\": \"2021-05-11T22:23:16Z\",\n \"status\": \"COMPLETE\",\n \"type\": \"IMPORT\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6409683c-fb4a-4a11-8c9b-4ab6656096a2", + "name": "Export sources by ID", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export sources by ID\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"SOURCE\"\n ],\n \"objectOptions\": {\n \"SOURCE\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": []\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"2021-05-11T22:23:16Z\",\n \"description\": \"ETS configuration objects from Acme-Solar sandbox\",\n \"expiration\": \"2021-05-11T22:23:16Z\",\n \"jobId\": \"3469b87d-48ca-439a-868f-2160001da8c1\",\n \"modified\": \"2021-05-11T22:23:16Z\",\n \"status\": \"COMPLETE\",\n \"type\": \"IMPORT\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f3cf7028-38d3-4ed9-a325-a80c6edc8d25", + "name": "Export transforms by name", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export transforms by name\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"2021-05-11T22:23:16Z\",\n \"description\": \"ETS configuration objects from Acme-Solar sandbox\",\n \"expiration\": \"2021-05-11T22:23:16Z\",\n \"jobId\": \"3469b87d-48ca-439a-868f-2160001da8c1\",\n \"modified\": \"2021-05-11T22:23:16Z\",\n \"status\": \"COMPLETE\",\n \"type\": \"IMPORT\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bcb4fbf6-0622-4fbb-bcff-35a7b9f42adc", + "name": "Export trigger subscriptions triggers and transforms with custom options", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export trigger subscriptions and transforms with custom filter options\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n },\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": [\n \"NGROK Test: fire and forget\",\n \"Manager Certification\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"created\": \"2021-05-11T22:23:16Z\",\n \"description\": \"ETS configuration objects from Acme-Solar sandbox\",\n \"expiration\": \"2021-05-11T22:23:16Z\",\n \"jobId\": \"3469b87d-48ca-439a-868f-2160001da8c1\",\n \"modified\": \"2021-05-11T22:23:16Z\",\n \"status\": \"COMPLETE\",\n \"type\": \"IMPORT\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d2c6b46-1e0e-4049-af0d-24424c33a41f", + "name": "Export all objects available", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export all available objects\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"ACCESS_PROFILE\",\n \"ACCESS_REQUEST_CONFIG\",\n \"ATTR_SYNC_SOURCE_CONFIG\",\n \"AUTH_ORG\",\n \"CAMPAIGN_FILTER\",\n \"FORM_DEFINITION\",\n \"GOVERNANCE_GROUP\",\n \"IDENTITY_OBJECT_CONFIG\",\n \"IDENTITY_PROFILE\",\n \"LIFECYCLE_STATE\",\n \"NOTIFICATION_TEMPLATE\",\n \"PASSWORD_POLICY\",\n \"PASSWORD_SYNC_GROUP\",\n \"PUBLIC_IDENTITIES_CONFIG\",\n \"ROLE\",\n \"RULE\",\n \"SEGMENT\",\n \"SERVICE_DESK_INTEGRATION\",\n \"SOD_POLICY\",\n \"SOURCE\",\n \"TAG\",\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\",\n \"WORKFLOW\"\n ],\n \"objectOptions\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57b1a654-f643-492e-87a3-45fed2be6b51", + "name": "Export sources by ID", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export sources by ID\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"SOURCE\"\n ],\n \"objectOptions\": {\n \"SOURCE\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": []\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e612745-a250-4929-a1dd-7c2215aa5a04", + "name": "Export transforms by name", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export transforms by name\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e19a4037-44a4-430c-bbdf-57f9f73fec75", + "name": "Export trigger subscriptions triggers and transforms with custom options", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export trigger subscriptions and transforms with custom filter options\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n },\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": [\n \"NGROK Test: fire and forget\",\n \"Manager Certification\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70493b16-7161-403c-a459-33b1f2b1bbf9", + "name": "Export all objects available", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export all available objects\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"ACCESS_PROFILE\",\n \"ACCESS_REQUEST_CONFIG\",\n \"ATTR_SYNC_SOURCE_CONFIG\",\n \"AUTH_ORG\",\n \"CAMPAIGN_FILTER\",\n \"FORM_DEFINITION\",\n \"GOVERNANCE_GROUP\",\n \"IDENTITY_OBJECT_CONFIG\",\n \"IDENTITY_PROFILE\",\n \"LIFECYCLE_STATE\",\n \"NOTIFICATION_TEMPLATE\",\n \"PASSWORD_POLICY\",\n \"PASSWORD_SYNC_GROUP\",\n \"PUBLIC_IDENTITIES_CONFIG\",\n \"ROLE\",\n \"RULE\",\n \"SEGMENT\",\n \"SERVICE_DESK_INTEGRATION\",\n \"SOD_POLICY\",\n \"SOURCE\",\n \"TAG\",\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\",\n \"WORKFLOW\"\n ],\n \"objectOptions\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e41b7ce-ff48-4006-aa83-8dafb140ed2d", + "name": "Export sources by ID", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export sources by ID\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"SOURCE\"\n ],\n \"objectOptions\": {\n \"SOURCE\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": []\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "856ce7ae-fb41-41e5-9b98-00ff7aec62b6", + "name": "Export transforms by name", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export transforms by name\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d1969fdd-01f4-4531-95e6-524f40e66370", + "name": "Export trigger subscriptions triggers and transforms with custom options", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export trigger subscriptions and transforms with custom filter options\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n },\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": [\n \"NGROK Test: fire and forget\",\n \"Manager Certification\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f447fe4-f735-40be-91b2-db297fa7aa01", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export all available objects\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"ACCESS_PROFILE\",\n \"ACCESS_REQUEST_CONFIG\",\n \"ATTR_SYNC_SOURCE_CONFIG\",\n \"AUTH_ORG\",\n \"CAMPAIGN_FILTER\",\n \"FORM_DEFINITION\",\n \"GOVERNANCE_GROUP\",\n \"IDENTITY_OBJECT_CONFIG\",\n \"IDENTITY_PROFILE\",\n \"LIFECYCLE_STATE\",\n \"NOTIFICATION_TEMPLATE\",\n \"PASSWORD_POLICY\",\n \"PASSWORD_SYNC_GROUP\",\n \"PUBLIC_IDENTITIES_CONFIG\",\n \"ROLE\",\n \"RULE\",\n \"SEGMENT\",\n \"SERVICE_DESK_INTEGRATION\",\n \"SOD_POLICY\",\n \"SOURCE\",\n \"TAG\",\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\",\n \"WORKFLOW\"\n ],\n \"objectOptions\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5b93c95d-30f2-43a7-b70f-1d2edc78b4e6", + "name": "Export sources by ID", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export sources by ID\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"SOURCE\"\n ],\n \"objectOptions\": {\n \"SOURCE\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": []\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01c23ee6-98c1-4690-8766-7ae5dc032cca", + "name": "Export transforms by name", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export transforms by name\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9a816596-916e-4544-90f0-916ce3a271d7", + "name": "Export trigger subscriptions triggers and transforms with custom options", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export trigger subscriptions and transforms with custom filter options\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n },\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": [\n \"NGROK Test: fire and forget\",\n \"Manager Certification\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5570570-06e0-4e64-9016-188a379ff84c", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export all available objects\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"ACCESS_PROFILE\",\n \"ACCESS_REQUEST_CONFIG\",\n \"ATTR_SYNC_SOURCE_CONFIG\",\n \"AUTH_ORG\",\n \"CAMPAIGN_FILTER\",\n \"FORM_DEFINITION\",\n \"GOVERNANCE_GROUP\",\n \"IDENTITY_OBJECT_CONFIG\",\n \"IDENTITY_PROFILE\",\n \"LIFECYCLE_STATE\",\n \"NOTIFICATION_TEMPLATE\",\n \"PASSWORD_POLICY\",\n \"PASSWORD_SYNC_GROUP\",\n \"PUBLIC_IDENTITIES_CONFIG\",\n \"ROLE\",\n \"RULE\",\n \"SEGMENT\",\n \"SERVICE_DESK_INTEGRATION\",\n \"SOD_POLICY\",\n \"SOURCE\",\n \"TAG\",\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\",\n \"WORKFLOW\"\n ],\n \"objectOptions\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a062f7a2-7d6e-4913-b4db-f8e8a5a1d4f3", + "name": "Export sources by ID", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export sources by ID\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"SOURCE\"\n ],\n \"objectOptions\": {\n \"SOURCE\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": []\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d05b2d71-ff2f-4091-b5ce-b8f2980e1a02", + "name": "Export transforms by name", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export transforms by name\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "91eca9ac-b63c-4a7d-b31d-54cd33b61955", + "name": "Export trigger subscriptions triggers and transforms with custom options", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export trigger subscriptions and transforms with custom filter options\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n },\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": [\n \"NGROK Test: fire and forget\",\n \"Manager Certification\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0314fddd-90c6-40f0-a49c-73ab7baef56d", + "name": "Export all objects available", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export all available objects\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"ACCESS_PROFILE\",\n \"ACCESS_REQUEST_CONFIG\",\n \"ATTR_SYNC_SOURCE_CONFIG\",\n \"AUTH_ORG\",\n \"CAMPAIGN_FILTER\",\n \"FORM_DEFINITION\",\n \"GOVERNANCE_GROUP\",\n \"IDENTITY_OBJECT_CONFIG\",\n \"IDENTITY_PROFILE\",\n \"LIFECYCLE_STATE\",\n \"NOTIFICATION_TEMPLATE\",\n \"PASSWORD_POLICY\",\n \"PASSWORD_SYNC_GROUP\",\n \"PUBLIC_IDENTITIES_CONFIG\",\n \"ROLE\",\n \"RULE\",\n \"SEGMENT\",\n \"SERVICE_DESK_INTEGRATION\",\n \"SOD_POLICY\",\n \"SOURCE\",\n \"TAG\",\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\",\n \"WORKFLOW\"\n ],\n \"objectOptions\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "19d0a2ee-c4cc-454b-9b00-bd8b6d8a8e4c", + "name": "Export sources by ID", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export sources by ID\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"SOURCE\"\n ],\n \"objectOptions\": {\n \"SOURCE\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": []\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "02838134-0074-4be0-a422-9662603fd685", + "name": "Export transforms by name", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export transforms by name\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8247bf3-9cce-41b6-957b-b84bd80b4edd", + "name": "Export trigger subscriptions triggers and transforms with custom options", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export trigger subscriptions and transforms with custom filter options\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n },\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": [\n \"NGROK Test: fire and forget\",\n \"Manager Certification\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6d973e6a-c64a-4d22-a22b-fb29b6b5a898", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export all available objects\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"ACCESS_PROFILE\",\n \"ACCESS_REQUEST_CONFIG\",\n \"ATTR_SYNC_SOURCE_CONFIG\",\n \"AUTH_ORG\",\n \"CAMPAIGN_FILTER\",\n \"FORM_DEFINITION\",\n \"GOVERNANCE_GROUP\",\n \"IDENTITY_OBJECT_CONFIG\",\n \"IDENTITY_PROFILE\",\n \"LIFECYCLE_STATE\",\n \"NOTIFICATION_TEMPLATE\",\n \"PASSWORD_POLICY\",\n \"PASSWORD_SYNC_GROUP\",\n \"PUBLIC_IDENTITIES_CONFIG\",\n \"ROLE\",\n \"RULE\",\n \"SEGMENT\",\n \"SERVICE_DESK_INTEGRATION\",\n \"SOD_POLICY\",\n \"SOURCE\",\n \"TAG\",\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\",\n \"WORKFLOW\"\n ],\n \"objectOptions\": {}\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fbb316c6-97cf-4a56-ba58-5581982547b3", + "name": "Export sources by ID", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export sources by ID\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"SOURCE\"\n ],\n \"objectOptions\": {\n \"SOURCE\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": []\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c98fea59-fc11-4eaa-9e4d-b15912c22442", + "name": "Export transforms by name", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export transforms by name\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1914c802-0f9a-4604-82e8-daf270470018", + "name": "Export trigger subscriptions triggers and transforms with custom options", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"description\": \"Export trigger subscriptions and transforms with custom filter options\",\n \"excludeTypes\": [],\n \"includeTypes\": [\n \"TRANSFORM\",\n \"TRIGGER_SUBSCRIPTION\"\n ],\n \"objectOptions\": {\n \"TRANSFORM\": {\n \"includedIds\": [],\n \"includedNames\": [\n \"Remove Diacritical Marks\",\n \"Common - Location Lookup\"\n ]\n },\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"be9p119e-90e1-49pk-ac9f-fa576e96c9e4\"\n ],\n \"includedNames\": [\n \"NGROK Test: fire and forget\",\n \"Manager Certification\"\n ]\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "afd4ab4d-fa0e-4244-aa5c-3f758be6468a", + "name": "Get export job status", + "request": { + "name": "Get export job status", + "description": { + "content": "This gets the status of the export job identified by the `id` parameter.\nThe request will need one of the following security scopes:\n- sp:config:read - sp:config:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "sp-config", + "export", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the export job whose status will be returned.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ffa1f41a-26dd-41ef-8a4e-324248659788", + "name": "Export job status successfully returned.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"jobId\": \"1e824aa0-4c6e-4f14-95e9-e7dc5234aa51\",\n \"status\": \"COMPLETE\",\n \"type\": \"EXPORT\",\n \"message\": null,\n \"description\": \"Export Job 1 Test\",\n \"expiration\": \"2021-05-20T15:04:24Z\",\n \"created\": \"2021-05-13T15:04:24.112Z\",\n \"modified\": \"2021-05-13T15:04:27.363Z\",\n \"completed\": \"2021-05-13T15:04:27.358Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc877b0a-41d9-4eb2-9c20-25b5a327ccd1", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dfe810a2-cdca-4f4c-b105-edb28ea0cc41", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a692a66e-ad17-4cfe-bcda-51b73537f1d6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3a4ac955-c835-49cf-ae7d-d8d7a10d18fb", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1eb1314d-5da0-48e7-b635-1b408835a05c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "90de1446-54a5-4d46-80d3-6d18cce09557", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e30ab755-0e6f-43a6-a27b-657953460e26", + "name": "Download export job result.", + "request": { + "name": "Download export job result.", + "description": { + "content": "This endpoint gets the export file resulting from the export job with the requested `id` and downloads it to a file.\nThe request will need one of the following security scopes:\n- sp:config:read - sp:config:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "sp-config", + "export", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the export job whose results will be downloaded.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "07dcd8a1-800c-42da-8b0a-e9f77c52d1e0", + "name": "Exported JSON objects.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"version\": 1,\n \"timestamp\": \"2021-05-11T22:23:16Z\",\n \"tenant\": \"sample-tenant\",\n \"description\": \"Export Job 1 Test\",\n \"options\": {\n \"excludeTypes\": [\n \"SOURCE\",\n \"SOURCE\"\n ],\n \"includeTypes\": [\n \"TRIGGER_SUBSCRIPTION\",\n \"TRIGGER_SUBSCRIPTION\"\n ],\n \"objectOptions\": {\n \"TRIGGER_SUBSCRIPTION\": {\n \"includedIds\": [\n \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\"\n ],\n \"includedNames\": [\n \"Test 2\"\n ]\n }\n }\n },\n \"objects\": [\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"dolor_a\": false\n }\n },\n {\n \"version\": 1,\n \"self\": {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n \"object\": {\n \"fugiatfd\": \"in ullamco consequat pariatur\",\n \"eiusmod_60\": 87458946.592893\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c49a04d0-a53a-42c9-b49d-6579f97db67b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a16b00a-bf9e-422d-8b2b-d54386c2ac33", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f9cfaba9-4895-4f45-8184-fe02462e8951", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e9fe13bf-8cd0-4426-9b8c-47bc8ae633aa", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f67345c5-9e4e-4ac4-bb22-2a61487e242c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3588d12c-589d-485f-847e-4ece97f7e180", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "export", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "abae2d01-d5f9-4db9-9535-8bf9f6d913b0", + "name": "Initiates configuration objects import job", + "request": { + "name": "Initiates configuration objects import job", + "description": { + "content": "This post will import objects from a JSON configuration file into a tenant. By default, every import will first export all existing objects supported by sp-config as a backup before the import is attempted. The backup is provided so that the state of the configuration prior to the import is available for inspection or restore if needed. The backup can be skipped by setting \"excludeBackup\" to true in the import options. If a backup is performed, the id of the backup will be provided in the ImportResult as the \"exportJobId\". This can be downloaded using the /sp-config/export/{exportJobId}/download endpoint.\nYou cannot currently import from the Non-Employee Lifecycle Management (NELM) source. You cannot use this endpoint to back up or store NELM data. \nFor more information about the object types that currently support import functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).\nThe request will need the following security scope:\n- sp:config:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "sp-config", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is \"true\", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.", + "type": "text/plain" + }, + "key": "preview", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "veniam cupidatat", + "type": "text" + }, + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "options", + "value": "[object Object]", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "a1f3fabc-e962-461d-bec1-2317cdfb6491", + "name": "Import job accepted and queued for processing.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is \"true\", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.", + "type": "text/plain" + }, + "key": "preview", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "veniam cupidatat", + "type": "text" + }, + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "options", + "value": "[object Object]", + "type": "text" + } + ] + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"jobId\": \"3469b87d-48ca-439a-868f-2160001da8c1\",\n \"status\": \"COMPLETE\",\n \"type\": \"IMPORT\",\n \"expiration\": \"2021-05-11T22:23:16Z\",\n \"created\": \"2021-05-11T22:23:16Z\",\n \"modified\": \"2021-05-11T22:23:16Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bbb8d2fb-d93f-4646-b987-9744ffaa9822", + "name": "Client Error - Returned if the request body is invalid.\n", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is \"true\", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.", + "type": "text/plain" + }, + "key": "preview", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "veniam cupidatat", + "type": "text" + }, + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "options", + "value": "[object Object]", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "752562e9-9192-4f62-a60b-99d7eaf8609c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is \"true\", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.", + "type": "text/plain" + }, + "key": "preview", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "veniam cupidatat", + "type": "text" + }, + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "options", + "value": "[object Object]", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8afd0eff-d79e-4854-8ea4-65cbf92b521f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is \"true\", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.", + "type": "text/plain" + }, + "key": "preview", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "veniam cupidatat", + "type": "text" + }, + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "options", + "value": "[object Object]", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fedeb2d2-412f-44c2-aa3c-9e9f753e7818", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is \"true\", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.", + "type": "text/plain" + }, + "key": "preview", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "veniam cupidatat", + "type": "text" + }, + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "options", + "value": "[object Object]", + "type": "text" + } + ] + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c93b973-5038-417f-8151-d4fb38eeed81", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is \"true\", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.", + "type": "text/plain" + }, + "key": "preview", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "veniam cupidatat", + "type": "text" + }, + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "options", + "value": "[object Object]", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be80f627-c558-4164-8952-7ca372ec4bf6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is \"true\", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.", + "type": "text/plain" + }, + "key": "preview", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) JSON file containing the objects to be imported.", + "type": "text/plain" + }, + "key": "data", + "value": "veniam cupidatat", + "type": "text" + }, + { + "description": { + "content": "", + "type": "text/plain" + }, + "key": "options", + "value": "[object Object]", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d15d949b-8fcb-4873-9b00-e01d1af8c9ef", + "name": "Get import job status", + "request": { + "name": "Get import job status", + "description": { + "content": "This gets the status of the import job identified by the `id` parameter.\nFor more information about the object types that currently support import functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).\nThe request will need the following security scope:\n- sp:config:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "sp-config", + "import", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the import job whose status will be returned.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "0bf56323-88db-4cb0-97f0-a7d5b2e224e4", + "name": "Import job status successfully returned.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"jobId\": \"4fb10503-1c49-4603-8f8d-886e1f6aa47b\",\n \"status\": \"COMPLETE\",\n \"type\": \"IMPORT\",\n \"message\": \"Download import results for details.\",\n \"description\": null,\n \"expiration\": \"2021-05-20T16:42:39Z\",\n \"created\": \"2021-05-13T16:42:39.333Z\",\n \"modified\": \"2021-05-13T16:42:40.71Z\",\n \"completed\": \"2021-05-13T16:42:40.705Z\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a99b21b-b542-4f76-ac89-53395e5056e5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a6908857-dd1e-4845-9145-51bb18447828", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05353790-6213-4cb5-9d5c-10630d8e0055", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc5cc56e-30cc-476b-890b-abc9b394cf70", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1026a969-e38d-44bc-ac22-a1898ac09df9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4edce59-9ba0-461a-8d43-9e8e67932ae2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d69ff6fc-903b-4f67-bf69-cce3e3a81d5c", + "name": "Download import job result", + "request": { + "name": "Download import job result", + "description": { + "content": "This gets import file resulting from the import job with the requested id and downloads it to a file. The downloaded file will contain the results of the import operation, including any error, warning or informational messages associated with the import.\nThe request will need the following security scope:\n- sp:config:manage", + "type": "text/plain" + }, + "url": { + "path": [ + "sp-config", + "import", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the import job whose results will be downloaded.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "0237dd5e-3dc7-4407-9308-6c731071e09b", + "name": "Import results JSON object, containing detailed results of the import operation.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"results\": {\n \"dolore2a\": {\n \"infos\": [\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"dolore8\": {},\n \"sed8b4\": {},\n \"est_11a\": {}\n }\n },\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"Excepteurb\": {},\n \"nostrud78\": {},\n \"exercitationc02\": {}\n }\n }\n ],\n \"warnings\": [\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"sunt_f\": {}\n }\n },\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"Duis6c8\": {}\n }\n }\n ],\n \"errors\": [\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"occaecat_a5\": {},\n \"tempor094\": {}\n }\n },\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"et1e\": {},\n \"occaecatc5\": {}\n }\n }\n ],\n \"importedObjects\": [\n {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n }\n ]\n },\n \"laborum_d\": {\n \"infos\": [\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"dolorf9a\": {},\n \"nulla3b3\": {}\n }\n },\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"culpa04\": {},\n \"deseruntcb4\": {}\n }\n }\n ],\n \"warnings\": [\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"ullamcob9\": {},\n \"quis_b9\": {}\n }\n },\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"in_3d\": {}\n }\n }\n ],\n \"errors\": [\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"sintf\": {}\n }\n },\n {\n \"key\": \"UNKNOWN_REFERENCE_RESOLVER\",\n \"text\": \"Unable to resolve reference for object [type: IDENTITY, id: 2c91808c746e9c9601747d6507332ecz, name: random identity]\",\n \"details\": {\n \"non5\": {}\n }\n }\n ],\n \"importedObjects\": [\n {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n },\n {\n \"type\": \"SOURCE\",\n \"id\": \"2c9180835d191a86015d28455b4b232a\",\n \"name\": \"HR Active Directory\"\n }\n ]\n }\n },\n \"exportJobId\": \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5f5d5d68-83c1-40b5-9ca6-4b1b0451d8f4", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "25f1550d-7815-4a79-9bfd-6008e47dff11", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "738d2b00-2dc7-4726-acf6-8c66420cbda2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4df5ad34-6dd0-4602-adf7-5d693b3e6767", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "241d53ac-bcc3-4ffd-866b-fe36bb25debb", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e596600-095a-440f-8adc-a44f89c38728", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "import", + ":id", + "download" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "46a93fad-4cbc-46b2-b2b1-2dc9fbac3701", + "name": "Get config object details", + "request": { + "name": "Get config object details", + "description": { + "content": "This gets the list of object configurations which are known to the tenant export/import service. Object configurations that contain \"importUrl\" and \"exportUrl\" are available for export/import.", + "type": "text/plain" + }, + "url": { + "path": [ + "sp-config", + "config-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c614dc42-5ea2-48e4-81c9-f5347e9df125", + "name": "Object configurations returned successfully.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "config-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"objectType\": \"TRIGGER_SUBSCRIPTION\",\n \"resolveByIdUrl\": {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n },\n \"resolveByNameUrl\": [\n {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n },\n {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n }\n ],\n \"exportUrl\": {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n },\n \"exportRight\": \"idn:trigger-service-subscriptions:read\",\n \"exportLimit\": 10,\n \"importUrl\": {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n },\n \"importRight\": \"idn:trigger-service-subscriptions:create\",\n \"importLimit\": 10,\n \"referenceExtractors\": [\n \"$.owner\"\n ],\n \"signatureRequired\": false,\n \"legacyObject\": false,\n \"onePerTenant\": false\n },\n {\n \"objectType\": \"TRIGGER_SUBSCRIPTION\",\n \"resolveByIdUrl\": {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n },\n \"resolveByNameUrl\": [\n {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n },\n {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n }\n ],\n \"exportUrl\": {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n },\n \"exportRight\": \"idn:trigger-service-subscriptions:read\",\n \"exportLimit\": 10,\n \"importUrl\": {\n \"url\": \"ets://trigger-subscriptions/$id\",\n \"query\": null\n },\n \"importRight\": \"idn:trigger-service-subscriptions:create\",\n \"importLimit\": 10,\n \"referenceExtractors\": [\n \"$.owner\"\n ],\n \"signatureRequired\": false,\n \"legacyObject\": false,\n \"onePerTenant\": false\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "420655b0-23d1-4412-acb8-dd7713080fa1", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "config-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e2043bac-4fbe-4d0a-a226-89e57c43dae1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "config-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a0ee3981-fbf2-4a88-9340-9075c38fb8c3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "config-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "de7d3534-4a7a-4b77-b6d5-9e35969893d2", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "config-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6ec4167-eed7-411b-82c6-f532688d629b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "config-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f8093c23-a135-4d62-933f-d7ad0d96b4a5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "sp-config", + "config-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Suggested Entitlement Description", + "description": "Use this API to leverage power of LLM to generate suggested entitlement description.\n", + "item": [ + { + "id": "4d47b9f0-6556-47d0-be74-cb7ca1974cb6", + "name": "Submit Sed Batch Stats Request", + "request": { + "name": "Submit Sed Batch Stats Request", + "description": { + "content": "Submit Sed Batch Stats Request.\nSubmits batchId in the path param (e.g. {batchId}/stats). API responses with stats of the batchId.", + "type": "text/plain" + }, + "url": { + "path": [ + "suggested-entitlement-description-batches", + ":batchId", + "stats" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "8c190e67-87aa-4ed9-a90b-d9d5344523fb", + "key": "batchId", + "disabled": true, + "description": { + "content": "(Required) Batch Id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ddf4375e-04cb-477b-ace5-c71371432c47", + "name": "Stats of Sed batch.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches", + ":batchId", + "stats" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"batchComplete\": true,\n \"batchId\": \"urn:uuid:306320c3-d1ae-a95c-a2a4-4b25cd91e63c\",\n \"discoveredCount\": 100,\n \"discoveryComplete\": true,\n \"processedCount\": 100\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "910c0ba4-98b2-4b80-b294-20ecc8a4d87d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches", + ":batchId", + "stats" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d556001-5da6-4411-919b-20fda1c94f02", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches", + ":batchId", + "stats" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9a13f57e-f01d-426c-a289-5905814e72cd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches", + ":batchId", + "stats" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eadc12c4-05ce-4ade-af47-67b58cf7c73c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches", + ":batchId", + "stats" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "39298e1c-f3b9-4364-8894-04465a27a62a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches", + ":batchId", + "stats" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "494d9fe0-609c-4886-9593-97c5a853e30d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches", + ":batchId", + "stats" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "302258dc-5e53-4c4e-aded-ae8f4085af20", + "name": "List Sed Batch Request", + "request": { + "name": "List Sed Batch Request", + "description": { + "content": "List Sed Batches.\nAPI responses with Sed Batch Status", + "type": "text/plain" + }, + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "c855d505-e89b-471d-9af5-206aea5d67f6", + "name": "Status of batch", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"status\": \"OK\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df58f2f3-b75a-465e-9c55-cfc73bcb6dac", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a22706ad-a9e9-4c4d-8adb-b04ef5dff7d6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b27faf72-0d44-4b61-807c-cc522940a5f7", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2a4f0cac-62be-4837-a776-a22b09bc6dba", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d28f471d-96d1-4dfe-ac16-34b2a3abac7a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6fe5403b-cf71-4a23-adf0-a166cc2ca189", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "377616e4-09ad-4a57-9c0a-c4586a481a8a", + "name": "Submit Sed Batch Request", + "request": { + "name": "Submit Sed Batch Request", + "description": { + "content": "Submit Sed Batch Request.\nRequest body has a list of entitlement Ids that user wants to have description generated by LLM. API responses with batchId that groups Ids together", + "type": "text/plain" + }, + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlements\": [\n \"016629d1-1d25-463f-97f3-c6686846650\",\n \"016629d1-1d25-463f-97f3-c6686846650\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "7c020cb0-114a-4405-83a6-d9df2154da7e", + "name": "Sed Batch Response", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlements\": [\n \"016629d1-1d25-463f-97f3-c6686846650\",\n \"016629d1-1d25-463f-97f3-c6686846650\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"batchId\": \"316417cc-145d-3959-999a-62ff53404f56\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "198e1cef-db51-4d01-a65d-75fb8f9c041e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlements\": [\n \"016629d1-1d25-463f-97f3-c6686846650\",\n \"016629d1-1d25-463f-97f3-c6686846650\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "605ac25e-56f4-4ac2-aa2e-098c2e0f0e64", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlements\": [\n \"016629d1-1d25-463f-97f3-c6686846650\",\n \"016629d1-1d25-463f-97f3-c6686846650\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "040f6a8d-aa40-44f9-ba33-d25c864a135e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlements\": [\n \"016629d1-1d25-463f-97f3-c6686846650\",\n \"016629d1-1d25-463f-97f3-c6686846650\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "269a71e1-ea96-4607-828e-5b63f35658ed", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlements\": [\n \"016629d1-1d25-463f-97f3-c6686846650\",\n \"016629d1-1d25-463f-97f3-c6686846650\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f230cccf-b917-4140-9489-a8f17f88c7c2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlements\": [\n \"016629d1-1d25-463f-97f3-c6686846650\",\n \"016629d1-1d25-463f-97f3-c6686846650\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4bac8b23-1f2f-4f13-9509-2a0dd4e57f89", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-batches" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"entitlements\": [\n \"016629d1-1d25-463f-97f3-c6686846650\",\n \"016629d1-1d25-463f-97f3-c6686846650\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8d67f55f-fd62-4b58-9766-136c06cd1d38", + "name": "Submit Bulk Approval Request", + "request": { + "name": "Submit Bulk Approval Request", + "description": { + "content": "Submit Bulk Approval Request for SED.\nRequest body takes list of SED Ids. API responses with list of SED Approval Status", + "type": "text/plain" + }, + "url": { + "path": [ + "suggested-entitlement-description-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"items\": [\n \"urn:uuid:b5578fe9-0727-d368-49fa-69cd3876c2db\",\n \"urn:uuid:50bfdc7e-1990-ccbd-def6-aa091df47df3\"\n ]\n },\n {\n \"items\": [\n \"d890af70-6f68-af67-2814-34b1b8571e97\",\n \"urn:uuid:82168633-b54c-0ff8-05d6-3a4750903ca8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "e0a17e93-1a52-4318-824f-a74c11256114", + "name": "List of SED Approval Status", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"items\": [\n \"urn:uuid:b5578fe9-0727-d368-49fa-69cd3876c2db\",\n \"urn:uuid:50bfdc7e-1990-ccbd-def6-aa091df47df3\"\n ]\n },\n {\n \"items\": [\n \"d890af70-6f68-af67-2814-34b1b8571e97\",\n \"urn:uuid:82168633-b54c-0ff8-05d6-3a4750903ca8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"failedReason\": \"invalid status\",\n \"id\": \"urn:uuid:7aaa19e5-f5c4-a3d1-6064-d8a2de928000\",\n \"status\": \"SUCCESS\"\n },\n {\n \"failedReason\": \"invalid status\",\n \"id\": \"c8625b42-6ecb-e5f5-2fc4-53ee82b77df8\",\n \"status\": \"SUCCESS\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ada31ad-be70-44a4-8963-d5c292ac106a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"items\": [\n \"urn:uuid:b5578fe9-0727-d368-49fa-69cd3876c2db\",\n \"urn:uuid:50bfdc7e-1990-ccbd-def6-aa091df47df3\"\n ]\n },\n {\n \"items\": [\n \"d890af70-6f68-af67-2814-34b1b8571e97\",\n \"urn:uuid:82168633-b54c-0ff8-05d6-3a4750903ca8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "16c245ad-078a-41c0-b8bd-20b9a6f46bbb", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"items\": [\n \"urn:uuid:b5578fe9-0727-d368-49fa-69cd3876c2db\",\n \"urn:uuid:50bfdc7e-1990-ccbd-def6-aa091df47df3\"\n ]\n },\n {\n \"items\": [\n \"d890af70-6f68-af67-2814-34b1b8571e97\",\n \"urn:uuid:82168633-b54c-0ff8-05d6-3a4750903ca8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "38049eaa-2dc0-4be3-ac27-25f428f34000", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"items\": [\n \"urn:uuid:b5578fe9-0727-d368-49fa-69cd3876c2db\",\n \"urn:uuid:50bfdc7e-1990-ccbd-def6-aa091df47df3\"\n ]\n },\n {\n \"items\": [\n \"d890af70-6f68-af67-2814-34b1b8571e97\",\n \"urn:uuid:82168633-b54c-0ff8-05d6-3a4750903ca8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5af70c36-b334-4900-bc48-690fd02aa98a", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"items\": [\n \"urn:uuid:b5578fe9-0727-d368-49fa-69cd3876c2db\",\n \"urn:uuid:50bfdc7e-1990-ccbd-def6-aa091df47df3\"\n ]\n },\n {\n \"items\": [\n \"d890af70-6f68-af67-2814-34b1b8571e97\",\n \"urn:uuid:82168633-b54c-0ff8-05d6-3a4750903ca8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2871b940-ac0b-4add-97de-f5b87a659286", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"items\": [\n \"urn:uuid:b5578fe9-0727-d368-49fa-69cd3876c2db\",\n \"urn:uuid:50bfdc7e-1990-ccbd-def6-aa091df47df3\"\n ]\n },\n {\n \"items\": [\n \"d890af70-6f68-af67-2814-34b1b8571e97\",\n \"urn:uuid:82168633-b54c-0ff8-05d6-3a4750903ca8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8764c265-0a65-4ec0-830c-16121761708d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-approvals" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "[\n {\n \"items\": [\n \"urn:uuid:b5578fe9-0727-d368-49fa-69cd3876c2db\",\n \"urn:uuid:50bfdc7e-1990-ccbd-def6-aa091df47df3\"\n ]\n },\n {\n \"items\": [\n \"d890af70-6f68-af67-2814-34b1b8571e97\",\n \"urn:uuid:82168633-b54c-0ff8-05d6-3a4750903ca8\"\n ]\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9d5b1025-a714-42f7-8226-42d18da5f31d", + "name": "Submit Sed Assignment Request", + "request": { + "name": "Submit Sed Assignment Request", + "description": { + "content": "Submit Assignment Request.\nRequest body has an assignee, and list of SED Ids that are assigned to that assignee API responses with batchId that groups all approval requests together", + "type": "text/plain" + }, + "url": { + "path": [ + "suggested-entitlement-description-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"assignee\": {\n \"type\": \"SOURCE_OWNER\",\n \"value\": \"016629d1-1d25-463f-97f3-c6686846650\"\n },\n \"items\": [\n \"bba5afd2-b0e9-5528-6768-d8c5d72fd229\",\n \"urn:uuid:d0b61aff-e610-0ece-9beb-e47825cf6625\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "ce6e4ee4-9f56-46bf-9b22-44214ebd648f", + "name": "Sed Assignment Response", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"assignee\": {\n \"type\": \"SOURCE_OWNER\",\n \"value\": \"016629d1-1d25-463f-97f3-c6686846650\"\n },\n \"items\": [\n \"bba5afd2-b0e9-5528-6768-d8c5d72fd229\",\n \"urn:uuid:d0b61aff-e610-0ece-9beb-e47825cf6625\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Accepted", + "code": 202, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"batchId\": \"urn:uuid:dc8f6892-5bf7-0ee6-fd78-cbdde0386ecd\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57755595-6765-4149-93d6-6491e383cc68", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"assignee\": {\n \"type\": \"SOURCE_OWNER\",\n \"value\": \"016629d1-1d25-463f-97f3-c6686846650\"\n },\n \"items\": [\n \"bba5afd2-b0e9-5528-6768-d8c5d72fd229\",\n \"urn:uuid:d0b61aff-e610-0ece-9beb-e47825cf6625\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ab40ff4-0d3a-4d06-845b-fbe25b8ca303", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"assignee\": {\n \"type\": \"SOURCE_OWNER\",\n \"value\": \"016629d1-1d25-463f-97f3-c6686846650\"\n },\n \"items\": [\n \"bba5afd2-b0e9-5528-6768-d8c5d72fd229\",\n \"urn:uuid:d0b61aff-e610-0ece-9beb-e47825cf6625\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "613b4cb7-3876-4131-b210-fb974c4abfa2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"assignee\": {\n \"type\": \"SOURCE_OWNER\",\n \"value\": \"016629d1-1d25-463f-97f3-c6686846650\"\n },\n \"items\": [\n \"bba5afd2-b0e9-5528-6768-d8c5d72fd229\",\n \"urn:uuid:d0b61aff-e610-0ece-9beb-e47825cf6625\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ae61b773-886e-4ebf-82c6-248bf210547f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"assignee\": {\n \"type\": \"SOURCE_OWNER\",\n \"value\": \"016629d1-1d25-463f-97f3-c6686846650\"\n },\n \"items\": [\n \"bba5afd2-b0e9-5528-6768-d8c5d72fd229\",\n \"urn:uuid:d0b61aff-e610-0ece-9beb-e47825cf6625\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9de7d120-dfe0-4eae-a040-38d82497637e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"assignee\": {\n \"type\": \"SOURCE_OWNER\",\n \"value\": \"016629d1-1d25-463f-97f3-c6686846650\"\n },\n \"items\": [\n \"bba5afd2-b0e9-5528-6768-d8c5d72fd229\",\n \"urn:uuid:d0b61aff-e610-0ece-9beb-e47825cf6625\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3165b302-046d-42cf-bc87-7d2f755ff697", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-description-assignments" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"assignee\": {\n \"type\": \"SOURCE_OWNER\",\n \"value\": \"016629d1-1d25-463f-97f3-c6686846650\"\n },\n \"items\": [\n \"bba5afd2-b0e9-5528-6768-d8c5d72fd229\",\n \"urn:uuid:d0b61aff-e610-0ece-9beb-e47825cf6625\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2339ce92-094a-4d27-b359-cdb42db6b92f", + "name": "List Suggested Entitlement Description", + "request": { + "name": "List Suggested Entitlement Description", + "description": { + "content": "List of Suggested Entitlement Description", + "type": "text/plain" + }, + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Integer specifying the maximum number of records to return in a single API call. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "limit=0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**batchId**: *eq*\n\n**status**: *eq, ne, in*\n\n**displayName**: *eq, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "displayName co \"Read and Write\"" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nSince requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used.", + "type": "text/plain" + }, + "key": "count", + "value": "count=true" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored.\nThis parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array.", + "type": "text/plain" + }, + "key": "count-only", + "value": "count-only=true" + }, + { + "disabled": true, + "description": { + "content": "By default, the ListSeds API will only return items that you have requested to be generated. \nThis option will allow you to see all items that have been requested", + "type": "text/plain" + }, + "key": "requested-by-anyone", + "value": "requested-by-anyone=true" + }, + { + "disabled": true, + "description": { + "content": "Will limit records to items that are in \"suggested\" or \"approved\" status", + "type": "text/plain" + }, + "key": "show-pending-status-only", + "value": "show-pending-status-only=true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "e67d18cd-871b-4cf5-9110-b9ca3ab8cbf5", + "name": "List of Suggested Entitlement Details", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Integer specifying the maximum number of records to return in a single API call. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "limit=0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**batchId**: *eq*\n\n**status**: *eq, ne, in*\n\n**displayName**: *eq, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "displayName co \"Read and Write\"" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nSince requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used.", + "type": "text/plain" + }, + "key": "count", + "value": "count=true" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored.\nThis parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array.", + "type": "text/plain" + }, + "key": "count-only", + "value": "count-only=true" + }, + { + "disabled": true, + "description": { + "content": "By default, the ListSeds API will only return items that you have requested to be generated. \nThis option will allow you to see all items that have been requested", + "type": "text/plain" + }, + "key": "requested-by-anyone", + "value": "requested-by-anyone=true" + }, + { + "disabled": true, + "description": { + "content": "Will limit records to items that are in \"suggested\" or \"approved\" status", + "type": "text/plain" + }, + "key": "show-pending-status-only", + "value": "show-pending-status-only=true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"Name\": \"BatchInvoiceProcessing\",\n \"approved_by\": \"2c918086-76de-afbf-0176-f6d28f65565a\",\n \"approved_type\": \"admin\",\n \"approved_when\": \"2024-03-22T16:32:16.308Z\",\n \"attribute\": \"Role\",\n \"description\": \"This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable procedures.\",\n \"displayName\": \"AWS-Cloud-Billing\",\n \"id\": \"ead281ee-12a9-40ac-9534-36b5d7d65d53\",\n \"sourceId\": \"103f567b93ee49b991c40f9412f87643\",\n \"sourceName\": \"IDN Salesforce\",\n \"status\": \"suggested\",\n \"suggestedDescription\": \"This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable\",\n \"type\": \"group\",\n \"value\": \"group\"\n },\n {\n \"Name\": \"BatchInvoiceProcessing\",\n \"approved_by\": \"2c918086-76de-afbf-0176-f6d28f65565a\",\n \"approved_type\": \"admin\",\n \"approved_when\": \"2024-03-22T16:32:16.308Z\",\n \"attribute\": \"Role\",\n \"description\": \"This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable procedures.\",\n \"displayName\": \"AWS-Cloud-Billing\",\n \"id\": \"ead281ee-12a9-40ac-9534-36b5d7d65d53\",\n \"sourceId\": \"103f567b93ee49b991c40f9412f87643\",\n \"sourceName\": \"IDN Salesforce\",\n \"status\": \"suggested\",\n \"suggestedDescription\": \"This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable\",\n \"type\": \"group\",\n \"value\": \"group\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1674af0c-790b-4a8d-b044-91d353a7cd59", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Integer specifying the maximum number of records to return in a single API call. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "limit=0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**batchId**: *eq*\n\n**status**: *eq, ne, in*\n\n**displayName**: *eq, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "displayName co \"Read and Write\"" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nSince requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used.", + "type": "text/plain" + }, + "key": "count", + "value": "count=true" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored.\nThis parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array.", + "type": "text/plain" + }, + "key": "count-only", + "value": "count-only=true" + }, + { + "disabled": true, + "description": { + "content": "By default, the ListSeds API will only return items that you have requested to be generated. \nThis option will allow you to see all items that have been requested", + "type": "text/plain" + }, + "key": "requested-by-anyone", + "value": "requested-by-anyone=true" + }, + { + "disabled": true, + "description": { + "content": "Will limit records to items that are in \"suggested\" or \"approved\" status", + "type": "text/plain" + }, + "key": "show-pending-status-only", + "value": "show-pending-status-only=true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b034a7d3-991b-46e3-b32d-9c6d152e65ce", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Integer specifying the maximum number of records to return in a single API call. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "limit=0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**batchId**: *eq*\n\n**status**: *eq, ne, in*\n\n**displayName**: *eq, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "displayName co \"Read and Write\"" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nSince requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used.", + "type": "text/plain" + }, + "key": "count", + "value": "count=true" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored.\nThis parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array.", + "type": "text/plain" + }, + "key": "count-only", + "value": "count-only=true" + }, + { + "disabled": true, + "description": { + "content": "By default, the ListSeds API will only return items that you have requested to be generated. \nThis option will allow you to see all items that have been requested", + "type": "text/plain" + }, + "key": "requested-by-anyone", + "value": "requested-by-anyone=true" + }, + { + "disabled": true, + "description": { + "content": "Will limit records to items that are in \"suggested\" or \"approved\" status", + "type": "text/plain" + }, + "key": "show-pending-status-only", + "value": "show-pending-status-only=true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "82b3c5ac-f3af-413a-969a-e2e526cdb6f4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Integer specifying the maximum number of records to return in a single API call. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "limit=0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**batchId**: *eq*\n\n**status**: *eq, ne, in*\n\n**displayName**: *eq, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "displayName co \"Read and Write\"" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nSince requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used.", + "type": "text/plain" + }, + "key": "count", + "value": "count=true" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored.\nThis parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array.", + "type": "text/plain" + }, + "key": "count-only", + "value": "count-only=true" + }, + { + "disabled": true, + "description": { + "content": "By default, the ListSeds API will only return items that you have requested to be generated. \nThis option will allow you to see all items that have been requested", + "type": "text/plain" + }, + "key": "requested-by-anyone", + "value": "requested-by-anyone=true" + }, + { + "disabled": true, + "description": { + "content": "Will limit records to items that are in \"suggested\" or \"approved\" status", + "type": "text/plain" + }, + "key": "show-pending-status-only", + "value": "show-pending-status-only=true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a0420476-15ed-4b14-a363-3bf479009c26", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Integer specifying the maximum number of records to return in a single API call. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "limit=0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**batchId**: *eq*\n\n**status**: *eq, ne, in*\n\n**displayName**: *eq, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "displayName co \"Read and Write\"" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nSince requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used.", + "type": "text/plain" + }, + "key": "count", + "value": "count=true" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored.\nThis parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array.", + "type": "text/plain" + }, + "key": "count-only", + "value": "count-only=true" + }, + { + "disabled": true, + "description": { + "content": "By default, the ListSeds API will only return items that you have requested to be generated. \nThis option will allow you to see all items that have been requested", + "type": "text/plain" + }, + "key": "requested-by-anyone", + "value": "requested-by-anyone=true" + }, + { + "disabled": true, + "description": { + "content": "Will limit records to items that are in \"suggested\" or \"approved\" status", + "type": "text/plain" + }, + "key": "show-pending-status-only", + "value": "show-pending-status-only=true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c1448863-984c-44f3-99ce-9c743338b116", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Integer specifying the maximum number of records to return in a single API call. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "limit=0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**batchId**: *eq*\n\n**status**: *eq, ne, in*\n\n**displayName**: *eq, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "displayName co \"Read and Write\"" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nSince requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used.", + "type": "text/plain" + }, + "key": "count", + "value": "count=true" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored.\nThis parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array.", + "type": "text/plain" + }, + "key": "count-only", + "value": "count-only=true" + }, + { + "disabled": true, + "description": { + "content": "By default, the ListSeds API will only return items that you have requested to be generated. \nThis option will allow you to see all items that have been requested", + "type": "text/plain" + }, + "key": "requested-by-anyone", + "value": "requested-by-anyone=true" + }, + { + "disabled": true, + "description": { + "content": "Will limit records to items that are in \"suggested\" or \"approved\" status", + "type": "text/plain" + }, + "key": "show-pending-status-only", + "value": "show-pending-status-only=true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d390caa-cc1d-44cb-8278-2536ea94aabf", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Integer specifying the maximum number of records to return in a single API call. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results). If it is not specified, a default limit is used.", + "type": "text/plain" + }, + "key": "limit", + "value": "limit=0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**batchId**: *eq*\n\n**status**: *eq, ne, in*\n\n**displayName**: *eq, co*", + "type": "text/plain" + }, + "key": "filters", + "value": "displayName co \"Read and Write\"" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\nSince requesting a total count can have a performance impact, it is recommended not to send `count=true` if that value will not be used.", + "type": "text/plain" + }, + "key": "count", + "value": "count=true" + }, + { + "disabled": true, + "description": { + "content": "If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored.\nThis parameter differs from the Coun parameter in that this one skip executing the actual query and always return an empty array.", + "type": "text/plain" + }, + "key": "count-only", + "value": "count-only=true" + }, + { + "disabled": true, + "description": { + "content": "By default, the ListSeds API will only return items that you have requested to be generated. \nThis option will allow you to see all items that have been requested", + "type": "text/plain" + }, + "key": "requested-by-anyone", + "value": "requested-by-anyone=true" + }, + { + "disabled": true, + "description": { + "content": "Will limit records to items that are in \"suggested\" or \"approved\" status", + "type": "text/plain" + }, + "key": "show-pending-status-only", + "value": "show-pending-status-only=true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8e4bae91-713b-420d-884e-5910d7622021", + "name": "Patch Suggested Entitlement Description", + "request": { + "name": "Patch Suggested Entitlement Description", + "description": { + "content": "Patch Suggested Entitlement Description", + "type": "text/plain" + }, + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "disabled": true, + "description": { + "content": "(Required) id is sed id", + "type": "text/plain" + }, + "type": "any", + "value": "ebab396f-0af1-4050-89b7-dafc63ec70e7", + "key": "id" + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "6319e852-1c10-418c-a762-061614334334", + "name": "detail of patched sed", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"Name\": \"BatchInvoiceProcessing\",\n \"approved_by\": \"2c918086-76de-afbf-0176-f6d28f65565a\",\n \"approved_type\": \"admin\",\n \"approved_when\": \"2024-03-22T16:32:16.308Z\",\n \"attribute\": \"Role\",\n \"description\": \"This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable procedures.\",\n \"displayName\": \"AWS-Cloud-Billing\",\n \"id\": \"ead281ee-12a9-40ac-9534-36b5d7d65d53\",\n \"sourceId\": \"103f567b93ee49b991c40f9412f87643\",\n \"sourceName\": \"IDN Salesforce\",\n \"status\": \"suggested\",\n \"suggestedDescription\": \"This entitlement allows automated processing of invoices in batches on a scheduled basis to streamline accounts payable\",\n \"type\": \"group\",\n \"value\": \"group\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "89d9ed85-3337-4a89-8a7d-eb31d073d5a2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3fa8593e-f64f-495c-94d4-9cc7a8ca8a68", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a74cd5e9-1770-4e7c-a2a4-a3e961d5082e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ee1dfdd9-9987-4d97-be56-bbddf6a73f10", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3ea59943-7da8-4148-9230-03d21962c271", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "311f8efe-8fc4-4186-b878-bb27025fcead", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "suggested-entitlement-descriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"status\",\n \"value\": \"approved\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Tagged Objects", + "description": "Use this API to implement object tagging functionality. \nWith object tagging functionality in place, any user in an organization can use tags as a way to group objects together and find them more quickly when the user searches Identity Security Cloud. \n\nIn Identity Security Cloud, users can search their tenants for information and add tags objects they find.\nTagging an object provides users with a way of grouping objects together and makes it easier to find these objects in the future. \n\nFor example, if a user is searching for an entitlement that grants a risky level of access to Active Directory, it's possible that the user may have to search through hundreds of entitlements to find the correct one. \nOnce the user finds that entitlement, the user can add a tag to the entitlement, \"AD_RISKY\" to make it easier to find the entitlement again.\nThe user can add the same tag to multiple objects the user wants to group together for an easy future search, and the user can also do so in bulk.\nWhen the user wants to find that tagged entitlement again, the user can search for \"tags:AD_RISKY\" to find all objects with that tag. \n\nWith the API, you can tag even more different object types than you can in Identity Security Cloud (access profiles, entitlements, identities, and roles). \nYou can use the API to tag all these objects:\n\n- Access profiles \n\n- Applications \n\n- Certification campaigns\n\n- Entitlements\n\n- Identities \n\n- Roles \n\n- SOD (separation of duties) policies\n\n- Sources \n\nYou can also use the API to directly find, create, and manage tagged objects without using search queries. \n\nThere are limits to tags: \n\n- You can have up to 500 different tags in your tenant.\n\n- You can apply up to 30 tags to one object. \n\n- You can have up to 10,000 tag associations, pairings of 1 tag to 1 object, in your tenant. \n\nBecause of these limits, it is recommended that you work with your governance experts and security teams to establish a list of tags that are most expressive of governance objects and access managed by Identity Security Cloud. \n\nThese are the types of information often expressed in tags: \n\n- Affected departments\n\n- Compliance and regulatory categories \n\n- Remediation urgency levels \n\n- Risk levels \n\nRefer to [Tagging Items in Search](https://documentation.sailpoint.com/saas/help/search/index.html?h=tags#tagging-items-in-search) for more information about tagging objects in Identity Security Cloud. \n", + "item": [ + { + "id": "a601881e-bf1d-40a3-b7c8-1e073c16e175", + "name": "List Tagged Objects", + "request": { + "name": "List Tagged Objects", + "description": { + "content": "This API returns a list of all tagged objects.\n\nAny authenticated token may be used to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq, in*\n\n**objectRef.type**: *eq, in*\n\n**tagName**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "tagName eq \"BU_FINANCE\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "902fbb72-07a6-409e-9184-825d642a7d5f", + "name": "List of all tagged objects.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq, in*\n\n**objectRef.type**: *eq, in*\n\n**tagName**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "tagName eq \"BU_FINANCE\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n },\n {\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c12175f0-161f-459d-ba20-c720a1d78ab3", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq, in*\n\n**objectRef.type**: *eq, in*\n\n**tagName**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "tagName eq \"BU_FINANCE\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3f852239-3a2a-49df-ad8b-b0f4705c5a2e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq, in*\n\n**objectRef.type**: *eq, in*\n\n**tagName**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "tagName eq \"BU_FINANCE\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "269d7ac7-304b-4fba-a76a-204f2e92021d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq, in*\n\n**objectRef.type**: *eq, in*\n\n**tagName**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "tagName eq \"BU_FINANCE\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dcecdc32-cc76-40e9-813f-0c624c080326", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq, in*\n\n**objectRef.type**: *eq, in*\n\n**tagName**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "tagName eq \"BU_FINANCE\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "67979242-93c8-4a85-b448-95632af4cca3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq, in*\n\n**objectRef.type**: *eq, in*\n\n**tagName**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "tagName eq \"BU_FINANCE\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f2149fd4-2e2c-40e0-8e5e-be67b814a712", + "name": "Add Tag to Object", + "request": { + "name": "Add Tag to Object", + "description": { + "content": "This adds a tag to an object.\n\nAny authenticated token may be used to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "abb6a0a0-b820-413f-b369-dd74903b9551", + "name": "Created.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "6934106e-0ad1-472a-8e8c-552e81c83adc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "632472e9-f68b-4bcb-b64d-5af09fbd3bfd", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d2f2dc4e-e432-45bf-be43-b3a14e1e2590", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4fd43149-0fc4-4a2b-98f5-dd864c42ac04", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f4120bbc-77a0-4dca-baca-28962b80c03b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a9acbea1-3661-4560-a299-ab7fea15c7e8", + "name": "List Tagged Objects by Type", + "request": { + "name": "List Tagged Objects by Type", + "description": { + "content": "This API returns a list of all tagged objects by type.\n\nAny authenticated token may be used to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "tagged-objects", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq*\n\n**objectRef.type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "objectRef.id eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [ + { + "type": "any", + "value": "ROLE", + "key": "type", + "disabled": true, + "description": { + "content": "(Required) The type of tagged object to retrieve.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "1603f25b-1585-4db0-bfd8-0df8226f1092", + "name": "List of all tagged objects for specified type.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq*\n\n**objectRef.type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "objectRef.id eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n },\n {\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "173b48e3-3f5c-4ba2-aa3b-436fa9e75729", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq*\n\n**objectRef.type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "objectRef.id eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7c95fdc9-b2e0-414e-b34e-a5b136d4449c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq*\n\n**objectRef.type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "objectRef.id eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ae817095-d466-45a7-8e11-fbb0d408e491", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq*\n\n**objectRef.type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "objectRef.id eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec2ac86b-f769-49d5-bc22-efc619a64b30", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq*\n\n**objectRef.type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "objectRef.id eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d0cd644-85e2-4072-82fc-fa49e4f0619d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**objectRef.id**: *eq*\n\n**objectRef.type**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "objectRef.id eq \"2c91808568c529c60168cca6f90c1313\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9ee8b5a9-b535-47c3-9bc3-78552869d1a6", + "name": "Get Tagged Object", + "request": { + "name": "Get Tagged Object", + "description": { + "content": "This gets a tagged object for the specified type.", + "type": "text/plain" + }, + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ROLE", + "key": "type", + "disabled": true, + "description": { + "content": "(Required) The type of tagged object to retrieve.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the object reference to retrieve.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "bdf99556-1684-45e9-8865-4b91174632ab", + "name": "Tagged object by type and ID.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a58b10d-34fb-46c5-af68-a0d81c900651", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d136bfee-4391-4a7e-9e51-ab285b8a1bad", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7784859-4572-4093-96ce-56c653da4dcf", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7101db9b-54ef-49c1-ad29-85a69baec880", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70cc5995-79d3-40bd-a487-7c5c5602adc2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "bf087253-e926-4aae-b034-239032aca021", + "name": "Update Tagged Object", + "request": { + "name": "Update Tagged Object", + "description": { + "content": "This updates a tagged object for the specified type.", + "type": "text/plain" + }, + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ROLE", + "key": "type", + "disabled": true, + "description": { + "content": "(Required) The type of tagged object to update.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the object reference to update.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d488d3a8-a967-471b-a40c-3547bcc8b59a", + "name": "Tagged object by type and ID.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a9155874-7374-4d12-a23e-5b0036ff7f99", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40799ee7-ddce-4026-ade9-dded02fe64f5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57251c38-66f1-4b41-948c-f2ad719cc319", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "298904cf-450c-40b0-b8fd-391698bed675", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fb14ea51-693b-4588-aa6f-214d19ac613e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"objectRef\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "96590af1-168b-44d9-84fa-736c9a9f1298", + "name": "Delete Tagged Object", + "request": { + "name": "Delete Tagged Object", + "description": { + "content": "This deletes a tagged object for the specified type.", + "type": "text/plain" + }, + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ROLE", + "key": "type", + "disabled": true, + "description": { + "content": "(Required) The type of tagged object to delete.", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the object reference to delete.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "5369b09c-86c9-4664-8289-2136c21cc1f8", + "name": "No content.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "8219d0b9-fab8-4042-b19f-365e869a54ab", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "138a7db6-0abb-4b39-937e-37674b319adf", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be33efc7-0da3-46ed-965d-8f34b012bf96", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bf6dc1b3-b64d-4b42-8df1-007064553e35", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc699313-fd62-4965-bb95-4501254aa02f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + ":type", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4fab8e15-a0ab-4084-bf87-5f45d851ab23", + "name": "Tag Multiple Objects", + "request": { + "name": "Tag Multiple Objects", + "description": { + "content": "This API adds tags to multiple objects.\n\nA token with API, CERT_ADMIN, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "tagged-objects", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ],\n \"operation\": \"MERGE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "4dbf2d42-adbc-45a4-a539-b3ac65693816", + "name": "Request succeeded.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ],\n \"operation\": \"MERGE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n },\n {\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5132cc68-b6c8-4c96-be38-d19f200b21aa", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ],\n \"operation\": \"MERGE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ef144894-2158-4de5-9c07-a3acd003c100", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ],\n \"operation\": \"MERGE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2c2418a1-c104-4cd1-a3e1-60009d0b5212", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ],\n \"operation\": \"MERGE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17d6ce16-ff54-48b4-8763-c60dd2d67384", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ],\n \"operation\": \"MERGE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2de1b713-f911-4d24-be01-6ce358ed86c1", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-add" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ],\n \"operation\": \"MERGE\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f458085c-bfdf-4906-8d0d-3a095bc4bb24", + "name": "Remove Tags from Multiple Objects", + "request": { + "name": "Remove Tags from Multiple Objects", + "description": { + "content": "This API removes tags from multiple objects.\n\nA token with API, CERT_ADMIN, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "tagged-objects", + "bulk-remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "80dbfd5c-4a3a-4967-b1ab-343509e11010", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "49979f01-ffa4-403c-b5e8-9f336ff4a470", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5337f3cb-4f02-45a9-9735-1d86e88182b7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "be373699-b52a-4cc1-8c30-8719a5cf8887", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d85e1cc7-8df5-47ee-9fcd-d36af174fad2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "37326bf9-0fc3-4bbe-99f1-abdd33cac471", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "tagged-objects", + "bulk-remove" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"objectRefs\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n ],\n \"tags\": [\n \"BU_FINANCE\",\n \"PCI\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Task Management", + "description": "", + "item": [ + { + "id": "cfb26472-7984-4301-8d2a-feba75271383", + "name": "Get task status by ID.", + "request": { + "name": "Get task status by ID.", + "description": { + "content": "Get a TaskStatus for a task by task ID.", + "type": "text/plain" + }, + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00eebcf881994e419d72e757fd30dc0e", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Task ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "0dc9965a-4149-4fbf-ba9f-4f9845df2c59", + "name": "Responds with a TaskStatus for the task with the given task ID.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"id12345\",\n \"type\": \"QUARTZ\",\n \"uniqueName\": \"Big Task\",\n \"description\": \"A Really Big Task\",\n \"parentName\": \"Parent Task\",\n \"attributes\": {\n \"identityCount\": 0\n },\n \"created\": \"2020-07-11T21:23:15.000Z\",\n \"modified\": \"2020-07-11T21:23:15.000Z\",\n \"launched\": \"2020-07-11T21:23:15.000Z\",\n \"launcher\": \"sweep\",\n \"completed\": \"2020-07-11T21:23:15.000Z\",\n \"completionStatus\": \"SUCCESS\",\n \"messages\": [\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n },\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n }\n ],\n \"progress\": \"Started\",\n \"percentComplete\": 100,\n \"returns\": [\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n },\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n }\n ],\n \"target\": {\n \"id\": \"c6dc37bf508149b28ce5b7d90ca4bbf9\",\n \"type\": \"APPLICATION\",\n \"name\": \"Active Directory [source]\"\n },\n \"taskDefinitionSummary\": {\n \"arguments\": {\n \"in_d4\": 95715456,\n \"voluptate7\": \"elit irure consectetur\"\n },\n \"description\": \"Aggregates from the specified application.\",\n \"executor\": \"sailpoint.task.ServiceTaskExecutor\",\n \"id\": \"2c91808475b4334b0175e1dff64b63c5\",\n \"uniqueName\": \"Cloud Account Aggregation\",\n \"parentName\": \"Cloud Account Aggregation\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d969312a-ba1c-494a-bee8-1d3557a154fe", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d9704465-dec5-4622-be17-be0de39ac075", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5228e0f3-1999-4cd2-84cf-6fb6006bfaa7", + "name": "Forbidden, generally due to a lack of security rights", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "10672831-658d-4204-a5a2-ba4a2802f1be", + "name": "TaskStatus with the given id was not found.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "c33157a6-c466-485e-9579-cefe89016532", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "369fdb8b-79f2-4c42-a413-d96f82a1e43b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "cf637f07-9f6f-4fa8-9add-6d080d1d6d7a", + "name": "Update task status by ID", + "request": { + "name": "Update task status by ID", + "description": { + "content": "Update a current task status by task ID. Use this API to clear a pending task by updating the completionStatus and completed attributes.", + "type": "text/plain" + }, + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "00eebcf881994e419d72e757fd30dc0e", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Task ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/completionStatus\",\n \"value\": \"Error\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/completed\",\n \"value\": \"2024-05-17T19:33:16.470Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "050a8bd5-7e2d-4b21-9e53-b7ac0ad890fc", + "name": "This response indicates the PATCH operation succeeded, and the API returns the updated task object.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/completionStatus\",\n \"value\": \"Error\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/completed\",\n \"value\": \"2024-05-17T19:33:16.470Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"id12345\",\n \"type\": \"QUARTZ\",\n \"uniqueName\": \"Big Task\",\n \"description\": \"A Really Big Task\",\n \"parentName\": \"Parent Task\",\n \"attributes\": {\n \"identityCount\": 0\n },\n \"created\": \"2020-07-11T21:23:15.000Z\",\n \"modified\": \"2020-07-11T21:23:15.000Z\",\n \"launched\": \"2020-07-11T21:23:15.000Z\",\n \"launcher\": \"sweep\",\n \"completed\": \"2020-07-11T21:23:15.000Z\",\n \"completionStatus\": \"SUCCESS\",\n \"messages\": [\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n },\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n }\n ],\n \"progress\": \"Started\",\n \"percentComplete\": 100,\n \"returns\": [\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n },\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n }\n ],\n \"target\": {\n \"id\": \"c6dc37bf508149b28ce5b7d90ca4bbf9\",\n \"type\": \"APPLICATION\",\n \"name\": \"Active Directory [source]\"\n },\n \"taskDefinitionSummary\": {\n \"arguments\": {\n \"in_d4\": 95715456,\n \"voluptate7\": \"elit irure consectetur\"\n },\n \"description\": \"Aggregates from the specified application.\",\n \"executor\": \"sailpoint.task.ServiceTaskExecutor\",\n \"id\": \"2c91808475b4334b0175e1dff64b63c5\",\n \"uniqueName\": \"Cloud Account Aggregation\",\n \"parentName\": \"Cloud Account Aggregation\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f96527f3-5389-41ac-bd12-4cd2c1a4768b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/completionStatus\",\n \"value\": \"Error\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/completed\",\n \"value\": \"2024-05-17T19:33:16.470Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "67aad2e6-ba1e-48eb-b749-43377b18b8e7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/completionStatus\",\n \"value\": \"Error\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/completed\",\n \"value\": \"2024-05-17T19:33:16.470Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b8e7ae00-06a3-4201-9fdc-4ac6704024ac", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/completionStatus\",\n \"value\": \"Error\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/completed\",\n \"value\": \"2024-05-17T19:33:16.470Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "00d075fc-21d7-4912-9b2b-58322c51fc95", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/completionStatus\",\n \"value\": \"Error\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/completed\",\n \"value\": \"2024-05-17T19:33:16.470Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "537b8f09-b06f-4597-84f5-31a67d8506c1", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/completionStatus\",\n \"value\": \"Error\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/completed\",\n \"value\": \"2024-05-17T19:33:16.470Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c0ae0780-6819-41b3-a98d-c9cdff105e9d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "task-status", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/completionStatus\",\n \"value\": \"Error\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/completed\",\n \"value\": \"2024-05-17T19:33:16.470Z\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "77022f44-581f-4137-818d-46fe89d4ac58", + "name": "Retrieve a task status list.", + "request": { + "name": "Retrieve a task status list.", + "description": { + "content": "Use this endpoint to get a list of **completed** tasks. To get a list of tasks **in-progress**, please use the [get pending tasks](https://developer.sailpoint.com/docs/api/beta/get-pending-tasks) endpoint.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "task-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**sourceId**: *eq, in*\n\n**completionStatus**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "completionStatus eq \"Success\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "69da9ed8-7969-4563-8a86-c21383d593ce", + "name": "Responds with a TaskStatus for the task with the given task ID.", + "originalRequest": { + "url": { + "path": [ + "task-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**sourceId**: *eq, in*\n\n**completionStatus**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "completionStatus eq \"Success\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"id12345\",\n \"type\": \"QUARTZ\",\n \"uniqueName\": \"Big Task\",\n \"description\": \"A Really Big Task\",\n \"parentName\": \"Parent Task\",\n \"attributes\": {\n \"identityCount\": 0\n },\n \"created\": \"2020-07-11T21:23:15.000Z\",\n \"modified\": \"2020-07-11T21:23:15.000Z\",\n \"launched\": \"2020-07-11T21:23:15.000Z\",\n \"launcher\": \"sweep\",\n \"completed\": \"2020-07-11T21:23:15.000Z\",\n \"completionStatus\": \"SUCCESS\",\n \"messages\": [\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n },\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n }\n ],\n \"progress\": \"Started\",\n \"percentComplete\": 100,\n \"returns\": [\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n },\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n }\n ],\n \"target\": {\n \"id\": \"c6dc37bf508149b28ce5b7d90ca4bbf9\",\n \"type\": \"APPLICATION\",\n \"name\": \"Active Directory [source]\"\n },\n \"taskDefinitionSummary\": {\n \"arguments\": {\n \"commodo5\": \"ut voluptate non aliquip tempor\",\n \"Excepteur_81\": 53248418\n },\n \"description\": \"Aggregates from the specified application.\",\n \"executor\": \"sailpoint.task.ServiceTaskExecutor\",\n \"id\": \"2c91808475b4334b0175e1dff64b63c5\",\n \"uniqueName\": \"Cloud Account Aggregation\",\n \"parentName\": \"Cloud Account Aggregation\"\n }\n },\n {\n \"id\": \"id12345\",\n \"type\": \"QUARTZ\",\n \"uniqueName\": \"Big Task\",\n \"description\": \"A Really Big Task\",\n \"parentName\": \"Parent Task\",\n \"attributes\": {\n \"identityCount\": 0\n },\n \"created\": \"2020-07-11T21:23:15.000Z\",\n \"modified\": \"2020-07-11T21:23:15.000Z\",\n \"launched\": \"2020-07-11T21:23:15.000Z\",\n \"launcher\": \"sweep\",\n \"completed\": \"2020-07-11T21:23:15.000Z\",\n \"completionStatus\": \"SUCCESS\",\n \"messages\": [\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n },\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n }\n ],\n \"progress\": \"Started\",\n \"percentComplete\": 100,\n \"returns\": [\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n },\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n }\n ],\n \"target\": {\n \"id\": \"c6dc37bf508149b28ce5b7d90ca4bbf9\",\n \"type\": \"APPLICATION\",\n \"name\": \"Active Directory [source]\"\n },\n \"taskDefinitionSummary\": {\n \"arguments\": {\n \"elit14\": true,\n \"adipisicinga\": 80982730.85178506,\n \"consectetura7c\": \"qui est\",\n \"eiusmodb\": -43675382.572552346\n },\n \"description\": \"Aggregates from the specified application.\",\n \"executor\": \"sailpoint.task.ServiceTaskExecutor\",\n \"id\": \"2c91808475b4334b0175e1dff64b63c5\",\n \"uniqueName\": \"Cloud Account Aggregation\",\n \"parentName\": \"Cloud Account Aggregation\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8fcb65e9-35bd-4298-9484-54ae145e6b1b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "task-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**sourceId**: *eq, in*\n\n**completionStatus**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "completionStatus eq \"Success\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74a62f43-3436-4288-ba56-e35df2a45187", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "task-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**sourceId**: *eq, in*\n\n**completionStatus**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "completionStatus eq \"Success\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "df27fb15-9298-45eb-adac-6bf6e0f0c481", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "task-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**sourceId**: *eq, in*\n\n**completionStatus**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "completionStatus eq \"Success\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc7707ba-4ec8-4c0d-94be-b166db0e4b69", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "task-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**sourceId**: *eq, in*\n\n**completionStatus**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "completionStatus eq \"Success\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6a2edbb8-08e5-428a-b958-61cfbb78290a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "task-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**sourceId**: *eq, in*\n\n**completionStatus**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "completionStatus eq \"Success\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d50d5c83-be68-4063-b55f-be5640ba7b6d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "task-status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**sourceId**: *eq, in*\n\n**completionStatus**: *eq, in*\n\n**type**: *eq, in*", + "type": "text/plain" + }, + "key": "filters", + "value": "completionStatus eq \"Success\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **created**", + "type": "text/plain" + }, + "key": "sorters", + "value": "-created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e73b62cb-0f78-46c8-bd66-af31b7e5e90a", + "name": "Retrieve a pending task list.", + "request": { + "name": "Retrieve a pending task list.", + "description": { + "content": "Retrieve a list of TaskStatus for pending tasks.", + "type": "text/plain" + }, + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "82386695-f108-4c83-b9ec-ef1bed8d1b6b", + "name": "Responds with a list of TaskStatus for pending tasks.", + "originalRequest": { + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"id12345\",\n \"type\": \"QUARTZ\",\n \"uniqueName\": \"Big Task\",\n \"description\": \"A Really Big Task\",\n \"parentName\": \"Parent Task\",\n \"attributes\": {\n \"identityCount\": 0\n },\n \"created\": \"2020-07-11T21:23:15.000Z\",\n \"modified\": \"2020-07-11T21:23:15.000Z\",\n \"launched\": \"2020-07-11T21:23:15.000Z\",\n \"launcher\": \"sweep\",\n \"completed\": \"2020-07-11T21:23:15.000Z\",\n \"completionStatus\": \"SUCCESS\",\n \"messages\": [\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n },\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n }\n ],\n \"progress\": \"Started\",\n \"percentComplete\": 100,\n \"returns\": [\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n },\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n }\n ],\n \"target\": {\n \"id\": \"c6dc37bf508149b28ce5b7d90ca4bbf9\",\n \"type\": \"APPLICATION\",\n \"name\": \"Active Directory [source]\"\n },\n \"taskDefinitionSummary\": {\n \"arguments\": {\n \"commodo5\": \"ut voluptate non aliquip tempor\",\n \"Excepteur_81\": 53248418\n },\n \"description\": \"Aggregates from the specified application.\",\n \"executor\": \"sailpoint.task.ServiceTaskExecutor\",\n \"id\": \"2c91808475b4334b0175e1dff64b63c5\",\n \"uniqueName\": \"Cloud Account Aggregation\",\n \"parentName\": \"Cloud Account Aggregation\"\n }\n },\n {\n \"id\": \"id12345\",\n \"type\": \"QUARTZ\",\n \"uniqueName\": \"Big Task\",\n \"description\": \"A Really Big Task\",\n \"parentName\": \"Parent Task\",\n \"attributes\": {\n \"identityCount\": 0\n },\n \"created\": \"2020-07-11T21:23:15.000Z\",\n \"modified\": \"2020-07-11T21:23:15.000Z\",\n \"launched\": \"2020-07-11T21:23:15.000Z\",\n \"launcher\": \"sweep\",\n \"completed\": \"2020-07-11T21:23:15.000Z\",\n \"completionStatus\": \"SUCCESS\",\n \"messages\": [\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n },\n {\n \"key\": \"akey\",\n \"localizedText\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"type\": \"INFO\",\n \"parameters\": [\n {\n \"name\": \"value\"\n }\n ]\n }\n ],\n \"progress\": \"Started\",\n \"percentComplete\": 100,\n \"returns\": [\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n },\n {\n \"name\": \"label\",\n \"attributeName\": \"identityCount\"\n }\n ],\n \"target\": {\n \"id\": \"c6dc37bf508149b28ce5b7d90ca4bbf9\",\n \"type\": \"APPLICATION\",\n \"name\": \"Active Directory [source]\"\n },\n \"taskDefinitionSummary\": {\n \"arguments\": {\n \"elit14\": true,\n \"adipisicinga\": 80982730.85178506,\n \"consectetura7c\": \"qui est\",\n \"eiusmodb\": -43675382.572552346\n },\n \"description\": \"Aggregates from the specified application.\",\n \"executor\": \"sailpoint.task.ServiceTaskExecutor\",\n \"id\": \"2c91808475b4334b0175e1dff64b63c5\",\n \"uniqueName\": \"Cloud Account Aggregation\",\n \"parentName\": \"Cloud Account Aggregation\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6adfe0ff-8a56-4837-a369-346ce13dff98", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "17a74241-7df4-44ab-8862-adcab29b9208", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9f63fac3-3398-43b0-a39e-af407018d42d", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "590775e2-e79c-447e-b20e-7414cbfa04dc", + "name": "Retrieve headers only for pending task list.", + "request": { + "name": "Retrieve headers only for pending task list.", + "description": { + "content": "Retrieve headers for a list of TaskStatus for pending tasks.", + "type": "text/plain" + }, + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "HEAD", + "body": {} + }, + "response": [ + { + "id": "d479c27d-c886-42d3-ac71-72b5065fefd5", + "name": "Responds with headers for List of TaskStatus for pending tasks.", + "originalRequest": { + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "HEAD", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "962f9296-6d60-41d3-9db3-6a411bc64fc8", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "HEAD", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "c4afb12c-d74a-48ce-ab8b-646e79ac6842", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "HEAD", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2ac8dbae-2d63-4b7e-be34-55105432ddc4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "task-status", + "pending-tasks" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "HEAD", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Tenant", + "description": "API for reading tenant details.", + "item": [ + { + "id": "59db5f9d-a5be-4b14-bc50-0935d0e30ba3", + "name": "Get Tenant Information.", + "request": { + "name": "Get Tenant Information.", + "description": { + "content": "This rest endpoint can be used to retrieve tenant details.", + "type": "text/plain" + }, + "url": { + "path": [ + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "6c6538db-4f8c-4127-9c3c-ea25ec85b31b", + "name": "Tenant Info", + "originalRequest": { + "url": { + "path": [ + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c91808568c529c60168cca6f90c1324\",\n \"name\": \"acme\",\n \"fullName\": \"Acme, Inc\",\n \"pod\": \"example-pod\",\n \"region\": \"us-east-1\",\n \"description\": \"Description of the Tenant\",\n \"products\": [\n {\n \"productName\": \"idn\",\n \"url\": \"https://tenant-name.identitynow.com\",\n \"productTenantId\": \"tenant#product\",\n \"productRegion\": \"us-east-1\",\n \"productRight\": \"idn:ui:view\",\n \"apiUrl\": \"https://tenant-name.api.identitynow.com\",\n \"licenses\": [\n {\n \"licenseId\": \"idn:access-request\",\n \"legacyFeatureName\": \"ACCESS_REQUEST\"\n },\n {\n \"licenseId\": \"idn:access-request\",\n \"legacyFeatureName\": \"ACCESS_REQUEST\"\n }\n ],\n \"attributes\": {\n \"domain\": \"https://tenant-name.identitynow.com\",\n \"maxRegisteredUsers\": 250\n },\n \"zone\": \"Deployment zone for the Product\",\n \"status\": \"active\",\n \"statusDateTime\": \"2020-05-19T13:49:37.385Z\",\n \"reason\": \"Reason\",\n \"notes\": \"Example notes\",\n \"dateCreated\": \"2020-05-19T13:49:37.385Z\",\n \"lastUpdated\": \"2020-05-19T13:49:37.385Z\",\n \"orgType\": \"test\"\n },\n {\n \"productName\": \"idn\",\n \"url\": \"https://tenant-name.identitynow.com\",\n \"productTenantId\": \"tenant#product\",\n \"productRegion\": \"us-east-1\",\n \"productRight\": \"idn:ui:view\",\n \"apiUrl\": \"https://tenant-name.api.identitynow.com\",\n \"licenses\": [\n {\n \"licenseId\": \"idn:access-request\",\n \"legacyFeatureName\": \"ACCESS_REQUEST\"\n },\n {\n \"licenseId\": \"idn:access-request\",\n \"legacyFeatureName\": \"ACCESS_REQUEST\"\n }\n ],\n \"attributes\": {\n \"domain\": \"https://tenant-name.identitynow.com\",\n \"maxRegisteredUsers\": 250\n },\n \"zone\": \"Deployment zone for the Product\",\n \"status\": \"active\",\n \"statusDateTime\": \"2020-05-19T13:49:37.385Z\",\n \"reason\": \"Reason\",\n \"notes\": \"Example notes\",\n \"dateCreated\": \"2020-05-19T13:49:37.385Z\",\n \"lastUpdated\": \"2020-05-19T13:49:37.385Z\",\n \"orgType\": \"test\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fbfe6d64-fc59-4dd1-972d-b904e55dec73", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0701730c-8783-4054-8dd2-da82c117caf9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3851193d-c01f-4a94-a287-766b4f5a01c2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f905d3bd-8f3b-4e51-8f94-433cd08699e0", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d267ab74-f470-4e1b-8a6d-b1b1c782b55e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "441a0186-c20b-4b6d-bd01-3c0004fa5a80", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Transforms", + "description": "The purpose of this API is to expose functionality for the manipulation of Transform objects.\nTransforms are a form of configurable objects which define an easy way to manipulate attribute data without having\nto write code. These endpoints don't require API calls to other resources, audit service is used for keeping track\nof which users have made changes to the Transforms.\n\nRefer to [Transforms](https://developer.sailpoint.com/docs/extensibility/transforms/) for more information about transforms.\n", + "item": [ + { + "id": "a6d88b64-5235-42e3-8805-96f12daca93b", + "name": "List transforms", + "request": { + "name": "List transforms", + "description": { + "content": "Gets a list of all saved transform objects.\nA token with transforms-list read authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Name of the transform to retrieve from the list.", + "type": "text/plain" + }, + "key": "name", + "value": "ExampleTransformName123" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**internal**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Uppercase\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "621760c5-87f3-478f-864b-64982c1a57b4", + "name": "A list of transforms matching the given criteria.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Name of the transform to retrieve from the list.", + "type": "text/plain" + }, + "key": "name", + "value": "ExampleTransformName123" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**internal**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Uppercase\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2cd78adghjkja34jh2b1hkjhasuecd\",\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n },\n \"internal\": false\n },\n {\n \"id\": \"2lkas8dhj4bkuakja77giih7l4ashh\",\n \"name\": \"PrefixSubstring\",\n \"type\": \"substring\",\n \"attributes\": {\n \"begin\": 0,\n \"end\": 3\n },\n \"internal\": true\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a865c553-8965-4545-8b78-9385404ae202", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Name of the transform to retrieve from the list.", + "type": "text/plain" + }, + "key": "name", + "value": "ExampleTransformName123" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**internal**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Uppercase\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "23fe6b83-98f5-4288-818a-7ce27f7617ee", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Name of the transform to retrieve from the list.", + "type": "text/plain" + }, + "key": "name", + "value": "ExampleTransformName123" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**internal**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Uppercase\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f9a9633d-1bb8-4104-a0f6-bc290a0e17c5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Name of the transform to retrieve from the list.", + "type": "text/plain" + }, + "key": "name", + "value": "ExampleTransformName123" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**internal**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Uppercase\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "764c22b6-6a5a-4882-90d2-898da9b5b1d3", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Name of the transform to retrieve from the list.", + "type": "text/plain" + }, + "key": "name", + "value": "ExampleTransformName123" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**internal**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Uppercase\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6aedc230-9467-407d-9046-72c186ee6f22", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Name of the transform to retrieve from the list.", + "type": "text/plain" + }, + "key": "name", + "value": "ExampleTransformName123" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**internal**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Uppercase\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2ffe3d8c-e5eb-47f7-a7d5-753e610a6ffc", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Name of the transform to retrieve from the list.", + "type": "text/plain" + }, + "key": "name", + "value": "ExampleTransformName123" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**internal**: *eq*\n\n**name**: *eq, sw*", + "type": "text/plain" + }, + "key": "filters", + "value": "name eq \"Uppercase\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "24f82b6c-b8e9-4743-94d0-c527206bb94e", + "name": "Create transform", + "request": { + "name": "Create transform", + "description": { + "content": "Creates a new transform object immediately. By default, the internal flag is set to false to indicate that this is a custom transform. Only SailPoint employees have the ability to create a transform with internal set to true. Newly created Transforms can be used in the Identity Profile mappings within the UI. A token with transform write authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM dd yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "18946d7e-7066-42c8-b30c-874c38a18e65", + "name": "Indicates the transform was successfully created and returns its representation.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM dd yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"attributes\": {\n \"sourceName\": \"Workday\",\n \"attributeName\": \"DEPARTMENT\",\n \"accountSortAttribute\": \"created\",\n \"accountSortDescending\": false,\n \"accountReturnFirstLink\": false,\n \"accountFilter\": \"!(nativeIdentity.startsWith(\\\"*DELETED*\\\"))\",\n \"accountPropertyFilter\": \"(groups.containsAll({'Admin'}) || location == 'Austin')\",\n \"requiresPeriodicRefresh\": false,\n \"input\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"first_name\",\n \"sourceName\": \"Source\"\n }\n }\n },\n \"id\": \"2cd78adghjkja34jh2b1hkjhasuecd\",\n \"internal\": false,\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8007f268-9bcd-4e19-a2ef-672b1348da74", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM dd yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "368fdc78-9176-434d-b9b9-a689710363aa", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM dd yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0d1de545-e0e3-4fa1-94d5-1961031b9859", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM dd yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7dedbe8e-c1bf-4099-bf87-b605427fb214", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM dd yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "863ec437-6d6b-4ac5-bf30-b6ecad3eba6d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM dd yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c34a7dae-47db-42a9-8720-28bc2afd1772", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "transforms" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM dd yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "71a5c1e9-28e8-4b7c-bd70-c3b291564613", + "name": "Transform by ID", + "request": { + "name": "Transform by ID", + "description": { + "content": "This API returns the transform specified by the given ID.\nA token with transform read authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2cd78adghjkja34jh2b1hkjhasuecd", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the transform to retrieve", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "6cd23f4e-e991-49f5-b0eb-cd9e8c924821", + "name": "Transform with the given ID", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"attributes\": {\n \"sourceName\": \"Workday\",\n \"attributeName\": \"DEPARTMENT\",\n \"accountSortAttribute\": \"created\",\n \"accountSortDescending\": false,\n \"accountReturnFirstLink\": false,\n \"accountFilter\": \"!(nativeIdentity.startsWith(\\\"*DELETED*\\\"))\",\n \"accountPropertyFilter\": \"(groups.containsAll({'Admin'}) || location == 'Austin')\",\n \"requiresPeriodicRefresh\": false,\n \"input\": {\n \"type\": \"accountAttribute\",\n \"attributes\": {\n \"attributeName\": \"first_name\",\n \"sourceName\": \"Source\"\n }\n }\n },\n \"id\": \"2cd78adghjkja34jh2b1hkjhasuecd\",\n \"internal\": false,\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "846f1136-2dd2-4b24-a5b1-a4c47685ef51", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70c4fe8d-484f-4477-b3c5-c256b703c8e4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "36ddfb21-f5a4-4d2e-8e72-24f1c085b0e8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2f61ba00-e467-4c3f-be89-caeeb3047b92", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4afe8b81-6724-45e7-b78c-7787dc1e6963", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a42a10cf-4d04-4041-a937-2aa4354d255a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "fa5aaae1-723a-49f6-ab54-0168be8ac7d1", + "name": "Update a transform", + "request": { + "name": "Update a transform", + "description": { + "content": "Replaces the transform specified by the given ID with the transform provided in the request body. Only the \"attributes\" field is mutable. Attempting to change other properties (ex. \"name\" and \"type\") will result in an error.\nA token with transform write authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2cd78adghjkja34jh2b1hkjhasuecd", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the transform to update", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "bbad2c47-29b8-4b7f-92ad-bb6360ca977d", + "name": "Indicates the transform was successfully updated and returns its new representation.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2cd78adghjkja34jh2b1hkjhasuecd\",\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n },\n \"internal\": false\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a19087e-0fda-4fa0-b2ac-c23b7252cbc0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8c517098-7dd6-441c-8f85-96a7b586533d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "619d321f-8661-453c-9121-9957511e2fdd", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d7c67b17-66a0-4667-a8e9-ef68bbd9656c", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7bc6556-5f05-41a7-9b3a-78996002cfef", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "629e11df-b0e0-4ef3-8a5d-c203240bfb52", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Timestamp To Date\",\n \"type\": \"dateFormat\",\n \"attributes\": {\n \"inputFormat\": \"MMM-dd-yyyy, HH:mm:ss.SSS\",\n \"outputFormat\": \"yyyy/dd/MM\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "eac20e85-b227-4dbd-bd76-200e7246ed62", + "name": "Delete a transform", + "request": { + "name": "Delete a transform", + "description": { + "content": "Deletes the transform specified by the given ID. Attempting to delete a transform that is used in one or more Identity Profile mappings will result in an error. If this occurs, you must first remove the transform from all mappings before deleting the transform.\nA token with transform delete authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2cd78adghjkja34jh2b1hkjhasuecd", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the transform to delete", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "0120eb14-c1b8-4d92-a73d-52dd9b389817", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "4cfeb6a4-20e0-499c-981e-f88799e64a67", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dee45466-9561-4a2e-a725-f9246565a36f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e61d30a-7939-4c1f-866f-eba0c6b3dc04", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f2fb2aa1-1d7d-44e7-b388-a64814171546", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "74e7660b-3c5f-4db6-9428-1169b3b8402b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "84cac403-cb64-48c3-beba-1a1fe41a291e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "transforms", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Triggers", + "description": "Event Triggers provide real-time updates to changes in Identity Security Cloud so you can take action as soon as an event occurs, rather than poll an API endpoint for updates. Identity Security Cloud provides a user interface within the admin console to create and manage trigger subscriptions. These endpoints allow for programatically creating and managing trigger subscriptions.\n\nThere are two types of event triggers:\n * `FIRE_AND_FORGET`: This trigger type will send a payload to each subscriber without needing a response. Each trigger of this type has a limit of **50 subscriptions**.\n * `REQUEST_RESPONSE`: This trigger type will send a payload to a subscriber and expect a response back. Each trigger of this type may only have **one subscription**.\n\n## Available Event Triggers\nProduction ready event triggers that are available in all tenants.\n\n| Name | ID | Type | Trigger condition |\n|-|-|-|-|\n| [Access Request Dynamic Approval](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-dynamic-approval/) | idn:access-request-dynamic-approver | REQUEST_RESPONSE |After an access request is submitted. Expects the subscriber to respond with the ID of an identity or workgroup to add to the approval workflow. |\n| [Access Request Decision](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-decision/) | idn:access-request-post-approval | FIRE_AND_FORGET | After an access request is approved. |\n| [Access Request Submitted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-submitted/) | idn:access-request-pre-approval | REQUEST_RESPONSE | After an access request is submitted. Expects the subscriber to respond with an approval decision. |\n| [Account Aggregation Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:account-aggregation-completed | FIRE_AND_FORGET | After an account aggregation completed, terminated, failed. |\n| Account Attributes Changed | idn:account-attributes-changed | FIRE_AND_FORGET | After an account aggregation, and one or more account attributes have changed. |\n| Account Correlated | idn:account-correlated | FIRE_AND_FORGET | After an account is added to an identity. |\n| Accounts Collected for Aggregation | idn:aggregation-accounts-collected | FIRE_AND_FORGET | New, changed, and deleted accounts have been gathered during an aggregation and are being processed. |\n| Account Uncorrelated | idn:account-uncorrelated | FIRE_AND_FORGET | After an account is removed from an identity. |\n| Campaign Activated | idn:campaign-activated | FIRE_AND_FORGET | After a campaign is activated. |\n| Campaign Ended | idn:campaign-ended | FIRE_AND_FORGET | After a campaign ends. |\n| Campaign Generated | idn:campaign-generated | FIRE_AND_FORGET | After a campaign finishes generating. |\n| Certification Signed Off | idn:certification-signed-off | FIRE_AND_FORGET | After a certification is signed off by its reviewer. |\n| [Identity Attributes Changed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:identity-attributes-changed | FIRE_AND_FORGET | After One or more identity attributes changed. |\n| [Identity Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-created/) | idn:identity-created | FIRE_AND_FORGET | After an identity is created. |\n| [Provisioning Action Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/provisioning-completed/) | idn:post-provisioning | FIRE_AND_FORGET | After a provisioning action completed on a source. |\n| [Scheduled Search](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/scheduled-search/) | idn:saved-search-complete | FIRE_AND_FORGET | After a scheduled search completed. |\n| [Source Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-created/) | idn:source-created | FIRE_AND_FORGET | After a source is created. |\n| [Source Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-deleted/) | idn:source-deleted | FIRE_AND_FORGET | After a source is deleted. |\n| [Source Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-updated/) | idn:source-updated | FIRE_AND_FORGET | After configuration changes have been made to a source. |\n| [VA Cluster Status Change](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/va-cluster-status-change/) | idn:va-cluster-status-change | FIRE_AND_FORGET | After the status of a VA cluster has changed. |\n\n## Early Access Event Triggers\nTriggers that are in-development and not ready for production use. Please contact support to enable these triggers in your tenant.\n\n| Name | ID | Type | Trigger condition |\n|-|-|-|-|\n| [Identity Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-deleted/) | idn:identity-deleted | FIRE_AND_FORGET | After an identity is deleted. |\n| [Source Account Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-created/) | idn:source-account-created | FIRE_AND_FORGET | After a source account is created. |\n| [Source Account Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-deleted/) | idn:source-account-deleted | FIRE_AND_FORGET | After a source account is deleted. |\n| [Source Account Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-updated/) | idn:source-account-updated | FIRE_AND_FORGET | After a source account is changed. |\n", + "item": [ + { + "id": "04850694-0323-4738-ac72-21a5a878c257", + "name": "List Triggers", + "request": { + "name": "List Triggers", + "description": { + "content": "Gets a list of triggers that are available in the tenant.", + "type": "text/plain" + }, + "url": { + "path": [ + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:access-request-post-approval\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "44c45a61-3b49-4398-890e-78f0a22c4108", + "name": "List of triggers.", + "originalRequest": { + "url": { + "path": [ + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:access-request-post-approval\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"idn:access-request-dynamic-approver\",\n \"name\": \"Access Request Dynamic Approver\",\n \"type\": \"REQUEST_RESPONSE\",\n \"inputSchema\": \"{\\\"definitions\\\":{\\\"record:AccessRequestDynamicApproverInput\\\":{\\\"type\\\":\\\"object\\\",\\\"required\\\":[\\\"accessRequestId\\\",\\\"requestedFor\\\",\\\"requestedItems\\\",\\\"requestedBy\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"accessRequestId\\\":{\\\"type\\\":\\\"string\\\"},\\\"requestedFor\\\":{\\\"$ref\\\":\\\"#/definitions/record:requestedForIdentityRef\\\"},\\\"requestedItems\\\":{\\\"type\\\":\\\"array\\\",\\\"items\\\":{\\\"$ref\\\":\\\"#/definitions/record:requestedObjectRef\\\"}},\\\"requestedBy\\\":{\\\"$ref\\\":\\\"#/definitions/record:requestedByIdentityRef\\\"}}},\\\"record:requestedForIdentityRef\\\":{\\\"type\\\":\\\"object\\\",\\\"required\\\":[\\\"id\\\",\\\"name\\\",\\\"type\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"id\\\":{\\\"type\\\":\\\"string\\\"},\\\"name\\\":{\\\"type\\\":\\\"string\\\"},\\\"type\\\":{\\\"type\\\":\\\"string\\\"}}},\\\"record:requestedObjectRef\\\":{\\\"type\\\":\\\"object\\\",\\\"optional\\\":[\\\"description\\\",\\\"comment\\\"],\\\"required\\\":[\\\"id\\\",\\\"name\\\",\\\"type\\\",\\\"operation\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"id\\\":{\\\"type\\\":\\\"string\\\"},\\\"name\\\":{\\\"type\\\":\\\"string\\\"},\\\"description\\\":{\\\"oneOf\\\":[{\\\"type\\\":\\\"null\\\"},{\\\"type\\\":\\\"string\\\"}]},\\\"type\\\":{\\\"type\\\":\\\"string\\\"},\\\"operation\\\":{\\\"type\\\":\\\"string\\\"},\\\"comment\\\":{\\\"oneOf\\\":[{\\\"type\\\":\\\"null\\\"},{\\\"type\\\":\\\"string\\\"}]}}},\\\"record:requestedByIdentityRef\\\":{\\\"type\\\":\\\"object\\\",\\\"required\\\":[\\\"type\\\",\\\"id\\\",\\\"name\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"type\\\":{\\\"type\\\":\\\"string\\\"},\\\"id\\\":{\\\"type\\\":\\\"string\\\"},\\\"name\\\":{\\\"type\\\":\\\"string\\\"}}}},\\\"$ref\\\":\\\"#/definitions/record:AccessRequestDynamicApproverInput\\\"}\",\n \"exampleInput\": {\n \"accessRequestId\": \"4b4d982dddff4267ab12f0f1e72b5a6d\",\n \"requestedFor\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c4180a46faadee4016fb4e018c20626\",\n \"name\": \"Robert Robinson\"\n }\n ],\n \"requestedItems\": [\n {\n \"id\": \"2c91808b6ef1d43e016efba0ce470904\",\n \"name\": \"Engineering Access\",\n \"type\": \"ACCESS_PROFILE\",\n \"operation\": \"Add\",\n \"description\": \"Engineering Access\",\n \"comment\": \"William needs this access for his day to day job activities.\"\n }\n ],\n \"requestedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20648\",\n \"name\": \"William Wilson\"\n }\n },\n \"description\": \"Trigger for getting a dynamic approver.\",\n \"outputSchema\": \"{\\\"definitions\\\":{\\\"record:AccessRequestDynamicApproverOutput\\\":{\\\"type\\\":[\\\"null\\\",\\\"object\\\"],\\\"required\\\":[\\\"id\\\",\\\"name\\\",\\\"type\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"id\\\":{\\\"type\\\":\\\"string\\\"},\\\"name\\\":{\\\"type\\\":\\\"string\\\"},\\\"type\\\":{\\\"type\\\":\\\"string\\\"}}}},\\\"$ref\\\":\\\"#/definitions/record:AccessRequestDynamicApproverOutput\\\"}\",\n \"exampleOutput\": {\n \"id\": \"2c91808b6ef1d43e016efba0ce470906\",\n \"name\": \"Adam Adams\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"id\": \"idn:access-request-dynamic-approver\",\n \"name\": \"Access Request Dynamic Approver\",\n \"type\": \"REQUEST_RESPONSE\",\n \"inputSchema\": \"{\\\"definitions\\\":{\\\"record:AccessRequestDynamicApproverInput\\\":{\\\"type\\\":\\\"object\\\",\\\"required\\\":[\\\"accessRequestId\\\",\\\"requestedFor\\\",\\\"requestedItems\\\",\\\"requestedBy\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"accessRequestId\\\":{\\\"type\\\":\\\"string\\\"},\\\"requestedFor\\\":{\\\"$ref\\\":\\\"#/definitions/record:requestedForIdentityRef\\\"},\\\"requestedItems\\\":{\\\"type\\\":\\\"array\\\",\\\"items\\\":{\\\"$ref\\\":\\\"#/definitions/record:requestedObjectRef\\\"}},\\\"requestedBy\\\":{\\\"$ref\\\":\\\"#/definitions/record:requestedByIdentityRef\\\"}}},\\\"record:requestedForIdentityRef\\\":{\\\"type\\\":\\\"object\\\",\\\"required\\\":[\\\"id\\\",\\\"name\\\",\\\"type\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"id\\\":{\\\"type\\\":\\\"string\\\"},\\\"name\\\":{\\\"type\\\":\\\"string\\\"},\\\"type\\\":{\\\"type\\\":\\\"string\\\"}}},\\\"record:requestedObjectRef\\\":{\\\"type\\\":\\\"object\\\",\\\"optional\\\":[\\\"description\\\",\\\"comment\\\"],\\\"required\\\":[\\\"id\\\",\\\"name\\\",\\\"type\\\",\\\"operation\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"id\\\":{\\\"type\\\":\\\"string\\\"},\\\"name\\\":{\\\"type\\\":\\\"string\\\"},\\\"description\\\":{\\\"oneOf\\\":[{\\\"type\\\":\\\"null\\\"},{\\\"type\\\":\\\"string\\\"}]},\\\"type\\\":{\\\"type\\\":\\\"string\\\"},\\\"operation\\\":{\\\"type\\\":\\\"string\\\"},\\\"comment\\\":{\\\"oneOf\\\":[{\\\"type\\\":\\\"null\\\"},{\\\"type\\\":\\\"string\\\"}]}}},\\\"record:requestedByIdentityRef\\\":{\\\"type\\\":\\\"object\\\",\\\"required\\\":[\\\"type\\\",\\\"id\\\",\\\"name\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"type\\\":{\\\"type\\\":\\\"string\\\"},\\\"id\\\":{\\\"type\\\":\\\"string\\\"},\\\"name\\\":{\\\"type\\\":\\\"string\\\"}}}},\\\"$ref\\\":\\\"#/definitions/record:AccessRequestDynamicApproverInput\\\"}\",\n \"exampleInput\": {\n \"accessRequestId\": \"4b4d982dddff4267ab12f0f1e72b5a6d\",\n \"requestedFor\": [\n {\n \"type\": \"IDENTITY\",\n \"id\": \"2c4180a46faadee4016fb4e018c20626\",\n \"name\": \"Robert Robinson\"\n }\n ],\n \"requestedItems\": [\n {\n \"id\": \"2c91808b6ef1d43e016efba0ce470904\",\n \"name\": \"Engineering Access\",\n \"type\": \"ACCESS_PROFILE\",\n \"operation\": \"Add\",\n \"description\": \"Engineering Access\",\n \"comment\": \"William needs this access for his day to day job activities.\"\n }\n ],\n \"requestedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20648\",\n \"name\": \"William Wilson\"\n }\n },\n \"description\": \"Trigger for getting a dynamic approver.\",\n \"outputSchema\": \"{\\\"definitions\\\":{\\\"record:AccessRequestDynamicApproverOutput\\\":{\\\"type\\\":[\\\"null\\\",\\\"object\\\"],\\\"required\\\":[\\\"id\\\",\\\"name\\\",\\\"type\\\"],\\\"additionalProperties\\\":true,\\\"properties\\\":{\\\"id\\\":{\\\"type\\\":\\\"string\\\"},\\\"name\\\":{\\\"type\\\":\\\"string\\\"},\\\"type\\\":{\\\"type\\\":\\\"string\\\"}}}},\\\"$ref\\\":\\\"#/definitions/record:AccessRequestDynamicApproverOutput\\\"}\",\n \"exampleOutput\": {\n \"id\": \"2c91808b6ef1d43e016efba0ce470906\",\n \"name\": \"Adam Adams\",\n \"type\": \"IDENTITY\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c454b3af-c166-4262-96ec-6abb6b7ae896", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:access-request-post-approval\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "964a1fb0-50fe-4b89-8fea-f180d2181ed7", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:access-request-post-approval\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "555205b9-c001-4a65-a547-075bd5450fcb", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:access-request-post-approval\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0330350d-3e68-4cad-bf24-cc4b281466ca", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:access-request-post-approval\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "40011066-ec59-4160-b666-9017bd570f5c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, ge, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:access-request-post-approval\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **id, name**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "bccec5dd-d5bf-409a-b333-674e2b5ba290", + "name": "Create a Subscription", + "request": { + "name": "Create a Subscription", + "description": { + "content": "This API creates a new subscription to a trigger and defines trigger invocation details. The type of subscription determines which config object is required:\n* HTTP subscriptions require httpConfig\n* EventBridge subscriptions require eventBridgeConfig", + "type": "text/plain" + }, + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "01cfd4f3-388a-4a5a-8a7c-67fea6bd09e6", + "name": "HTTP Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-request-post-approval\",\n \"type\": \"HTTP\",\n \"name\": \"Access request subscription\",\n \"triggerName\": \"Access Requested\",\n \"enabled\": true,\n \"description\": \"Access requested to site xyz\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": null\n },\n \"bearerTokenAuthConfig\": {\n \"bearerToken\": null\n }\n },\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a419934a-8ad0-45c3-b478-50ffe47fdc95", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-request-post-approval\",\n \"type\": \"HTTP\",\n \"name\": \"Access request subscription\",\n \"triggerName\": \"Access Requested\",\n \"enabled\": true,\n \"description\": \"Access requested to site xyz\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": null\n },\n \"bearerTokenAuthConfig\": {\n \"bearerToken\": null\n }\n },\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "274d23cd-6eab-4dbf-b748-bf2da88f0931", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-request-post-approval\",\n \"type\": \"HTTP\",\n \"name\": \"Access request subscription\",\n \"triggerName\": \"Access Requested\",\n \"enabled\": true,\n \"description\": \"Access requested to site xyz\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": null\n },\n \"bearerTokenAuthConfig\": {\n \"bearerToken\": null\n }\n },\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "da9441c3-ec5a-4a65-8c23-92d0599f0e51", + "name": "HTTP Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "511bc078-8f6e-4004-bf7b-c34bcb35eda1", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe731305-e5f1-400d-a383-85368c5224bb", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7c878d1-60ca-4b0e-9389-0620d882c2be", + "name": "HTTP Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f57316b-4cfc-45bd-8bf4-d87e677d6bde", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c4938b3b-fa97-41c5-8b56-9f87aed5d8a3", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "13b08ff2-b3a5-484c-bc4a-d98c593aac3c", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3c1a3b12-bf51-41e3-8cbd-fd5da89f3345", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "30243644-78aa-4c55-a46a-dde0da271e6b", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "39888e10-3161-4701-b881-e074f047a132", + "name": "HTTP Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ffb76984-7ac7-4745-9945-8a239e342eff", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1442a72-850c-46e1-a98c-87497f5ad8b7", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "57f996a0-2c80-4ac1-b03b-79d652391feb", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "55ba0e28-5ec3-484f-afa1-9f49bd400760", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "db42378a-bf2e-4010-8a29-fc25457b93e1", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "c5882405-6ecf-4b57-a0c3-b4df7d6905ea", + "name": "List Subscriptions", + "request": { + "name": "List Subscriptions", + "description": { + "content": "Gets a list of all trigger subscriptions.", + "type": "text/plain" + }, + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "triggerName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "bc6259af-4be9-46af-a0a3-88127f0cfe9c", + "name": "HTTP Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "triggerName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"triggerName\": \"Access Requested\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": null\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9d988e99-6c4a-4f7a-8b8b-33ab7af741ed", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "triggerName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"triggerName\": \"Access Requested\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": null\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "37c98709-2517-410f-b27f-b1caedd30a57", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "triggerName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"triggerId\": \"idn:access-requested\",\n \"triggerName\": \"Access Requested\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f44a1027-869a-428a-beda-8526348b7383", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "triggerName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bc5100ff-e399-4710-94e2-4ff62009f547", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "triggerName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a6c13f86-25d0-4bc8-bdb9-5d4cec4aa7e0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "triggerName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1586458b-98eb-445b-9a15-3e5d655ee5cf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "triggerName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9bb1d490-5b08-4896-8619-d180c539dfe3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*\n\n**triggerId**: *eq*\n\n**type**: *eq, le*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"12cff757-c0c0-413b-8ad7-2a47956d1e89\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, triggerName**", + "type": "text/plain" + }, + "key": "sorters", + "value": "triggerName" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8cecef19-4b8a-4c3c-a061-69b06c77be7a", + "name": "Update a Subscription", + "request": { + "name": "Update a Subscription", + "description": { + "content": "This API updates a trigger subscription in IdentityNow, using a full object representation. In other words, the existing\n Subscription is completely replaced. The following fields are immutable:\n\n\n * id\n\n * triggerId\n\n\n Attempts to modify these fields result in 400.", + "type": "text/plain" + }, + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Subscription ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "94b3bf48-ff0d-4750-9aa3-1476fd075caa", + "name": "HTTP Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-request-post-approval\",\n \"type\": \"HTTP\",\n \"name\": \"Access request subscription\",\n \"triggerName\": \"Access Requested\",\n \"enabled\": true,\n \"description\": \"Access requested to site xyz\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": null\n },\n \"bearerTokenAuthConfig\": {\n \"bearerToken\": null\n }\n },\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "044688df-111b-44a6-a9fb-0834ffd18a54", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-request-post-approval\",\n \"type\": \"HTTP\",\n \"name\": \"Access request subscription\",\n \"triggerName\": \"Access Requested\",\n \"enabled\": true,\n \"description\": \"Access requested to site xyz\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": null\n },\n \"bearerTokenAuthConfig\": {\n \"bearerToken\": null\n }\n },\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "179f67aa-9eab-4659-b768-d33e8d9796e5", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-request-post-approval\",\n \"type\": \"HTTP\",\n \"name\": \"Access request subscription\",\n \"triggerName\": \"Access Requested\",\n \"enabled\": true,\n \"description\": \"Access requested to site xyz\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": null\n },\n \"bearerTokenAuthConfig\": {\n \"bearerToken\": null\n }\n },\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8095bbc4-8657-467a-a17a-9448deda1609", + "name": "HTTP Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "84db76d5-d05a-4631-a5f5-ae2c738e302e", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f29d15ff-902c-4fb2-b180-eb66bc958e0c", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eef3c97b-78eb-4eef-abf8-ff26c3dc581e", + "name": "HTTP Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f0e6ad5d-3deb-4e71-b6c0-e8409d9c4870", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b45d81bd-9e6a-44bf-b3f7-fc00c192fbd6", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a481494e-b2a7-4363-9f48-3d029f957604", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "17c9c6b0-f6b2-42f7-8a7e-c1f782cb50d2", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "169a7ae4-3fa6-4d25-966f-506c99acf167", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ffa9c49d-65e4-45e8-aa43-9d8653841e18", + "name": "An example of a 404 response object", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7b9e3a13-42a5-4b78-abc8-3658870742b4", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "060cac8d-6a09-4e8e-94ba-9492bc1eabd6", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce4bb406-56e7-45b0-bf23-9212895ed061", + "name": "HTTP Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "67daf9c2-f776-4efd-8681-53193e3cf5bc", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "692e796c-4a9c-4060-8025-46a84f371944", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9850c241-6291-4a58-a9fd-564fdd325618", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ee3f1270-21c9-43ca-816f-1d655411a9c1", + "name": "HTTP Async Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"HTTP\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"ASYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": \"eRtg4%6yuI!\"\n }\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7df68d7c-ec22-454e-8021-0a63874d65bc", + "name": "EventBridge Subscription", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Access request subscription\",\n \"description\": \"Access requested to site xyz\",\n \"type\": \"EVENTBRIDGE\",\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"enabled\": true,\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e0de4986-ddbf-4ad9-94d2-2a9c85584dd7", + "name": "Patch a Subscription", + "request": { + "name": "Patch a Subscription", + "description": { + "content": "This API updates a trigger subscription in IdentityNow, using a set of instructions to modify a subscription partially. The following fields are patchable:\n\n**name**, **description**, **enabled**, **type**, **filter**, **responseDeadline**, **httpConfig**, **eventBridgeConfig**, **workflowConfig**", + "type": "text/plain" + }, + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the Subscription to patch", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"A new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"A new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d8267ab2-ba0d-4fcc-85f8-5d0cb6439653", + "name": "Updated subscription.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"A new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"A new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-request-post-approval\",\n \"type\": \"HTTP\",\n \"name\": \"Access request subscription\",\n \"triggerName\": \"Access Requested\",\n \"enabled\": true,\n \"description\": \"Access requested to site xyz\",\n \"responseDeadline\": \"PT1H\",\n \"httpConfig\": {\n \"url\": \"https://www.example.com\",\n \"httpDispatchMode\": \"SYNC\",\n \"httpAuthenticationType\": \"BASIC_AUTH\",\n \"basicAuthConfig\": {\n \"userName\": \"user@example.com\",\n \"password\": null\n },\n \"bearerTokenAuthConfig\": {\n \"bearerToken\": null\n }\n },\n \"eventBridgeConfig\": {\n \"awsAccount\": \"123456789012\",\n \"awsRegion\": \"us-west-1\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b82af86-c492-4dc2-882e-c025ad0440c4", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"A new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"A new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8b96f66c-3b02-44a1-b05b-77e7922dde9e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"A new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"A new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "701ad2ff-7536-467e-a437-3abd3dd7dca2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"A new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"A new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "24933ea2-6a25-4a1e-b9e4-61f51f000e1d", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"A new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"A new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4988d3fb-7d66-43e4-9ff1-f9fbe4b36372", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"A new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"A new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "432e765f-0809-4c8e-ba6e-c4b8557ef44e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"A new description\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"A new name\"\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e5662cce-7449-495d-8187-7d3c9c80b745", + "name": "Delete a Subscription", + "request": { + "name": "Delete a Subscription", + "description": { + "content": "Deletes an existing subscription to a trigger.", + "type": "text/plain" + }, + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Subscription ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "f5878816-c5c5-4169-bc1a-12ae4fea2592", + "name": "Subscription is deleted successfully.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "ee17f11f-a1cb-46ce-a7cd-0dc6114bcd1e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f60e651-e93b-4f79-a132-0b6ac2b7a288", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "de8757ec-fc9b-41cd-bd02-96b4b0240fa0", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "850d9b54-1d8c-4eb4-b8b2-e519b7470b3e", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "021f1b63-9e28-45fa-8021-2d3b38ebd7cf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f9b9b854-6e47-4d8c-920a-0e230a1c9594", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "94c7be3b-3f1c-486c-a9e0-77a54e133772", + "name": "Validate a Subscription Filter", + "request": { + "name": "Validate a Subscription Filter", + "description": { + "content": "Validates a JSONPath filter expression against a provided mock input.\nRequest requires a security scope of: ", + "type": "text/plain" + }, + "url": { + "path": [ + "trigger-subscriptions", + "validate-filter" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "672c0153-e903-4d4e-be62-56548ea5a1cf", + "name": "Boolean whether specified filter expression is valid against the input.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + "validate-filter" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"isValid\": true,\n \"isValidJSONPath\": true,\n \"isPathExist\": true\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f0c32b1f-b999-49bf-8381-671b1a37b9ee", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + "validate-filter" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2bdd37dd-fe57-47f5-b7fa-7bb5fddd4ff3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + "validate-filter" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d9c5dde0-ed2d-452a-ada8-15a06232bd2f", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + "validate-filter" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aa412a80-54dd-4e60-ab97-624c2df6891d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + "validate-filter" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7d0c0b3b-24fe-486c-b3be-569e5e5cfa0a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "trigger-subscriptions", + "validate-filter" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"filter\": \"$[?($.identityId == \\\"201327fda1c44704ac01181e963d463c\\\")]\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ebf801ee-36c7-4ea3-bf18-4e89784583eb", + "name": "List Latest Invocation Statuses", + "request": { + "name": "List Latest Invocation Statuses", + "description": { + "content": "Gets a list of latest invocation statuses.\nStatuses of successful invocations are available for up to 24 hours. Statuses of failed invocations are available for up to 48 hours.\nThis endpoint may only fetch up to 2000 invocations, and should not be treated as a representation of the full history of invocations.", + "type": "text/plain" + }, + "url": { + "path": [ + "trigger-invocations", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**triggerId**: *eq*\n\n**subscriptionId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "triggerId eq \"idn:access-request-dynamic-approver\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, subscriptionName, created, completed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "67dcc1f0-40b8-4944-9e6e-aedac888f617", + "name": "List of latest invocation statuses.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**triggerId**: *eq*\n\n**subscriptionId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "triggerId eq \"idn:access-request-dynamic-approver\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, subscriptionName, created, completed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-request-post-approval\",\n \"subscriptionId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"startInvocationInput\": {\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n },\n \"type\": \"TEST\",\n \"subscriptionName\": \"Access request subscription\",\n \"created\": \"2020-03-27T20:40:10.738Z\",\n \"completed\": \"2020-03-27T20:42:14.738Z\",\n \"completeInvocationInput\": {\n \"localizedError\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"output\": {\n \"approved\": false\n }\n }\n },\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-request-post-approval\",\n \"subscriptionId\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"startInvocationInput\": {\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n },\n \"type\": \"TEST\",\n \"subscriptionName\": \"Access request subscription\",\n \"created\": \"2020-03-27T20:40:10.738Z\",\n \"completed\": \"2020-03-27T20:42:14.738Z\",\n \"completeInvocationInput\": {\n \"localizedError\": {\n \"locale\": \"An error has occurred!\",\n \"message\": \"Error has occurred!\"\n },\n \"output\": {\n \"approved\": false\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e89b8a4-ce76-47b3-bf97-847215214dbb", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**triggerId**: *eq*\n\n**subscriptionId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "triggerId eq \"idn:access-request-dynamic-approver\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, subscriptionName, created, completed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ed6edb05-c9dd-41b7-a5c8-ba72fdad11bb", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**triggerId**: *eq*\n\n**subscriptionId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "triggerId eq \"idn:access-request-dynamic-approver\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, subscriptionName, created, completed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01064b9c-5a36-4190-bebd-747e4796fcbe", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**triggerId**: *eq*\n\n**subscriptionId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "triggerId eq \"idn:access-request-dynamic-approver\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, subscriptionName, created, completed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9e329593-ccad-4e8c-a1e5-86d0b0125fc2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**triggerId**: *eq*\n\n**subscriptionId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "triggerId eq \"idn:access-request-dynamic-approver\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, subscriptionName, created, completed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ccfad875-0d5b-414c-939d-cbf5f26df7b2", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "status" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**triggerId**: *eq*\n\n**subscriptionId**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "triggerId eq \"idn:access-request-dynamic-approver\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **triggerId, subscriptionName, created, completed**", + "type": "text/plain" + }, + "key": "sorters", + "value": "created" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "17925ce2-49f2-4cde-99a2-ae35ceb2167b", + "name": "Complete Trigger Invocation", + "request": { + "name": "Complete Trigger Invocation", + "description": { + "content": "Completes an invocation to a REQUEST_RESPONSE type trigger.", + "type": "text/plain" + }, + "url": { + "path": [ + "trigger-invocations", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the invocation to complete.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"secret\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"output\": {\n \"approved\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "c437d9db-33e0-4a25-9af1-6510b0a93c86", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"secret\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"output\": {\n \"approved\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "fd007e30-69f0-481e-943f-819f25831d1c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"secret\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"output\": {\n \"approved\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "da973a16-d94b-4ec1-93bb-d115248dc5d3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"secret\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"output\": {\n \"approved\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e317fbd-76ae-49e8-a056-286d8a09c2a4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"secret\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"output\": {\n \"approved\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2abe17c8-9cdd-4f19-9f55-1c11272be7a8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"secret\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"output\": {\n \"approved\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd66d878-3223-4ffa-bab9-ab2d7dcec8ad", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + ":id", + "complete" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"secret\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"output\": {\n \"approved\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "3f714275-20b8-4d0e-bce9-6a5519c24155", + "name": "Start a Test Invocation", + "request": { + "name": "Start a Test Invocation", + "description": { + "content": "Initiate a test event for all subscribers of the specified event trigger. If there are no subscribers to the specified trigger in the tenant, then no test event will be sent.", + "type": "text/plain" + }, + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "28f5b608-501a-42cd-b5e1-482272b2ca77", + "name": "Test Trigger with Mock Input", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-requested\",\n \"secret\": \"0f979022-08be-44f2-b6f9-7393ec73ed9b\",\n \"contentJson\": {\n \"workflowId\": 1234\n }\n },\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-requested\",\n \"secret\": \"0f979022-08be-44f2-b6f9-7393ec73ed9b\",\n \"contentJson\": {\n \"workflowId\": 1234\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e1ac524-e4c7-42bf-8b8f-685303caedc5", + "name": "Send Test to only One Subscriber", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"contentJson\": {\n \"workflowId\": 1234\n },\n \"subscriptionIds\": [\n \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-requested\",\n \"secret\": \"0f979022-08be-44f2-b6f9-7393ec73ed9b\",\n \"contentJson\": {\n \"workflowId\": 1234\n }\n },\n {\n \"id\": \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\",\n \"triggerId\": \"idn:access-requested\",\n \"secret\": \"0f979022-08be-44f2-b6f9-7393ec73ed9b\",\n \"contentJson\": {\n \"workflowId\": 1234\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1b0cd7a3-7378-4877-8132-cd6f5a01349f", + "name": "Trigger invocation is skipped, because tenant has not subscribed to the specified trigger.", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "97b5c391-6d68-4b70-a038-76702266bff3", + "name": "Test Trigger with Mock Input", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ccef28d6-1485-47c1-878f-a464fd9cfd91", + "name": "Send Test to only One Subscriber", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"contentJson\": {\n \"workflowId\": 1234\n },\n \"subscriptionIds\": [\n \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "034d75dd-9d00-4fbd-ba96-5816314fbf0d", + "name": "Test Trigger with Mock Input", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "07baea1b-a32e-4867-a8da-3e0a66df1ac4", + "name": "Send Test to only One Subscriber", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"contentJson\": {\n \"workflowId\": 1234\n },\n \"subscriptionIds\": [\n \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1dee144d-9d47-477c-abd3-0d0aaf1eff8b", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "26ad14e9-43e1-495f-9bcb-19a1cb38a002", + "name": "Send Test to only One Subscriber", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"contentJson\": {\n \"workflowId\": 1234\n },\n \"subscriptionIds\": [\n \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a46c76c2-0757-4074-a239-c49ddd9f63d8", + "name": "Test Trigger with Mock Input", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1c222ce-7f55-4ed2-a904-e0e1d2568d8c", + "name": "Send Test to only One Subscriber", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"contentJson\": {\n \"workflowId\": 1234\n },\n \"subscriptionIds\": [\n \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2a2a16b5-bd2c-4309-9dea-03462d31c16e", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"input\": {\n \"identityId\": \"201327fda1c44704ac01181e963d463c\"\n },\n \"contentJson\": {\n \"workflowId\": 1234\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f4499cc-85f3-4a1d-9bb1-9531f4d4f2c1", + "name": "Send Test to only One Subscriber", + "originalRequest": { + "url": { + "path": [ + "trigger-invocations", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"triggerId\": \"idn:access-requested\",\n \"contentJson\": {\n \"workflowId\": 1234\n },\n \"subscriptionIds\": [\n \"0f11f2a4-7c94-4bf3-a2bd-742580fe3bde\"\n ]\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "UI Metadata", + "description": "API for managing UI Metadata. Use this API to manage metadata about your User Interface.\nFor example you can set the iFrameWhitelist parameter to permit another domain to encapsulate IDN within an iframe or set the usernameEmptyText to change the placeholder text for Username on your tenant's login screen.", + "item": [ + { + "id": "f36354f7-743e-4a73-aca4-001ebd71a9f8", + "name": "Get a tenant UI metadata", + "request": { + "name": "Get a tenant UI metadata", + "description": { + "content": "This API endpoint retrieves UI metadata configured for your tenant.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "91dc202e-d82b-4a38-9354-e51566102565", + "name": "A tenant UI metadata object", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e204aaeb-97ad-411e-a7a0-0c6cdd225f40", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4f3a3b0e-520d-4241-b58d-7ef2b9a1348a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "79f37982-3780-458c-b151-29adfb43ff9c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f8cc5231-fa33-421e-a982-186362116944", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4aa4c663-c1af-48ff-a284-6bb714c5a81e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "41129f94-9ff6-40cd-ae28-0f988e8d915e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "ae946d5d-132e-431e-8ff3-9985efc7c482", + "name": "Update tenant UI metadata", + "request": { + "name": "Update tenant UI metadata", + "description": { + "content": "This API endpoint updates UI metadata for your tenant. These changes may require up to 5 minutes to take effect on the UI.\nA token with ORG_ADMIN authority is required to call this API.", + "type": "text/plain" + }, + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "17c5891b-af33-43d8-ad93-fc8fdb1b8a9a", + "name": "A tenant UI metadata object", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bd9216c3-02b6-4222-836f-49426bccb187", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b811d743-d6f3-47b7-a5f4-114730971cd4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "81aa3dc7-8c14-4469-8926-1f1ce5ebbbc9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4112cde2-e9a4-4f3a-aabf-4c4653108524", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d65ee06c-a721-44d3-bc01-d94a1624d61b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3d4562ef-d173-4730-a429-be76a6f95184", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "ui-metadata", + "tenant" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"iframeWhiteList\": \"http://example.com http://example2.com\",\n \"usernameLabel\": \"Email\",\n \"usernameEmptyText\": \"Please provide your work email address...\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Vendor Connector Mappings", + "description": "Use this API to manage mappings between various SaaS vendors and Identity Security Cloud (ISC) connectors.\n", + "item": [ + { + "id": "a82c7596-79e2-4fe7-8948-7bd5e80b46ee", + "name": "Create a vendor connector mapping", + "request": { + "name": "Create a vendor connector mapping", + "description": { + "content": "Creates a new mapping between a SaaS vendor and an IDN connector to establish correlation paths.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "a41640a0-c611-400f-b4ad-8cb83b41dd89", + "name": "Successfully created a new vendor connector mapping.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ba2d3bb-b28d-4bec-a408-4ecff1781b43", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c04a416a-442c-44fb-8d17-1777e463125d", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d87e5699-bdf3-44c0-a133-93db326abd7e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e7be8655-a2ef-421b-9697-1d9a1466007a", + "name": "Method Not Allowed - indicates that the server knows the request method, but the target resource doesn't support this method.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Method Not Allowed", + "code": 405, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"errorName\": \"NotSupportedException\",\n \"errorMessage\": \"Cannot consume content type\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eb6aaba5-a72a-4026-8da6-80da6c51693e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e7a258f-b21b-435c-982d-b1d50ce6adac", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d8be34ff-476f-4622-9225-b876b8fe01f4", + "name": "Delete a vendor connector mapping", + "request": { + "name": "Delete a vendor connector mapping", + "description": { + "content": "Soft deletes a mapping between a SaaS vendor and an IDN connector, removing the established correlation.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "27f2e2d3-52bb-4700-91be-70c1ce038f78", + "name": "Successfully deleted the specified vendor connector mapping.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"count\": 1\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "516d21e7-d9b5-430d-b29d-928734521fb2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "cc41693e-7efb-4b9f-8447-9e31b0634845", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8cee5c8f-0fe4-4652-94f0-607491c58f42", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a63642cb-2778-4d30-ba74-1a8de6d67601", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "048a1cd0-e22f-4902-be6c-728f29a800e9", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7054afd5-2b47-467c-a8b1-79f2106cbc3f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example vendor\",\n \"connector\": \"Example connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Work Items", + "description": "Use this API to implement work item functionality. \nWith this functionality in place, users can manage their work items (tasks). \n\nWork items refer to the tasks users see in Identity Security Cloud's Task Manager. \nThey can see the pending work items they need to complete, as well as the work items they have already completed. \nTask Manager lists the work items along with the involved sources, identities, accounts, and the timestamp when the work item was created. \nFor example, a user may see a pending 'Create an Account' work item for the identity Fred.Astaire in GitHub for Fred's GitHub account, fred-astaire-sp. \nOnce the user completes the work item, the work item will be listed with his or her other completed work items. \n\nTo complete work items, users can use their dashboards and select the 'My Tasks' widget. \nThe widget will list any work items they need to complete, and they can select the work item from the list to review its details. \nWhen they complete the work item, they can select 'Mark Complete' to add it to their list of completed work items. \n\nRefer to [Task Manager](https://documentation.sailpoint.com/saas/user-help/task_manager.html) for more information about work items, including the different types of work items users may need to complete.\n", + "item": [ + { + "id": "ed90aae0-9b89-4e31-b606-293c38cf88c2", + "name": "List Work Items", + "request": { + "name": "List Work Items", + "description": { + "content": "This gets a collection of work items belonging to either the specified user(admin required), or the current user.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "23421fa1-f59b-4f10-8a6d-109e89f5884f", + "name": "List of work items", + "originalRequest": { + "url": { + "path": [ + "work-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0ddfe3e4-93cc-44a3-9b25-8e67485e3c4e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9c2d9d2b-9268-4ea9-b0b3-976fcc14ce17", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "409235be-5898-4389-ae49-7cf3752f30a4", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a28b3c84-0fa7-4bee-866a-c188cd7fc0b8", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3880bd75-1af2-4cc9-8b3e-d5192ac8dce6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "fd1dadc6-313c-4f29-bbd8-9fef16451a00", + "name": "Completed Work Items", + "request": { + "name": "Completed Work Items", + "description": { + "content": "This gets a collection of completed work items belonging to either the specified user(admin required), or the current user.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5e3b1706-9762-45af-ae76-f6c287dc5595", + "name": "List of completed work items.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "afb3c7df-ce26-4f84-a157-fcecaf1756c6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a7a61ad9-c78c-402c-aec0-b1a3fccdfe11", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01732e91-eaca-4a05-b856-e498ce83f21b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1b7a76c-2cc3-44b5-a73f-0a0cd31d80dd", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "566b02cb-ecda-4294-ab3e-46b7494f11ff", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + }, + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "41168c9e-7c02-4bea-ac5b-84c308bf816b", + "name": "Count Work Items", + "request": { + "name": "Count Work Items", + "description": { + "content": "This gets a count of work items belonging to either the specified user(admin required), or the current user.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "5824dfa2-56c8-4063-ad70-ecd143ab98b8", + "name": "List of work items", + "originalRequest": { + "url": { + "path": [ + "work-items", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"count\": 29\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "28e339bb-1bba-453d-acc7-9e8739fcb404", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c8a9d6ea-38fc-441e-8fe9-885585897144", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "65f30294-2f38-492b-a99b-00766816f657", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fefdad54-80a5-4d4b-a58e-2c12cd76402b", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b51610e-7a21-4f04-bf80-5640487ecfd6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "ef38f94347e94562b5bb8424a56397d8" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "27888441-afc2-4a05-b736-3022e571ee77", + "name": "Count Completed Work Items", + "request": { + "name": "Count Completed Work Items", + "description": { + "content": "This gets a count of completed work items belonging to either the specified user(admin required), or the current user.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + "completed", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ec683976-7729-4270-a4d4-ca48392e340c", + "name": "List of work items", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"count\": 29\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e33ec8b7-b817-4aa4-a67e-e7bfcec002ea", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "de24630a-da48-4ce8-970c-a5fdaa00f7ea", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "95dd653b-97bc-482e-b0cc-f902d5785ca8", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b79ceb7f-c4fd-4f94-9893-9c92371e3b05", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b59b8755-2a57-4b6d-aa11-2f5c0d620351", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "completed", + "count" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5a00fd22-d8a7-4734-92e5-f2f2e0eeeb4b", + "name": "Work Items Summary", + "request": { + "name": "Work Items Summary", + "description": { + "content": "This gets a summary of work items belonging to either the specified user(admin required), or the current user.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fc24b7dd-4435-4ada-8d0e-f356f0a32c44", + "name": "List of work items", + "originalRequest": { + "url": { + "path": [ + "work-items", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"open\": 29,\n \"completed\": 1,\n \"total\": 30\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "aad45323-b7ca-45f1-b03c-f891c78ec382", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4a880626-53ba-4212-8f4d-9e8dd66c4ce3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "82039b2d-f80a-419b-8733-026e73624460", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "93ec607e-6efc-448b-811d-5855aa4c7fe7", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "11ed23ac-15fb-460a-95f4-04e27a999c06", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "summary" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "ID of the work item owner.", + "type": "text/plain" + }, + "key": "ownerId", + "value": "1211bcaa32112bcef6122adb21cef1ac" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "906b97f2-910c-4e0e-a0b8-bc778115c2b9", + "name": "Get a Work Item", + "request": { + "name": "Get a Work Item", + "description": { + "content": "This gets the details of a Work Item belonging to either the specified user(admin required), or the current user.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c9180835d191a86015d28455b4a2329", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) ID of the work item.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "b9f0b021-a76e-4a78-a382-0c80e7216c72", + "name": "The work item with the given ID.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7a5c8a52-a3a9-4860-a956-b811d6930fe3", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "51f0fc91-c154-451c-be13-1bba121733de", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c7b6a41d-ccb8-40ef-b74e-2b466a9ff0b3", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ac7a4944-6086-4693-a86c-e453a9cc21d3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "88bbb7d1-c1bf-4328-b76e-f5b138bdd6e6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d25c8852-4bb4-4090-8be8-2535f2519ec2", + "name": "Complete a Work Item", + "request": { + "name": "Complete a Work Item", + "description": { + "content": "This API completes a work item. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the work item", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "c646ffa5-54b6-4244-ae9f-735272e978b5", + "name": "A WorkItems object", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "38ac103c-b658-4801-868c-dad1418f4a17", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "97fad336-7d4d-44cb-9c9c-92600b8cb5f4", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7ea35d06-02cb-4b31-906b-74e1b56c90db", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1f395645-0394-47a1-9882-832da187a674", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "785108d8-e8c6-4699-936e-2e63ac20d20e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "015b08ac-7280-4775-9887-557755aa4b70", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "b512f26e-3ce2-46af-a9e4-5d13aab84d35", + "name": "Approve an Approval Item", + "request": { + "name": "Approve an Approval Item", + "description": { + "content": "This API approves an Approval Item. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + ":id", + "approve", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the work item", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "1211bcaa32112bcef6122adb21cef1ac", + "key": "approvalItemId", + "disabled": true, + "description": { + "content": "(Required) The ID of the approval item.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "43da5db6-d220-47a5-a520-adfb617c4a51", + "name": "A work items details object.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "approve", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4dd11bfe-c5ef-4892-a94c-023c5bdb52de", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "approve", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2dbd2db1-5270-4c36-9bb1-3b6310ea3682", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "approve", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "941ccbad-32fd-49ce-b7c8-01c92c55f328", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "approve", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fe3ccb01-1071-42e4-9654-977c11721dbe", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "approve", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a76ac1ce-d4a0-4516-8bd8-113a15f086fb", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "approve", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fb64dcf0-caa9-436f-b587-a4995494722d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "approve", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f3299d42-67ad-489e-b498-09372b573e3e", + "name": "Reject an Approval Item", + "request": { + "name": "Reject an Approval Item", + "description": { + "content": "This API rejects an Approval Item. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + ":id", + "reject", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the work item", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "1211bcaa32112bcef6122adb21cef1ac", + "key": "approvalItemId", + "disabled": true, + "description": { + "content": "(Required) The ID of the approval item.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "c7862e15-1d74-4909-b8cc-7da37637f0da", + "name": "A work items details object.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "reject", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8e71edb4-2a2c-4a52-9e99-1768674cf8c4", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "reject", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3d0b1ca6-3d83-4f89-af45-aa54c02f4a31", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "reject", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "daa835fd-ef5d-45be-93a3-b87dd39d7e7c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "reject", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8b8b012-739a-412b-b2ca-3fb082229b64", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "reject", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5c8abb55-b735-4b7f-9ba7-b9cc60c9747d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "reject", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "18249d7d-8f8f-42e0-b054-dc7f3b9ebb39", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "reject", + ":approvalItemId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "bdc0651d-bee7-455d-b649-3f590e92e7b6", + "name": "Bulk approve Approval Items", + "request": { + "name": "Bulk approve Approval Items", + "description": { + "content": "This API bulk approves Approval Items. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + "bulk-approve", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the work item", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "e0e7b504-4f8b-4e15-88b8-99cfb2eba17b", + "name": "A work items details object.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-approve", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b480d41d-2b09-403f-8916-1ef24a6859f6", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-approve", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "066069cd-5ae0-4d1d-8617-c2361c7bc896", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-approve", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2fc95aeb-1e3d-42fb-a153-1c448dbb134b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-approve", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ed0caa80-d19f-4ac3-bf02-4a6767dd8940", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-approve", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e3c101b2-1c06-4bab-8288-e070c8c4378e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-approve", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d636f72-d7cf-4b84-8f0a-084b00bb630d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-approve", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d77bad82-e7c3-4cd4-9c13-aaf591198894", + "name": "Bulk reject Approval Items", + "request": { + "name": "Bulk reject Approval Items", + "description": { + "content": "This API bulk rejects Approval Items. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + "bulk-reject", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the work item", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "1a76e833-1781-4e4f-a543-b11c18768d5c", + "name": "A work items details object.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-reject", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a2e3fe65-ef3a-477c-a332-37f20f57a2ee", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-reject", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70649559-827b-424f-a3e7-567b20f69808", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-reject", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "177c4e33-c0e4-4853-bd98-729c8f0b5bb8", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-reject", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d2fc1434-d1e3-4ed9-983d-c827df6f1627", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-reject", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "053f102c-8360-4112-9d4a-09e07061d55a", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-reject", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "64052576-2617-4b7a-b317-4cfd6f8f452d", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + "bulk-reject", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "74ebd5c3-8247-4d59-9e18-3e1a8e7c115e", + "name": "Submit Account Selections", + "request": { + "name": "Submit Account Selections", + "description": { + "content": "This API submits account selections. Either an admin, or the owning/current user must make this request.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + ":id", + "submit-account-selection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the work item", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"fieldName\": \"fieldValue\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "41389f2a-528d-40ff-b2ff-4ceeee25172b", + "name": "A work items details object.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "submit-account-selection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"fieldName\": \"fieldValue\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"requesterDisplayName\": \"John Smith\",\n \"ownerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"ownerName\": \"Jason Smith\",\n \"created\": \"2017-07-11T18:45:37.098Z\",\n \"modified\": \"2018-06-25T20:22:28.104Z\",\n \"description\": \"Create account on source 'AD'\",\n \"state\": \"Finished\",\n \"type\": \"Generic\",\n \"remediationItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"targetName\": \"john.smith\",\n \"targetDisplayName\": \"emailAddress\",\n \"applicationName\": \"Active Directory\",\n \"attributeName\": \"phoneNumber\",\n \"attributeOperation\": \"update\",\n \"attributeValue\": \"512-555-1212\",\n \"nativeIdentity\": \"jason.smith2\"\n }\n ],\n \"approvalItems\": [\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n },\n {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"account\": \"john.smith\",\n \"application\": \"Active Directory\",\n \"name\": \"emailAddress\",\n \"operation\": \"update\",\n \"value\": \"a@b.com\",\n \"state\": \"Pending\"\n }\n ],\n \"name\": \"Account Create\",\n \"completed\": \"2018-10-19T13:49:37.385Z\",\n \"numItems\": 19,\n \"form\": {\n \"id\": \"2c9180835d2e5168015d32f890ca1581\",\n \"name\": \"AccountSelection Form\",\n \"title\": \"Account Selection for John.Doe\",\n \"subtitle\": \"Please select from the following\",\n \"targetUser\": \"Jane.Doe\",\n \"sections\": [\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n },\n {\n \"name\": \"Field1\",\n \"label\": \"Section 1\"\n }\n ]\n },\n \"errors\": [\n \"The work item ID that was specified was not found.\"\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "596a7dc5-339c-41b0-b891-2536e298914c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "submit-account-selection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"fieldName\": \"fieldValue\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1e4262cb-95a7-45e3-99df-910ec9f4af3e", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "submit-account-selection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"fieldName\": \"fieldValue\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fa8fb502-1ce5-4fc5-895b-98776a500bba", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "submit-account-selection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"fieldName\": \"fieldValue\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "79d3f3c1-b6eb-4b80-99ed-4f73800a7692", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "submit-account-selection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"fieldName\": \"fieldValue\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2121e4f5-dae5-4ab7-95cc-a7e205a3534d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "submit-account-selection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"fieldName\": \"fieldValue\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "20a4a2a2-8a8f-47d0-b054-67447a1e32c7", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "submit-account-selection" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"fieldName\": \"fieldValue\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d7b355e7-fb52-46b5-ab6b-575f2fbc8f53", + "name": "Forward a Work Item", + "request": { + "name": "Forward a Work Item", + "description": { + "content": "This API forwards a work item to a new owner. Either an admin, or the owning/current user must make this request. Accessible to work-item Owner, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN.", + "type": "text/plain" + }, + "url": { + "path": [ + "work-items", + ":id", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "ef38f94347e94562b5bb8424a56397d8", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The ID of the work item", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"targetOwnerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"comment\": \"I'm going on vacation.\",\n \"sendNotifications\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "5e61457c-b319-4b62-8d06-a3d62cead57b", + "name": "Success, but no data is returned.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"targetOwnerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"comment\": \"I'm going on vacation.\",\n \"sendNotifications\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "4a23a0ca-a49a-4dee-836b-d872d92c98bd", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"targetOwnerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"comment\": \"I'm going on vacation.\",\n \"sendNotifications\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ed77250a-b410-45a7-be97-61d73a0e5d3b", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"targetOwnerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"comment\": \"I'm going on vacation.\",\n \"sendNotifications\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "da0ceeec-e22a-4fc8-b2c0-4e0576958c96", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"targetOwnerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"comment\": \"I'm going on vacation.\",\n \"sendNotifications\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "971cf939-8c7b-414e-9b67-8b5447070959", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"targetOwnerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"comment\": \"I'm going on vacation.\",\n \"sendNotifications\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "26635fc0-9c50-40b7-ac73-022883344d35", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "work-items", + ":id", + "forward" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"targetOwnerId\": \"2c9180835d2e5168015d32f890ca1581\",\n \"comment\": \"I'm going on vacation.\",\n \"sendNotifications\": true\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Work Reassignment", + "description": "Use this API to implement work reassignment functionality.\n\nWork Reassignment allows access request reviews, certifications, and manual provisioning tasks assigned to a user to be reassigned to a different user. This is primarily used for:\n\n- Temporarily redirecting work for users who are out of office, such as on vacation or sick leave\n- Permanently redirecting work for users who should not be assigned these tasks at all, such as senior executives or service identities\n\nUsers can define reassignments for themselves, managers can add them for their team members, and administrators can configure them on any user’s behalf. Work assigned during the specified reassignment timeframes will be automatically reassigned to the designated user as it is created.\n\nRefer to [Work Reassignment](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html) for more information about this topic.\n", + "item": [ + { + "id": "ced6eca9-bb7b-4780-84d5-7dbb16476720", + "name": "List Reassignment Config Types", + "request": { + "name": "List Reassignment Config Types", + "description": { + "content": "Gets a collection of types which are available in the Reassignment Configuration UI.", + "type": "text/plain" + }, + "url": { + "path": [ + "reassignment-configurations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "faffb358-88be-4c30-98f0-aa122ffc378e", + "name": "List of Reassignment Configuration Types", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"priority\": 1,\n \"internalName\": \"accessRequests\",\n \"internalNameCamel\": \"ACCESS_REQUESTS\",\n \"displayName\": \"Access Requests\",\n \"description\": \"Reassign Access Request Work Items for an identity\"\n },\n {\n \"priority\": 1,\n \"internalName\": \"accessRequests\",\n \"internalNameCamel\": \"ACCESS_REQUESTS\",\n \"displayName\": \"Access Requests\",\n \"description\": \"Reassign Access Request Work Items for an identity\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0824e3c1-ef96-4c96-afc5-422d7a2e06c2", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2ebab1a9-171f-4ccd-b1d4-efeaba2910df", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a11a875f-d762-47ad-b75c-e52b0a113d7c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b072651-d685-42b1-92f3-091eefbc5bb4", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "28e3d4d0-b184-430c-b8a4-1c971e74aa62", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "types" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "97ef04a0-835b-47fa-a68e-2194383d946b", + "name": "List Reassignment Configurations", + "request": { + "name": "List Reassignment Configurations", + "description": { + "content": "Gets all Reassignment configuration for the current org.", + "type": "text/plain" + }, + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "0b4c0cce-6266-40f6-a3ba-4e60d02b822a", + "name": "A list of Reassignment Configurations for an org", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"identity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"configDetails\": [\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n },\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n }\n ]\n },\n {\n \"identity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"configDetails\": [\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n },\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6b106a44-885f-4626-8e72-f7d0491ebba7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1f0fd99d-d645-456e-9e2e-775cf7920b1c", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9c52b6c3-ae2b-4278-b26f-288b24bb2bf6", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d083fd4-45d4-41c6-a4e9-e9bdaf6f7fc3", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6f38180f-2d0b-4921-9d24-b8701618610f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "184cc101-dbd5-4c13-9a86-7b61307af7f6", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "28316df1-5216-47b7-8547-cb5a07ea3476", + "name": "Create a Reassignment Configuration", + "request": { + "name": "Create a Reassignment Configuration", + "description": { + "content": "Creates a new Reassignment Configuration for the specified identity.", + "type": "text/plain" + }, + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "d7676c80-10a3-42d5-b8c5-f476a9314912", + "name": "The newly created Reassignment Configuration object", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Created", + "code": 201, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"configDetails\": [\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n },\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a4421edc-3879-4123-9877-fb82fdee5fba", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "89d52205-791a-404e-9882-52752fd79c23", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "335a5753-620e-44ba-a289-56bf18df6daa", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "50e3e92a-f3ca-4683-9ad4-69ee2f658ccf", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a5b972f7-573b-4ca9-b4c6-2cfe82976d06", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f2258449-cbbd-4067-ae52-7b6184ff1d56", + "name": "Get Reassignment Configuration", + "request": { + "name": "Get Reassignment Configuration", + "description": { + "content": "Gets the Reassignment Configuration for an identity.", + "type": "text/plain" + }, + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808781a71ddb0181b9090b5c504f", + "key": "identityId", + "disabled": true, + "description": { + "content": "(Required) unique identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "61219147-b0cf-4650-b8bf-8f99a17d8461", + "name": "Reassignment Configuration for an identity", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"configDetails\": [\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n },\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d5668483-0565-49b0-b192-c754f9981ca0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "89892732-d5dd-4aad-9c8a-3152e0244232", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "560b93f7-2299-4cc2-a4c1-ac7620fbef71", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70d4c2a8-cc54-43a6-bf9a-74df3f366336", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "480069b8-9900-4fa9-b139-2b8e414532ca", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01f4d520-afb6-4a32-85b4-6d176462ec19", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2fb5b295-6bd2-4a25-9a19-95235fd4d7b8", + "name": "Update Reassignment Configuration", + "request": { + "name": "Update Reassignment Configuration", + "description": { + "content": "Replaces existing Reassignment configuration for an identity with the newly provided configuration.", + "type": "text/plain" + }, + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808781a71ddb0181b9090b5c504e", + "key": "identityId", + "disabled": true, + "description": { + "content": "(Required) unique identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "0f85a9eb-5eb6-468f-8ce3-bcc585da48f1", + "name": "Reassignment Configuration updated", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"identity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"configDetails\": [\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n },\n {\n \"configType\": \"ACCESS_REQUESTS\",\n \"targetIdentity\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"0001-01-01T00:00:00Z\",\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n }\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "922136e5-fa8c-4691-ae78-0ece978953dd", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2515c32f-70a1-4b8a-aa1a-fbc06e09c337", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "809f3655-c7c9-4696-9252-bbf0311dfd58", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d1312c2-0e27-4d66-9dda-706fc496a7c2", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "35b16136-8e05-4dc3-b1cd-4b2aa72441d5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"reassignedFromId\": \"2c91808781a71ddb0181b9090b5c504e\",\n \"reassignedToId\": \"2c91808781a71ddb0181b9090b53504a\",\n \"configType\": \"ACCESS_REQUESTS\",\n \"startDate\": \"2022-07-21T11:13:12.345Z\",\n \"endDate\": \"2022-07-30T17:00:00.000Z\"\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "8ffeb749-4216-4c8a-9ee0-5963cd2563d7", + "name": "Delete Reassignment Configuration", + "request": { + "name": "Delete Reassignment Configuration", + "description": { + "content": "Deletes all Reassignment Configuration for the specified identity", + "type": "text/plain" + }, + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "2c91808781a71ddb0181b9090b5c504e", + "key": "identityId", + "disabled": true, + "description": { + "content": "(Required) unique identity id", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "6e493db9-47cb-4210-b7c2-afe689e25152", + "name": "Reassignment Configuration deleted", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "0277e91e-d037-4f19-a51f-e5acde602e1c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4950e4e4-123e-4d08-a163-481ea306e864", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c287ec15-6e2f-4aa2-9f61-dd9b67dcefed", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "72f7ba40-4c57-43ee-90c1-429c59859f94", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "897c05cf-8fdb-402e-be7c-dd2684e5ba21", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d5f80b8a-f58b-4812-ad58-95522ef4818b", + "name": "Evaluate Reassignment Configuration", + "request": { + "name": "Evaluate Reassignment Configuration", + "description": { + "content": "Evaluates the Reassignment Configuration for an `Identity` to determine if work items for the specified type should be reassigned. If a valid Reassignment Configuration is found for the identity & work type, then a lookup is initiated which recursively fetches the Reassignment Configuration for the next `TargetIdentity` until no more results are found or a max depth of 5. That lookup trail is provided in the response and the final reassigned identity in the lookup list is returned as the `reassignToId` property. If no Reassignment Configuration is found for the specified identity & config type then the requested Identity ID will be used as the `reassignToId` value and the lookupTrail node will be empty.", + "type": "text/plain" + }, + "url": { + "path": [ + "reassignment-configurations", + ":identityId", + "evaluate", + ":configType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "type": "text/plain" + }, + "key": "exclusionFilters", + "value": "SELF_REVIEW_DELEGATION" + } + ], + "variable": [ + { + "type": "any", + "value": "2c91808781a71ddb0181b9090b5c504e", + "key": "identityId", + "disabled": true, + "description": { + "content": "(Required) unique identity id", + "type": "text/plain" + } + }, + { + "type": "any", + "value": "accessRequests", + "key": "configType", + "disabled": true, + "description": { + "content": "(Required) Reassignment work type", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "59d2f9ac-292f-494d-83d3-46a4e19299cf", + "name": "Evaluate response when no Reassignment Configuration is found", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId", + "evaluate", + ":configType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "type": "text/plain" + }, + "key": "exclusionFilters", + "value": "SELF_REVIEW_DELEGATION" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"reassignToId\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"lookupTrail\": []\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4b7f2dc2-c819-4a39-9019-3594f23bff6b", + "name": "Evaluate response when a long Reassignment trail is found", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId", + "evaluate", + ":configType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "type": "text/plain" + }, + "key": "exclusionFilters", + "value": "SELF_REVIEW_DELEGATION" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"reassignToId\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"lookupTrail\": [\n {\n \"reassignedToId\": \"2c918084575812550157589064f33b89\",\n \"reassignedFromId\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"reassignedToId\": \"073204941f3f49c0b3a3c49d1c17ef0e\",\n \"reassignedFromId\": \"2c918084575812550157589064f33b89\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"reassignedToId\": \"31d9c631f5574571a935aaa48a6255df\",\n \"reassignedFromId\": \"073204941f3f49c0b3a3c49d1c17ef0e\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"reassignedToId\": \"279de502e5dc43f4854e1b96f57c578f\",\n \"reassignedFromId\": \"31d9c631f5574571a935aaa48a6255df\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "68e4642a-7ffd-42af-abfd-51cb25eee03b", + "name": "Evaluate response when a self-review is found and manager or org admin escalation is applied", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId", + "evaluate", + ":configType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "type": "text/plain" + }, + "key": "exclusionFilters", + "value": "SELF_REVIEW_DELEGATION" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"reassignToId\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"lookupTrail\": [\n {\n \"reassignedToId\": \"2c918084575812550157589064f33b89\",\n \"reassignedFromId\": \"2c9180825a6c1adc015a71c9023f0818\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"reassignedToId\": \"073204941f3f49c0b3a3c49d1c17ef0e\",\n \"reassignedFromId\": \"2c918084575812550157589064f33b89\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n },\n {\n \"reassignedToId\": \"31d9c631f5574571a935aaa48a6255df\",\n \"reassignedFromId\": \"073204941f3f49c0b3a3c49d1c17ef0e\",\n \"reassignmentType\": \"SELF_REVIEW_DELEGATION\"\n },\n {\n \"reassignedToId\": \"279de502e5dc43f4854e1b96f57c578f\",\n \"reassignedFromId\": \"31d9c631f5574571a935aaa48a6255df\",\n \"reassignmentType\": \"AUTOMATIC_REASSIGNMENT\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7bc05226-9e3f-475f-a8c5-49638359305c", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId", + "evaluate", + ":configType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "type": "text/plain" + }, + "key": "exclusionFilters", + "value": "SELF_REVIEW_DELEGATION" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "239ab48d-13c6-4069-be2d-7b4363345740", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId", + "evaluate", + ":configType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "type": "text/plain" + }, + "key": "exclusionFilters", + "value": "SELF_REVIEW_DELEGATION" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4b5fe47b-8a55-446b-b233-77287b8983f9", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId", + "evaluate", + ":configType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "type": "text/plain" + }, + "key": "exclusionFilters", + "value": "SELF_REVIEW_DELEGATION" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "44f5cf71-0fe1-4f50-acad-f18988292461", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId", + "evaluate", + ":configType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "type": "text/plain" + }, + "key": "exclusionFilters", + "value": "SELF_REVIEW_DELEGATION" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f80190d5-6781-46a1-82f4-808c032da24f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + ":identityId", + "evaluate", + ":configType" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments", + "type": "text/plain" + }, + "key": "exclusionFilters", + "value": "SELF_REVIEW_DELEGATION" + } + ], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1af2a83c-d56b-4259-a2e1-451989ed4207", + "name": "Get Tenant-wide Reassignment Configuration settings", + "request": { + "name": "Get Tenant-wide Reassignment Configuration settings", + "description": { + "content": "Gets the global Reassignment Configuration settings for the requestor's tenant.", + "type": "text/plain" + }, + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "236dd6a3-1403-411a-ac0e-4c070b656c3e", + "name": "Tenant-wide Reassignment Configuration settings", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n },\n \"configDetails\": {\n \"disabled\": true\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d33d29c0-bd40-4959-8692-d15045a2ac60", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c278a661-84fa-4df9-a05d-4b439ce39496", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dc651e9e-3ff3-4add-af96-4fe9dd36fd43", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d76cf576-1ff1-42e3-84af-a1dfda6cdb4f", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6361950b-244c-4d89-8508-81e08b7a65ea", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d68b208a-787c-4ef4-b7ea-6da632c01a4f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "9d9ef13a-3ffb-4389-a4d8-f3e8ee737915", + "name": "Update Tenant-wide Reassignment Configuration settings", + "request": { + "name": "Update Tenant-wide Reassignment Configuration settings", + "description": { + "content": "Replaces existing Tenant-wide Reassignment Configuration settings with the newly provided settings.", + "type": "text/plain" + }, + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"configDetails\": {\n \"disabled\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "f1b493df-47d8-4cbf-8db5-02983d40520c", + "name": "Tenant-wide Reassignment Configuration settings", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"configDetails\": {\n \"disabled\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"auditDetails\": {\n \"created\": \"2022-07-21T11:13:12.345Z\",\n \"createdBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n },\n \"modified\": \"2022-07-21T11:13:12.345Z\",\n \"modifiedBy\": {\n \"id\": \"2c91808380aa05580180aaaaf1940410\",\n \"name\": \"William Wilson\"\n }\n },\n \"configDetails\": {\n \"disabled\": true\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7e416af9-f688-4ad4-bff8-0af058ba5f11", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"configDetails\": {\n \"disabled\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c89cc0db-6b72-4576-bf0f-5fe777750078", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"configDetails\": {\n \"disabled\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "67a768db-60cb-4e9a-b11d-553c31c8f4c4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"configDetails\": {\n \"disabled\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3293b83c-0f84-4c3d-8c9d-17caea0b8623", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"configDetails\": {\n \"disabled\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "32759c77-4943-4459-8640-b5979d2017b4", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "reassignment-configurations", + "tenant-config" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "disabled": true, + "description": { + "content": "(Required) Use this header to enable this experimental API.", + "type": "text/plain" + }, + "key": "X-SailPoint-Experimental", + "value": "true" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"configDetails\": {\n \"disabled\": true\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Workflows", + "description": "Workflows allow administrators to create custom automation scripts directly within Identity Security Cloud. These automation scripts respond to [event triggers](https://developer.sailpoint.com/docs/extensibility/event-triggers/#how-to-get-started-with-event-triggers) and perform a series of actions to perform tasks that are either too cumbersome or not available in the Identity Security Cloud UI. Workflows can be configured via a graphical user interface within Identity Security Cloud, or by creating and uploading a JSON formatted script to the Workflow service. The Workflows API collection provides the necessary functionality to create, manage, and test your workflows via REST.\n", + "item": [ + { + "id": "7d15cfeb-096b-4704-8475-d8c2c4adb855", + "name": "List Workflows", + "request": { + "name": "List Workflows", + "description": { + "content": "List all workflows in the tenant.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "7a1e8ccf-3345-49a1-a117-461ebe022cae", + "name": "List of workflows", + "originalRequest": { + "url": { + "path": [ + "workflows" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"d201c5e9-d37b-4aff-af14-66414f39d569\",\n \"executionCount\": 2,\n \"failureCount\": 0,\n \"created\": \"2022-01-10T16:06:16.636381447Z\",\n \"modified\": \"2023-12-05T15:18:27.699Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n },\n \"creator\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"amet\"\n },\n \"displayName\": \"do anim\"\n }\n },\n {\n \"id\": \"d201c5e9-d37b-4aff-af14-66414f39d569\",\n \"executionCount\": 2,\n \"failureCount\": 0,\n \"created\": \"2022-01-10T16:06:16.636381447Z\",\n \"modified\": \"2023-12-05T15:18:27.699Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n },\n \"creator\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"anim ad\"\n },\n \"displayName\": \"quis pariatur\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "78bc501b-a8bf-45be-a685-be919c44dfbc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3943d228-1c76-4271-8620-cb004a13b123", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1286f59e-7df8-41b1-8751-7a9a87bd0c48", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "04af05a5-48a5-473a-8cca-e7ad196042d5", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ef64323c-3b75-438d-b00b-27350fa914d5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d42bea29-3661-4c12-af35-812e671b0060", + "name": "Get Workflow By Id", + "request": { + "name": "Get Workflow By Id", + "description": { + "content": "Get a single workflow by id.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the workflow", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "2b136755-f4af-496d-b48a-328b4a6f3d7c", + "name": "The workflow object", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"d201c5e9-d37b-4aff-af14-66414f39d569\",\n \"executionCount\": 2,\n \"failureCount\": 0,\n \"created\": \"2022-01-10T16:06:16.636381447Z\",\n \"modified\": \"2023-12-05T15:18:27.699Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n },\n \"creator\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"est voluptate cillum\"\n },\n \"displayName\": \"nostrud sit\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a38b981c-1d09-4452-97cc-ad96587dbd7a", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd66126a-6262-4f07-b873-34cf9c06637f", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "70c7000d-b902-4cb9-8a7d-16b0a8df902b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "31c1fd87-4afe-44a3-8b3d-23a423777af6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0f543fb1-5735-4589-b290-b4a72bcd6d24", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "64a5fb1f-5aeb-4404-be2d-685aa60cac31", + "name": "Update Workflow", + "request": { + "name": "Update Workflow", + "description": { + "content": "Perform a full update of a workflow. The updated workflow object is returned in the response.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the Workflow", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"officia anim velit\"\n },\n \"displayName\": \"quis ut officia consectetur\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "129f7bef-c495-455d-aa8f-27b9bf5955ad", + "name": "The Workflow object", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"officia anim velit\"\n },\n \"displayName\": \"quis ut officia consectetur\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"d201c5e9-d37b-4aff-af14-66414f39d569\",\n \"executionCount\": 2,\n \"failureCount\": 0,\n \"created\": \"2022-01-10T16:06:16.636381447Z\",\n \"modified\": \"2023-12-05T15:18:27.699Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n },\n \"creator\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"est voluptate cillum\"\n },\n \"displayName\": \"nostrud sit\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "0e057b52-2b25-4b83-877b-f0ace1dd515b", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"officia anim velit\"\n },\n \"displayName\": \"quis ut officia consectetur\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8bc6bced-ace6-4d7d-adb9-a39a2a3a90d1", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"officia anim velit\"\n },\n \"displayName\": \"quis ut officia consectetur\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "93ef7d49-3034-414e-a73c-a6321cb870b5", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"officia anim velit\"\n },\n \"displayName\": \"quis ut officia consectetur\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "13462a54-14fa-4819-a463-e00e35deaa9c", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"officia anim velit\"\n },\n \"displayName\": \"quis ut officia consectetur\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "01f7eb0a-81b2-44d4-82f5-dc329e849f2c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PUT", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"officia anim velit\"\n },\n \"displayName\": \"quis ut officia consectetur\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1e6ce5d2-e6de-435e-8a6b-ea4268bd85ff", + "name": "Patch Workflow", + "request": { + "name": "Patch Workflow", + "description": { + "content": "Partially update an existing Workflow using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the Workflow", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Send Email\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Send an email to the identity who's attributes changed.\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/definition\",\n \"value\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/trigger\",\n \"value\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\"\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "83509d49-631a-44fb-9757-2e9675677c29", + "name": "The Workflow object", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Send Email\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Send an email to the identity who's attributes changed.\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/definition\",\n \"value\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/trigger\",\n \"value\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\"\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"d201c5e9-d37b-4aff-af14-66414f39d569\",\n \"executionCount\": 2,\n \"failureCount\": 0,\n \"created\": \"2022-01-10T16:06:16.636381447Z\",\n \"modified\": \"2023-12-05T15:18:27.699Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n },\n \"creator\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"est voluptate cillum\"\n },\n \"displayName\": \"nostrud sit\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dbd39cfa-6aeb-4fac-a284-e86c59d6972d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Send Email\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Send an email to the identity who's attributes changed.\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/definition\",\n \"value\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/trigger\",\n \"value\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\"\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ce232e28-d59e-4701-b006-49f759138b92", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Send Email\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Send an email to the identity who's attributes changed.\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/definition\",\n \"value\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/trigger\",\n \"value\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\"\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4ae9e50a-abd4-4291-875d-4e220f57f8f4", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Send Email\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Send an email to the identity who's attributes changed.\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/definition\",\n \"value\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/trigger\",\n \"value\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\"\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c5bcba00-d99e-4710-843a-ea5adfc0084f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Send Email\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Send an email to the identity who's attributes changed.\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/definition\",\n \"value\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/trigger\",\n \"value\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\"\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f9047b51-49be-4c92-8fbe-41347e06947a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json-patch+json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "PATCH", + "body": { + "mode": "raw", + "raw": "[\n {\n \"op\": \"replace\",\n \"path\": \"/name\",\n \"value\": \"Send Email\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/owner\",\n \"value\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/description\",\n \"value\": \"Send an email to the identity who's attributes changed.\"\n },\n {\n \"op\": \"replace\",\n \"path\": \"/enabled\",\n \"value\": false\n },\n {\n \"op\": \"replace\",\n \"path\": \"/definition\",\n \"value\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n }\n },\n {\n \"op\": \"replace\",\n \"path\": \"/trigger\",\n \"value\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\"\n }\n }\n }\n]", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "4e00dc18-5b92-462f-b6cf-dbc8457d6c14", + "name": "Delete Workflow By Id", + "request": { + "name": "Delete Workflow By Id", + "description": { + "content": "Delete a workflow. **Enabled workflows cannot be deleted**. They must first be disabled.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the Workflow", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "DELETE", + "body": {} + }, + "response": [ + { + "id": "d5ac660e-ea1f-49e1-8f6f-62617a9a950d", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "ec63ae6c-c101-4e02-9356-53be4b6e7e97", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ffcc435d-e7c2-4913-a425-18a86fe4f289", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7f051b82-dc81-4663-9c2e-679408636265", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4e8cd265-7a72-4777-bb53-281e4df21525", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "85ef3516-48c8-49bb-8a0c-42d1206a0e81", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "DELETE", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e311afb0-fa5d-4c1d-b4c1-001886b87651", + "name": "Create Workflow", + "request": { + "name": "Create Workflow", + "description": { + "content": "Create a new workflow with the desired trigger and steps specified in the request body.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "key": "id" + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter\": \"$.changes[?(@.attribute == 'manager')]\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "e4235271-608b-45c7-a7ff-0a1b9045599e", + "name": "Event Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter\": \"$.changes[?(@.attribute == 'manager')]\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"d201c5e9-d37b-4aff-af14-66414f39d569\",\n \"executionCount\": 2,\n \"failureCount\": 0,\n \"created\": \"2022-01-10T16:06:16.636381447Z\",\n \"modified\": \"2023-12-05T15:18:27.699Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n },\n \"creator\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"est voluptate cillum\"\n },\n \"displayName\": \"nostrud sit\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "49ad34e3-940c-43b7-81d8-634b0908a993", + "name": "Scheduled Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"SCHEDULED\",\n \"attributes\": {\n \"cronString\": \"0 * */3 */5 *\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"d201c5e9-d37b-4aff-af14-66414f39d569\",\n \"executionCount\": 2,\n \"failureCount\": 0,\n \"created\": \"2022-01-10T16:06:16.636381447Z\",\n \"modified\": \"2023-12-05T15:18:27.699Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n },\n \"creator\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"est voluptate cillum\"\n },\n \"displayName\": \"nostrud sit\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bf97ba23-7631-47e0-856e-dba9701c0987", + "name": "External Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity whose attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EXTERNAL\",\n \"attributes\": {\n \"name\": \"search-and-notify\",\n \"description\": \"Run a search and notify the results\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"d201c5e9-d37b-4aff-af14-66414f39d569\",\n \"executionCount\": 2,\n \"failureCount\": 0,\n \"created\": \"2022-01-10T16:06:16.636381447Z\",\n \"modified\": \"2023-12-05T15:18:27.699Z\",\n \"modifiedBy\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c9180a46faadee4016fb4e018c20639\",\n \"name\": \"Thomas Edison\"\n },\n \"creator\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c7180a46faadee4016fb4e018c20642\",\n \"name\": \"Michael Michaels\"\n },\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"ACTION\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter.$\": \"$.changes[?(@.attribute == 'manager')]\",\n \"description\": \"est voluptate cillum\"\n },\n \"displayName\": \"nostrud sit\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "71ba9d92-26b6-482f-b5fa-78ef034e67af", + "name": "Event Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter\": \"$.changes[?(@.attribute == 'manager')]\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "225734ff-d0e3-463c-90fb-a0df0276601c", + "name": "Scheduled Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"SCHEDULED\",\n \"attributes\": {\n \"cronString\": \"0 * */3 */5 *\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a0304e46-725a-4796-b99e-a408c49fff40", + "name": "External Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity whose attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EXTERNAL\",\n \"attributes\": {\n \"name\": \"search-and-notify\",\n \"description\": \"Run a search and notify the results\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7675f7f7-7acd-4b02-9d78-fce4207379b5", + "name": "Event Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter\": \"$.changes[?(@.attribute == 'manager')]\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "eed9f88e-29cc-46f1-b566-f880c3071a11", + "name": "Scheduled Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"SCHEDULED\",\n \"attributes\": {\n \"cronString\": \"0 * */3 */5 *\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4273c5af-1aaf-45df-aa09-d8cc29a7d01c", + "name": "External Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity whose attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EXTERNAL\",\n \"attributes\": {\n \"name\": \"search-and-notify\",\n \"description\": \"Run a search and notify the results\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c6e25387-a5ed-4383-b94d-ef5b20997543", + "name": "An example of a 403 response object", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter\": \"$.changes[?(@.attribute == 'manager')]\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a8441d86-a2b1-40d3-85c4-821b59d61692", + "name": "Scheduled Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"SCHEDULED\",\n \"attributes\": {\n \"cronString\": \"0 * */3 */5 *\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e1f26fc9-f5a0-4d40-beee-d629709037f8", + "name": "External Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity whose attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EXTERNAL\",\n \"attributes\": {\n \"name\": \"search-and-notify\",\n \"description\": \"Run a search and notify the results\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c113c062-9a72-4b88-bd61-c16ca9db6aef", + "name": "Event Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter\": \"$.changes[?(@.attribute == 'manager')]\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d1b9c7c9-28a2-449e-89fd-b8eb3fd7dfb9", + "name": "Scheduled Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"SCHEDULED\",\n \"attributes\": {\n \"cronString\": \"0 * */3 */5 *\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "186a607c-bcf2-4ca7-bdbc-e0e8773ae0f2", + "name": "External Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity whose attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EXTERNAL\",\n \"attributes\": {\n \"name\": \"search-and-notify\",\n \"description\": \"Run a search and notify the results\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e394a7bc-9da6-4aa5-8453-89d04f3ea2cc", + "name": "An example of a 500 response object", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EVENT\",\n \"attributes\": {\n \"id\": \"idn:identity-attributes-changed\",\n \"filter\": \"$.changes[?(@.attribute == 'manager')]\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a0cf0d7b-9bc5-47a6-b094-bc2b951a738b", + "name": "Scheduled Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity who's attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"SCHEDULED\",\n \"attributes\": {\n \"cronString\": \"0 * */3 */5 *\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4d3c8899-da7b-4e07-a9ab-51c858f35e8b", + "name": "External Trigger", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"Send Email\",\n \"owner\": {\n \"type\": \"IDENTITY\",\n \"id\": \"2c91808568c529c60168cca6f90c1313\",\n \"name\": \"William Wilson\"\n },\n \"description\": \"Send an email to the identity whose attributes changed.\",\n \"definition\": {\n \"start\": \"Send Email Test\",\n \"steps\": {\n \"Send Email\": {\n \"actionId\": \"sp:send-email\",\n \"attributes\": {\n \"body\": \"This is a test\",\n \"from\": \"sailpoint@sailpoint.com\",\n \"recipientId.$\": \"$.identity.id\",\n \"subject\": \"test\"\n },\n \"nextStep\": \"success\",\n \"selectResult\": null,\n \"type\": \"action\"\n },\n \"success\": {\n \"type\": \"success\"\n }\n }\n },\n \"enabled\": false,\n \"trigger\": {\n \"type\": \"EXTERNAL\",\n \"attributes\": {\n \"name\": \"search-and-notify\",\n \"description\": \"Run a search and notify the results\"\n }\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "519c6028-3b8d-4e56-ac2a-b8c6c59aaeba", + "name": "Test Workflow By Id", + "request": { + "name": "Test Workflow By Id", + "description": { + "content": "Test a workflow with the provided input data. The input data should resemble the input that the trigger will send the workflow. See the [event trigger documentation](https://developer.sailpoint.com/idn/docs/event-triggers/available) for an example input for the trigger that initiates this workflow.\nThis endpoint will return an execution ID, which can be used to lookup more information about the execution using the `Get a Workflow Execution` endpoint.\n**This will cause a live run of the workflow, which could result in unintended modifications to your IDN tenant.**", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the workflow", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identity\": {\n \"id\": \"ee769173319b41d19ccec6cea52f237b\",\n \"name\": \"john.doe\",\n \"type\": \"IDENTITY\"\n },\n \"changes\": [\n {\n \"attribute\": \"department\",\n \"oldValue\": \"sales\",\n \"newValue\": \"marketing\"\n },\n {\n \"attribute\": \"manager\",\n \"oldValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423237b\",\n \"name\": \"nice.guy\",\n \"type\": \"IDENTITY\"\n },\n \"newValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423236c\",\n \"name\": \"mean.guy\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"attribute\": \"email\",\n \"oldValue\": \"john.doe@hotmail.com\",\n \"newValue\": \"john.doe@gmail.com\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "0ff36b29-f84c-426d-8f25-2d29a7ad47ea", + "name": "The Workflow object", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identity\": {\n \"id\": \"ee769173319b41d19ccec6cea52f237b\",\n \"name\": \"john.doe\",\n \"type\": \"IDENTITY\"\n },\n \"changes\": [\n {\n \"attribute\": \"department\",\n \"oldValue\": \"sales\",\n \"newValue\": \"marketing\"\n },\n {\n \"attribute\": \"manager\",\n \"oldValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423237b\",\n \"name\": \"nice.guy\",\n \"type\": \"IDENTITY\"\n },\n \"newValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423236c\",\n \"name\": \"mean.guy\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"attribute\": \"email\",\n \"oldValue\": \"john.doe@hotmail.com\",\n \"newValue\": \"john.doe@gmail.com\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"workflowExecutionId\": \"0e11cefa-96e7-4b67-90d0-065bc1da5753\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f39c08bb-a741-47bb-b6ec-8c13e6cdeebf", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identity\": {\n \"id\": \"ee769173319b41d19ccec6cea52f237b\",\n \"name\": \"john.doe\",\n \"type\": \"IDENTITY\"\n },\n \"changes\": [\n {\n \"attribute\": \"department\",\n \"oldValue\": \"sales\",\n \"newValue\": \"marketing\"\n },\n {\n \"attribute\": \"manager\",\n \"oldValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423237b\",\n \"name\": \"nice.guy\",\n \"type\": \"IDENTITY\"\n },\n \"newValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423236c\",\n \"name\": \"mean.guy\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"attribute\": \"email\",\n \"oldValue\": \"john.doe@hotmail.com\",\n \"newValue\": \"john.doe@gmail.com\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f90022af-00ca-4cc9-98e6-d01c1a773bea", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identity\": {\n \"id\": \"ee769173319b41d19ccec6cea52f237b\",\n \"name\": \"john.doe\",\n \"type\": \"IDENTITY\"\n },\n \"changes\": [\n {\n \"attribute\": \"department\",\n \"oldValue\": \"sales\",\n \"newValue\": \"marketing\"\n },\n {\n \"attribute\": \"manager\",\n \"oldValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423237b\",\n \"name\": \"nice.guy\",\n \"type\": \"IDENTITY\"\n },\n \"newValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423236c\",\n \"name\": \"mean.guy\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"attribute\": \"email\",\n \"oldValue\": \"john.doe@hotmail.com\",\n \"newValue\": \"john.doe@gmail.com\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3029fd9-0684-449a-a5c5-4cd73c11cd0c", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identity\": {\n \"id\": \"ee769173319b41d19ccec6cea52f237b\",\n \"name\": \"john.doe\",\n \"type\": \"IDENTITY\"\n },\n \"changes\": [\n {\n \"attribute\": \"department\",\n \"oldValue\": \"sales\",\n \"newValue\": \"marketing\"\n },\n {\n \"attribute\": \"manager\",\n \"oldValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423237b\",\n \"name\": \"nice.guy\",\n \"type\": \"IDENTITY\"\n },\n \"newValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423236c\",\n \"name\": \"mean.guy\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"attribute\": \"email\",\n \"oldValue\": \"john.doe@hotmail.com\",\n \"newValue\": \"john.doe@gmail.com\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3b1ea5f8-6448-4346-bb7d-687e2111253d", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identity\": {\n \"id\": \"ee769173319b41d19ccec6cea52f237b\",\n \"name\": \"john.doe\",\n \"type\": \"IDENTITY\"\n },\n \"changes\": [\n {\n \"attribute\": \"department\",\n \"oldValue\": \"sales\",\n \"newValue\": \"marketing\"\n },\n {\n \"attribute\": \"manager\",\n \"oldValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423237b\",\n \"name\": \"nice.guy\",\n \"type\": \"IDENTITY\"\n },\n \"newValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423236c\",\n \"name\": \"mean.guy\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"attribute\": \"email\",\n \"oldValue\": \"john.doe@hotmail.com\",\n \"newValue\": \"john.doe@gmail.com\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3869597b-d5e6-4092-b4b3-c19b0ad0284f", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"identity\": {\n \"id\": \"ee769173319b41d19ccec6cea52f237b\",\n \"name\": \"john.doe\",\n \"type\": \"IDENTITY\"\n },\n \"changes\": [\n {\n \"attribute\": \"department\",\n \"oldValue\": \"sales\",\n \"newValue\": \"marketing\"\n },\n {\n \"attribute\": \"manager\",\n \"oldValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423237b\",\n \"name\": \"nice.guy\",\n \"type\": \"IDENTITY\"\n },\n \"newValue\": {\n \"id\": \"ee769173319b41d19ccec6c235423236c\",\n \"name\": \"mean.guy\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"attribute\": \"email\",\n \"oldValue\": \"john.doe@hotmail.com\",\n \"newValue\": \"john.doe@gmail.com\"\n }\n ]\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e7f51040-17aa-4134-8dda-e25e5de5000a", + "name": "List Workflow Executions", + "request": { + "name": "List Workflow Executions", + "description": { + "content": "Use this API to list a specified workflow's executions. Workflow executions are available for up to 90 days before being archived. By default, you can get a maximum of 250 executions. To get executions past the first 250 records, you can do the following:\n1. Use the [Get Workflows](https://developer.sailpoint.com/idn/api/beta/list-workflows) endpoint to get your workflows.\n2. Get your workflow ID from the response.\n3. You can then do either of the following:\n\n - Filter to find relevant workflow executions.\n For example, you can filter for failed workflow executions: `GET /workflows/:workflowID/executions?filters=status eq \"Failed\"`\n\n - Paginate through results with the `offset` parameter.\n For example, you can page through 50 executions per page and use that as a way to get to the records past the first 250.\n Refer to [Paginating Results](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results) for more information about the query parameters you can use to achieve pagination.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + ":id", + "executions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**startTime**: *eq, lt, le, gt, ge*\n\n**status**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "status eq \"Failed\"" + } + ], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Workflow ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "48989a56-9c6a-4211-8432-6ad364b51998", + "name": "List of workflow executions for the specified workflow.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "executions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**startTime**: *eq, lt, le, gt, ge*\n\n**status**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "status eq \"Failed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"b393f4e2-4785-4d7f-ab27-3a6b8ded4c81\",\n \"workflowId\": \"d201c5d9-d37b-4a2f-af14-66414f39d568\",\n \"requestId\": \"41e12a74fa7b4a6a98ae47887b64acdb\",\n \"startTime\": \"2022-02-07T20:13:29.356648026Z\",\n \"closeTime\": \"2022-02-07T20:13:31.682410165Z\",\n \"status\": \"Completed\"\n },\n {\n \"id\": \"b393f4e2-4785-4d7f-ab27-3a6b8ded4c81\",\n \"workflowId\": \"d201c5d9-d37b-4a2f-af14-66414f39d568\",\n \"requestId\": \"41e12a74fa7b4a6a98ae47887b64acdb\",\n \"startTime\": \"2022-02-07T20:13:29.356648026Z\",\n \"closeTime\": \"2022-02-07T20:13:31.682410165Z\",\n \"status\": \"Completed\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "60c6bd77-7bb2-4b2a-826f-1c421cd1d6c0", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "executions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**startTime**: *eq, lt, le, gt, ge*\n\n**status**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "status eq \"Failed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e9a0df57-6fde-4da6-ad8c-d2cf8c195807", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "executions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**startTime**: *eq, lt, le, gt, ge*\n\n**status**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "status eq \"Failed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c873c554-978b-4b2b-a820-5df5c813fea1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "executions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**startTime**: *eq, lt, le, gt, ge*\n\n**status**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "status eq \"Failed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a379b4a1-3e8f-4e0b-9b1c-1d22e6ad0739", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "executions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**startTime**: *eq, lt, le, gt, ge*\n\n**status**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "status eq \"Failed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "67d247e0-cfc2-4d4f-94c4-9e6547fc9e84", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "executions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**startTime**: *eq, lt, le, gt, ge*\n\n**status**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "status eq \"Failed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4b96fd53-2021-4552-9ed6-3ec6e2d5cc96", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "executions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "count", + "value": "true" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**startTime**: *eq, lt, le, gt, ge*\n\n**status**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "status eq \"Failed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "1567e9d0-e1c7-46fd-aad5-3d0bc966504b", + "name": "Get Workflow Execution", + "request": { + "name": "Get Workflow Execution", + "description": { + "content": "Use this API to get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflow-executions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Workflow execution ID.", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "84d3a974-2147-4071-ae31-be07b22cca94", + "name": "Workflow execution.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"b393f4e2-4785-4d7f-ab27-3a6b8ded4c81\",\n \"workflowId\": \"d201c5d9-d37b-4a2f-af14-66414f39d568\",\n \"requestId\": \"41e12a74fa7b4a6a98ae47887b64acdb\",\n \"startTime\": \"2022-02-07T20:13:29.356648026Z\",\n \"closeTime\": \"2022-02-07T20:13:31.682410165Z\",\n \"status\": \"Completed\"\n },\n {\n \"id\": \"b393f4e2-4785-4d7f-ab27-3a6b8ded4c81\",\n \"workflowId\": \"d201c5d9-d37b-4a2f-af14-66414f39d568\",\n \"requestId\": \"41e12a74fa7b4a6a98ae47887b64acdb\",\n \"startTime\": \"2022-02-07T20:13:29.356648026Z\",\n \"closeTime\": \"2022-02-07T20:13:31.682410165Z\",\n \"status\": \"Completed\"\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "63ba2485-5590-4170-b4b6-8c013a017281", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6fb7cad-aa82-4399-b3d1-44c9ed7e9f90", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a767f74f-ac71-4725-98ca-c3810aef4571", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1a2dd146-fbe9-4c20-86c0-fb58850e0f2b", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "32b33d09-6954-41f3-953d-1fed78b73c77", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b85e0f19-35ab-4211-a71b-f0575ab48217", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "350903ed-101f-4777-bcf6-cd975191450d", + "name": "Get Workflow Execution History", + "request": { + "name": "Get Workflow Execution History", + "description": { + "content": "Get a detailed history of a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a 404 Not Found.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflow-executions", + ":id", + "history" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the workflow execution", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "04bc04d5-c204-42d1-aae7-df7a74d9b45b", + "name": "List of workflow execution events for the given workflow execution", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "history" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"type\": \"WorkflowTaskScheduled\",\n \"timestamp\": \"2022-02-07T20:13:31.640618296Z\",\n \"attributes\": {}\n },\n {\n \"type\": \"WorkflowTaskScheduled\",\n \"timestamp\": \"2022-02-07T20:13:31.640618296Z\",\n \"attributes\": {}\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8a573b0b-53fc-4506-8c0d-fc8cdbb699c1", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "history" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "dd81a02f-1ff9-48a1-a1d5-65c15945eec9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "history" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "12e009e2-6f4f-4d30-9aed-b30d054b2ed3", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "history" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c82a8e58-7b2e-4bd8-9d99-bd8c94aaecfe", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "history" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "a76c7438-88e4-40a9-af91-eb4a62bfc1f6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "history" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2aaafaf6-8602-474b-bd6a-b48664f5a25b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "history" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "f557075d-308f-4fd5-bfd1-b6a0456800a4", + "name": "Cancel Workflow Execution by ID", + "request": { + "name": "Cancel Workflow Execution by ID", + "description": { + "content": "Use this API to cancel a running workflow execution.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflow-executions", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) The workflow execution ID", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "55b55313-9416-4ccf-9451-c798b203a38c", + "name": "No content - indicates the request was successful but there is no content to be returned in the response.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "No Content", + "code": 204, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "d025aadb-29aa-4a99-a7d8-33d121ba500d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec4fa4d1-211e-48f8-9fd4-26c43b8ee7bc", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7af4c4bf-366e-4720-8fc2-09b7c99a2760", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b1b50dcf-e2ba-4b9e-abc3-60dbb482c2a8", + "name": "Not Found - returned if the request URL refers to a resource or object that does not exist", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Not Found", + "code": 404, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"404 Not found\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server did not find a current representation for the target resource.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f80397f2-d57d-4d16-913c-bb734b9f4730", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5e5a526d-8672-48cd-ad2c-58f35a282f53", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflow-executions", + ":id", + "cancel" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "a48f537b-208f-4254-bbc7-bf64a96ca4b6", + "name": "List Complete Workflow Library", + "request": { + "name": "List Complete Workflow Library", + "description": { + "content": "This lists all triggers, actions, and operators in the library", + "type": "text/plain" + }, + "url": { + "path": [ + "workflow-library" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "92b901cd-680f-4e92-9046-78ced478263a", + "name": "List of workflow steps", + "originalRequest": { + "url": { + "path": [ + "workflow-library" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"sp:create-campaign\",\n \"name\": \"Create Certification Campaign\",\n \"type\": \"ACTION\",\n \"description\": \"Generates a certification campaign.\",\n \"formFields\": [\n {\n \"description\": \"First value to compare\",\n \"helpText\": \"The name to give to this certification campaign.\",\n \"label\": \"Campaign Name\",\n \"name\": \"name\",\n \"required\": false,\n \"type\": \"text\"\n },\n {\n \"description\": \"First value to compare\",\n \"helpText\": \"The name to give to this certification campaign.\",\n \"label\": \"Campaign Name\",\n \"name\": \"name\",\n \"required\": false,\n \"type\": \"text\"\n }\n ],\n \"exampleOutput\": {},\n \"deprecated\": false,\n \"deprecatedBy\": \"1969-01-29T06:58:55.983Z\",\n \"versionNumber\": -34692995,\n \"isSimulationEnabled\": false,\n \"isDynamicSchema\": false,\n \"outputSchema\": {\n \"definitions\": {},\n \"properties\": {\n \"autoRevokeAllowed\": {\n \"$id\": \"#sp:create-campaign/autoRevokeAllowed\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"autoRevokeAllowed\",\n \"type\": \"boolean\"\n },\n \"deadline\": {\n \"$id\": \"#sp:create-campaign/deadline\",\n \"default\": \"\",\n \"examples\": [\n \"2020-12-25T06:00:00.468Z\"\n ],\n \"format\": \"date-time\",\n \"pattern\": \"^.*$\",\n \"title\": \"deadline\",\n \"type\": \"string\"\n },\n \"description\": {\n \"$id\": \"#sp:create-campaign/description\",\n \"default\": \"\",\n \"examples\": [\n \"A review of everyone's access by their manager.\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"description\",\n \"type\": \"string\"\n },\n \"emailNotificationEnabled\": {\n \"$id\": \"#sp:create-campaign/emailNotificationEnabled\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"emailNotificationEnabled\",\n \"type\": \"boolean\"\n },\n \"filter\": {\n \"$id\": \"#sp:create-campaign/filter\",\n \"properties\": {\n \"id\": {\n \"$id\": \"#sp:create-campaign/filter/id\",\n \"default\": \"\",\n \"examples\": [\n \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"id\",\n \"type\": \"string\"\n },\n \"type\": {\n \"$id\": \"#sp:create-campaign/filter/type\",\n \"default\": \"\",\n \"examples\": [\n \"CAMPAIGN_FILTER\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"type\",\n \"type\": \"string\"\n }\n },\n \"title\": \"filter\",\n \"type\": \"object\"\n },\n \"id\": {\n \"$id\": \"#sp:create-campaign/id\",\n \"default\": \"\",\n \"examples\": [\n \"2c918086719eec070171a7e3355a360a\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"id\",\n \"type\": \"string\"\n },\n \"name\": {\n \"$id\": \"#sp:create-campaign/name\",\n \"default\": \"\",\n \"examples\": [\n \"Manager Review\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"name\",\n \"type\": \"string\"\n },\n \"recommendationsEnabled\": {\n \"$id\": \"#sp:create-campaign/recommendationsEnabled\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"recommendationEnabled\",\n \"type\": \"boolean\"\n },\n \"type\": {\n \"$id\": \"#sp:create-campaign/type\",\n \"default\": \"\",\n \"examples\": [\n \"MANAGER\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"type\",\n \"type\": \"string\"\n }\n },\n \"title\": \"sp:create-campaign\",\n \"type\": \"object\"\n }\n },\n {\n \"id\": \"sp:create-campaign\",\n \"name\": \"Create Certification Campaign\",\n \"type\": \"ACTION\",\n \"description\": \"Generates a certification campaign.\",\n \"formFields\": [\n {\n \"description\": \"First value to compare\",\n \"helpText\": \"The name to give to this certification campaign.\",\n \"label\": \"Campaign Name\",\n \"name\": \"name\",\n \"required\": false,\n \"type\": \"text\"\n },\n {\n \"description\": \"First value to compare\",\n \"helpText\": \"The name to give to this certification campaign.\",\n \"label\": \"Campaign Name\",\n \"name\": \"name\",\n \"required\": false,\n \"type\": \"text\"\n }\n ],\n \"exampleOutput\": {},\n \"deprecated\": true,\n \"deprecatedBy\": \"2009-04-18T23:33:41.115Z\",\n \"versionNumber\": -40527950,\n \"isSimulationEnabled\": true,\n \"isDynamicSchema\": false,\n \"outputSchema\": {\n \"definitions\": {},\n \"properties\": {\n \"autoRevokeAllowed\": {\n \"$id\": \"#sp:create-campaign/autoRevokeAllowed\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"autoRevokeAllowed\",\n \"type\": \"boolean\"\n },\n \"deadline\": {\n \"$id\": \"#sp:create-campaign/deadline\",\n \"default\": \"\",\n \"examples\": [\n \"2020-12-25T06:00:00.468Z\"\n ],\n \"format\": \"date-time\",\n \"pattern\": \"^.*$\",\n \"title\": \"deadline\",\n \"type\": \"string\"\n },\n \"description\": {\n \"$id\": \"#sp:create-campaign/description\",\n \"default\": \"\",\n \"examples\": [\n \"A review of everyone's access by their manager.\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"description\",\n \"type\": \"string\"\n },\n \"emailNotificationEnabled\": {\n \"$id\": \"#sp:create-campaign/emailNotificationEnabled\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"emailNotificationEnabled\",\n \"type\": \"boolean\"\n },\n \"filter\": {\n \"$id\": \"#sp:create-campaign/filter\",\n \"properties\": {\n \"id\": {\n \"$id\": \"#sp:create-campaign/filter/id\",\n \"default\": \"\",\n \"examples\": [\n \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"id\",\n \"type\": \"string\"\n },\n \"type\": {\n \"$id\": \"#sp:create-campaign/filter/type\",\n \"default\": \"\",\n \"examples\": [\n \"CAMPAIGN_FILTER\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"type\",\n \"type\": \"string\"\n }\n },\n \"title\": \"filter\",\n \"type\": \"object\"\n },\n \"id\": {\n \"$id\": \"#sp:create-campaign/id\",\n \"default\": \"\",\n \"examples\": [\n \"2c918086719eec070171a7e3355a360a\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"id\",\n \"type\": \"string\"\n },\n \"name\": {\n \"$id\": \"#sp:create-campaign/name\",\n \"default\": \"\",\n \"examples\": [\n \"Manager Review\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"name\",\n \"type\": \"string\"\n },\n \"recommendationsEnabled\": {\n \"$id\": \"#sp:create-campaign/recommendationsEnabled\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"recommendationEnabled\",\n \"type\": \"boolean\"\n },\n \"type\": {\n \"$id\": \"#sp:create-campaign/type\",\n \"default\": \"\",\n \"examples\": [\n \"MANAGER\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"type\",\n \"type\": \"string\"\n }\n },\n \"title\": \"sp:create-campaign\",\n \"type\": \"object\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c76cf6f9-fa95-4d7d-91aa-e63e7d9bc53e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflow-library" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8532cf02-8d0f-48ab-9b55-fabda754c23a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflow-library" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4762bf56-cc72-423b-a6ca-0e0cb3a4c388", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflow-library" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "6889ddb2-ad97-44cd-9b9c-6aa2e66219b6", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflow-library" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "75fd49f6-3960-4fef-bc9a-29192dfed516", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflow-library" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "2b74cbe2-9e2a-4f6b-bd52-51d315fbd284", + "name": "List Workflow Library Actions", + "request": { + "name": "List Workflow Library Actions", + "description": { + "content": "This lists the workflow actions available to you.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflow-library", + "actions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"sp:create-campaign\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "fd0396b1-dc8b-4c43-9cab-097e6892fd92", + "name": "List of workflow actions", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "actions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"sp:create-campaign\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"sp:create-campaign\",\n \"name\": \"Create Certification Campaign\",\n \"type\": \"ACTION\",\n \"description\": \"Generates a certification campaign.\",\n \"formFields\": [\n {\n \"description\": \"First value to compare\",\n \"helpText\": \"The name to give to this certification campaign.\",\n \"label\": \"Campaign Name\",\n \"name\": \"name\",\n \"required\": false,\n \"type\": \"text\"\n },\n {\n \"description\": \"First value to compare\",\n \"helpText\": \"The name to give to this certification campaign.\",\n \"label\": \"Campaign Name\",\n \"name\": \"name\",\n \"required\": false,\n \"type\": \"text\"\n }\n ],\n \"exampleOutput\": {},\n \"deprecated\": false,\n \"deprecatedBy\": \"1969-01-29T06:58:55.983Z\",\n \"versionNumber\": -34692995,\n \"isSimulationEnabled\": false,\n \"isDynamicSchema\": false,\n \"outputSchema\": {\n \"definitions\": {},\n \"properties\": {\n \"autoRevokeAllowed\": {\n \"$id\": \"#sp:create-campaign/autoRevokeAllowed\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"autoRevokeAllowed\",\n \"type\": \"boolean\"\n },\n \"deadline\": {\n \"$id\": \"#sp:create-campaign/deadline\",\n \"default\": \"\",\n \"examples\": [\n \"2020-12-25T06:00:00.468Z\"\n ],\n \"format\": \"date-time\",\n \"pattern\": \"^.*$\",\n \"title\": \"deadline\",\n \"type\": \"string\"\n },\n \"description\": {\n \"$id\": \"#sp:create-campaign/description\",\n \"default\": \"\",\n \"examples\": [\n \"A review of everyone's access by their manager.\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"description\",\n \"type\": \"string\"\n },\n \"emailNotificationEnabled\": {\n \"$id\": \"#sp:create-campaign/emailNotificationEnabled\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"emailNotificationEnabled\",\n \"type\": \"boolean\"\n },\n \"filter\": {\n \"$id\": \"#sp:create-campaign/filter\",\n \"properties\": {\n \"id\": {\n \"$id\": \"#sp:create-campaign/filter/id\",\n \"default\": \"\",\n \"examples\": [\n \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"id\",\n \"type\": \"string\"\n },\n \"type\": {\n \"$id\": \"#sp:create-campaign/filter/type\",\n \"default\": \"\",\n \"examples\": [\n \"CAMPAIGN_FILTER\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"type\",\n \"type\": \"string\"\n }\n },\n \"title\": \"filter\",\n \"type\": \"object\"\n },\n \"id\": {\n \"$id\": \"#sp:create-campaign/id\",\n \"default\": \"\",\n \"examples\": [\n \"2c918086719eec070171a7e3355a360a\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"id\",\n \"type\": \"string\"\n },\n \"name\": {\n \"$id\": \"#sp:create-campaign/name\",\n \"default\": \"\",\n \"examples\": [\n \"Manager Review\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"name\",\n \"type\": \"string\"\n },\n \"recommendationsEnabled\": {\n \"$id\": \"#sp:create-campaign/recommendationsEnabled\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"recommendationEnabled\",\n \"type\": \"boolean\"\n },\n \"type\": {\n \"$id\": \"#sp:create-campaign/type\",\n \"default\": \"\",\n \"examples\": [\n \"MANAGER\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"type\",\n \"type\": \"string\"\n }\n },\n \"title\": \"sp:create-campaign\",\n \"type\": \"object\"\n }\n },\n {\n \"id\": \"sp:create-campaign\",\n \"name\": \"Create Certification Campaign\",\n \"type\": \"ACTION\",\n \"description\": \"Generates a certification campaign.\",\n \"formFields\": [\n {\n \"description\": \"First value to compare\",\n \"helpText\": \"The name to give to this certification campaign.\",\n \"label\": \"Campaign Name\",\n \"name\": \"name\",\n \"required\": false,\n \"type\": \"text\"\n },\n {\n \"description\": \"First value to compare\",\n \"helpText\": \"The name to give to this certification campaign.\",\n \"label\": \"Campaign Name\",\n \"name\": \"name\",\n \"required\": false,\n \"type\": \"text\"\n }\n ],\n \"exampleOutput\": {},\n \"deprecated\": true,\n \"deprecatedBy\": \"2009-04-18T23:33:41.115Z\",\n \"versionNumber\": -40527950,\n \"isSimulationEnabled\": true,\n \"isDynamicSchema\": false,\n \"outputSchema\": {\n \"definitions\": {},\n \"properties\": {\n \"autoRevokeAllowed\": {\n \"$id\": \"#sp:create-campaign/autoRevokeAllowed\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"autoRevokeAllowed\",\n \"type\": \"boolean\"\n },\n \"deadline\": {\n \"$id\": \"#sp:create-campaign/deadline\",\n \"default\": \"\",\n \"examples\": [\n \"2020-12-25T06:00:00.468Z\"\n ],\n \"format\": \"date-time\",\n \"pattern\": \"^.*$\",\n \"title\": \"deadline\",\n \"type\": \"string\"\n },\n \"description\": {\n \"$id\": \"#sp:create-campaign/description\",\n \"default\": \"\",\n \"examples\": [\n \"A review of everyone's access by their manager.\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"description\",\n \"type\": \"string\"\n },\n \"emailNotificationEnabled\": {\n \"$id\": \"#sp:create-campaign/emailNotificationEnabled\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"emailNotificationEnabled\",\n \"type\": \"boolean\"\n },\n \"filter\": {\n \"$id\": \"#sp:create-campaign/filter\",\n \"properties\": {\n \"id\": {\n \"$id\": \"#sp:create-campaign/filter/id\",\n \"default\": \"\",\n \"examples\": [\n \"e0adaae69852e8fe8b8a3d48e5ce757c\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"id\",\n \"type\": \"string\"\n },\n \"type\": {\n \"$id\": \"#sp:create-campaign/filter/type\",\n \"default\": \"\",\n \"examples\": [\n \"CAMPAIGN_FILTER\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"type\",\n \"type\": \"string\"\n }\n },\n \"title\": \"filter\",\n \"type\": \"object\"\n },\n \"id\": {\n \"$id\": \"#sp:create-campaign/id\",\n \"default\": \"\",\n \"examples\": [\n \"2c918086719eec070171a7e3355a360a\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"id\",\n \"type\": \"string\"\n },\n \"name\": {\n \"$id\": \"#sp:create-campaign/name\",\n \"default\": \"\",\n \"examples\": [\n \"Manager Review\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"name\",\n \"type\": \"string\"\n },\n \"recommendationsEnabled\": {\n \"$id\": \"#sp:create-campaign/recommendationsEnabled\",\n \"default\": true,\n \"examples\": [\n false\n ],\n \"title\": \"recommendationEnabled\",\n \"type\": \"boolean\"\n },\n \"type\": {\n \"$id\": \"#sp:create-campaign/type\",\n \"default\": \"\",\n \"examples\": [\n \"MANAGER\"\n ],\n \"pattern\": \"^.*$\",\n \"title\": \"type\",\n \"type\": \"string\"\n }\n },\n \"title\": \"sp:create-campaign\",\n \"type\": \"object\"\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "541babea-b26c-4aed-a6d9-8a832e955046", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "actions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"sp:create-campaign\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "3467fb03-4300-4cef-bd59-17fd862244b6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "actions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"sp:create-campaign\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b44a4ca-8df4-4e9d-a548-32a624a4ec94", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "actions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"sp:create-campaign\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b89b93ec-40a6-4001-ae3a-a525bdb0796f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "actions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"sp:create-campaign\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "65d44458-6c05-4aab-a326-be9b7c595ee9", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "actions" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"sp:create-campaign\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "d55ec69a-61d6-4383-8fa7-065217c999df", + "name": "List Workflow Library Triggers", + "request": { + "name": "List Workflow Library Triggers", + "description": { + "content": "This lists the workflow triggers available to you", + "type": "text/plain" + }, + "url": { + "path": [ + "workflow-library", + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:identity-attributes-changed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "a07d8f7f-a7c2-46ae-a460-5a41e340184b", + "name": "List of workflow triggers", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:identity-attributes-changed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"idn:identity-attributes-changed\",\n \"type\": \"EVENT\",\n \"deprecated\": true,\n \"deprecatedBy\": \"2018-02-23T19:48:39.240Z\",\n \"isSimulationEnabled\": true,\n \"outputSchema\": {},\n \"name\": \"Identity Attributes Changed\",\n \"description\": \"One or more identity attributes changed.\",\n \"isDynamicSchema\": false,\n \"inputExample\": {\n \"changes\": [\n {\n \"attribute\": \"department\",\n \"newValue\": \"marketing\",\n \"oldValue\": \"sales\"\n },\n {\n \"attribute\": \"manager\",\n \"newValue\": {\n \"name\": \"mean.guy\",\n \"type\": \"IDENTITY\"\n },\n \"oldValue\": {\n \"name\": \"nice.guy\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"attribute\": \"email\",\n \"newValue\": \"john.doe@gmail.com\",\n \"oldValue\": \"john.doe@hotmail.com\"\n }\n ],\n \"identity\": {\n \"name\": \"john.doe\",\n \"type\": \"IDENTITY\"\n }\n }\n },\n {\n \"id\": \"idn:identity-attributes-changed\",\n \"type\": \"EVENT\",\n \"deprecated\": false,\n \"deprecatedBy\": \"1947-02-27T01:37:21.535Z\",\n \"isSimulationEnabled\": false,\n \"outputSchema\": {},\n \"name\": \"Identity Attributes Changed\",\n \"description\": \"One or more identity attributes changed.\",\n \"isDynamicSchema\": false,\n \"inputExample\": {\n \"changes\": [\n {\n \"attribute\": \"department\",\n \"newValue\": \"marketing\",\n \"oldValue\": \"sales\"\n },\n {\n \"attribute\": \"manager\",\n \"newValue\": {\n \"name\": \"mean.guy\",\n \"type\": \"IDENTITY\"\n },\n \"oldValue\": {\n \"name\": \"nice.guy\",\n \"type\": \"IDENTITY\"\n }\n },\n {\n \"attribute\": \"email\",\n \"newValue\": \"john.doe@gmail.com\",\n \"oldValue\": \"john.doe@hotmail.com\"\n }\n ],\n \"identity\": {\n \"name\": \"john.doe\",\n \"type\": \"IDENTITY\"\n }\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "fb68970c-bea2-416e-b291-a53460abdf3d", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:identity-attributes-changed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b89bdebe-db60-42c4-8b18-d6636b64b536", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:identity-attributes-changed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "05f1f804-c1f8-4665-84e8-72ab2b69a9a1", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:identity-attributes-changed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f6b3f2b3-58c5-4865-b5ae-8e4c4798c096", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:identity-attributes-changed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "efe74b66-2798-4d84-a80e-e9ebe2c8d6ab", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "triggers" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n\nFiltering is supported for the following fields and operators:\n\n**id**: *eq*", + "type": "text/plain" + }, + "key": "filters", + "value": "id eq \"idn:identity-attributes-changed\"" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "223c2c90-0cc2-4189-8d6d-da5c706243cc", + "name": "List Workflow Library Operators", + "request": { + "name": "List Workflow Library Operators", + "description": { + "content": "This lists the workflow operators available to you", + "type": "text/plain" + }, + "url": { + "path": [ + "workflow-library", + "operators" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "538a2d3a-60af-4e18-80ec-b5897cb50635", + "name": "List of workflow operators", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "operators" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"sp:compare-boolean\",\n \"name\": \"Compare Boolean Values\",\n \"type\": \"OPERATOR\",\n \"description\": \"Compare two boolean values and decide what happens based on the result.\",\n \"isDynamicSchema\": false,\n \"deprecated\": true,\n \"deprecatedBy\": \"1979-07-25T20:01:13.693Z\",\n \"isSimulationEnabled\": false,\n \"formFields\": [\n {\n \"description\": \"Enter the JSONPath to a value from the input to compare to Variable B.\",\n \"helpText\": \"\",\n \"label\": \"Variable A\",\n \"name\": \"variableA.$\",\n \"required\": true,\n \"type\": \"text\"\n },\n {\n \"helpText\": \"Select an operation.\",\n \"label\": \"Operation\",\n \"name\": \"operator\",\n \"options\": [\n {\n \"label\": \"Equals\",\n \"value\": \"BooleanEquals\"\n }\n ],\n \"required\": true,\n \"type\": \"select\"\n },\n {\n \"description\": \"Enter the JSONPath to a value from the input to compare to Variable A.\",\n \"helpText\": \"\",\n \"label\": \"Variable B\",\n \"name\": \"variableB.$\",\n \"required\": false,\n \"type\": \"text\"\n },\n {\n \"description\": \"Enter True or False.\",\n \"helpText\": \"\",\n \"label\": \"Variable B\",\n \"name\": \"variableB\",\n \"required\": false,\n \"type\": \"text\"\n }\n ]\n },\n {\n \"id\": \"sp:compare-boolean\",\n \"name\": \"Compare Boolean Values\",\n \"type\": \"OPERATOR\",\n \"description\": \"Compare two boolean values and decide what happens based on the result.\",\n \"isDynamicSchema\": false,\n \"deprecated\": true,\n \"deprecatedBy\": \"2014-07-02T11:33:05.498Z\",\n \"isSimulationEnabled\": true,\n \"formFields\": [\n {\n \"description\": \"Enter the JSONPath to a value from the input to compare to Variable B.\",\n \"helpText\": \"\",\n \"label\": \"Variable A\",\n \"name\": \"variableA.$\",\n \"required\": true,\n \"type\": \"text\"\n },\n {\n \"helpText\": \"Select an operation.\",\n \"label\": \"Operation\",\n \"name\": \"operator\",\n \"options\": [\n {\n \"label\": \"Equals\",\n \"value\": \"BooleanEquals\"\n }\n ],\n \"required\": true,\n \"type\": \"select\"\n },\n {\n \"description\": \"Enter the JSONPath to a value from the input to compare to Variable A.\",\n \"helpText\": \"\",\n \"label\": \"Variable B\",\n \"name\": \"variableB.$\",\n \"required\": false,\n \"type\": \"text\"\n },\n {\n \"description\": \"Enter True or False.\",\n \"helpText\": \"\",\n \"label\": \"Variable B\",\n \"name\": \"variableB\",\n \"required\": false,\n \"type\": \"text\"\n }\n ]\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "67e87d6d-e7bd-4e8c-a584-822fb0c853dc", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "operators" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "487bdc65-637c-4508-84dd-04bab6f162f5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "operators" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "617a1e8c-e1d0-4e86-8e55-223df1f86858", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "operators" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5ac8d52c-dfc6-409f-8e7c-ab7ce567181f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "operators" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d3830e95-cb93-44da-a3d6-40f9879a4553", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflow-library", + "operators" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "e855a68f-4d3b-4447-919d-d649afc3cd13", + "name": "Generate External Trigger OAuth Client", + "request": { + "name": "Generate External Trigger OAuth Client", + "description": { + "content": "Create OAuth client ID, client secret, and callback URL for use in an external trigger. External triggers will need this information to generate an access token to authenticate to the callback URL and submit a trigger payload that will initiate the workflow.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + ":id", + "external", + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the workflow", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": {} + }, + "response": [ + { + "id": "3183ad9f-1510-4738-8f1c-f40f4c64b764", + "name": "The OAuth Client object", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "external", + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"id\": \"1a58c03a6bf64dc2876f6988c6e2c7b7\",\n \"secret\": \"00cc24a7fe810fe06a7cb38bc168ae104d703c7abb296f9944dc68e69ddb578b\",\n \"url\": \"https://tenant.api.identitynow.com/beta/workflows/execute/external/c17bea3a-574d-453c-9e04-4365fbf5af0b\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f224d02f-729a-45fa-bcf2-55f07ce78a69", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "external", + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "bb84c34b-c298-4ad1-9715-02082296129a", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "external", + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f873d9ac-b769-4449-8081-c81d37a034d2", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "external", + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b77ad306-6d69-4fb1-9781-5955f5dc468f", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "external", + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2709bfcd-bbc7-46dc-8104-ea0325fa21f3", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows", + ":id", + "external", + "oauth-clients" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "409fbb18-339e-4862-8912-1e2134a80d14", + "name": "Execute Workflow via External Trigger", + "request": { + "name": "Execute Workflow via External Trigger", + "description": { + "content": "This endpoint allows a service outside of IdentityNow to initiate a workflow that uses the \"External Trigger\" step. The external service will invoke this endpoint with the input data it wants to send to the workflow in the body.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the workflow", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"customAttribute1\": \"value1\",\n \"customAttribute2\": \"value2\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "3176a4f7-3a3b-4bce-b282-f4cc332a678d", + "name": "The Workflow object", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"customAttribute1\": \"value1\",\n \"customAttribute2\": \"value2\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"workflowExecutionId\": \"0e11cefa-96e7-4b67-90d0-065bc1da5753\",\n \"message\": \"Workflow was not executed externally. Check enabled flag on workflow definition\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "09af2ec9-9c7b-49ff-8321-2bacfe3c261e", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"customAttribute1\": \"value1\",\n \"customAttribute2\": \"value2\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ac69b41f-c81a-40ea-92ac-7c77f6b275d9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"customAttribute1\": \"value1\",\n \"customAttribute2\": \"value2\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5814231c-808a-47dc-93bc-349900427555", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"customAttribute1\": \"value1\",\n \"customAttribute2\": \"value2\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "d565f979-a7ac-40fd-abaa-5a490374f49e", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"customAttribute1\": \"value1\",\n \"customAttribute2\": \"value2\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ef1d42e3-624e-4d47-a5aa-416ea8bace7a", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"customAttribute1\": \"value1\",\n \"customAttribute2\": \"value2\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6cb40663-5b88-4163-a0ca-6e76f67262f3", + "name": "Test Workflow via External Trigger", + "request": { + "name": "Test Workflow via External Trigger", + "description": { + "content": "Validate a workflow with an \"External Trigger\" can receive input. The response includes the input that the workflow received, which can be used to validate that the input is intact when it reaches the workflow.", + "type": "text/plain" + }, + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [ + { + "type": "any", + "value": "c17bea3a-574d-453c-9e04-4365fbf5af0b", + "key": "id", + "disabled": true, + "description": { + "content": "(Required) Id of the workflow", + "type": "text/plain" + } + } + ] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"test\": \"hello world\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "response": [ + { + "id": "41c5508f-2614-4957-8671-2f643153655e", + "name": "Responds with the test input", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"test\": \"hello world\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"payload\": {\n \"test\": \"hello world\"\n }\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c75d72ef-5b7b-472c-81ee-de7a33fc4cec", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"test\": \"hello world\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8ba243e0-da35-420a-a0de-be4799b84030", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"test\": \"hello world\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "2b9920ed-e7fc-4d29-a743-217ba7499d33", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"test\": \"hello world\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7a16279-c13f-4472-9978-111b586f9eb3", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"test\": \"hello world\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7092d097-8a87-44a2-8d96-eb42645950f5", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "workflows", + "execute", + "external", + ":id", + "test" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "raw", + "raw": "{\n \"input\": {\n \"test\": \"hello world\"\n }\n}", + "options": { + "raw": { + "headerFamily": "json", + "language": "json" + } + } + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + }, + { + "name": "Application Discovery", + "description": "", + "item": [ + { + "id": "ba0b329b-c432-4618-8f6f-abbde1aae615", + "name": "Retrieve discovered applications for tenant", + "request": { + "name": "Retrieve discovered applications for tenant", + "description": { + "content": "Fetches a list of applications that have been identified within the environment. This includes details such as application names, discovery dates, potential correlated saas_vendors and related suggested connectors.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "discovered-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n \n \nFiltering is supported for the following fields and operators:\n\n**name**: *eq, sw, co*\n\n**description**: *eq, sw, co*\n", + "type": "text/plain" + }, + "key": "filter", + "value": "name eq \"Okta\" and description co \"Okta\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, discoveredAt, discoverySource**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "03875f26-61e0-4bbe-aa9b-4deae6453b09", + "name": "Successfully retrieved list of discovered applications.", + "originalRequest": { + "url": { + "path": [ + "discovered-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n \n \nFiltering is supported for the following fields and operators:\n\n**name**: *eq, sw, co*\n\n**description**: *eq, sw, co*\n", + "type": "text/plain" + }, + "key": "filter", + "value": "name eq \"Okta\" and description co \"Okta\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, discoveredAt, discoverySource**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n [\n {\n \"name\": \"ExampleApp\",\n \"discoverySource\": \"CSV\",\n \"discoveredVendor\": \"ExampleVendor\",\n \"description\": \"An application for managing examples.\",\n \"recommendedConnectors\": [\n \"ConnectorA\",\n \"ConnectorB\"\n ],\n \"discoveredTimestamp\": \"2023-01-01T12:00:00Z\"\n }\n ],\n [\n {\n \"name\": \"ExampleApp\",\n \"discoverySource\": \"CSV\",\n \"discoveredVendor\": \"ExampleVendor\",\n \"description\": \"An application for managing examples.\",\n \"recommendedConnectors\": [\n \"ConnectorA\",\n \"ConnectorB\"\n ],\n \"discoveredTimestamp\": \"2023-01-01T12:00:00Z\"\n }\n ]\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "29cd8696-9baf-45b7-969c-df91eb2c6356", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "discovered-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n \n \nFiltering is supported for the following fields and operators:\n\n**name**: *eq, sw, co*\n\n**description**: *eq, sw, co*\n", + "type": "text/plain" + }, + "key": "filter", + "value": "name eq \"Okta\" and description co \"Okta\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, discoveredAt, discoverySource**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9b5ea9af-39ba-4741-afc3-80f7d31aa1f6", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "discovered-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n \n \nFiltering is supported for the following fields and operators:\n\n**name**: *eq, sw, co*\n\n**description**: *eq, sw, co*\n", + "type": "text/plain" + }, + "key": "filter", + "value": "name eq \"Okta\" and description co \"Okta\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, discoveredAt, discoverySource**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "c00e78a7-0950-4b49-a200-6d9b2795faea", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "discovered-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n \n \nFiltering is supported for the following fields and operators:\n\n**name**: *eq, sw, co*\n\n**description**: *eq, sw, co*\n", + "type": "text/plain" + }, + "key": "filter", + "value": "name eq \"Okta\" and description co \"Okta\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, discoveredAt, discoverySource**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "60302283-88ba-4f4b-8779-829571923548", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "discovered-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n \n \nFiltering is supported for the following fields and operators:\n\n**name**: *eq, sw, co*\n\n**description**: *eq, sw, co*\n", + "type": "text/plain" + }, + "key": "filter", + "value": "name eq \"Okta\" and description co \"Okta\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, discoveredAt, discoverySource**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "7edeaaaa-9bab-45e0-81bf-45e9d25f9deb", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "discovered-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [ + { + "disabled": true, + "description": { + "content": "Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "limit", + "value": "250" + }, + { + "disabled": true, + "description": { + "content": "Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.", + "type": "text/plain" + }, + "key": "offset", + "value": "0" + }, + { + "disabled": true, + "description": { + "content": "Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)\n \n \nFiltering is supported for the following fields and operators:\n\n**name**: *eq, sw, co*\n\n**description**: *eq, sw, co*\n", + "type": "text/plain" + }, + "key": "filter", + "value": "name eq \"Okta\" and description co \"Okta\"" + }, + { + "disabled": true, + "description": { + "content": "Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)\n\nSorting is supported for the following fields: **name, description, discoveredAt, discoverySource**", + "type": "text/plain" + }, + "key": "sorters", + "value": "name" + } + ], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "5d3e0562-6213-4f25-ad8f-8490d5156892", + "name": "CSV template download for discovery", + "request": { + "name": "CSV template download for discovery", + "description": { + "content": "This endpoint allows the user to download an example CSV file with two columns `application_name` and `description`. The CSV file contains a single row with the values 'Example Application' and 'Example Description'.\n\nThe downloaded template is specifically designed for use with the `/manual-discover-applications` endpoint.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "manual-discover-applications-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "ade82a51-ee93-4370-8909-829abc130da5", + "name": "A CSV file download was successful.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "text/csv" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "text/csv" + } + ], + "body": "application_name,description\nExample Application,Example Description\n", + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "a46ea9da-6c78-4046-9fd3-a6183ba029e5", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1bc49413-d563-4d92-9872-29faea6405a9", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "e5b234bf-e64f-40be-b7d5-fb315ec0d12e", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5f035d22-1264-43a4-ba6c-138190536a37", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "1738e392-bb83-4ba7-a870-60de3d4c965e", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications-template" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "37922b8b-273a-49e9-9309-377088646b54", + "name": "CSV Upload to discover applications", + "request": { + "name": "CSV Upload to discover applications", + "description": { + "content": "This endpoint supports uploading a CSV file with application data for manual correlation to specific IDN connectors. \nIf a suitable IDN connector is unavailable, the system will recommend generic connectors instead.", + "type": "text/plain" + }, + "url": { + "path": [ + "manual-discover-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.", + "type": "text/plain" + }, + "key": "file", + "value": "application_name,description\n\"Sample App\",\"This is a sample description for Sample App.\"\n\"Another App\",\"Description for Another App.\"", + "type": "text" + } + ] + } + }, + "response": [ + { + "id": "86e5fb12-30b3-4c5e-9c23-812e9797a45b", + "name": "The CSV has been successfully processed.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.", + "type": "text/plain" + }, + "key": "file", + "value": "application_name,description\n\"Sample App\",\"This is a sample description for Sample App.\"\n\"Another App\",\"Description for Another App.\"", + "type": "text" + } + ] + } + }, + "status": "OK", + "code": 200, + "header": [], + "cookie": [], + "_postman_previewlanguage": "text" + }, + { + "id": "faba41f1-221c-45e8-8e96-6739d54d4076", + "name": "Bad request - There was an error with the CSV format or validation failed (e.g., `application_name` missing). Error message should be provided in response.\n", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.", + "type": "text/plain" + }, + "key": "file", + "value": "application_name,description\n\"Sample App\",\"This is a sample description for Sample App.\"\n\"Another App\",\"Description for Another App.\"", + "type": "text" + } + ] + } + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "4374e503-f759-4966-9059-863cc03a70a5", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.", + "type": "text/plain" + }, + "key": "file", + "value": "application_name,description\n\"Sample App\",\"This is a sample description for Sample App.\"\n\"Another App\",\"Description for Another App.\"", + "type": "text" + } + ] + } + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "51816862-51ae-4ae1-bba2-4860d0e6682b", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.", + "type": "text/plain" + }, + "key": "file", + "value": "application_name,description\n\"Sample App\",\"This is a sample description for Sample App.\"\n\"Another App\",\"Description for Another App.\"", + "type": "text" + } + ] + } + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "f7cd73ef-1138-43a0-a9ef-2a003368b7f1", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.", + "type": "text/plain" + }, + "key": "file", + "value": "application_name,description\n\"Sample App\",\"This is a sample description for Sample App.\"\n\"Another App\",\"Description for Another App.\"", + "type": "text" + } + ] + } + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "99629218-fc9d-4402-b72b-c6a38431143c", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "manual-discover-applications" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + }, + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "POST", + "body": { + "mode": "formdata", + "formdata": [ + { + "description": { + "content": "(Required) The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.", + "type": "text/plain" + }, + "key": "file", + "value": "application_name,description\n\"Sample App\",\"This is a sample description for Sample App.\"\n\"Another App\",\"Description for Another App.\"", + "type": "text" + } + ] + } + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + }, + { + "id": "6c595c62-6477-4dec-adef-3126a47ecfae", + "name": "List vendor connector mappings", + "request": { + "name": "List vendor connector mappings", + "description": { + "content": "Retrieves a list of mappings between SaaS vendors and IDN connectors, detailing the connections established for correlation.\n", + "type": "text/plain" + }, + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + } + ], + "method": "GET", + "body": {} + }, + "response": [ + { + "id": "59716c3a-dd08-4f4b-90e7-f2af5a0939db", + "name": "Successfully retrieved list.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "OK", + "code": 200, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "[\n {\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b4\",\n \"vendor\": \"Example Vendor\",\n \"connector\": \"Example Connector\",\n \"createdAt\": \"2024-03-13T12:56:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"2024-03-14T12:56:19.391294Z\",\n \"Valid\": true\n },\n \"updatedBy\": {\n \"String\": \"user-67891\",\n \"Valid\": true\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n },\n {\n \"id\": \"78733556-9ea3-4f59-bf69-e5cd92b011b5\",\n \"vendor\": \"Another Corporation\",\n \"connector\": \"Another Connector\",\n \"createdAt\": \"2024-04-13T11:46:19.391294Z\",\n \"createdBy\": \"admin\",\n \"updatedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"updatedBy\": {\n \"String\": \"\",\n \"Valid\": false\n },\n \"deletedAt\": {\n \"Time\": \"0001-01-01T00:00:00Z\",\n \"Valid\": false\n },\n \"deletedBy\": {\n \"String\": \"\",\n \"Valid\": false\n }\n }\n]", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "9dbc5d70-a094-4a2d-b277-10724a61dff7", + "name": "Client Error - Returned if the request body is invalid.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Bad Request", + "code": 400, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"400.1 Bad Request Content\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ],\n \"causes\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n },\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The request was syntactically correct but its content is semantically invalid.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "b72e9610-5afe-41c2-ae81-7a81240eb753", + "name": "Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Unauthorized", + "code": 401, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"error\": \"JWT validation failed: JWT is expired\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8d52650c-ffb2-494b-a20f-3ac1cb728f22", + "name": "Forbidden - Returned if the user you are running as, doesn't have access to this end-point.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Forbidden", + "code": 403, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "ec976801-ad5b-47e1-a135-f2962f1051c5", + "name": "Method Not Allowed - indicates that the server knows the request method, but the target resource doesn't support this method.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Method Not Allowed", + "code": 405, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"errorName\": \"NotSupportedException\",\n \"errorMessage\": \"Cannot consume content type\",\n \"trackingId\": \"e7eab60924f64aa284175b9fa3309599\"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "5a84a53f-59ee-4102-bef8-46ad8242c591", + "name": "Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Too Many Requests", + "code": 429, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"message\": \" Rate Limit Exceeded \"\n}", + "cookie": [], + "_postman_previewlanguage": "json" + }, + { + "id": "8baac66c-016e-4e5b-bd5e-4df572fb2c9b", + "name": "Internal Server Error - Returned if there is an unexpected error.", + "originalRequest": { + "url": { + "path": [ + "vendor-connector-mappings" + ], + "host": [ + "{{baseUrl}}" + ], + "query": [], + "variable": [] + }, + "header": [ + { + "key": "Accept", + "value": "application/json" + }, + { + "description": { + "content": "Added as a part of security scheme: oauth2", + "type": "text/plain" + }, + "key": "Authorization", + "value": "" + } + ], + "method": "GET", + "body": {} + }, + "status": "Internal Server Error", + "code": 500, + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": "{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}", + "cookie": [], + "_postman_previewlanguage": "json" + } + ], + "event": [], + "protocolProfileBehavior": { + "disableBodyPruning": true + } + } + ] + } + ], + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "const domain = pm.environment.get('domain') ? pm.environment.get('domain') : pm.collectionVariables.get('domain')", + "const tokenUrl = 'https://' + pm.environment.get('tenant') + '.api.' + domain + '.com/oauth/token';", + "const clientId = pm.environment.get('clientId');", + "const clientSecret = pm.environment.get('clientSecret');", + "", + "const getTokenRequest = {", + " method: 'POST',", + " url: tokenUrl,", + " body: {", + " mode: 'formdata',", + " formdata: [{", + " key: 'grant_type',", + " value: 'client_credentials'", + " },", + " {", + " key: 'client_id',", + " value: clientId", + " },", + " {", + " key: 'client_secret',", + " value: clientSecret", + " }", + " ]", + " }", + "};", + "", + "", + "var moment = require('moment');", + "if (!pm.environment.has('tokenExpTime')) {", + " pm.environment.set('tokenExpTime', moment());", + "}", + "", + "if (moment(pm.environment.get('tokenExpTime')) <= moment() || !pm.environment.get('tokenExpTime') || !pm.environment.get('accessToken')) {", + " var time = moment();", + " time.add(12, 'hours');", + " pm.environment.set('tokenExpTime', time);", + " pm.sendRequest(getTokenRequest, (err, response) => {", + " const jsonResponse = response.json();", + " if (response.code != 200) {", + " throw new Error(`Unable to authenticate: ${JSON.stringify(jsonResponse)}`);", + " }", + " const newAccessToken = jsonResponse.access_token;", + " pm.environment.set('accessToken', newAccessToken);", + " });", + "", + "}" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ], + "variable": [ + { + "key": "tenant", + "value": "sailpoint" + }, + { + "key": "baseUrl", + "value": "https://{{tenant}}.api.identitynow.com/v2024" + } + ], + "info": { + "_postman_id": "99511de0-9bdd-49fd-8ed5-7219399d7ee6", + "name": "Identity Security Cloud V2024 API", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", + "description": { + "content": "Use these APIs to interact with the Identity Security Cloud platform to achieve repeatable, automated processes with greater scalability. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.\n\nContact Support:\n Name: Developer Relations", + "type": "text/plain" + } + }, + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{accessToken}}", + "type": "string" + } + ] + } +} \ No newline at end of file